Thot24

Bonjour Jean-Mimi, C'est bon tout est rentré dans l'ordre suite à tes conseils. Merci encore pour le temps que tu m'as consacré. Ciao, Thot24

Bonsoir Jean-Mimi, J'ai fait tout ça et le rapport devrait t'être envoyé. Merci encore pour ton aide !

0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware. File name: fixdivx.exe Submission date: 2011-01-05 22:24:01 (UTC) Current status: queued queued analysing finished Result: 7/ 40 (17.5%) VT Community not reviewed Safety score: - Compact Print results Antivirus Version Last Update Result AhnLab-V3 2011.01.06.00 2011.01.05 - AntiVir 7.11.1.34 2011.01.05 Adware/Agent.398394 Antiy-AVL 2.0.3.7 2011.01.05 - Avast 4.8.1351.0 2011.01.05 - Avast5 5.0.677.0 2011.01.05 Win32:Gator-P AVG 9.0.0.851 2011.01.05 - BitDefender 7.2 2011.01.05 Gen:Adware.Heur.mq1@Re@qaVbi CAT-QuickHeal 11.00 2011.01.05 - ClamAV 0.96.4.0 2011.01.05 - Command 5.2.11.5 2011.01.05 - Comodo 7307 2011.01.05 - DrWeb 5.0.2.03300 2011.01.05 Adware.Gator eSafe 7.0.17.0 2011.01.05 - eTrust-Vet 36.1.8083 2011.01.05 - F-Prot 4.6.2.117 2011.01.05 - F-Secure 9.0.16160.0 2011.01.05 Gen:Adware.Heur.mq1@Re@qaVbi Fortinet 4.2.254.0 2011.01.05 - GData 21 2011.01.05 Gen:Adware.Heur.mq1@Re@qaVbi Ikarus T3.1.1.90.0 2011.01.05 Gen.AdWare Jiangmin 13.0.900 2011.01.05 - K7AntiVirus 9.75.3448 2011.01.05 - McAfee 5.400.0.1158 2011.01.05 - McAfee-GW-Edition 2010.1C 2011.01.05 - Microsoft 1.6402 2011.01.05 - NOD32 5763 2011.01.05 - Norman 6.06.12 2011.01.05 - nProtect 2011-01-05.01 2011.01.05 - Panda 10.0.2.7 2011.01.05 - PCTools 7.0.3.5 2011.01.04 - Prevx 3.0 2011.01.05 - Rising 22.81.02.03 2011.01.05 - Sophos 4.60.0 2011.01.05 - SUPERAntiSpyware 4.40.0.1006 2011.01.05 - TheHacker 6.7.0.1.110 2011.01.03 - TrendMicro 9.120.0.1004 2011.01.05 - TrendMicro-HouseCall 9.120.0.1004 2011.01.05 - VBA32 3.12.14.2 2011.01.05 - VIPRE 7967 2011.01.05 - ViRobot 2011.1.5.4238 2011.01.05 - VirusBuster 13.6.130.0 2011.01.05 - Additional information Show all MD5 : 3a3d57d793363d7f094fd4bd0dbea5bf SHA1 : d215dbf8f4c6406685b10ded12125510d31c3dd2 SHA256: a7b8589ac0d586acec92b4499faeae0c331ac5a4bf6df317e22a6fa188ad1f72 ssdeep: 12288:K+KznnP6n6wLAey6QPHB9Bv7+X+ZYeN/o:iznC6w46c56f File size : 398394 bytes First seen: 2008-04-30 20:10:24 Last seen : 2011-01-05 22:24:01 TrID: Win32 Executable MS Visual C++ (generic) (65.2%) Win32 Executable Generic (14.7%) Win32 Dynamic Link Library (generic) (13.1%) Generic Win/DOS Executable (3.4%) DOS Executable Generic (3.4%) sigcheck: publisher....: Igor Pavlov copyright....: Copyright © 1999-2003 Igor Pavlov product......: 7-Zip description..: 7z Self-Extract Setup original name: 7zS.sfx internal name: 7zS.sfx file version.: 3, 11, 0, 0 comments.....: signers......: - signing date.: - verified.....: Unsigned PEiD: Armadillo v1.71 packers (F-Prot): 7Z PEInfo: PE structure information [[ basic data ]] entrypointaddress: 0x116AF timedatestamp....: 0x3F813F86 (Mon Oct 06 10:10:14 2003) machinetype......: 0x14c (I386) [[ 4 section(s) ]] name, viradd, virsiz, rawdsiz, ntropy, md5 .text, 0x1000, 0x168F6, 0x16A00, 6.51, ff85f099f808852cf5c44ede2446dc84 .rdata, 0x18000, 0x3DC2, 0x3E00, 4.43, 333ff1846a28047b83c5d0336951ed4c .data, 0x1C000, 0x3ABC, 0x3000, 1.31, 8d7e1b5356c16f197d5406cbe530f212 .rsrc, 0x20000, 0xAC0, 0xC00, 3.40, f19849c95e3fd07683f678a6ac0657b1 [[ 4 import(s) ]] COMCTL32.dll: - KERNEL32.dll: InitializeCriticalSection, CloseHandle, WaitForMultipleObjects, SetEvent, CreateThread, WaitForSingleObject, ResetEvent, MultiByteToWideChar, WideCharToMultiByte, GetLastError, CompareStringA, CompareStringW, lstrlenA, LoadLibraryA, AreFileApisANSI, GetModuleFileNameA, GetModuleFileNameW, LocalFree, FormatMessageA, FormatMessageW, GetWindowsDirectoryA, SetFileAttributesA, SetFileAttributesW, RemoveDirectoryA, RemoveDirectoryW, CreateDirectoryA, CreateDirectoryW, DeleteFileA, DeleteFileW, GetShortPathNameA, GetFullPathNameA, GetFullPathNameW, GetCurrentDirectoryA, SetCurrentDirectoryA, GetTempPathA, GetTempFileNameA, FindClose, FindFirstFileA, FindFirstFileW, SetLastError, FindNextFileA, CreateFileA, CreateFileW, GetFileSize, SetFilePointer, ReadFile, SetFileTime, WriteFile, SetEndOfFile, CreateEventA, LeaveCriticalSection, EnterCriticalSection, Sleep, CreateProcessA, GetCommandLineW, GetCurrentThreadId, HeapAlloc, DeleteCriticalSection, TlsSetValue, InterlockedIncrement, InterlockedDecrement, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, GetProcAddress, GetOEMCP, GetACP, GetCPInfo, IsBadCodePtr, IsBadReadPtr, IsBadWritePtr, VirtualAlloc, VirtualFree, HeapCreate, HeapDestroy, GetVersionExA, GetEnvironmentVariableA, GetFileType, GetStdHandle, SetHandleCount, GetEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsW, FreeEnvironmentStringsA, RtlUnwind, RaiseException, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, GetVersion, ExitProcess, HeapFree, UnhandledExceptionFilter, SetUnhandledExceptionFilter, TlsAlloc, TlsGetValue, TerminateProcess, GetCurrentProcess, HeapReAlloc, HeapSize USER32.dll: DestroyWindow, PostMessageA, ShowWindow, MessageBoxA, KillTimer, EndDialog, SendMessageA, GetDlgItem, SetTimer, MessageBoxW, SetWindowTextW, SetWindowTextA, LoadStringW, LoadStringA, CharPrevA, DialogBoxParamA, GetWindowLongA, SetWindowLongA OLEAUT32.dll: -, - ExifTool: file metadata CharacterSet: Unicode CodeSize: 92672 Comments: CompanyName: Igor Pavlov EntryPoint: 0x116af FileDescription: 7z Self-Extract Setup FileFlagsMask: 0x003f FileOS: Windows NT 32-bit FileSize: 389 kB FileSubtype: 0 FileType: Win32 EXE FileVersion: 3, 11, 0, 0 FileVersionNumber: 3.11.0.0 ImageVersion: 0.0 InitializedDataSize: 34304 InternalName: 7zS.sfx LanguageCode: English (U.S.) LegalCopyright: Copyright © 1999-2003 Igor Pavlov LegalTrademarks: LinkerVersion: 6.0 MIMEType: application/octet-stream MachineType: Intel 386 or later, and compatibles OSVersion: 4.0 ObjectFileType: Executable application OriginalFilename: 7zS.sfx PEType: PE32 PrivateBuild: ProductName: 7-Zip ProductVersion: 3, 11, 0, 0 ProductVersionNumber: 3.11.0.0 SpecialBuild: Subsystem: Windows GUI SubsystemVersion: 4.0 TimeStamp: 2003:10:06 12:10:14+02:00 UninitializedDataSize: 0

Voici le rapport. S'il a retrouvé des fichiers déjà identifiés par OTL, il en a aussi trouvé un autre. BitDefender Online Scanner Rapport d'analyse gnr : Wed, Jan 05, 2011 - 00:25:23 Voie d'analyse: C:\Documents and Settings\Matthieu\Mes documents;C:\Documents and Settings\All Users\Documents;C:\;D:\;E:\;Z:\; Statistiques Temps 00:33:22 Fichiers 81315 Directoires 11316 Secteurs de boot 0 Archives 1556 Paquets programmes 5309 Rsultats Virus identifis 2 Fichiers infects 3 Fichiers suspects 0 Avertissements 0 Dsinfects 0 Fichiers effacs 2 Info sur les moteurs Dfinition virus 6591442 Version des moteurs AVCORE v2.1 Windows/i386 11.0.0.42 (Oct 18 2010) Analyse des plugins 18 Archive des plugins 44 Unpack des plugins 10 E-mail plugins 6 Systme plugins 4 Paramtres d'analyse Premire action Désinfecté Seconde Action Supprimés Heuristique Oui Acceptez les avertissements Oui Extensions analyses exe;com;dll;ocx;scr;bin;dat;386;vxd;sys;wdm;cla;class;ovl;ole;hlp;doc;dot;xls;ppt;wbk;wiz;pot;ppa;xla;xlt;vbs;vbe;mdb;rtf;htm;hta;html;xml;xtp;php;asp;js;shs;chm;lnk;pif;prc;url;smm;pfd;msi;ini;csc;cmd;bas; Excludez les extensions Analyse d'emails Oui Analyse des Archives Oui Analyser paquets programmes Oui Analyse des fichiers Oui Analyse de boot Oui Fichier analys Statut C:\Program Files\K-Lite Codec Pack\fixdivx.exe=>(7z o)=>fixdivx-1.bin=>(Inno Module 0) Détecté avec: Gen:Adware.Heur.mq1@Re@qaVbi C:\Program Files\K-Lite Codec Pack\fixdivx.exe=>(7z o)=>fixdivx-1.bin=>(Inno Module 0) Echec de la désinfection C:\Program Files\K-Lite Codec Pack\fixdivx.exe=>(7z o)=>fixdivx-1.bin=>(Inno Module 0) Echec de la suppression C:\_OTL\MovedFiles\01032011_224553\C_Documents and Settings\Matthieu\Application Data\xssend2\svcnost.exe Infecté par: Gen:Trojan.Heur.iK0@IzFnhgpk C:\_OTL\MovedFiles\01032011_224553\C_Documents and Settings\Matthieu\Application Data\xssend2\svcnost.exe Supprimé C:\_OTL\MovedFiles\01032011_224553\C_Documents and Settings\Matthieu\Application Data\xssendmcvowpujuyomudtyrtn2q3vyacenppk\svcnost.exe Infecté par: Gen:Trojan.Heur.iK0@IzFnhgpk C:\_OTL\MovedFiles\01032011_224553\C_Documents and Settings\Matthieu\Application Data\xssendmcvowpujuyomudtyrtn2q3vyacenppk\svcnost.exe Supprimé

Ne t'inquiète surtout pas, c'est déjà super sympa de m'aider ! Voici le rapport OTL : OTL logfile created on: 04/01/2011 22:48:18 - Run 2 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Matthieu\Bureau Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1 023,00 Mb Total Physical Memory | 596,00 Mb Available Physical Memory | 58,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,43 Gb Total Space | 7,72 Gb Free Space | 10,37% Space Free | Partition Type: NTFS Drive D: | 74,52 Gb Total Space | 0,99 Gb Free Space | 1,33% Space Free | Partition Type: NTFS Computer Name: THOT | User Name: Matthieu | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Matthieu\Bureau\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Program Files\Avast5\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\Parrot Audio Suite\PSM\WifiService.exe () PRC - C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) PRC - C:\Program Files\Maxtor\Sync\SyncServices.exe (Seagate Technology LLC) PRC - C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe (Maxtor Corporation) PRC - C:\Program Files\PictureProject\NkbMonitor.exe (Nikon Corporation) PRC - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe () PRC - C:\Program Files\Toshiba\TOSHIBA Picture Enhancement Utility\TosPEHK.exe (TOSHIBA Corp.) PRC - C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe (TOSHIBA Corporation) PRC - C:\WINDOWS\system32\00THotkey.exe (TOSHIBA Corporation) PRC - C:\WINDOWS\system32\TPSMain.exe (TOSHIBA Corporation) PRC - C:\WINDOWS\system32\TPSBattM.exe (TOSHIBA Corporation) PRC - C:\Program Files\Toshiba\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION) PRC - C:\Program Files\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA) PRC - C:\Program Files\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation) PRC - C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION) PRC - C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\TFNF5.exe (TOSHIBA Corp.) PRC - C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) PRC - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.) PRC - C:\Program Files\Toshiba\Wireless Hotkey\TosHKCW.exe (TOSHIBA CORPORATION) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Matthieu\Bureau\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\nview.dll () MOD - C:\WINDOWS\system32\nvwrsfr.dll (NVIDIA Corporation) MOD - C:\WINDOWS\system32\nvwddi.dll (NVIDIA Corporation) ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found SRV - (avast! Web Scanner) -- C:\Program Files\Avast5\AvastSvc.exe (AVAST Software) SRV - (avast! Mail Scanner) -- C:\Program Files\Avast5\AvastSvc.exe (AVAST Software) SRV - (avast! Antivirus) -- C:\Program Files\Avast5\AvastSvc.exe (AVAST Software) SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (WifiService) -- C:\Program Files\Parrot Audio Suite\PSM\WifiService.exe () SRV - (Maxtor Sync Service) -- C:\Program Files\Maxtor\Sync\SyncServices.exe (Seagate Technology LLC) SRV - (Adobe LM Service) -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems) SRV - (AdobeActiveFileMonitor4.0) -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe () SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (kraidsvc) -- C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe (TOSHIBA Corporation) SRV - (CFSvcs) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION) SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (SoundMAX Agent Service (default)) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.) ========== Driver Services (SafeList) ========== DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software) DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software) DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.) DRV - (ParrotSAVirtualAudioCableWdm_Ver100) Parrot High Quality Audio (WDM) -- C:\WINDOWS\system32\drivers\ParrotVad.sys (Parrot SA) DRV - (MXOPSWD) -- C:\WINDOWS\system32\drivers\mxopswd.sys (Maxtor Corp.) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems) DRV - (KR10N) -- C:\WINDOWS\system32\drivers\KR10N.sys (TOSHIBA CORPORATION) DRV - (ttv200x) -- C:\WINDOWS\system32\drivers\ttv200x.sys (TOSHIBA) DRV - (Tvs) -- C:\WINDOWS\system32\drivers\Tvs.sys (TOSHIBA Corporation) DRV - (w29n51) Pilote de carte de connexion réseau Intel® -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation) DRV - (sscdbhk5) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys (Sonic Solutions) DRV - (ssrtln) -- C:\WINDOWS\system32\drivers\ssrtln.sys (Sonic Solutions) DRV - (tfsnudfa) -- C:\WINDOWS\system32\dla\tfsnudfa.sys (Sonic Solutions) DRV - (tfsnudf) -- C:\WINDOWS\system32\dla\tfsnudf.sys (Sonic Solutions) DRV - (tfsnifs) -- C:\WINDOWS\system32\dla\tfsnifs.sys (Sonic Solutions) DRV - (tfsncofs) -- C:\WINDOWS\system32\dla\tfsncofs.sys (Sonic Solutions) DRV - (tfsnboio) -- C:\WINDOWS\system32\dla\tfsnboio.sys (Sonic Solutions) DRV - (tfsnopio) -- C:\WINDOWS\system32\dla\tfsnopio.sys (Sonic Solutions) DRV - (tfsnpool) -- C:\WINDOWS\system32\dla\tfsnpool.sys (Sonic Solutions) DRV - (tfsndrct) -- C:\WINDOWS\system32\dla\tfsndrct.sys (Sonic Solutions) DRV - (tfsndres) -- C:\WINDOWS\system32\dla\tfsndres.sys (Sonic Solutions) DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments) DRV - (TVALZ) -- C:\WINDOWS\system32\DRIVERS\TVALZ.SYS (TOSHIBA Corporation) DRV - (drvmcdb) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions) DRV - (drvnddm) -- C:\WINDOWS\system32\drivers\drvnddm.sys (Sonic Solutions) DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (tosrfec) -- C:\WINDOWS\system32\drivers\Tosrfec.sys (TOSHIBA Corporation) DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (d344bus) -- C:\WINDOWS\system32\DRIVERS\d344bus.sys ( ) DRV - (d344prt) -- C:\WINDOWS\System32\Drivers\d344prt.sys ( ) DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.) DRV - (Netdevio) -- C:\WINDOWS\system32\drivers\Netdevio.sys (TOSHIBA Corporation.) DRV - (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0) -- C:\WINDOWS\system32\drivers\CamDrL21.sys (Philips Semiconductors) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/16 20:43:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/16 20:42:16 | 000,000,000 | ---D | M] [2010/12/16 20:44:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Matthieu\Application Data\Mozilla\Extensions [2010/12/16 20:44:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\bkp9w8jz.default\extensions [2010/12/16 20:42:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/03/20 16:34:32 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010/12/03 19:04:57 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/12/03 19:04:57 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/12/03 19:04:57 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2010/12/03 19:04:57 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/12/03 19:04:57 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2004/08/10 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O4 - HKLM..\Run: [000StTHK] File not found O4 - HKLM..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] C:\Program Files\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [CFSServ.exe] File not found O4 - HKLM..\Run: [Kraidman] C:\Program Files\Toshiba\TOSHIBA RAID\Console\Kraidman.exe_ File not found O4 - HKLM..\Run: [mxomssmenu] C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [PadTouch] C:\Program Files\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA) O4 - HKLM..\Run: [pdfw] C:\Program Files\Amic Utilities\PDF Writer Pro\pdfwload.exe (Bastea, Inc.) O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe_ File not found O4 - HKLM..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TFNF5] C:\WINDOWS\System32\TFNF5.exe (TOSHIBA Corp.) O4 - HKLM..\Run: [TosHKCW.exe] C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe (TOSHIBA CORPORATION) O4 - HKLM..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe_ File not found O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [TPSODDCtl] C:\WINDOWS\System32\TPSODDCtl.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [utilitaire d'enrichissement d'image Toshiba] C:\Program Files\Toshiba\TOSHIBA Picture Enhancement Utility\TosPEHK.exe (TOSHIBA Corp.) O4 - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NkbMonitor.exe.lnk = C:\Program Files\PictureProject\NkbMonitor.exe (Nikon Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1203967218562 (WUWebControl Class) O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab (System Requirements Lab Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1227814016421 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab (MsnMessengerSetupDownloadControl Class) O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} http://www.mypix.com/importer/ImageUploader4.cab (Image Uploader Control) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Matthieu\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Matthieu\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005/02/21 07:09:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{0de3b702-ab00-11df-9401-0012f01abe5b}\Shell - "" = AutoRun O33 - MountPoints2\{0de3b702-ab00-11df-9401-0012f01abe5b}\Shell\AutoRun\command - "" = F:\WD SmartWare.exe -- File not found O33 - MountPoints2\{14cfb960-8282-11dd-911d-000e7bd3cc71}\Shell - "" = AutoRun O33 - MountPoints2\{14cfb960-8282-11dd-911d-000e7bd3cc71}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O33 - MountPoints2\{a751fae3-a3a0-11dd-9140-000e7bd3cc71}\Shell - "" = AutoRun O33 - MountPoints2\{a751fae3-a3a0-11dd-9140-000e7bd3cc71}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O33 - MountPoints2\{afa1dc2c-2828-11dd-90ac-0012f01abe5b}\Shell\AutoRun\command - "" = .\Encryption Tool\MaxtorEncryption.exe O33 - MountPoints2\{c53f5da8-7ef9-11df-93d6-000e7bd3cc71}\Shell\AutoRun\command - "" = F:\WDSetup.exe -- File not found O33 - MountPoints2\{fd4d1435-c732-11de-92e6-000e7bd3cc71}\Shell\AutoRun\command - "" = F:\WDSetup.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: DAEMON Tools-1033 - hkey= - key= - C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME) MsConfig - StartUpReg: MsnMsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation) MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.) MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: Steam - hkey= - key= - D:\Jeux\Steam\Steam.exe (Valve Corporation) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: dmserver - Service SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering) ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1 ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F590509A-C24C-FDF7-B923-2335A296E839} - Lecteur Windows Media Microsoft 6.4 ActiveX: {F85D4622-1195-C00E-282C-8E623B49D7E6} - Rendu VML (Vector Graphics Rendering) ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.divxa32 - C:\WINDOWS\System32\divxa32.acm (Kristal StudioDFileDescription) Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Ligos Corporation) Drivers32: msacm.imc - C:\WINDOWS\System32\IMC32.acm (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/) Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.3ivx - C:\WINDOWS\System32\3ivxVfWCodec.dll (3ivx.com) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.i263 - C:\WINDOWS\System32\I263_32.drv (Intel Corporation) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: VIDC.IV40 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: VIDC.wmv3 - C:\WINDOWS\System32\WMV9VCM.dll (Microsoft Corporation) Drivers32: vidc.XVID - C:\WINDOWS\System32\xvid.dll () Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found ========== Files/Folders - Created Within 30 Days ========== [2011/01/03 22:45:53 | 000,000,000 | ---D | C] -- C:\_OTL [2011/01/03 21:44:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Matthieu\Bureau\OTL.exe [2010/12/16 20:46:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthieu\Mes documents\Téléchargements [2010/12/16 20:43:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthieu\Local Settings\Application Data\Mozilla [2010/12/16 20:43:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthieu\Application Data\Mozilla [2010/12/16 20:42:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox [2010/12/16 20:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2006/12/08 16:54:44 | 000,137,216 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d344bus.sys [2006/12/08 16:54:44 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d344prt.sys ========== Files - Modified Within 30 Days ========== [2011/01/04 22:48:00 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/01/04 21:00:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job [2011/01/04 19:50:55 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/01/04 19:50:32 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/01/04 19:50:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/01/04 19:50:19 | 1072,807,936 | -HS- | M] () -- C:\hiberfil.sys [2011/01/04 19:48:59 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat [2011/01/03 21:53:00 | 367,470,401 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\D11.avi [2011/01/03 21:44:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Matthieu\Bureau\OTL.exe [2010/12/28 18:25:37 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\Mots croisés.xls [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/12/18 23:27:10 | 059,160,576 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\18-12-10_L1_J18_ParisSG-Monaco2_DVD.mpg [2010/12/18 22:26:38 | 042,934,272 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\18-12-10_L1_J18_ParisSG-Monaco1_DVD.mpg [2010/12/16 21:15:26 | 000,101,376 | ---- | M] () -- C:\Documents and Settings\Matthieu\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/12/16 21:14:20 | 183,729,908 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\H12.avi [2010/12/16 20:43:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2010/12/16 20:42:22 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Matthieu\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010/12/13 13:04:02 | 366,708,804 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\D10.avi [2010/12/09 19:18:18 | 000,003,112 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010/12/09 16:50:16 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010/12/08 21:29:56 | 000,006,339 | ---- | M] () -- C:\Documents and Settings\Matthieu\Application Data\FC66.B7B [2010/12/08 16:00:02 | 733,734,912 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\LPLG.avi [2010/12/08 14:44:43 | 000,039,936 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\http.doc [2010/12/07 08:58:02 | 183,449,601 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\H11.avi [2010/12/06 06:06:57 | 366,733,313 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\D9.avi ========== Files Created - No Company Name ========== [2011/01/03 21:51:30 | 367,470,401 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\D11.avi [2010/12/28 12:55:48 | 000,049,152 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\Mots croisés.xls [2010/12/20 13:02:41 | 059,160,576 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\18-12-10_L1_J18_ParisSG-Monaco2_DVD.mpg [2010/12/20 13:02:32 | 042,934,272 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\18-12-10_L1_J18_ParisSG-Monaco1_DVD.mpg [2010/12/17 00:24:02 | 366,708,804 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\D10.avi [2010/12/16 21:07:50 | 183,729,908 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\H12.avi [2010/12/16 20:43:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010/12/16 20:42:22 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Matthieu\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010/12/08 18:01:44 | 000,006,339 | ---- | C] () -- C:\Documents and Settings\Matthieu\Application Data\FC66.B7B [2010/12/08 15:57:28 | 733,734,912 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\LPLG.avi [2010/12/08 15:25:58 | 733,601,792 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\R.avi [2010/12/08 14:59:15 | 183,449,601 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\H11.avi [2010/12/06 22:27:18 | 366,733,313 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\D9.avi [2010/03/18 23:02:52 | 000,012,760 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\t7AHIvQWcAEro [2010/03/18 23:02:51 | 000,012,760 | -HS- | C] () -- C:\Documents and Settings\Matthieu\Local Settings\Application Data\t7AHIvQWcAEro [2009/10/13 21:01:08 | 000,138,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008/06/28 11:35:22 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT [2008/06/28 11:28:04 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Widgets [2008/06/28 11:28:04 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Matthieu\Application Data\Utilities [2008/06/28 11:28:04 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLds.DAT [2007/11/17 10:02:40 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS4b.DLL [2007/02/25 21:24:49 | 000,018,748 | ---- | C] () -- C:\WINDOWS\System32\ddmon.dll [2006/12/18 00:33:00 | 000,000,856 | ---- | C] () -- C:\WINDOWS\Bbt97.INI [2006/12/18 00:29:19 | 000,000,844 | ---- | C] () -- C:\WINDOWS\BELOTEXP.INI [2006/11/21 17:33:50 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Sof2.INI [2006/10/20 15:54:02 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\libmySQL.dll [2006/10/20 15:54:02 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\TrackerNET.dll [2006/05/24 23:47:11 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2006/04/19 01:04:53 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2005/12/06 23:22:45 | 000,000,333 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2005/10/21 23:13:25 | 000,005,187 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2005/08/10 18:00:36 | 000,101,376 | ---- | C] () -- C:\Documents and Settings\Matthieu\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2005/08/07 12:31:32 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Matthieu\Local Settings\Application Data\fusioncache.dat [2005/02/21 15:26:33 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2005/02/21 15:26:32 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2005/02/21 15:26:32 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2005/02/21 15:26:31 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2005/02/21 08:56:32 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2005/02/21 08:46:26 | 000,000,466 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini [2005/02/21 08:46:16 | 000,006,757 | ---- | C] () -- C:\WINDOWS\TcdsASC2.ini [2005/02/21 08:13:20 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2005/02/21 08:08:11 | 000,000,169 | ---- | C] () -- C:\WINDOWS\wininit.ini [2005/02/21 08:04:41 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2005/02/21 08:04:41 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2005/02/21 08:04:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2005/02/21 08:04:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2005/02/21 08:04:41 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2005/02/21 08:04:41 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2005/02/21 08:02:58 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005/02/21 08:01:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI [2005/02/21 07:50:42 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll [2005/02/21 07:50:25 | 000,010,180 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini [2005/02/21 07:50:24 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini [2005/02/21 07:50:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll [2005/02/21 07:50:24 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini [2005/02/21 07:46:35 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys [2005/02/21 07:46:35 | 000,028,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys [2005/02/21 07:39:09 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\Volume.dll [2005/02/21 06:57:26 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll [2005/02/21 06:57:25 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2005/02/21 06:56:51 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2004/12/08 01:40:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2004/12/02 23:20:14 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll [2004/07/21 01:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll [2004/06/17 18:55:26 | 001,527,808 | ---- | C] () -- C:\WINDOWS\System32\TosMousePage.dll [2004/06/17 18:48:42 | 000,770,048 | ---- | C] () -- C:\WINDOWS\System32\TosKeyboardPage.dll [2004/01/15 22:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll [2004/01/14 02:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll [2003/12/27 20:43:24 | 000,068,608 | ---- | C] () -- C:\WINDOWS\daemon.dll [2003/09/16 16:52:30 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2003/09/16 16:41:44 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2003/07/29 23:33:24 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll [2003/05/14 15:54:02 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll [2003/04/16 16:40:12 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll [2003/04/16 16:39:44 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\libfaad.dll [2003/04/01 09:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002/06/04 17:58:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll [2001/09/17 12:20:02 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll ========== LOP Check ========== [2005/02/22 13:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\InterVideo [2005/02/21 08:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\toshiba [2010/08/17 14:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3 [2010/01/31 22:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2008/06/28 11:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dialogs [2008/06/28 11:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp [2008/05/22 20:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor [2008/06/28 11:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon [2008/06/28 11:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15 [2010/07/30 20:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/12/25 13:28:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2005/02/22 13:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\InterVideo [2005/02/21 08:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\toshiba [2007/03/20 23:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Design Science [2007/02/25 21:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\deskPDF [2005/02/22 13:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\InterVideo [2009/10/20 20:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Mumble [2008/06/28 11:29:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Nikon [2008/07/14 16:15:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Opera [2010/07/15 21:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Parrot Audio Suite [2005/09/05 21:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\toshiba ========== Purity Check ========== ========== Custom Scans ========== < %systemroot%\system32\drivers\*.sys /lockedfiles > < %ALLUSERSPROFILE%\Application Data\*. > [2010/10/14 19:46:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe [2006/10/08 17:59:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems [2010/08/17 14:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3 [2010/01/31 22:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2009/12/25 13:32:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple [2009/12/25 13:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2008/06/28 11:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dialogs [2008/06/28 11:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp [2010/03/19 21:55:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2008/05/22 20:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor [2010/08/18 19:35:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2008/06/28 11:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon [2005/02/21 07:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles [2005/09/05 05:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime [2009/03/06 18:43:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype [2010/03/20 16:35:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun [2007/09/28 14:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec [2008/06/28 11:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15 [2006/12/18 19:28:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2008/02/25 20:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller [2010/07/30 20:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/12/25 13:28:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} < %ALLUSERSPROFILE%\Application Data\*.exe /s > [2009/02/04 12:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe [2010/07/21 15:30:16 | 000,073,000 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe [2011/01/04 19:56:37 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe < %APPDATA%\*. > [2009/02/03 22:52:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Adobe [2009/02/03 20:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\AdobeUM [2009/12/25 13:39:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Apple Computer [2007/03/20 23:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Design Science [2007/02/25 21:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\deskPDF [2009/02/02 21:16:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\dvdcss [2005/10/08 20:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Google [2006/10/27 20:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Help [2005/02/21 07:20:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Identities [2005/02/22 13:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\InterVideo [2006/09/22 17:23:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Lavasoft [2005/08/17 02:33:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Macromedia [2010/03/19 21:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Malwarebytes [2010/12/08 22:06:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Matthieu\Application Data\Microsoft [2010/12/16 20:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Mozilla [2009/10/20 20:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Mumble [2008/06/28 11:29:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Nikon [2008/07/14 16:15:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Opera [2010/07/15 21:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Parrot Audio Suite [2010/09/20 21:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Skype [2010/09/20 21:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\skypePM [2005/02/21 08:41:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Sonic [2005/10/16 00:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Sun [2005/08/26 02:45:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Symantec [2008/07/24 21:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\teamspeak2 [2005/09/05 21:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\toshiba [2010/09/16 22:24:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\U3 [2007/11/16 23:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Ventrilo [2008/03/16 15:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\vlc [2010/10/14 22:59:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\WinRAR < %APPDATA%\*.exe /s > [2005/02/21 07:59:50 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Matthieu\Application Data\Microsoft\Installer\{C45F4811-31D5-4786-801D-F79CD06EDD85}\ARPPRODUCTICON.exe [2006/04/05 19:38:10 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Matthieu\Application Data\U3\temp\cleanup.exe < %SYSTEMDRIVE%\*.exe > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys < MD5 for: ATAPI.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/10 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys < MD5 for: CDROM.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2004/08/10 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys < MD5 for: CHANGER.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:Changer.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys < MD5 for: DISK.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:disk.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys [2004/08/10 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\drivers\disk.sys < MD5 for: EVENTLOG.DLL > [2004/08/10 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\system32\eventlog.dll < MD5 for: EXPLORER.EXE > [2004/08/10 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\explorer.exe < MD5 for: KR10N.SYS > [2005/01/12 08:05:46 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) MD5=00C1EA8DECF810B8ECCB5C5A8186A96E -- C:\ToolsCD\RAID Driver\KR10N.sys [2005/01/12 00:05:00 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) MD5=00C1EA8DECF810B8ECCB5C5A8186A96E -- C:\WINDOWS\OemDir\KR10N.sys [2005/01/12 00:05:00 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) MD5=00C1EA8DECF810B8ECCB5C5A8186A96E -- C:\WINDOWS\system32\drivers\KR10N.sys < MD5 for: NDIS.SYS > [2004/08/10 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys < MD5 for: NETLOGON.DLL > [2004/08/10 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\system32\netlogon.dll < MD5 for: RASACD.SYS > [2004/08/10 14:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys < MD5 for: RDPWD.SYS > [2005/06/10 05:06:01 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=047BEA21274C8A4A233674A76C958C2C -- C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys [2005/06/10 05:11:22 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=B54CD38A9EBFBF2B3561426E3FE26F62 -- C:\WINDOWS\system32\drivers\rdpwd.sys [2004/08/10 14:00:00 | 000,139,400 | ---- | M] (Microsoft Corporation) MD5=D4F5643D7714EF499AE9527FDCD50894 -- C:\WINDOWS\$NtUninstallKB899591$\rdpwd.sys < MD5 for: SCECLI.DLL > [2004/08/10 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\system32\scecli.dll < MD5 for: SFLOPPY.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:Sfloppy.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys [2004/08/10 14:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\system32\drivers\sfloppy.sys < MD5 for: SPLITTER.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:splitter.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:splitter.sys [2006/06/14 09:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=0CE218578FFF5F4F7E4201539C45C78F -- C:\WINDOWS\Driver Cache\i386\splitter.sys [2006/06/14 09:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=0CE218578FFF5F4F7E4201539C45C78F -- C:\WINDOWS\system32\dllcache\splitter.sys [2006/06/14 09:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=0CE218578FFF5F4F7E4201539C45C78F -- C:\WINDOWS\system32\drivers\splitter.sys [2004/08/03 23:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\WINDOWS\$NtUninstallKB920872$\splitter.sys [2006/06/14 09:50:19 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=9BB1DD670CB7505A90FC4E61D4AA8227 -- C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys < MD5 for: SWMIDI.SYS > [2001/08/17 22:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\WINDOWS\system32\drivers\swmidi.sys < MD5 for: TCPIP.SYS > [2006/04/20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys [2006/01/13 18:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys [2006/01/13 18:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\SoftwareDistribution\Download\3edfca8ec13d50426ddc4bdd2372e711\sp2qfe\tcpip.sys [2006/01/13 03:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB917953_0$\tcpip.sys [2006/01/13 03:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\SoftwareDistribution\Download\3edfca8ec13d50426ddc4bdd2372e711\sp2gdr\tcpip.sys [2005/05/25 20:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys [2005/05/25 20:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys [2004/08/10 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys [2006/04/20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys [2006/04/20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\system32\dllcache\tcpip.sys [2006/04/20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\system32\drivers\tcpip.sys < MD5 for: TDPIPE.SYS > [2004/08/10 14:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\system32\drivers\tdpipe.sys < MD5 for: TDTCP.SYS > [2004/08/10 14:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\system32\drivers\tdtcp.sys < MD5 for: USBPRINT.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:usbprint.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys [2004/08/03 22:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\system32\dllcache\usbprint.sys [2004/08/03 22:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\system32\drivers\usbprint.sys < MD5 for: USBSCAN.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:usbscan.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys [2004/08/04 04:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\system32\dllcache\usbscan.sys [2004/08/04 04:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\system32\drivers\usbscan.sys < MD5 for: USERINIT.EXE > [2004/08/10 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\system32\userinit.exe < MD5 for: WINLOGON.EXE > [2004/08/10 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\system32\winlogon.exe < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2005/07/26 05:39:57 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll < %systemroot%\Tasks\*.job /lockedfiles > < End of report >

Salut jeanmimigab, J'ai lancé la deuxième correction OTL que tu m'as conseillé et qui est allée à son terme, puis j'ai enchaîné sur une recherche MBAM. Je te mets les deux rapports ci-dessous. Merci encore pour ton aide ! OTL ------------------------------------------------------------------------------------------------------------ All processes killed ========== FILES ========== File\Folder C:\Documents and Settings\Matthieu\Application Data\download2 not found. File\Folder C:\Documents and Settings\Matthieu\Application Data\updates not found. File\Folder C:\Documents and Settings\Matthieu\Application Data\xssend2 not found. File\Folder C:\DOCUME~1\Matthieu\LOCALS~1\Temp\csrss.exe not found. File\Folder C:\Documents and Settings\Matthieu\Application Data\xssendmcvowpujuyomudtyrtn2q3vyacenppk not found. File\Folder C:\Documents and Settings\All Users\Application Data\espionServerData not found. File\Folder C:\Documents and Settings\Matthieu\Application Data\mssend2 not found. ========== OTL ========== HKU\S-1-5-21-3344276049-1003050484-3659971776-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! HKU\S-1-5-21-3344276049-1003050484-3659971776-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TFncKy not found. Registry value HKEY_USERS\S-1-5-21-3344276049-1003050484-3659971776-1005\Software\Microsoft\Windows\CurrentVersion\Run\\download not found. Registry value HKEY_USERS\S-1-5-21-3344276049-1003050484-3659971776-1005\Software\Microsoft\Windows\CurrentVersion\Run\\engel not found. Registry value HKEY_USERS\S-1-5-21-3344276049-1003050484-3659971776-1005\Software\Microsoft\Windows\CurrentVersion\Run\\mssend not found. File C:\Documents and Settings\Matthieu\Application Data\xssend2\svcnost.exe not found. Registry value HKEY_USERS\S-1-5-21-3344276049-1003050484-3659971776-1005\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\DOCUME~1\Matthieu\LOCALS~1\Temp\csrss.exe deleted successfully. Registry value HKEY_USERS\S-1-5-21-3344276049-1003050484-3659971776-1005\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Documents and Settings\Matthieu\Application Data\dwm.exe deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Matthieu ->Temp folder emptied: 679640258 bytes ->Temporary Internet Files folder emptied: 193440828 bytes ->Java cache emptied: 124580 bytes ->FireFox cache emptied: 59984393 bytes ->Flash cache emptied: 1979951 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 78987866 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 967,00 mb [EMPTYFLASH] User: Administrateur User: All Users User: Default User ->Flash cache emptied: 0 bytes User: LocalService User: Matthieu ->Flash cache emptied: 0 bytes User: NetworkService Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.20.1 log created on 01042011_194611 Files\Folders moved on Reboot... File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot... MBAM --------------------------------------------------------------------------------------- Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 5459 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.11 04/01/2011 20:03:31 mbam-log-2011-01-04 (20-03-31).txt Type d'examen: Examen rapide Elément(s) analysé(s): 148627 Temps écoulé: 4 minute(s), 32 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\Software\Microsoft\idln2 (Malware.Trace) -> Value: idln2 -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\bk (Malware.Trace) -> Value: bk -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)

Après deux essais, je me retrouve toujours coincé au même niveau dans la correction OTL : Processing SafeBootMin: dmserver - C:\WINDOWS\System32\Yrwspwgu.d1l File not found... Je lancerai MBAM et posterai le rapport demain. D'ici-là, bonne soirée !

Ok j'ai l'impression que j'ai un petit problème avec la correction OTL. Ça fait 20 min que mon PC est bloqué sur : C:\WINDOWS\System32\Yrwspwgu.d1l File not found... Dois-je rebooter au milieu de la correction ?

Tout d'abord, merci beaucoup pour ton aide ! Voici les logs : OTL.Txt ------------------------------------------------------------------------------------------------------------------------- OTL logfile created on: 03/01/2011 21:55:49 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Matthieu\Bureau Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1 023,00 Mb Total Physical Memory | 518,00 Mb Available Physical Memory | 51,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,43 Gb Total Space | 6,72 Gb Free Space | 9,03% Space Free | Partition Type: NTFS Drive D: | 74,52 Gb Total Space | 0,99 Gb Free Space | 1,33% Space Free | Partition Type: NTFS Computer Name: THOT | User Name: Matthieu | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Matthieu\Bureau\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Program Files\Avast5\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\Parrot Audio Suite\PSM\WifiService.exe () PRC - C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) PRC - C:\Program Files\Maxtor\Sync\SyncServices.exe (Seagate Technology LLC) PRC - C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe (Maxtor Corporation) PRC - C:\Program Files\PictureProject\NkbMonitor.exe (Nikon Corporation) PRC - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe () PRC - C:\Program Files\Toshiba\TOSHIBA Picture Enhancement Utility\TosPEHK.exe (TOSHIBA Corp.) PRC - C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe (TOSHIBA Corporation) PRC - C:\Program Files\Toshiba\Commandes TOSHIBA\TFncKy.exe (TOSHIBA Corporation) PRC - C:\WINDOWS\system32\00THotkey.exe (TOSHIBA Corporation) PRC - C:\WINDOWS\system32\TPSMain.exe (TOSHIBA Corporation) PRC - C:\WINDOWS\system32\TPSBattM.exe (TOSHIBA Corporation) PRC - C:\Program Files\Toshiba\ConfigFree\CFSServ.exe (TOSHIBA CORPORATION) PRC - C:\Program Files\Toshiba\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION) PRC - C:\Program Files\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA) PRC - C:\Program Files\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation) PRC - C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION) PRC - C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\TFNF5.exe (TOSHIBA Corp.) PRC - C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) PRC - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.) PRC - C:\Program Files\Toshiba\Wireless Hotkey\TosHKCW.exe (TOSHIBA CORPORATION) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Matthieu\Bureau\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\nview.dll () MOD - C:\WINDOWS\system32\nvwrsfr.dll (NVIDIA Corporation) MOD - C:\WINDOWS\system32\nvwddi.dll (NVIDIA Corporation) ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found SRV - (dmserver) -- C:\WINDOWS\System32\Yrwspwgu.d1l File not found SRV - (avast! Web Scanner) -- C:\Program Files\Avast5\AvastSvc.exe (AVAST Software) SRV - (avast! Mail Scanner) -- C:\Program Files\Avast5\AvastSvc.exe (AVAST Software) SRV - (avast! Antivirus) -- C:\Program Files\Avast5\AvastSvc.exe (AVAST Software) SRV - (Apple Mobile Device) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (WifiService) -- C:\Program Files\Parrot Audio Suite\PSM\WifiService.exe () SRV - (Maxtor Sync Service) -- C:\Program Files\Maxtor\Sync\SyncServices.exe (Seagate Technology LLC) SRV - (Adobe LM Service) -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems) SRV - (AdobeActiveFileMonitor4.0) -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe () SRV - (IDriverT) -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (kraidsvc) -- C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe (TOSHIBA Corporation) SRV - (CFSvcs) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION) SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (SoundMAX Agent Service (default)) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.) ========== Driver Services (SafeList) ========== DRV - (Yrwspwgu) -- C:\WINDOWS\System32\drivers\Yrwspwgu.sys File not found DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software) DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software) DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.) DRV - (ParrotSAVirtualAudioCableWdm_Ver100) Parrot High Quality Audio (WDM) -- C:\WINDOWS\system32\drivers\ParrotVad.sys (Parrot SA) DRV - (MXOPSWD) -- C:\WINDOWS\system32\drivers\mxopswd.sys (Maxtor Corp.) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems) DRV - (KR10N) -- C:\WINDOWS\system32\drivers\KR10N.sys (TOSHIBA CORPORATION) DRV - (ttv200x) -- C:\WINDOWS\system32\drivers\ttv200x.sys (TOSHIBA) DRV - (Tvs) -- C:\WINDOWS\system32\drivers\Tvs.sys (TOSHIBA Corporation) DRV - (w29n51) Pilote de carte de connexion réseau Intel® -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation) DRV - (sscdbhk5) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys (Sonic Solutions) DRV - (ssrtln) -- C:\WINDOWS\system32\drivers\ssrtln.sys (Sonic Solutions) DRV - (tfsnudfa) -- C:\WINDOWS\system32\dla\tfsnudfa.sys (Sonic Solutions) DRV - (tfsnudf) -- C:\WINDOWS\system32\dla\tfsnudf.sys (Sonic Solutions) DRV - (tfsnifs) -- C:\WINDOWS\system32\dla\tfsnifs.sys (Sonic Solutions) DRV - (tfsncofs) -- C:\WINDOWS\system32\dla\tfsncofs.sys (Sonic Solutions) DRV - (tfsnboio) -- C:\WINDOWS\system32\dla\tfsnboio.sys (Sonic Solutions) DRV - (tfsnopio) -- C:\WINDOWS\system32\dla\tfsnopio.sys (Sonic Solutions) DRV - (tfsnpool) -- C:\WINDOWS\system32\dla\tfsnpool.sys (Sonic Solutions) DRV - (tfsndrct) -- C:\WINDOWS\system32\dla\tfsndrct.sys (Sonic Solutions) DRV - (tfsndres) -- C:\WINDOWS\system32\dla\tfsndres.sys (Sonic Solutions) DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments) DRV - (TVALZ) -- C:\WINDOWS\system32\DRIVERS\TVALZ.SYS (TOSHIBA Corporation) DRV - (drvmcdb) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions) DRV - (drvnddm) -- C:\WINDOWS\system32\drivers\drvnddm.sys (Sonic Solutions) DRV - (usbaudio) Pilote USB audio (WDM) -- C:\WINDOWS\system32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (tosrfec) -- C:\WINDOWS\system32\drivers\Tosrfec.sys (TOSHIBA Corporation) DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (d344bus) -- C:\WINDOWS\system32\DRIVERS\d344bus.sys ( ) DRV - (d344prt) -- C:\WINDOWS\System32\Drivers\d344prt.sys ( ) DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.) DRV - (Netdevio) -- C:\WINDOWS\system32\drivers\Netdevio.sys (TOSHIBA Corporation.) DRV - (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0) -- C:\WINDOWS\system32\drivers\CamDrL21.sys (Philips Semiconductors) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = chuck;webens;consult;*.local IE - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49636 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/16 20:43:51 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/16 20:42:16 | 000,000,000 | ---D | M] [2010/12/16 20:44:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Matthieu\Application Data\Mozilla\Extensions [2010/12/16 20:44:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\bkp9w8jz.default\extensions [2010/12/16 20:42:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/03/20 16:34:32 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010/12/03 19:04:57 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/12/03 19:04:57 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/12/03 19:04:57 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2010/12/03 19:04:57 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/12/03 19:04:57 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2004/08/10 14:00:00 | 000,000,790 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O4 - HKLM..\Run: [000StTHK] File not found O4 - HKLM..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] C:\Program Files\Avast5\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [bluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [CFSServ.exe] File not found O4 - HKLM..\Run: [Kraidman] C:\Program Files\Toshiba\TOSHIBA RAID\Console\Kraidman.exe_ File not found O4 - HKLM..\Run: [mxomssmenu] C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [PadTouch] C:\Program Files\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA) O4 - HKLM..\Run: [pdfw] C:\Program Files\Amic Utilities\PDF Writer Pro\pdfwload.exe (Bastea, Inc.) O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKLM..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe_ File not found O4 - HKLM..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [TFncKy] File not found O4 - HKLM..\Run: [TFNF5] C:\WINDOWS\System32\TFNF5.exe (TOSHIBA Corp.) O4 - HKLM..\Run: [TosHKCW.exe] C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe (TOSHIBA CORPORATION) O4 - HKLM..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe_ File not found O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [TPSODDCtl] C:\WINDOWS\System32\TPSODDCtl.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Tvs] C:\Program Files\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [utilitaire d'enrichissement d'image Toshiba] C:\Program Files\Toshiba\TOSHIBA Picture Enhancement Utility\TosPEHK.exe (TOSHIBA Corp.) O4 - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005..\Run: [download] C:\Documents and Settings\Matthieu\Application Data\download2\svcnost.exe File not found O4 - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005..\Run: [engel] C:\Documents and Settings\Matthieu\Application Data\updates\updates.exe File not found O4 - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005..\Run: [mssend] C:\Documents and Settings\Matthieu\Application Data\xssend2\svcnost.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\NkbMonitor.exe.lnk = C:\Program Files\PictureProject\NkbMonitor.exe (Nikon Corporation) F3 - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005 WinNT: Load - (C:\DOCUME~1\Matthieu\LOCALS~1\Temp\csrss.exe) - C:\DOCUME~1\Matthieu\LOCALS~1\Temp\csrss.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1203967218562 (WUWebControl Class) O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab (System Requirements Lab Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1227814016421 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab (MsnMessengerSetupDownloadControl Class) O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab (Java Plug-in 1.5.0) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} http://www.mypix.com/importer/ImageUploader4.cab (Image Uploader Control) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005 Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-3344276049-1003050484-3659971776-1005 Winlogon: Shell - (C:\Documents and Settings\Matthieu\Application Data\dwm.exe) - C:\Documents and Settings\Matthieu\Application Data\dwm.exe File not found O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Matthieu\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Matthieu\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005/02/21 07:09:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{0de3b702-ab00-11df-9401-0012f01abe5b}\Shell - "" = AutoRun O33 - MountPoints2\{0de3b702-ab00-11df-9401-0012f01abe5b}\Shell\AutoRun\command - "" = F:\WD SmartWare.exe -- File not found O33 - MountPoints2\{14cfb960-8282-11dd-911d-000e7bd3cc71}\Shell - "" = AutoRun O33 - MountPoints2\{14cfb960-8282-11dd-911d-000e7bd3cc71}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O33 - MountPoints2\{a751fae3-a3a0-11dd-9140-000e7bd3cc71}\Shell - "" = AutoRun O33 - MountPoints2\{a751fae3-a3a0-11dd-9140-000e7bd3cc71}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found O33 - MountPoints2\{afa1dc2c-2828-11dd-90ac-0012f01abe5b}\Shell\AutoRun\command - "" = .\Encryption Tool\MaxtorEncryption.exe O33 - MountPoints2\{c53f5da8-7ef9-11df-93d6-000e7bd3cc71}\Shell\AutoRun\command - "" = F:\WDSetup.exe -- File not found O33 - MountPoints2\{fd4d1435-c732-11de-92e6-000e7bd3cc71}\Shell\AutoRun\command - "" = F:\WDSetup.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: DMServer - C:\WINDOWS\System32\Yrwspwgu.d1l File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - StartUpReg: DAEMON Tools-1033 - hkey= - key= - C:\Program Files\D-Tools\daemon.exe (DAEMON'S HOME) MsConfig - StartUpReg: MsnMsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation) MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.) MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig - StartUpReg: Steam - hkey= - key= - D:\Jeux\Steam\Steam.exe (Valve Corporation) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: dmserver - C:\WINDOWS\System32\Yrwspwgu.d1l File not found SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: dmserver - C:\WINDOWS\System32\Yrwspwgu.d1l File not found SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering) ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1 ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {9A394342-4A68-4EBA-85A6-55B559F4E700} - .NET Framework ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F590509A-C24C-FDF7-B923-2335A296E839} - Lecteur Windows Media Microsoft 6.4 ActiveX: {F85D4622-1195-C00E-282C-8E623B49D7E6} - Rendu VML (Vector Graphics Rendering) ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.divxa32 - C:\WINDOWS\System32\divxa32.acm (Kristal StudioDFileDescription) Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Ligos Corporation) Drivers32: msacm.imc - C:\WINDOWS\System32\IMC32.acm (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/) Drivers32: msacm.lhacm - C:\WINDOWS\System32\lhacm.acm (Microsoft Corporation) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.3ivx - C:\WINDOWS\System32\3ivxVfWCodec.dll (3ivx.com) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.i263 - C:\WINDOWS\System32\I263_32.drv (Intel Corporation) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: VIDC.IV40 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: VIDC.wmv3 - C:\WINDOWS\System32\WMV9VCM.dll (Microsoft Corporation) Drivers32: vidc.XVID - C:\WINDOWS\System32\xvid.dll () Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) NetSvcs: 6to4 - File not found NetSvcs: DMServer - C:\WINDOWS\System32\Yrwspwgu.d1l File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found ========== Files/Folders - Created Within 30 Days ========== [2011/01/03 21:44:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Matthieu\Bureau\OTL.exe [2010/12/16 23:38:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthieu\Application Data\xssend2 [2010/12/16 20:46:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthieu\Mes documents\Téléchargements [2010/12/16 20:43:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthieu\Local Settings\Application Data\Mozilla [2010/12/16 20:43:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthieu\Application Data\Mozilla [2010/12/16 20:42:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox [2010/12/16 20:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2010/12/16 20:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthieu\Application Data\xssendmcvowpujuyomudtyrtn2q3vyacenppk [2010/12/08 20:25:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthieu\Application Data\updates [2010/12/08 20:21:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthieu\Application Data\mssend2 [2010/12/08 20:08:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Matthieu\Application Data\download2 [2006/12/08 16:54:44 | 000,137,216 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d344bus.sys [2006/12/08 16:54:44 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d344prt.sys ========== Files - Modified Within 30 Days ========== [2011/01/03 21:53:00 | 367,470,401 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\Desperate.Housewives.S07E11.HDTV.XviD-FQM.avi [2011/01/03 21:48:00 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011/01/03 21:44:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Matthieu\Bureau\OTL.exe [2011/01/03 21:00:00 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job [2011/01/03 19:32:07 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011/01/03 19:27:59 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011/01/03 19:27:42 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011/01/03 19:27:40 | 1072,807,936 | -HS- | M] () -- C:\hiberfil.sys [2010/12/28 18:27:10 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat [2010/12/28 18:25:37 | 000,049,152 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\Mots croisés.xls [2010/12/18 23:27:10 | 059,160,576 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\18-12-10_L1_J18_ParisSG-Monaco2_DVD.mpg [2010/12/18 22:26:38 | 042,934,272 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\18-12-10_L1_J18_ParisSG-Monaco1_DVD.mpg [2010/12/16 21:15:26 | 000,101,376 | ---- | M] () -- C:\Documents and Settings\Matthieu\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/12/16 21:14:20 | 183,729,908 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\H12.avi [2010/12/16 20:43:55 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat [2010/12/16 20:42:22 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\Matthieu\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010/12/13 13:04:02 | 366,708,804 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\D10.avi [2010/12/09 19:18:18 | 000,003,112 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2010/12/09 16:50:16 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010/12/08 21:29:56 | 000,006,339 | ---- | M] () -- C:\Documents and Settings\Matthieu\Application Data\FC66.B7B [2010/12/08 16:00:02 | 733,734,912 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\LPLG.avi [2010/12/08 14:44:43 | 000,039,936 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\http.doc [2010/12/07 08:58:02 | 183,449,601 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\H11.avi [2010/12/06 06:06:57 | 366,733,313 | ---- | M] () -- C:\Documents and Settings\Matthieu\Bureau\D9.avi ========== Files Created - No Company Name ========== [2011/01/03 21:51:30 | 367,470,401 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\Desperate.Housewives.S07E11.HDTV.XviD-FQM.avi [2010/12/28 12:55:48 | 000,049,152 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\Mots croisés.xls [2010/12/20 13:02:41 | 059,160,576 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\18-12-10_L1_J18_ParisSG-Monaco2_DVD.mpg [2010/12/20 13:02:32 | 042,934,272 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\18-12-10_L1_J18_ParisSG-Monaco1_DVD.mpg [2010/12/17 00:24:02 | 366,708,804 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\D10.avi [2010/12/16 21:07:50 | 183,729,908 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\H12.avi [2010/12/16 20:43:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2010/12/16 20:42:22 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\Matthieu\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010/12/08 18:01:44 | 000,006,339 | ---- | C] () -- C:\Documents and Settings\Matthieu\Application Data\FC66.B7B [2010/12/08 15:57:28 | 733,734,912 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\LPLG.avi [2010/12/08 15:25:58 | 733,601,792 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\R.avi [2010/12/08 14:59:15 | 183,449,601 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\H11.avi [2010/12/06 22:27:18 | 366,733,313 | ---- | C] () -- C:\Documents and Settings\Matthieu\Bureau\D9.avi [2010/03/18 23:02:52 | 000,012,760 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\t7AHIvQWcAEro [2010/03/18 23:02:51 | 000,012,760 | -HS- | C] () -- C:\Documents and Settings\Matthieu\Local Settings\Application Data\t7AHIvQWcAEro [2009/10/13 21:01:08 | 000,138,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2008/06/28 11:35:22 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT [2008/06/28 11:28:04 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Widgets [2008/06/28 11:28:04 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Matthieu\Application Data\Utilities [2008/06/28 11:28:04 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLds.DAT [2007/11/17 10:02:40 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\CNMVS4b.DLL [2007/02/25 21:24:49 | 000,018,748 | ---- | C] () -- C:\WINDOWS\System32\ddmon.dll [2006/12/18 00:33:00 | 000,000,856 | ---- | C] () -- C:\WINDOWS\Bbt97.INI [2006/12/18 00:29:19 | 000,000,844 | ---- | C] () -- C:\WINDOWS\BELOTEXP.INI [2006/11/21 17:33:50 | 000,000,604 | ---- | C] () -- C:\WINDOWS\Sof2.INI [2006/10/20 15:54:02 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\libmySQL.dll [2006/10/20 15:54:02 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\TrackerNET.dll [2006/05/24 23:47:11 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2006/04/19 01:04:53 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll [2005/12/06 23:22:45 | 000,000,333 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2005/10/21 23:13:25 | 000,005,187 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2005/08/10 18:00:36 | 000,101,376 | ---- | C] () -- C:\Documents and Settings\Matthieu\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2005/08/07 12:31:32 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Matthieu\Local Settings\Application Data\fusioncache.dat [2005/02/21 15:26:33 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2005/02/21 15:26:32 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2005/02/21 15:26:32 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2005/02/21 15:26:31 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2005/02/21 08:56:32 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2005/02/21 08:46:26 | 000,000,466 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini [2005/02/21 08:46:16 | 000,006,757 | ---- | C] () -- C:\WINDOWS\TcdsASC2.ini [2005/02/21 08:13:20 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2005/02/21 08:08:11 | 000,000,169 | ---- | C] () -- C:\WINDOWS\wininit.ini [2005/02/21 08:04:41 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll [2005/02/21 08:04:41 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll [2005/02/21 08:04:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll [2005/02/21 08:04:41 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll [2005/02/21 08:04:41 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll [2005/02/21 08:04:41 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll [2005/02/21 08:02:58 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2005/02/21 08:01:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI [2005/02/21 07:50:42 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll [2005/02/21 07:50:25 | 000,010,180 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini [2005/02/21 07:50:24 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini [2005/02/21 07:50:24 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll [2005/02/21 07:50:24 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini [2005/02/21 07:46:35 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys [2005/02/21 07:46:35 | 000,028,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys [2005/02/21 07:39:09 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\Volume.dll [2005/02/21 06:57:26 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll [2005/02/21 06:57:25 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI [2005/02/21 06:56:51 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2004/12/08 01:40:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini [2004/12/02 23:20:14 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll [2004/07/21 01:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll [2004/06/17 18:55:26 | 001,527,808 | ---- | C] () -- C:\WINDOWS\System32\TosMousePage.dll [2004/06/17 18:48:42 | 000,770,048 | ---- | C] () -- C:\WINDOWS\System32\TosKeyboardPage.dll [2004/01/15 22:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll [2004/01/14 02:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll [2003/12/27 20:43:24 | 000,068,608 | ---- | C] () -- C:\WINDOWS\daemon.dll [2003/09/16 16:52:30 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2003/09/16 16:41:44 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2003/07/29 23:33:24 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll [2003/05/14 15:54:02 | 000,577,536 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll [2003/04/16 16:40:12 | 000,389,120 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll [2003/04/16 16:39:44 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\libfaad.dll [2003/04/01 09:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002/06/04 17:58:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll [2001/09/17 12:20:02 | 000,009,216 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll ========== LOP Check ========== [2005/02/22 13:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\InterVideo [2005/02/21 08:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrateur\Application Data\toshiba [2010/08/17 14:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3 [2010/01/31 22:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2008/06/28 11:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dialogs [2008/06/28 11:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp [2008/07/14 16:25:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData [2008/05/22 20:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor [2008/06/28 11:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon [2008/06/28 11:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15 [2010/07/30 20:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/12/25 13:28:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2005/02/22 13:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\InterVideo [2005/02/21 08:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\toshiba [2007/03/20 23:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Design Science [2007/02/25 21:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\deskPDF [2010/12/17 00:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\download2 [2005/02/22 13:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\InterVideo [2010/12/17 00:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\mssend2 [2009/10/20 20:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Mumble [2008/06/28 11:29:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Nikon [2008/07/14 16:15:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Opera [2010/07/15 21:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Parrot Audio Suite [2005/09/05 21:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\toshiba [2010/12/17 00:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\updates [2010/12/16 23:38:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\xssend2 [2010/12/16 20:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\xssendmcvowpujuyomudtyrtn2q3vyacenppk ========== Purity Check ========== ========== Custom Scans ========== < %systemroot%\system32\drivers\*.sys /lockedfiles > < %ALLUSERSPROFILE%\Application Data\*. > [2010/10/14 19:46:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe [2006/10/08 17:59:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems [2010/08/17 14:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3 [2010/01/31 22:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2009/12/25 13:32:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple [2009/12/25 13:26:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2008/06/28 11:28:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dialogs [2008/06/28 11:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EnterNHelp [2008/07/14 16:25:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData [2010/03/19 21:55:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2008/05/22 20:21:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor [2010/08/18 19:35:10 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2008/06/28 11:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nikon [2005/02/21 07:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles [2005/09/05 05:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\QuickTime [2009/03/06 18:43:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype [2010/03/20 16:35:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun [2007/09/28 14:20:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec [2008/06/28 11:35:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ultima_T15 [2006/12/18 19:28:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2008/02/25 20:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WLInstaller [2010/07/30 20:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009/12/25 13:28:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} < %ALLUSERSPROFILE%\Application Data\*.exe /s > [2009/02/04 12:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe [2010/07/21 15:30:16 | 000,073,000 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.2.1.5\SetupAdmin.exe < %APPDATA%\*. > [2009/02/03 22:52:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Adobe [2009/02/03 20:51:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\AdobeUM [2009/12/25 13:39:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Apple Computer [2007/03/20 23:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Design Science [2007/02/25 21:27:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\deskPDF [2010/12/17 00:13:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\download2 [2009/02/02 21:16:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\dvdcss [2005/10/08 20:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Google [2006/10/27 20:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Help [2005/02/21 07:20:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Identities [2005/02/22 13:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\InterVideo [2006/09/22 17:23:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Lavasoft [2005/08/17 02:33:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Macromedia [2010/03/19 21:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Malwarebytes [2010/12/08 22:06:51 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Matthieu\Application Data\Microsoft [2010/12/16 20:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Mozilla [2010/12/17 00:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\mssend2 [2009/10/20 20:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Mumble [2008/06/28 11:29:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Nikon [2008/07/14 16:15:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Opera [2010/07/15 21:28:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Parrot Audio Suite [2010/09/20 21:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Skype [2010/09/20 21:22:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\skypePM [2005/02/21 08:41:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Sonic [2005/10/16 00:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Sun [2005/08/26 02:45:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Symantec [2008/07/24 21:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\teamspeak2 [2005/09/05 21:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\toshiba [2010/09/16 22:24:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\U3 [2010/12/17 00:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\updates [2007/11/16 23:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\Ventrilo [2008/03/16 15:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\vlc [2010/10/14 22:59:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\WinRAR [2010/12/16 23:38:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\xssend2 [2010/12/16 20:36:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Matthieu\Application Data\xssendmcvowpujuyomudtyrtn2q3vyacenppk < %APPDATA%\*.exe /s > [2010/04/01 20:35:09 | 001,956,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Matthieu\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe [2005/02/21 07:59:50 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Matthieu\Application Data\Microsoft\Installer\{C45F4811-31D5-4786-801D-F79CD06EDD85}\ARPPRODUCTICON.exe [2006/04/05 19:38:10 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Matthieu\Application Data\U3\temp\cleanup.exe [2010/12/16 23:38:12 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Matthieu\Application Data\xssend2\svcnost.exe [2010/12/16 20:35:56 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Matthieu\Application Data\xssendmcvowpujuyomudtyrtn2q3vyacenppk\svcnost.exe < %SYSTEMDRIVE%\*.exe > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys < MD5 for: ATAPI.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2004/08/03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/10 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys < MD5 for: CDROM.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:cdrom.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys [2004/08/10 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys < MD5 for: CHANGER.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:Changer.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys < MD5 for: DISK.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:disk.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys [2004/08/10 14:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\drivers\disk.sys < MD5 for: EVENTLOG.DLL > [2004/08/10 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=21E83876A6287F15538EF187D286FE11 -- C:\WINDOWS\system32\eventlog.dll < MD5 for: EXPLORER.EXE > [2004/08/10 14:00:00 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=4C33E5B9A6197B6ED215F6CFBA0A2DAA -- C:\WINDOWS\explorer.exe < MD5 for: KR10N.SYS > [2005/01/12 08:05:46 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) MD5=00C1EA8DECF810B8ECCB5C5A8186A96E -- C:\ToolsCD\RAID Driver\KR10N.sys [2005/01/12 00:05:00 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) MD5=00C1EA8DECF810B8ECCB5C5A8186A96E -- C:\WINDOWS\OemDir\KR10N.sys [2005/01/12 00:05:00 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) MD5=00C1EA8DECF810B8ECCB5C5A8186A96E -- C:\WINDOWS\system32\drivers\KR10N.sys < MD5 for: NDIS.SYS > [2004/08/10 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys < MD5 for: NETLOGON.DLL > [2004/08/10 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=FAF07FDCDE76000621A28D19F8E2E8EB -- C:\WINDOWS\system32\netlogon.dll < MD5 for: RASACD.SYS > [2004/08/10 14:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys < MD5 for: RDPWD.SYS > [2005/06/10 05:06:01 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=047BEA21274C8A4A233674A76C958C2C -- C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys [2005/06/10 05:11:22 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=B54CD38A9EBFBF2B3561426E3FE26F62 -- C:\WINDOWS\system32\drivers\rdpwd.sys [2004/08/10 14:00:00 | 000,139,400 | ---- | M] (Microsoft Corporation) MD5=D4F5643D7714EF499AE9527FDCD50894 -- C:\WINDOWS\$NtUninstallKB899591$\rdpwd.sys < MD5 for: SCECLI.DLL > [2004/08/10 14:00:00 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=DEC0397F35D027874804EC72979D03CC -- C:\WINDOWS\system32\scecli.dll < MD5 for: SFLOPPY.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:Sfloppy.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys [2004/08/10 14:00:00 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\system32\drivers\sfloppy.sys < MD5 for: SPLITTER.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:splitter.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:splitter.sys [2006/06/14 09:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=0CE218578FFF5F4F7E4201539C45C78F -- C:\WINDOWS\Driver Cache\i386\splitter.sys [2006/06/14 09:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=0CE218578FFF5F4F7E4201539C45C78F -- C:\WINDOWS\system32\dllcache\splitter.sys [2006/06/14 09:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=0CE218578FFF5F4F7E4201539C45C78F -- C:\WINDOWS\system32\drivers\splitter.sys [2004/08/03 23:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\WINDOWS\$NtUninstallKB920872$\splitter.sys [2006/06/14 09:50:19 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=9BB1DD670CB7505A90FC4E61D4AA8227 -- C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys < MD5 for: SWMIDI.SYS > [2001/08/17 22:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\WINDOWS\system32\drivers\swmidi.sys < MD5 for: TCPIP.SYS > [2006/04/20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys [2006/01/13 18:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys [2006/01/13 18:07:08 | 000,360,448 | ---- | M] (Microsoft Corporation) MD5=5562CC0A47B2AEF06D3417B733F3C195 -- C:\WINDOWS\SoftwareDistribution\Download\3edfca8ec13d50426ddc4bdd2372e711\sp2qfe\tcpip.sys [2006/01/13 03:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\$NtUninstallKB917953_0$\tcpip.sys [2006/01/13 03:28:14 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=583E063FDC888CA30D05C2724B0D7EF4 -- C:\WINDOWS\SoftwareDistribution\Download\3edfca8ec13d50426ddc4bdd2372e711\sp2gdr\tcpip.sys [2005/05/25 20:07:12 | 000,359,936 | ---- | M] (Microsoft Corporation) MD5=63FDFEA54EB53DE2D863EE454937CE1E -- C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys [2005/05/25 20:04:02 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=88763A98A4C26C409741B4AA162720C9 -- C:\WINDOWS\$NtUninstallKB913446$\tcpip.sys [2004/08/10 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB893066$\tcpip.sys [2006/04/20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys [2006/04/20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\system32\dllcache\tcpip.sys [2006/04/20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\system32\drivers\tcpip.sys < MD5 for: TDPIPE.SYS > [2004/08/10 14:00:00 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\system32\drivers\tdpipe.sys < MD5 for: TDTCP.SYS > [2004/08/10 14:00:00 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\system32\drivers\tdtcp.sys < MD5 for: USBPRINT.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:usbprint.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys [2004/08/03 22:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\system32\dllcache\usbprint.sys [2004/08/03 22:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\system32\drivers\usbprint.sys < MD5 for: USBSCAN.SYS > [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\I386\sp2.cab:usbscan.sys [2004/08/10 14:00:00 | 017,013,719 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys [2004/08/04 04:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\system32\dllcache\usbscan.sys [2004/08/04 04:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\system32\drivers\usbscan.sys < MD5 for: USERINIT.EXE > [2004/08/10 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D6D65EA32B190401B57EDB6706F29669 -- C:\WINDOWS\system32\userinit.exe < MD5 for: WINLOGON.EXE > [2004/08/10 14:00:00 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=D2DE785AEAB0BB8CA4C14A8A199DBE4E -- C:\WINDOWS\system32\winlogon.exe < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2005/07/26 05:39:57 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll < %systemroot%\Tasks\*.job /lockedfiles > < End of report > Extras.Txt ------------------------------------------------------------------------------------------------------------- OTL Extras logfile created on: 03/01/2011 21:55:49 - Run 1 OTL by OldTimer - Version 3.2.20.1 Folder = C:\Documents and Settings\Matthieu\Bureau Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 1 023,00 Mb Total Physical Memory | 518,00 Mb Available Physical Memory | 51,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74,43 Gb Total Space | 6,72 Gb Free Space | 9,03% Space Free | Partition Type: NTFS Drive D: | 74,52 Gb Total Space | 0,99 Gb Free Space | 1,33% Space Free | Partition Type: NTFS Computer Name: THOT | User Name: Matthieu | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusOverride" = 1 "FirewallOverride" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "135:TCP" = 135:TCP:*:Enabled:RPC ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- File not found "C:\Program Files\Jeux\Half Life\Steam\SteamApps\mathcarissimo@evhr.net\team fortress classic\hl.exe" = C:\Program Files\Jeux\Half Life\Steam\SteamApps\mathcarissimo@evhr.net\team fortress classic\hl.exe:*:Enabled:Half-Life Launcher -- (Valve) "C:\Program Files\Toshiba\ConfigFree\CFXFER.exe" = C:\Program Files\Toshiba\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine -- (TOSHIBA CORPORATION) "C:\Program Files\amsn\bin\wish.exe" = C:\Program Files\amsn\bin\wish.exe:*:Enabled:Wish Application -- File not found "C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.) "C:\Program Files\Jeux\Half Life\Steam\steam.exe" = C:\Program Files\Jeux\Half Life\Steam\steam.exe:*:Enabled:Steam -- (Valve Corporation) "D:\Jeux\Steam\steam.exe" = D:\Jeux\Steam\steam.exe:*:Enabled:Steam -- (Valve Corporation) "D:\Jeux\Steam\steamapps\mathcarissimo@evhr.net\team fortress 2\hl2.exe" = D:\Jeux\Steam\steamapps\mathcarissimo@evhr.net\team fortress 2\hl2.exe:*:Disabled:hl2 -- () "D:\Jeux\Steam\steamapps\mathcarissimo@evhr.net\source sdk base\hl2.exe" = D:\Jeux\Steam\steamapps\mathcarissimo@evhr.net\source sdk base\hl2.exe:*:Enabled:hl2 -- () "C:\Program Files\Freeplayer\vlc\vlc.exe" = C:\Program Files\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player -- () "C:\Program Files\Adobe\Photoshop Elements 4.0\AdobePhotoshopElementsMediaServer.exe" = C:\Program Files\Adobe\Photoshop Elements 4.0\AdobePhotoshopElementsMediaServer.exe:*:Disabled:Adobe Photoshop Elements Media Server -- () "C:\Program Files\VLC\vlc.exe" = C:\Program Files\VLC\vlc.exe:*:Enabled:VLC media player -- () "C:\Program Files\Jeux\WET\ETDED.exe" = C:\Program Files\Jeux\WET\ETDED.exe:*:Enabled:ETDED -- () "C:\Program Files\Jeux\WET\ET.exe" = C:\Program Files\Jeux\WET\ET.exe:*:Enabled:ET -- () "C:\Program Files\Teamspeak\Teamspeak2_RC2\server_windows.exe" = C:\Program Files\Teamspeak\Teamspeak2_RC2\server_windows.exe:*:Enabled:Server -- () "C:\Program Files\Jeux\Age of Empires 3\age3.exe" = C:\Program Files\Jeux\Age of Empires 3\age3.exe:*:Enabled:Age of Empires 3 -- (Ensemble Studios) "C:\WINDOWS\system32\dmremote.exe" = C:\WINDOWS\system32\dmremote.exe:*:Enabled:dmremote -- (Microsoft Corp.) "C:\Program Files\Parrot Audio Suite\PSM\Parrot Sound Manager.exe" = C:\Program Files\Parrot Audio Suite\PSM\Parrot Sound Manager.exe:*:Enabled:Parrot Sound Manager -- () "C:\Program Files\Parrot Audio Suite\PSM\WifiWizard.exe" = C:\Program Files\Parrot Audio Suite\PSM\WifiWizard.exe:*:Enabled:WifiWizard -- () "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\DOCUME~1\Matthieu\LOCALS~1\Temp\0.8159065627407934.exe" = C:\DOCUME~1\Matthieu\LOCALS~1\Temp\0.8159065627407934.exe:*:Enabled:ldrsoft -- File not found "C:\Documents and Settings\Matthieu\Application Data\download2\svcnost.exe" = C:\Documents and Settings\Matthieu\Application Data\download2\svcnost.exe:*:Enabled:ldrsoft -- File not found "C:\DOCUME~1\Matthieu\LOCALS~1\Temp\5778596.exe" = C:\DOCUME~1\Matthieu\LOCALS~1\Temp\5778596.exe:*:Enabled:ldrsoft -- File not found "C:\Documents and Settings\Matthieu\Application Data\mssend2\svcnost.exe" = C:\Documents and Settings\Matthieu\Application Data\mssend2\svcnost.exe:*:Enabled:ldrsoft -- File not found "C:\Documents and Settings\Matthieu\Application Data\xssend2\svcnost.exe" = C:\Documents and Settings\Matthieu\Application Data\xssend2\svcnost.exe:*:Enabled:ldrsoft -- (Microsoft Corporation) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player "{084709F7-38C5-4609-B55F-2417939315EB}" = Adobe Premiere Pro "{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = Assist TOSHIBA "{188BA1CC-F3A1-49B0-A34D-8C861C64E1AE}" = Manuels TOSHIBA "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0 "{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 18 "{2F8C106A-7DFC-45DE-8006-F9145AADF1D8}" = iPod Updater 2004-08-06 "{3248F0A8-6813-11D6-A77B-00B0D0150000}" = J2SE Runtime Environment 5.0 "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime "{3E6FA9D9-D4CA-492B-AE98-83A2D853A355}" = Utilitaire TOSHIBA RAID "{3F6A5F11-EC99-44DD-A27E-C5C61E47CE48}" = TIxx21/x515 "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live "{47DC4B39-B1F6-498A-AFFE-E78FDAF34D1F}" = Utilitaire d'enrichissement d'image Toshiba "{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = Formatage de carte mémoire SD TOSHIBA "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5D96E2B1-D9AC-46E0-9073-425C5F63E338}" = Touch and Launch "{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = Utilitaire de zoom TOSHIBA "{6CCDF4E6-D2AE-4DD8-80FD-F9AFF951AEAE}" = Adobe Premiere Elements 1.0 "{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0 "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger "{7862BAD8-A379-4128-8AA1-EFD5A9603C53}" = Wireless Hotkey "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX "{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call "{83895843-3A51-4C93-9DF3-2BDB65C7E54A}" = DAEMON Tools "{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support "{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist "{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = Son virtuel TOSHIBA "{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0 "{9112040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003 "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA "{91A1040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003 "{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow! "{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Réducteur de bruit lect. CD/DVD "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser "{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = Commandes TOSHIBA "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support "{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{EBB7C1C1-D439-4D9B-9FDC-954C10F266B0}" = Adobe Photoshop Elements 4.0 "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{ED01D958-AEDC-40C8-93FD-0C08E8AA9530}" = Maxtor Manager "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject "3C Texas Holdem Poker" = 3C Texas Holdem Poker "Ad-Aware SE Personal" = Ad-Aware SE Personal "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Photoshop Elements 4" = Adobe Photoshop Elements 4.0 "Adobe Shockwave Player" = Adobe Shockwave Player 11 "avast5" = avast! Free Antivirus "CANONBJ_Deinstall_CNMCP4b.DLL" = Canon i850 "CMScout" = CM Scout "deskPDF 2.5 Standard_is1" = deskPDF 2.5 Standard Edition "DSMT5" = MathType 5 "FileZilla" = FileZilla (remove only) "Freeplayer" = Freeplayer "GPL Ghostscript_is1" = Docudesk GPL Ghostscript 8.15 "Half-Life" = Half-Life "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InstallShield_{2F8C106A-7DFC-45DE-8006-F9145AADF1D8}" = iPod Updater 2004-08-06 "InstallShield_{3F6A5F11-EC99-44DD-A27E-C5C61E47CE48}" = Texas Instruments PCIxx21/x515 drivers. "InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III "InstallShield_{ED01D958-AEDC-40C8-93FD-0C08E8AA9530}" = Maxtor Manager "JDownloader" = JDownloader "KLiteCodecPack_is1" = K-Lite Codec Pack 2.10 Full "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0 "mIRC" = mIRC "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MSNINST" = MSN "Mumble" = Mumble and Murmur "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NVIDIA Drivers" = NVIDIA Drivers "Outil de diagnostic PC" = Outil de diagnostic PC TOSHIBA "Parrot Audio Suite" = Parrot Audio Suite "Power Saver" = Gestion d'énergie TOSHIBA "PowerISO" = PowerISO "PremElem10" = Adobe Premiere Elements 1.0 "PROSet" = Intel® PRO Network Adapters and Drivers "Steam App 215" = Source SDK Base "Steam App 220" = Half-Life 2 "Steam App 380" = Half-Life 2: Episode One "Steam App 400" = Portal "Steam App 420" = Half-Life 2: Episode Two "Steam App 440" = Team Fortress 2 "Steam" = Steam "SystemRequirementsLab" = System Requirements Lab "TDspBtn" = Utilitaire TOSHIBA de changement d'écran "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamSpeak 2 Server_is1" = TeamSpeak 2 Server RC2 "TFNF5" = Utilitaire TOSHIBA d'accès direct aux périphériques d’affichage "TOSHIBA Software Modem" = TOSHIBA Software Modem "TOSHIBA Utilities" = TOSHIBA Utilities "TouchED" = Utilitaire Activer/désactiver la tablette tactile TOSHIBA V2.05.00 "Utilitaires Sierra" = Utilitaires Sierra "VLC media player" = VideoLAN VLC media player 0.8.5 "Windows Media Format Runtime" = Windows Media Format Runtime "WinLiveSuite_Wave3" = Installation Windows Live "WinRAR archiver" = WinRAR archiver "Wolfenstein - Enemy Territory" = Wolfenstein - Enemy Territory ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 16/12/2010 17:15:14 | Computer Name = THOT | Source = crypt32 | ID = 131080 Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> avec l'erreur : The server name or address could not be resolved Error - 16/12/2010 17:15:14 | Computer Name = THOT | Source = crypt32 | ID = 131083 Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon la vérification par rapport à l'horloge système en cours ou le tampon daté dans le fichier signé. Error - 16/12/2010 17:15:14 | Computer Name = THOT | Source = crypt32 | ID = 131083 Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l'erreur : Un certificat requis n'est pas dans sa période de validité selon la vérification par rapport à l'horloge système en cours ou le tampon daté dans le fichier signé. Error - 16/12/2010 17:15:14 | Computer Name = THOT | Source = crypt32 | ID = 131080 Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> avec l'erreur : Cette connexion réseau n'existe pas. Error - 16/12/2010 17:15:14 | Computer Name = THOT | Source = crypt32 | ID = 131080 Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> avec l'erreur : Cette connexion réseau n'existe pas. Error - 16/12/2010 18:38:24 | Computer Name = THOT | Source = Application Error | ID = 1000 Description = Application défaillante svcnost.exe, version 4.1.0.2, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00000000. Error - 20/12/2010 05:45:45 | Computer Name = THOT | Source = Application Error | ID = 1000 Description = Application défaillante svcnost.exe, version 4.1.0.2, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00000000. Error - 20/12/2010 14:49:50 | Computer Name = THOT | Source = Application Error | ID = 1000 Description = Application défaillante svcnost.exe, version 4.1.0.2, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00000000. Error - 03/01/2011 14:31:58 | Computer Name = THOT | Source = Application Error | ID = 1000 Description = Application défaillante svcnost.exe, version 4.1.0.2, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00000000. Error - 03/01/2011 14:44:20 | Computer Name = THOT | Source = Application Error | ID = 1000 Description = Application défaillante iexplore.exe, version 7.0.6000.16441, module défaillant mshtml.dll, version 7.0.6000.16441, adresse de défaillance 0x000c629d. [ System Events ] Error - 28/12/2010 09:16:41 | Computer Name = THOT | Source = ipnathlp | ID = 32003 Description = Le traducteur d'adresses réseau (NAT) n'a pas pu demander une opération du module de traduction en mode noyau. Ceci peut indiquer une configuration incorrecte, des ressources insuffisantes ou une erreur interne. La donnée est le code de l'erreur. Error - 28/12/2010 12:20:53 | Computer Name = THOT | Source = BTHUSB | ID = 327697 Description = La radio locale Bluetooth a échoué d'une manière indéterminée et sera déchargée. Error - 28/12/2010 12:20:53 | Computer Name = THOT | Source = W32Time | ID = 39452689 Description = Fournisseur de temps NtpClient : une erreur s'est produite lors de la recherche DNS de l'homologue manuellement configuré 'time.windows.com,0x1'. NtpClient va essayer à nouveau la recherche DNS dans 15 minutes. L'erreur était : Une opération a été tentée sur un hôte impossible à atteindre. (0x80072751) Error - 28/12/2010 12:20:53 | Computer Name = THOT | Source = W32Time | ID = 39452701 Description = Le fournisseur de temps NtpClient est configuré pour acquérir le temps à partir d'une ou plusieurs sources de temps, cependant aucune source n'est actuellement accessible. Aucune tentative pour en contacter une ne sera effectuée d'ici 14 minutes. NtpClient n'a pas de source de temps précis. Error - 28/12/2010 12:20:54 | Computer Name = THOT | Source = ipnathlp | ID = 32003 Description = Le traducteur d'adresses réseau (NAT) n'a pas pu demander une opération du module de traduction en mode noyau. Ceci peut indiquer une configuration incorrecte, des ressources insuffisantes ou une erreur interne. La donnée est le code de l'erreur. Error - 28/12/2010 13:17:11 | Computer Name = THOT | Source = Service Control Manager | ID = 7011 Description = Délai (30000 millisecondes) d'attente pour une réponse du service W32Time à une transaction. Error - 28/12/2010 13:13:53 | Computer Name = THOT | Source = BTHUSB | ID = 327697 Description = La radio locale Bluetooth a échoué d'une manière indéterminée et sera déchargée. Error - 03/01/2011 14:31:45 | Computer Name = THOT | Source = Service Control Manager | ID = 7023 Description = Le service Gestionnaire de disque logique s'est arrêté avec l'erreur : %%126 Error - 03/01/2011 14:33:23 | Computer Name = THOT | Source = Windows Update Agent | ID = 16 Description = Connexion impossible : Windows ne parvient pas à se connecter au service Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation des mises à jour définies par la planification. Windows continuera d'essayer d'établir la connexion. Error - 03/01/2011 14:35:47 | Computer Name = THOT | Source = Tcpip | ID = 4199 Description = Le système a détecté un conflit d'adresses pour l'adresse IP 192.168.0.1 avec le système d'adresse physique réseau 64:B9:E8:94:71:65. En conséquence les opérations réseau sur se système peuvent être interrompues. < End of report >

Bonjour, Je reçois depuis quelques jours des messages d'erreur au démarrage de mon PC et Avast identifie plusieurs fichiers infectés. J'ai beau les supprimer au fur et à mesure, cela ne s'arrête pas : il y en a toujours de nouveaux qui apparaissent. Pouvez-vous SVP m'aider à résoudre ce problème ? Par ailleurs, j'ai vu dans un message que vous conseilliez de changer d'antivirus aux utilisateurs d'Avast. Ce message étant relativement vieux, est-ce toujours d'actualité ? Merci d'avance !

Le rapport TCleaner : [ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ] --> Recherche: C:\_OTM: trouvé ! C:\Rsit: trouvé ! C:\Program Files\trend micro\HijackThis.exe: trouvé ! C:\Program Files\trend micro\hijackthis.log: trouvé ! --------------------------------- --> Suppression: C:\Program Files\trend micro\HijackThis.exe: supprimé ! C:\Program Files\trend micro\hijackthis.log: supprimé ! C:\_OTM: supprimé ! C:\Rsit: supprimé ! Merci encore pour l'aide apportée ! Ciao

A première vue, tout va à nouveau pour le mieux. Merci beaucoup pour ton aide !

Le rapport rkill : This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Ran as Matthieu on 19/03/2010 at 21:51:59. Processes terminated by Rkill or while it was running: C:\WINDOWS\system32\nvsvc32.exe C:\Documents and Settings\Matthieu\Bureau\rkill.com Rkill completed on 19/03/2010 at 21:52:01. ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Le rapport MBAM : Malwarebytes' Anti-Malware 1.44 Version de la base de données: 3886 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.11 19/03/2010 23:04:14 mbam-log-2010-03-19 (23-04-14).txt Type de recherche: Examen complet (C:\|D:\|F:\|G:\|) Eléments examinés: 258604 Temps écoulé: 1 hour(s), 2 minute(s), 16 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 4 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\Matthieu\Local Settings\Application Data\ave.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Le log RSIT : Logfile of random's system information tool 1.06 (written by random/random) Run by Matthieu at 2010-03-19 23:12:36 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 22 GB (28%) free of 76 GB Total RAM: 1023 MB (57% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:12:40, on 19/03/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\00THotkey.exe C:\WINDOWS\system32\TFNF5.exe C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\TOSHIBA\Tvs\TvsTray.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe C:\WINDOWS\system32\TPSMain.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\Avast5\avastUI.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\TPSBattM.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\PictureProject\NkbMonitor.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe C:\Program Files\Maxtor\Sync\SyncServices.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Matthieu\Bureau\RSIT.exe C:\Program Files\trend micro\Matthieu.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = chuck;webens;consult;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe_ O4 - HKLM\..\Run: [TFNF5] TFNF5.exe O4 - HKLM\..\Run: [smoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe_ O4 - HKLM\..\Run: [utilitaire d'enrichissement d'image Toshiba] C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe_ O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe" O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe O4 - HKLM\..\Run: [TFncKy] TFncKy.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [Kraidman] C:\Program Files\Toshiba\TOSHIBA RAID\Console\Kraidman.exe_ O4 - HKLM\..\Run: [pdfw] C:\Program Files\Amic Utilities\PDF Writer Pro\pdfwload.exe O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\Avast5\avastUI.exe /nogui O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\PictureProject\NkbMonitor.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1203967218562 O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1227814016421 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{287931F3-A794-430A-81C5-09318F42D5B5}: NameServer = 212.27.40.240,212.27.40.241 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast5\AvastSvc.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: TOSHIBA RAID Service (kraidsvc) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 10626 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\Symantec NetDetect.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2004-09-28 118842] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2004-08-10 59392] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-08-23 7122944] "nwiz"=nwiz.exe /installquiet /keeploaded /nodetect [] "00THotkey"=C:\WINDOWS\system32\00THotkey.exe [2005-01-27 270336] "000StTHK"=000StTHK.exe_ [] "TFNF5"=C:\WINDOWS\system32\TFNF5.exe [2004-06-28 73728] "SmoothView"=C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe [2004-12-21 118784] "Utilitaire d'enrichissement d'image Toshiba"=C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe [2005-02-17 638976] "SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-10-14 1388544] "SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2004-08-06 860160] "Tvs"=C:\Program Files\TOSHIBA\Tvs\TvsTray.exe [2004-11-12 73728] "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2004-03-24 196608] "TouchED"=C:\Program Files\TOSHIBA\TouchED\TouchED.Exe [2003-03-11 122880] "PadTouch"=C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe [2004-11-17 1077327] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-12-21 88358] "NDSTray.exe"=NDSTray.exe [] "TosHKCW.exe"=C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe [2002-09-09 49152] "TPSMain"=C:\WINDOWS\system32\TPSMain.exe [2004-12-29 266240] "TPSODDCtl"=C:\WINDOWS\system32\TPSODDCtl.exe [2004-12-29 102400] "TFncKy"=TFncKy.exe [] "dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2004-09-28 127035] "Kraidman"=C:\Program Files\Toshiba\TOSHIBA RAID\Console\Kraidman.exe [2005-02-11 1081426] "pdfw"=C:\Program Files\Amic Utilities\PDF Writer Pro\pdfwload.exe [2004-03-24 32768] "CFSServ.exe"=CFSServ.exe -NoClient [] "mxomssmenu"=C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe [2007-09-06 169264] "Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe [2005-09-09 57344] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600] "PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2009-11-09 180224] "avast5"=C:\PROGRA~1\Avast5\avastUI.exe [2010-02-11 2756488] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2003-09-15 65536] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033] C:\Program Files\D-Tools\daemon.exe [2003-12-27 81920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] D:\Jeux\Steam\Steam.exe [2009-06-16 1217784] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage NkbMonitor.exe.lnk - C:\Program Files\PictureProject\NkbMonitor.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Jeux\Half Life\Steam\SteamApps\mathcarissimo@evhr.net\team fortress classic\hl.exe"="C:\Program Files\Jeux\Half Life\Steam\SteamApps\mathcarissimo@evhr.net\team fortress classic\hl.exe:*:Enabled:Half-Life Launcher" "C:\Program Files\Toshiba\ConfigFree\CFXFER.exe"="C:\Program Files\Toshiba\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine" "C:\Program Files\amsn\bin\wish.exe"="C:\Program Files\amsn\bin\wish.exe:*:Enabled:Wish Application" "C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC" "C:\Program Files\Jeux\Half Life\Steam\steam.exe"="C:\Program Files\Jeux\Half Life\Steam\steam.exe:*:Enabled:Steam" "D:\Jeux\Steam\steam.exe"="D:\Jeux\Steam\steam.exe:*:Enabled:Steam" "D:\Jeux\Steam\steamapps\mathcarissimo@evhr.net\team fortress 2\hl2.exe"="D:\Jeux\Steam\steamapps\mathcarissimo@evhr.net\team fortress 2\hl2.exe:*:Disabled:hl2" "D:\Jeux\Steam\steamapps\mathcarissimo@evhr.net\source sdk base\hl2.exe"="D:\Jeux\Steam\steamapps\mathcarissimo@evhr.net\source sdk base\hl2.exe:*:Enabled:hl2" "C:\Program Files\Freeplayer\vlc\vlc.exe"="C:\Program Files\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player" "C:\Program Files\Adobe\Photoshop Elements 4.0\AdobePhotoshopElementsMediaServer.exe"="C:\Program Files\Adobe\Photoshop Elements 4.0\AdobePhotoshopElementsMediaServer.exe:*:Disabled:Adobe Photoshop Elements Media Server" "C:\Program Files\VLC\vlc.exe"="C:\Program Files\VLC\vlc.exe:*:Enabled:VLC media player" "C:\Program Files\Jeux\WET\ETDED.exe"="C:\Program Files\Jeux\WET\ETDED.exe:*:Enabled:ETDED" "C:\Program Files\Jeux\WET\ET.exe"="C:\Program Files\Jeux\WET\ET.exe:*:Enabled:ET" "C:\Program Files\Teamspeak\Teamspeak2_RC2\server_windows.exe"="C:\Program Files\Teamspeak\Teamspeak2_RC2\server_windows.exe:*:Enabled:Server" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Jeux\Age of Empires 3\age3x.exe"="C:\Program Files\Jeux\Age of Empires 3\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs" "C:\Program Files\Jeux\Age of Empires 3\age3.exe"="C:\Program Files\Jeux\Age of Empires 3\age3.exe:*:Enabled:Age of Empires 3" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\WINDOWS\system32\dmremote.exe"="C:\WINDOWS\system32\dmremote.exe:*:Enabled:dmremote" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{14cfb960-8282-11dd-911d-000e7bd3cc71}] shell\AutoRun\command - F:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a751fae3-a3a0-11dd-9140-000e7bd3cc71}] shell\AutoRun\command - F:\LaunchU3.exe -a ======List of files/folders created in the last 1 months====== 2010-03-19 21:55:24 ----D---- C:\Documents and Settings\Matthieu\Application Data\Malwarebytes 2010-03-19 21:55:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-03-19 21:55:19 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-03-19 20:49:59 ----D---- C:\_OTM 2010-03-19 20:05:15 ----D---- C:\Program Files\trend micro 2010-03-19 20:05:14 ----D---- C:\rsit ======List of files/folders modified in the last 1 months====== 2010-03-19 23:10:23 ----D---- C:\WINDOWS\Temp 2010-03-19 23:10:19 ----D---- C:\WINDOWS\system32 2010-03-19 23:10:19 ----D---- C:\Program Files\Avast5 2010-03-19 23:08:45 ----D---- C:\WINDOWS\Registration 2010-03-19 23:08:32 ----D---- C:\WINDOWS 2010-03-19 23:06:45 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-03-19 23:06:41 ----D---- C:\WINDOWS\system32\CatRoot2 2010-03-19 22:01:58 ----D---- C:\WINDOWS\Prefetch 2010-03-19 21:55:20 ----D---- C:\WINDOWS\system32\drivers 2010-03-19 21:55:19 ----RD---- C:\Program Files 2010-03-19 21:53:38 ----D---- C:\Utils 2010-03-18 20:38:55 ----SHD---- C:\WINDOWS\Installer 2010-03-13 00:34:47 ----D---- C:\Program Files\Google 2010-03-09 12:24:05 ----A---- C:\WINDOWS\system32\aswBoot.exe 2010-03-07 23:17:58 ----D---- C:\Documents and Settings\Matthieu\Application Data\U3 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-03-09 28880] R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-03-09 162640] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-03-09 46672] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-10 40320] R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-11-09 59388] R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-09-28 5627] R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-09-28 23545] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-03-09 19024] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-03-09 100432] R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-08-13 40544] R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032] R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-09-28 25947] R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-09-28 34843] R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-09-28 4123] R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-09-28 2271] R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-09-28 86458] R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-09-28 15131] R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-09-28 6363] R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-09-28 98714] R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-09-28 100603] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-10-06 129280] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-01-28 1065311] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-05-09 101833] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-03-09 23376] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080] R3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-06-22 154112] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 MXOPSWD;Maxtor OneTouch Security Driver; C:\WINDOWS\system32\DRIVERS\mxopswd.sys [2007-05-03 22152] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-08-23 3222208] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-08-11 14604] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-10 67584] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-09-01 259648] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-09-13 146304] R3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2004-05-17 8573] R3 ttv200x;TOSHIBA PCI TV Tuner type W; C:\WINDOWS\system32\DRIVERS\ttv200x.sys [2005-01-07 828672] R3 Tvs;Toshiba Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2004-12-20 29056] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 dot4;Pilote MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360] S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928] S3 Dot4Scan;Pilote de classe Scanneur pour IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704] S3 dot4usb;Filtre Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-23 24064] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0); C:\WINDOWS\system32\DRIVERS\CamDrL21.sys [2002-06-10 371766] S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-10 11136] S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-10 10240] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104] S3 w29n51;Pilote de carte de connexion réseau Intel® PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-30 3222784] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 Yrwspwgu;Yrwspwgu; \??\C:\WINDOWS\system32\drivers\Yrwspwgu.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeActiveFileMonitor4.0;Adobe Active File Monitor V4; C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [2005-09-09 102400] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Avast5\AvastSvc.exe [2010-02-11 40384] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2004-11-10 36864] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2004-09-28 195584] R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2004-08-10 103424] R2 kraidsvc;TOSHIBA RAID Service; C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe [2005-02-11 213075] R2 Maxtor Sync Service;Maxtor Service; C:\Program Files\Maxtor\Sync\SyncServices.exe [2007-09-28 156976] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-08-23 127042] R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-10-13 75064] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Avast5\AvastSvc.exe [2010-02-11 40384] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Avast5\AvastSvc.exe [2010-02-11 40384] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568] S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-13 135664] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-10-08 72704] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2003-02-20 32768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] -----------------EOF-----------------

OTM n'a pas redémarré tout seul après le reboot. Je l'ai donc relancé. Ci-dessous les contenus des deux logs. All processes killed Error: Unable to interpret <Go> in the current context! ========== FILES ========== c:\documents and settings\matthieu\local settings\application data\ave.exe moved successfully. ========== REGISTRY ========== ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32768 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32768 bytes ->Flash cache emptied: 41 bytes User: LocalService ->Temp folder emptied: 115616 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: Matthieu ->Temp folder emptied: 223860659 bytes ->Temporary Internet Files folder emptied: 1158956219 bytes ->Java cache emptied: 3598110 bytes ->Flash cache emptied: 2012827 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 3072 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 12075321 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34313 bytes RecycleBin emptied: 1603970774 bytes Total Files Cleaned = 2 866,00 mb OTM by OldTimer - Version 3.1.10.1 log created on 03192010_204959 Files moved on Reboot... C:\Documents and Settings\Matthieu\Local Settings\Temporary Internet Files\Content.IE5\XDUQ8H1Z\google[1].htm moved successfully. C:\Documents and Settings\Matthieu\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat moved successfully. File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot... ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Ci-dessous le 2e log All processes killed Error: Unable to interpret <Go> in the current context! ========== FILES ========== File/Folder c:\documents and settings\matthieu\local settings\application data\ave.exe not found. ========== REGISTRY ========== ========== COMMANDS ========== [EMPTYTEMP] User: Administrateur ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Matthieu ->Temp folder emptied: 147456 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 664 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 0,00 mb OTM by OldTimer - Version 3.1.10.1 log created on 03192010_210152 Files moved on Reboot... File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot...

Après avoir installé RSIT comme conseillé dans les autres sujets, voici les rapports. Tout d'abord le fichier info : info.txt logfile of random's system information tool 1.06 2010-03-19 20:05:23 ======Uninstall list====== -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6} -->C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19} -->MsiExec.exe /I{3B55590C-8A9B-4BD6-B489-744B63026A2A} -->MsiExec.exe /I{C98E5F1B-5C2B-4FD1-BDF9-F3779DCAAA16} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 3C Texas Holdem Poker-->C:\WINDOWS\uninst.exe -f"C:\Program Files\3C Texas Holdem Poker\DeIsL1.isu" -c"C:\Program Files\3C Texas Holdem Poker\_ISREG32.DLL" Ad-Aware SE Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Help Center 2.0-->MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903} Adobe Photoshop Elements 4.0-->msiexec /I {EBB7C1C1-D439-4D9B-9FDC-954C10F266B0} Adobe Premiere Elements 1.0-->msiexec /I {6CCDF4E6-D2AE-4DD8-80FD-F9AFF951AEAE} Adobe Premiere Pro-->RunDll32 "C:\Program Files\Fichiers communs\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll",LaunchSetup "C:\Program Files\InstallShield Installation Information\{084709F7-38C5-4609-B55F-2417939315EB}\setup.exe" Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001} Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log Age of Empires III - The WarChiefs-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{1C08A24C-B168-407E-A826-68FAF5F20710} Age of Empires III-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97} ALPS Touch Pad Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}\setup.exe" UNINSTALL Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143} Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Assist TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\Setup.exe" -l0x40c Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} avast! Free Antivirus-->C:\Program Files\Avast5\aswRunDll.exe "C:\Program Files\Avast5\Setup\setiface.dll" RunSetup Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} Canon i850-->C:\WINDOWS\system32\CNMCP4b.exe "-PRINTERNAMECanon i850" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon i850 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon i850 Installer\Inst2\cnmi0409.dll" CM Scout-->C:\Program Files\Jeux\CM5\CMScout\Uninstall.exe Commandes TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}\Setup.exe" -l0x40c UNINSTALL Correctif cumulatif 1 pour Windows XP Édition Media Center 2005 (KB873369)-->C:\WINDOWS\$NtUninstallMC05Upd1$\spuninst\spuninst.exe Correctif pour Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe" Correctif Windows XP - KB834707-->C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe Correctif Windows XP - KB873333-->C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe Correctif Windows XP - KB873339-->C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Correctif Windows XP - KB884020-->C:\WINDOWS\$NtUninstallKB884020$\spuninst\spuninst.exe Correctif Windows XP - KB885250-->C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe Correctif Windows XP - KB885835-->C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Correctif Windows XP - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Correctif Windows XP - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Correctif Windows XP - KB887472-->C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Correctif Windows XP - KB887742-->C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe Correctif Windows XP - KB888113-->C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe Correctif Windows XP - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Correctif Windows XP - KB889673-->C:\WINDOWS\$NtUninstallKB889673$\spuninst\spuninst.exe Correctif Windows XP - KB890546-->C:\WINDOWS\$NtUninstallKB890546$\spuninst\spuninst.exe Correctif Windows XP - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" Correctif Windows XP - KB891781-->C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe Correctif Windows XP - KB893086-->"C:\WINDOWS\$NtUninstallKB893086$\spuninst\spuninst.exe" DAEMON Tools-->MsiExec.exe /I{83895843-3A51-4C93-9DF3-2BDB65C7E54A} deskPDF 2.5 Standard Edition-->"C:\Program Files\Docudesk\deskPDF\unins000.exe" DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC Docudesk GPL Ghostscript 8.15-->"C:\Program Files\Docudesk\GPL Ghostscript\unins000.exe" FileZilla (remove only)-->"C:\Program Files\FileZilla\uninstall.exe" Formatage de carte mémoire SD TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}\Setup.exe" -l0x40c Freeplayer-->C:\Program Files\Freeplayer\Uninstall.exe Gestion d'énergie TOSHIBA-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll" Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Earth-->MsiExec.exe /X{2EAF7E61-068E-11DF-953C-005056806466} Half-Life 2: Episode One-->"D:\Jeux\Steam\steam.exe" steam://uninstall/380 Half-Life 2: Episode Two-->"D:\Jeux\Steam\steam.exe" steam://uninstall/420 Half-Life 2-->"D:\Jeux\Steam\steam.exe" steam://uninstall/220 Half-Life-->C:\WINDOWS\IsUn040c.exe -f"c:\program files\jeux\Half Life\Uninst.isu" -c"c:\program files\jeux\Half Life\HLUNINST.DLL" Heroes of Might & Magic V: Hammers of Fate-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66FF4C48-0083-4E60-8556-B883AB200091}\setup.exe" -l0x40c Heroes of Might and Magic V-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{20071984-5EB1-4881-8EDB-082532ACEC6D}\setup.exe" -l0x40c HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe" Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31} Intel® PRO Network Adapters and Drivers-->Prounstl.exe InterVideo WinDVD for TOSHIBA-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL iPod Updater 2004-08-06-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{2F8C106A-7DFC-45DE-8006-F9145AADF1D8} /l1036 iTunes-->MsiExec.exe /I{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5} J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000} K-Lite Codec Pack 2.10 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe" Macromedia Flash Player-->MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c} Manuels TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{188BA1CC-F3A1-49B0-A34D-8C861C64E1AE}\Setup.exe" -l0x40c MathType 5-->"C:\Program Files\MathType\Setup.exe" -R Maxtor Manager-->"C:\Program Files\InstallShield Installation Information\{ED01D958-AEDC-40C8-93FD-0C08E8AA9530}\setup.exe" -runfromtemp -l0x040c -removeonly Maxtor Manager-->MsiExec.exe /I{ED01D958-AEDC-40C8-93FD-0C08E8AA9530} Microsoft .NET Framework 1.0 Hotfix (KB887998)-->"C:\WINDOWS\$NtUninstallKB887998$\spuninst\spuninst.exe" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office OneNote 2003-->MsiExec.exe /I{91A1040C-6000-11D3-8CFE-0150048383C9} Microsoft Office Standard Edition 2003-->MsiExec.exe /I{9112040C-6000-11D3-8CFE-0150048383C9} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} mIRC-->"C:\Program Files\mIRC\mirc.exe" -uninstall Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB890046)-->"C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB893066)-->"C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896358)-->"C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896422)-->"C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896423)-->"C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896424)-->"C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896688)-->"C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899588)-->"C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899589)-->"C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899591)-->"C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901214)-->"C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB904706)-->"C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905915)-->"C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB908519)-->"C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB908531)-->"C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911562)-->"C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911567)-->"C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB912812)-->"C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB912919)-->"C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB913446)-->"C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914388)-->"C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917159)-->"C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917344)-->"C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918439)-->"C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918899)-->"C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920214)-->"C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB921398)-->"C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB921883)-->"C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB922616)-->"C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB922760)-->"C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924496)-->"C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB925454)-->"C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB925486)-->"C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB896727)-->"C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe" MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} MSXML 6.0 Parser-->MsiExec.exe /I{A43BF6A5-D5F0-4AAA-BF41-65995063EC44} Mumble and Murmur-->C:\Program Files\Mumble\Uninstall.exe Nikon Message Center-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\Setup.exe" -l0x40c UNINSTALL NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI Outil de diagnostic PC TOSHIBA-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\PCDiag\Uninst.isu" Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PictureProject-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}\Setup.exe" -l0x40c UNINSTALL Portal-->"D:\Jeux\Steam\steam.exe" steam://uninstall/400 PowerISO-->"C:\Program Files\PowerISO\uninstall.exe" QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2} Réducteur de bruit lect. CD/DVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x40c SD Secure Module-->MsiExec.exe /X{C45F4811-31D5-4786-801D-F79CD06EDD85} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Skype™ 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D} Son virtuel TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B12BA86-ADAC-4BA6-B441-FFC591087252}\setup.exe" /uninstall Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6} Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011} Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19} SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x40c -removeonly Source SDK Base-->"D:\Jeux\Steam\steam.exe" steam://uninstall/215 SpeechRedist-->MsiExec.exe /X{8795CBED-55E2-4693-9F14-84EC446935BE} Steam-->D:\Jeux\Steam\UNWISE.EXE D:\Jeux\Steam\INSTALL.LOG System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe Team Fortress 2-->"D:\Jeux\Steam\steam.exe" steam://uninstall/440 TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak\unins000.exe" TeamSpeak 2 Server RC2-->"C:\Program Files\Teamspeak\Teamspeak2_RC2\unins000.exe" Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{3F6A5F11-EC99-44DD-A27E-C5C61E47CE48} /l1036 TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe" -l0x40c UNINSTALL TOSHIBA Software Modem-->Tosmreg -U TOSHIBA Utilities-->tutildel.exe Touch and Launch-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D96E2B1-D9AC-46E0-9073-425C5F63E338}\Setup.exe" -l0x40c Unreal Tournament 2004-->C:\Program Files\Jeux\UT2k4\System\Setup.exe uninstall "UT2004" Utilitaire Activer/désactiver la tablette tactile TOSHIBA V2.05.00-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\TOSHIBA\TouchED\Uninst.isu" -c"C:\Program Files\TOSHIBA\TouchED\tpedinst.dll" Utilitaire de zoom TOSHIBA-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\setup.exe" Utilitaire d'enrichissement d'image Toshiba-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{47DC4B39-B1F6-498A-AFFE-E78FDAF34D1F}\setup.exe" Utilitaire TOSHIBA d'accès direct aux périphériques d’affichage-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\TFNF5Wxp.inf,DefaultUninstall,5 Utilitaire TOSHIBA de changement d'écran-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\TDspBtn.inf,DefaultUninstall,5 Utilitaire TOSHIBA RAID-->MsiExec.exe /X{3E6FA9D9-D4CA-492B-AE98-83A2D853A355} Utilitaires Sierra-->C:\Program Files\Sierra On-Line\sutil32.exe uninstall Ventrilo Client-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F} VideoLAN VLC media player 0.8.5-->C:\Program Files\VLC\uninstall.exe Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe" Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956} Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1} Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows XP Édition Media Center 2005 KB888316-->C:\WINDOWS\$NtUninstallKB888316$\spuninst\spuninst.exe WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe Wireless Hotkey-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7862BAD8-A379-4128-8AA1-EFD5A9603C53}\Setup.exe" Wolfenstein - Enemy Territory-->C:\PROGRA~1\Jeux\WET\Uninstall\Unwise.exe /u C:\PROGRA~1\Jeux\WET\Uninstall\Install.log ======Security center information====== AV: avast! Antivirus ======System event log====== Computer Name: THOT Event Code: 1003 Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 0012F01ABE5B. Il s'est produit l'erreur suivante : L'opération a été annulée par l'utilisateur. . Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). Record Number: 61171 Source Name: Dhcp Time Written: 20091230003902.000000+060 Event Type: Avertissement User: Computer Name: THOT Event Code: 4202 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{BC0D61B5-D09E-4B35-B758-0C65C2763C1E} était déconnectée du réseau, et la configuration réseau de la carte a été abandonnée. Si la carte réseau n'était pas déconnectée, ceci peut indiquer un disfonctionnement. Contactez le fabricant pour des pilotes mis à jour. Record Number: 61170 Source Name: Tcpip Time Written: 20091230003902.000000+060 Event Type: Informations User: Computer Name: THOT Event Code: 1003 Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 0012F01ABE5B. Il s'est produit l'erreur suivante : L'opération a été annulée par l'utilisateur. . Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). Record Number: 61169 Source Name: Dhcp Time Written: 20091230003847.000000+060 Event Type: Avertissement User: Computer Name: THOT Event Code: 4201 Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{BC0D61B5-D09E-4B35-B758-0C65C2763C1E} était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 61168 Source Name: Tcpip Time Written: 20091230003847.000000+060 Event Type: Informations User: Computer Name: THOT Event Code: 1003 Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 0012F01ABE5B. Il s'est produit l'erreur suivante : L'opération a été annulée par l'utilisateur. . Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP). Record Number: 61167 Source Name: Dhcp Time Written: 20091230003842.000000+060 Event Type: Avertissement User: =====Application event log===== Computer Name: THOT Event Code: 1 Message: Record Number: 4296 Source Name: nview_info Time Written: 20090527203005.000000+120 Event Type: erreur User: Computer Name: THOT Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 4295 Source Name: SecurityCenter Time Written: 20090527184548.000000+120 Event Type: Informations User: Computer Name: THOT Event Code: 1000 Message: Le service TOSHIBA RAID a démarré. Record Number: 4294 Source Name: KRAIDSVC Time Written: 20090527184539.000000+120 Event Type: Informations User: Computer Name: THOT Event Code: 2570 Message: Le service Adobe Active File Monitor a démarré. Record Number: 4293 Source Name: Adobe Active File Monitor 4.0 Time Written: 20090527184536.000000+120 Event Type: User: Computer Name: THOT Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 4292 Source Name: SecurityCenter Time Written: 20090527000017.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel "PROCESSOR_REVISION"=0d08 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "BitRock"=1 "CLASSPATH"=.;C:\Program Files\Java\jre1.5.0\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.5.0\lib\ext\QTJava.zip -----------------EOF----------------- Et voici le fichier log : Logfile of random's system information tool 1.06 (written by random/random) Run by Matthieu at 2010-03-19 20:05:14 Microsoft Windows XP Professionnel Service Pack 2 System drive C: has 3 GB (4%) free of 76 GB Total RAM: 1023 MB (62% free) ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\Symantec NetDetect.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}] DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2004-09-28 118842] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2004-08-10 59392] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-08-23 7122944] "nwiz"=nwiz.exe /installquiet /keeploaded /nodetect [] "00THotkey"=C:\WINDOWS\system32\00THotkey.exe [2005-01-27 270336] "000StTHK"=000StTHK.exe_ [] "TFNF5"=C:\WINDOWS\system32\TFNF5.exe [2004-06-28 73728] "SmoothView"=C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe [2004-12-21 118784] "Utilitaire d'enrichissement d'image Toshiba"=C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe [2005-02-17 638976] "SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-10-14 1388544] "SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2004-08-06 860160] "Tvs"=C:\Program Files\TOSHIBA\Tvs\TvsTray.exe [2004-11-12 73728] "Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2004-03-24 196608] "TouchED"=C:\Program Files\TOSHIBA\TouchED\TouchED.Exe [2003-03-11 122880] "PadTouch"=C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe [2004-11-17 1077327] "AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-12-21 88358] "NDSTray.exe"=NDSTray.exe [] "TosHKCW.exe"=C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe [2002-09-09 49152] "TPSMain"=C:\WINDOWS\system32\TPSMain.exe [2004-12-29 266240] "TPSODDCtl"=C:\WINDOWS\system32\TPSODDCtl.exe [2004-12-29 102400] "TFncKy"=TFncKy.exe [] "dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2004-09-28 127035] "Kraidman"=C:\Program Files\Toshiba\TOSHIBA RAID\Console\Kraidman.exe [2005-02-11 1081426] "pdfw"=C:\Program Files\Amic Utilities\PDF Writer Pro\pdfwload.exe [2004-03-24 32768] "CFSServ.exe"=CFSServ.exe -NoClient [] "mxomssmenu"=C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe [2007-09-06 169264] "Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe [2005-09-09 57344] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600] "PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2009-11-09 180224] "avast5"=C:\PROGRA~1\Avast5\avastUI.exe [2010-02-11 2756488] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2003-09-15 65536] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-10 15360] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033] C:\Program Files\D-Tools\daemon.exe [2003-12-27 81920] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2009-01-29 23975720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] D:\Jeux\Steam\Steam.exe [2009-06-16 1217784] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage NkbMonitor.exe.lnk - C:\Program Files\PictureProject\NkbMonitor.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Jeux\Half Life\Steam\SteamApps\mathcarissimo@evhr.net\team fortress classic\hl.exe"="C:\Program Files\Jeux\Half Life\Steam\SteamApps\mathcarissimo@evhr.net\team fortress classic\hl.exe:*:Enabled:Half-Life Launcher" "C:\Program Files\Toshiba\ConfigFree\CFXFER.exe"="C:\Program Files\Toshiba\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine" "C:\Program Files\amsn\bin\wish.exe"="C:\Program Files\amsn\bin\wish.exe:*:Enabled:Wish Application" "C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC" "C:\Program Files\Jeux\Half Life\Steam\steam.exe"="C:\Program Files\Jeux\Half Life\Steam\steam.exe:*:Enabled:Steam" "D:\Jeux\Steam\steam.exe"="D:\Jeux\Steam\steam.exe:*:Enabled:Steam" "D:\Jeux\Steam\steamapps\mathcarissimo@evhr.net\team fortress 2\hl2.exe"="D:\Jeux\Steam\steamapps\mathcarissimo@evhr.net\team fortress 2\hl2.exe:*:Disabled:hl2" "D:\Jeux\Steam\steamapps\mathcarissimo@evhr.net\source sdk base\hl2.exe"="D:\Jeux\Steam\steamapps\mathcarissimo@evhr.net\source sdk base\hl2.exe:*:Enabled:hl2" "C:\Program Files\Freeplayer\vlc\vlc.exe"="C:\Program Files\Freeplayer\vlc\vlc.exe:*:Enabled:VLC media player" "C:\Program Files\Adobe\Photoshop Elements 4.0\AdobePhotoshopElementsMediaServer.exe"="C:\Program Files\Adobe\Photoshop Elements 4.0\AdobePhotoshopElementsMediaServer.exe:*:Disabled:Adobe Photoshop Elements Media Server" "C:\Program Files\VLC\vlc.exe"="C:\Program Files\VLC\vlc.exe:*:Enabled:VLC media player" "C:\Program Files\Jeux\WET\ETDED.exe"="C:\Program Files\Jeux\WET\ETDED.exe:*:Enabled:ETDED" "C:\Program Files\Jeux\WET\ET.exe"="C:\Program Files\Jeux\WET\ET.exe:*:Enabled:ET" "C:\Program Files\Teamspeak\Teamspeak2_RC2\server_windows.exe"="C:\Program Files\Teamspeak\Teamspeak2_RC2\server_windows.exe:*:Enabled:Server" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\Jeux\Age of Empires 3\age3x.exe"="C:\Program Files\Jeux\Age of Empires 3\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs" "C:\Program Files\Jeux\Age of Empires 3\age3.exe"="C:\Program Files\Jeux\Age of Empires 3\age3.exe:*:Enabled:Age of Empires 3" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\WINDOWS\system32\dmremote.exe"="C:\WINDOWS\system32\dmremote.exe:*:Enabled:dmremote" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{14cfb960-8282-11dd-911d-000e7bd3cc71}] shell\AutoRun\command - F:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a751fae3-a3a0-11dd-9140-000e7bd3cc71}] shell\AutoRun\command - F:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{afa1dc2c-2828-11dd-90ac-0012f01abe5b}] shell\AutoRun\command - .\Encryption Tool\MaxtorEncryption.exe ======File associations====== .exe - open - "C:\Documents and Settings\Matthieu\Local Settings\Application Data\ave.exe" /START "%1" %* ======List of files/folders created in the last 1 months====== 2010-03-19 20:05:15 ----D---- C:\Program Files\trend micro 2010-03-19 20:05:14 ----D---- C:\rsit ======List of files/folders modified in the last 1 months====== 2010-03-19 20:05:15 ----RD---- C:\Program Files 2010-03-19 20:04:57 ----D---- C:\WINDOWS\Prefetch 2010-03-19 19:52:16 ----D---- C:\WINDOWS 2010-03-19 19:51:46 ----D---- C:\WINDOWS\Temp 2010-03-19 19:51:28 ----D---- C:\WINDOWS\Registration 2010-03-19 19:16:06 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-03-19 19:14:06 ----D---- C:\WINDOWS\system32\CatRoot2 2010-03-18 20:38:55 ----SHD---- C:\WINDOWS\Installer 2010-03-13 00:34:47 ----D---- C:\Program Files\Google 2010-03-13 00:16:13 ----D---- C:\Utils 2010-03-07 23:17:58 ----D---- C:\Documents and Settings\Matthieu\Application Data\U3 2010-03-01 20:27:20 ----D---- C:\Program Files\Avast5 2010-03-01 20:24:32 ----D---- C:\WINDOWS\system32 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-02-11 28880] R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-02-11 162512] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-02-11 46672] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-10 40320] R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-11-09 59388] R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-09-28 5627] R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-09-28 23545] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-02-11 19024] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-02-11 100432] R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-08-13 40544] R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032] R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-09-28 25947] R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-09-28 34843] R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-09-28 4123] R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-09-28 2271] R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-09-28 86458] R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-09-28 15131] R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-09-28 6363] R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-09-28 98714] R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-09-28 100603] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-10-06 129280] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-01-28 1065311] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-05-09 101833] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-02-11 23376] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080] R3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-06-22 154112] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-08-23 3222208] R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-08-11 14604] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-10 67584] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-09-01 259648] R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2004-09-13 146304] R3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2004-05-17 8573] R3 ttv200x;TOSHIBA PCI TV Tuner type W; C:\WINDOWS\system32\DRIVERS\ttv200x.sys [2005-01-07 828672] R3 Tvs;Toshiba Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2004-12-20 29056] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 dot4;Pilote MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360] S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928] S3 Dot4Scan;Pilote de classe Scanneur pour IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [2001-08-17 8704] S3 dot4usb;Filtre Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-08-23 24064] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 MXOPSWD;Maxtor OneTouch Security Driver; C:\WINDOWS\system32\DRIVERS\mxopswd.sys [2007-05-03 22152] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0); C:\WINDOWS\system32\DRIVERS\CamDrL21.sys [2002-06-10 371766] S3 sffdisk;Pilote de classe de stockage SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2004-08-10 11136] S3 sffp_sd;Pilote de protocole de stockage SFF pour SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2004-08-10 10240] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104] S3 w29n51;Pilote de carte de connexion réseau Intel® PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-30 3222784] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S3 Yrwspwgu;Yrwspwgu; \??\C:\WINDOWS\system32\drivers\Yrwspwgu.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeActiveFileMonitor4.0;Adobe Active File Monitor V4; C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [2005-09-09 102400] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Avast5\AvastSvc.exe [2010-02-11 40384] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2004-11-10 36864] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2004-09-28 195584] R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2004-08-10 103424] R2 kraidsvc;TOSHIBA RAID Service; C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe [2005-02-11 213075] R2 Maxtor Sync Service;Maxtor Service; C:\Program Files\Maxtor\Sync\SyncServices.exe [2007-09-28 156976] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-08-23 127042] R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-10-13 75064] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Avast5\AvastSvc.exe [2010-02-11 40384] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Avast5\AvastSvc.exe [2010-02-11 40384] R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568] S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-13 135664] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-10-08 72704] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2003-02-20 32768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2004-08-10 14336] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] -----------------EOF-----------------