Tranphu

Voici Toolbar S&D : -----------\\ ToolBar S&D 1.2.9 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Processeur Intel Pentium III Xeon ) BIOS : BIOS Date: 08/20/08 13:38:47 Ver: 08.00.14 USER : NACHTERGAELE ( Administrator ) BOOT : Normal boot Antivirus : ESET NOD32 Antivirus 4.2 4.2 (Activated) Firewall : Outpost Firewall Pro 7.0.4 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:488 Go (Free:426 Go) D:\ (CD or DVD) E:\ (CD or DVD) F:\ (Local Disk) - NTFS - Total:76 Go (Free:55 Go) H:\ (Local Disk) - NTFS - Total:443 Go (Free:436 Go) "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 ) Option : [1] ( dim. 12/12/2010| 9:52 ) -----------\\ Recherche de Fichiers / Dossiers ... C:\WINDOWS\iun6002.exe -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://abonnes.lemonde.fr/" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://fr.yahoo.com"'>http://fr.yahoo.com" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"'>http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Local Page"="C:\\WINDOWS\\system32\\blank.htm" "Start Page"="http://fr.yahoo.com" --------------------\\ Recherche d'autres infections --------------------\\ Cracks & Keygens .. C:\DOCUME~1\NACHTE~1\Bureau\Intérêt général\Brown in crackdown on public sector pay.pdf 1 - "C:\ToolBar SD\TB_1.txt" - dim. 12/12/2010| 9:55 - Option : [1] -----------\\ Fin du rapport a 9:55:14,21

Voici HJ: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:43:07, on 12/12/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Thomson\ST330\service\st330service.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Fichiers communs\LogiShrd\Bluetooth\lbtserv.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PS Tray Factory\PSTrayFactory.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\autoclk.exe C:\WINDOWS\adiras.exe C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\USBStorage\USBDetector.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\Logitech\SetPointP\LBTWiz.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\Program Files\Fichiers communs\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Hide Folders XP 2\hfxp.exe C:\Program Files\Eraser\Eraser 5.8\Eraser.exe C:\Program Files\Logitech\Vid HD\Vid.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Documents and Settings\NACHTERGAELE\Bureau\Stabilisation PC\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://abonnes.lemonde.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O1 - Hosts: ÿ₫127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Barre d'outils Copernic Desktop Search - Corporate - {B69A3268-DA39-49B0-B1A6-4E7E4B98BB45} - C:\Program Files\Copernic Desktop Search - Corporate\Toolbar\ToolbarContainer101000325.dll O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [autoclk] "C:\WINDOWS\autoclk.exe" O4 - HKLM\..\Run: [adiras] "C:\WINDOWS\adiras.exe" O4 - HKLM\..\Run: [TrayFactory] "C:\Program Files\PS Tray Factory\PSTrayFactory.exe" /start O4 - HKLM\..\Run: [MsmqIntCert] "regsvr32" /s mqrt.dll O4 - HKLM\..\Run: [VadeRetro Outlook] "C:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe" -s O4 - HKLM\..\Run: [VRManager] "C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe" O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:os_startup O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [uSBDetector] "C:\USBStorage\USBDetector.exe" O4 - HKLM\..\Run: [OutpostMonitor] "C:\PROGRA~1\Agnitum\Outpost Firewall Pro\op_mon.exe" /tray /noservice O4 - HKLM\..\Run: [EvtMgr6] "C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming O4 - HKLM\..\Run: [bluetooth Connection Assistant] LBTWIZ.EXE -silent O4 - HKLM\..\Run: [LWS] "C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe" -hide O4 - HKLM\..\Run: [Launcher main application] "C:\Program Files\Logitech\LWS\Webcam Software\Launcher_Main.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKLM\..\RunOnce: [PSTF] C:\Program Files\PS Tray Factory\PSTrayFactory.exe /start O4 - HKCU\..\Run: [hfxp] "C:\Program Files\Hide Folders XP 2\hfxp.exe" /s O4 - HKCU\..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe" O4 - HKCU\..\Run: [Eraser] "C:\Program Files\Eraser\Eraser 5.8\Eraser.exe" -hide O4 - HKCU\..\Run: [Copernic Desktop Search - Corporate] "C:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe" /tray O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode O4 - HKCU\..\Run: [Logitech camera] "C:\Program Files\Logitech\LWS\Webcam Software\Launcher_Main.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Résumer avec Copernic Summarizer - C:\PROGRA~1\COPERN~3\Web\SummarizePage.htm O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: Résumer - {0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} - C:\PROGRA~1\COPERN~3\CopernicSummarizerApp.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~3\CopernicSummarizerApp.dll O9 - Extra 'Tools' menuitem: Résumer avec Copernic Summarizer - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~3\CopernicSummarizerApp.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Détection de dispositifs) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Plug-in 1.6.0_17) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E6EF5819-54BE-4570-A832-6E6C9FA0DC85}: NameServer = 195.238.2.22 195.238.2.21 O20 - AppInit_DLLs: c:\progra~1\agnitum\outpost firewall pro\wl_hook.dll acaptuser32.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\Outpost Firewall Pro\acs.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\2010\DkService.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Program Files/Thomson/ST330/service/st330service.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe O24 - Desktop Component AutorunsDisabled: (no name) - (no file) -- End of file - 16031 bytes

Voici HJ: C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files\Hide Folders XP 2\hfxp.exe C:\Program Files\Eraser\Eraser 5.8\Eraser.exe C:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe C:\Program Files\Logitech\Vid HD\Vid.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\office12\offlb.exe C:\Documents and Settings\NACHTERGAELE\Bureau\Stabilisation PC\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://abonnes.lemonde.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O1 - Hosts: ÿ₫127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Barre d'outils Copernic Desktop Search - Corporate - {B69A3268-DA39-49B0-B1A6-4E7E4B98BB45} - C:\Program Files\Copernic Desktop Search - Corporate\Toolbar\ToolbarContainer101000325.dll O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [autoclk] "C:\WINDOWS\autoclk.exe" O4 - HKLM\..\Run: [adiras] "C:\WINDOWS\adiras.exe" O4 - HKLM\..\Run: [TrayFactory] "C:\Program Files\PS Tray Factory\PSTrayFactory.exe" /start O4 - HKLM\..\Run: [MsmqIntCert] "regsvr32" /s mqrt.dll O4 - HKLM\..\Run: [VadeRetro Outlook] "C:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe" -s O4 - HKLM\..\Run: [VRManager] "C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe" O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:os_startup O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [uSBDetector] "C:\USBStorage\USBDetector.exe" O4 - HKLM\..\Run: [OutpostMonitor] "C:\PROGRA~1\Agnitum\Outpost Firewall Pro\op_mon.exe" /tray /noservice O4 - HKLM\..\Run: [EvtMgr6] "C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming O4 - HKLM\..\Run: [bluetooth Connection Assistant] LBTWIZ.EXE -silent O4 - HKLM\..\Run: [LWS] "C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe" -hide O4 - HKLM\..\Run: [Launcher main application] "C:\Program Files\Logitech\LWS\Webcam Software\Launcher_Main.exe" O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [PSTF] C:\Program Files\PS Tray Factory\PSTrayFactory.exe /start O4 - HKCU\..\Run: [hfxp] "C:\Program Files\Hide Folders XP 2\hfxp.exe" /s O4 - HKCU\..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe" O4 - HKCU\..\Run: [Eraser] "C:\Program Files\Eraser\Eraser 5.8\Eraser.exe" -hide O4 - HKCU\..\Run: [Copernic Desktop Search - Corporate] "C:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe" /tray O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode O4 - HKCU\..\Run: [Logitech camera] "C:\Program Files\Logitech\LWS\Webcam Software\Launcher_Main.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Résumer avec Copernic Summarizer - C:\PROGRA~1\COPERN~3\Web\SummarizePage.htm O9 - Extra button: (no name) - AutorunsDisabled - (no file) O9 - Extra button: Résumer - {0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} - C:\PROGRA~1\COPERN~3\CopernicSummarizerApp.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~3\CopernicSummarizerApp.dll O9 - Extra 'Tools' menuitem: Résumer avec Copernic Summarizer - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~3\CopernicSummarizerApp.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Détection de dispositifs) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Plug-in 1.6.0_17) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E6EF5819-54BE-4570-A832-6E6C9FA0DC85}: NameServer = 195.238.2.22 195.238.2.21 O20 - AppInit_DLLs: c:\progra~1\agnitum\outpost firewall pro\wl_hook.dll acaptuser32.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\Outpost Firewall Pro\acs.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\2010\DkService.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Program Files/Thomson/ST330/service/st330service.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe O24 - Desktop Component AutorunsDisabled: (no name) - (no file) -- End of file - 16249 bytes Ici, il s'agit de 3 programmes dont j'ai besoin: O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Barre d'outils Copernic Desktop Search - Corporate - {B69A3268-DA39-49B0-B1A6-4E7E4B98BB45} - C:\Program Files\Copernic Desktop Search - Corporate\Toolbar\ToolbarContainer101000325.dll

Bonjour et merci pour cette réponse. 1. Tu as raison, il serait dommage de désinstaller un logiciel que tu as payé. Par contre, arrivé à la date de fin de validité, je te conseille de le désinstaller, car MBAM le remplace avantageusement; seul bémol, dans sa version free, MBAM ne dispose pas d'une protection résidente => il faut effectuer des scans à la demande (après MAJ, bien entendu). A l'échéance, je le remplacerais par MBAM 2. En complément de ton anti-spywares, tu pourrais télécharger et installer un bon anti-virus gratuit : --> voici le lien pour téléchargement + tuto ANTIVIR de AVIRA (merci à MALEKAL) J'ai déjà ESET Nod32 comme anti-virus. Il faut en ajouter un? 3. Si ce n'est déjà fait : - effectue une mise à jour de JAVA : http://www.java.com/...d/installed.jsp - effectue une mise à jour de Flash Player : Adobe - Flash Player OK 4. Y'a-t-il du mieux après mise en application de ces différentes manips ? Il me semble que la machine s'embale plus le soir... J'ai toujours des difficultés au démarage avec Outlook. Merci encore pour ton aide.

Voici: 1. Double-cliquue sur l'icône AD REMOVER placée sur le bureau et choisis "désinstaller". OK 2. As-tu procédé à la mise en application des autres conseils ? - dépoussiérage - limitation des programmes au démarrage - désactivation des services Windows inutiles OK 3. Désinstalle Spybot S&D : il n'est plus du tout efficace et peut même générer des soucis de fonctionnement. Il convient de le désinstaller proprement afin de nettoyer toute éventuelle trace résiduelle. Voici un tuto : Désinstaller proprement Spybot Search and Destroy 1.6 OK 4. Désinstalle également Webroot Spy Sweeper via ajouter/supprimer des programmes J'ai acheté ce logiciel....C'est vraiement nécessaire? 5. Effectue un bon nettoayge avec CCleaner (cf. tuto de l'ami thorgal : [TUTO] Ccleaner v3 (Installation, paramétrages et mode d'emploi) - Forum OverClocking-PC) OK 6. Installe Malwarebytes' Anti-Malware (MBAM), pour lequel il existe une excellent tuto : Tutorial MalwareByte Anti-Malware | malekal's site OK 7. Si tu n'en as pas l'utilité, désactive Ctfmon.exe au démarrage Navré, mais nous utilisons aussi le clavier Vietnamien.

Voici, cela a mis du temps, vu que j'ai des problèmes de connexion. SCAN: ======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 08/12/10 à 10:40 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 23:40:54 le 09/12/2010, Mode normal Microsoft Windows XP Professionnel Service Pack 3 (X86) NACHTERGAELE@NACHTERG-0DAA01 ( ) ============== RECHERCHE ============== Clé trouvée: HKLM\Software\Classes\Interface\{2A6B0172-4ED2-11D0-98BE-00805F7CED21} ============== SCAN ADDITIONNEL ============== ** Internet Explorer Version [7.0.5730.13] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157 Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Show_ToolBar: yes Start Page: hxxp://abonnes.lemonde.fr/ Use Custom Search URL: 1 [HKLM\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://fr.yahoo.com Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Delete_Temp_Files_On_Exit: yes Local Page: C:\WINDOWS\system32\blank.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Start Page: hxxp://fr.yahoo.com [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 1 Fichier(s) C:\Ad-Report-SCAN[1].txt - 09/12/2010 (1625 Octet(s)) Fin à: 23:51:32, 09/12/2010 ============== E.O.F ============== Clean: ======= RAPPORT D'AD-REMOVER 2.0.0.2,C | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 08/12/10 à 10:40 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 23:53:28 le 09/12/2010, Mode normal Microsoft Windows XP Professionnel Service Pack 3 (X86) NACHTERGAELE@NACHTERG-0DAA01 ( ) ============== ACTION(S) ============== (!) -- Fichiers temporaires supprimés. Clé supprimée: HKLM\Software\Classes\Interface\{2A6B0172-4ED2-11D0-98BE-00805F7CED21} ============== SCAN ADDITIONNEL ============== ** Internet Explorer Version [7.0.5730.13] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ Use Custom Search URL: 1 [HKLM\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\WINDOWS\system32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 14 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 09/12/2010 (1852 Octet(s)) C:\Ad-Report-SCAN[1].txt - 09/12/2010 (1754 Octet(s)) Fin à: 23:54:16, 09/12/2010 ============== E.O.F ==============

Voici, il me reste à dépoussièrer, ce sera pour demain. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 2:11:44, on 9/12/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Thomson\ST330\service\st330service.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Fichiers communs\LogiShrd\Bluetooth\lbtserv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PS Tray Factory\PSTrayFactory.exe C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\Logitech\SetPointP\LBTWiz.exe C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe C:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Fichiers communs\LogiShrd\KHAL3\KHALMNPR.EXE C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\mmc.exe C:\Program Files\HiJack\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://abonnes.lemonde.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL O1 - Hosts: ÿ₫127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Barre d'outils Copernic Desktop Search - Corporate - {B69A3268-DA39-49B0-B1A6-4E7E4B98BB45} - C:\Program Files\Copernic Desktop Search - Corporate\Toolbar\ToolbarContainer101000325.dll O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [diagnostics] "C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe" /icon -l:fr O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom O4 - HKLM\..\Run: [TrayFactory] "C:\Program Files\PS Tray Factory\PSTrayFactory.exe" /start O4 - HKLM\..\Run: [VadeRetro Outlook] "C:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe" -s O4 - HKLM\..\Run: [VRManager] "C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:os_startup O4 - HKLM\..\Run: [OutpostMonitor] "C:\PROGRA~1\Agnitum\Outpost Firewall Pro\op_mon.exe" /tray /noservice O4 - HKLM\..\Run: [EvtMgr6] "C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming O4 - HKLM\..\Run: [bluetooth Connection Assistant] LBTWIZ.EXE -silent O4 - HKLM\..\Run: [LWS] "C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe" -hide O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKLM\..\RunOnce: [PSTF] C:\Program Files\PS Tray Factory\PSTrayFactory.exe /start O4 - HKCU\..\Run: [Copernic Desktop Search - Corporate] "C:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe" /tray O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode O4 - HKCU\..\Run: [spybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" O4 - HKCU\..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Résumer avec Copernic Summarizer - C:\PROGRA~1\COPERN~3\Web\SummarizePage.htm O9 - Extra button: Résumer - {0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} - C:\PROGRA~1\COPERN~3\CopernicSummarizerApp.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~3\CopernicSummarizerApp.dll O9 - Extra 'Tools' menuitem: Résumer avec Copernic Summarizer - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~3\CopernicSummarizerApp.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Détection de dispositifs) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_21) - O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Plug-in 1.6.0_17) - O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} (Java Plug-in 1.6.0_21) - O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_21) - O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E6EF5819-54BE-4570-A832-6E6C9FA0DC85}: NameServer = 195.238.2.22 195.238.2.21 O20 - AppInit_DLLs: c:\progra~1\agnitum\outpost firewall pro\wl_hook.dll acaptuser32.dll O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\Outpost Firewall Pro\acs.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\2010\DkService.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Program Files/Thomson/ST330/service/st330service.exe O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 15865 bytes

C'est fait... Mais, j'ai toujours des problèmes de surchauffe, et plus particulièrement en soirée.

Bonsoir, Je n'utilise pas NWCWorkstation, je l'ai découverte sur ma machine. Pour HJT, je l'ai fait récement, voir sur le forum: http://forum.zebulon.fr/stabilite-deficiente-t181111.html&p=1521851&fromsearch=1?do=findComment&comment=1521851 Bien à toi.

Je constate que c'est le système qui s'embale et qui bloque les autres applications. Il s'embale quand je lance mes applications, 98% de CPU....

NON... Et, j'ai des problèmes de plus en plus fréquents avec Outlook..., il bloque au démarage.

J'ai NWCWorkstation, à Netware, l'accès aux réseaux Netware est-elle nécessaire?

Pouvez-vous me dire ce qu'il en ressort? ------ REGISTRY: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost] - HTTPFilter - HTTPFilter - LocalService - Alerter, WebClient, LmHosts, RemoteRegistry, upnphost, SSDPSRV - NetworkService - DnsCache - DcomLaunch - DcomLaunch, TermService - rpcss - RpcSs - eapsvcs - eaphost - dot3svc - dot3svc - imgsvc - StiSvc - termsvcs - TermService - WudfServiceGroup - WUDFSvc - netsvcs - 6to4, AppMgmt, AudioSrv, Browser, CryptSvc, DMServer, DHCP, ERSvc, EventSystem, FastUserSwitchingCompatibility, HidServ, Ias, Iprip, Irmon, LanmanServer, LanmanWorkstation, Messenger, Netman, Nla, Ntmssvc, NWCWorkstation, Nwsapagent, Rasauto, Rasman, Remoteaccess, Schedule, Seclogon, SENS, Sharedaccess, SRService, Tapisrv, Themes, TrkWks, W32Time, WZCSVC, Wmi, WmdmPmSp, winmgmt, wscsvc, xmlprov, napagent, hkmsvc, BITS, wuauserv, ShellHWDetection, helpsvc HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\DComLaunch CoInitializeSecurityParam REG_DWORD 1 (0x1) DefaultRpcStackSize REG_DWORD 8 (0x8) HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\dot3svc AuthenticationCapabilities REG_DWORD 12320 (0x3020) CoInitializeSecurityParam REG_DWORD 1 (0x1) HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\eapsvcs AuthenticationCapabilities REG_DWORD 12320 (0x3020) CoInitializeSecurityParam REG_DWORD 1 (0x1) HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\HTTPFilter CoInitializeSecurityParam REG_DWORD 1 (0x1) HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalService CoInitializeSecurityParam REG_DWORD 1 (0x1) AuthenticationCapabilities REG_DWORD 8192 (0x2000) HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\netsvcs CoInitializeSecurityParam REG_DWORD 1 (0x1) AuthenticationCapabilities REG_DWORD 12320 (0x3020) HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\PCHealth CoInitializeSecurityParam REG_DWORD 2 (0x2) AuthenticationCapabilities REG_DWORD 64 (0x40) HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs CoInitializeSecurityParam REG_DWORD 1 (0x1) DefaultRpcStackSize REG_DWORD 8 (0x8) HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages REG_MULTI_SZ msv1_0\0nwprovau\0 Notification Packages REG_MULTI_SZ scecli\0 ------ SVCHOST SERVICES NOT RUNNING STOPPED: DEMAND_START: AppMgmt : Gestion d'applications STOPPED: DEMAND_START: Dot3svc : Configuration automatique de réseau câblé STOPPED: DEMAND_START: EapHost : Service Protocole EAP (Extensible Authentication Protocol) STOPPED: DEMAND_START: FastUserSwitchingCompatibility : Compatibilité avec le Changement rapide d'utilisateur STOPPED: DEMAND_START: hkmsvc : Service Gestion des clés et des certificats d'intégrité STOPPED: DEMAND_START: napagent : Agent de protection d'accès réseau STOPPED: DEMAND_START: NtmsSvc : Stockage amovible STOPPED: DEMAND_START: RasAuto : Gestionnaire de connexion automatique d'accès distant STOPPED: DEMAND_START: Wmi : Extensions du pilote WMI STOPPED: DEMAND_START: WudfSvc : Windows Driver Foundation - User-mode Driver Framework STOPPED: DEMAND_START: xmlprov : Service d'approvisionnement réseau STOPPED: DISABLED: Dnscache : Client DNS STOPPED: DISABLED: Messenger : Affichage des messages STOPPED: DISABLED: RemoteAccess : Routage et accès distant STOPPED: DISABLED: RemoteRegistry : Accès à distance au Registre STOPPED: DISABLED: SharedAccess : Pare-feu Windows / Partage de connexion Internet STOPPED: DISABLED: TermService : Services Terminal Server STOPPED: DISABLED: upnphost : Hôte de périphérique universel Plug-and-Play STOPPED: DISABLED: WZCSVC : Configuration automatique sans fil ------ SVCHOST CURRENTLY RUNNING: 1308- C:\WINDOWS\system32\svchost -k DcomLaunch - DcomLaunch : Lanceur de processus serveur DCOM 1380- C:\WINDOWS\system32\svchost -k rpcss - RpcSs : Appel de procédure distante (RPC) 1480- C:\WINDOWS\System32\svchost.exe -k netsvcs - 6to4 : Service d'application d'assistance IPv6 - AudioSrv : Audio Windows - BITS : Service de transfert intelligent en arrière-plan - Browser : Explorateur d'ordinateur - CryptSvc : Services de cryptographie - Dhcp : Client DHCP - dmserver : Gestionnaire de disque logique - ERSvc : Service de rapport d'erreurs - EventSystem : Système d'événements de COM+ - helpsvc : Aide et support - HidServ : HID Input Service - LanmanServer : Serveur - lanmanworkstation : Station de travail - Netman : Connexions réseau - Nla : NLA (Network Location Awareness) - NWCWorkstation : Service client pour NetWare - RasMan : Gestionnaire de connexions d'accès distant - Schedule : Planificateur de tâches - seclogon : Connexion secondaire - SENS : Notification d'événement système - ShellHWDetection : Détection matériel noyau - srservice : Service de restauration système - TapiSrv : Téléphonie - Themes : Thèmes - TrkWks : Client de suivi de lien distribué - W32Time : Horloge Windows - winmgmt : Infrastructure de gestion Windows - wscsvc : Centre de sécurité - wuauserv : Mises à jour automatiques 1828- C:\WINDOWS\system32\svchost.exe -k LocalService - Alerter : Avertissement - LmHosts : Assistance TCP/IP NetBIOS - SSDPSRV : Service de découvertes SSDP 1996- C:\WINDOWS\system32\svchost.exe -k LocalService - WebClient : WebClient 2136- C:\WINDOWS\system32\svchost.exe -k imgsvc - stisvc : Acquisition d'image Windows (WIA) 2156- C:\WINDOWS\System32\svchost.exe -k HTTPFilter - HTTPFilter : HTTP SSL ------ SVCHOST SUB-DEPENDENTS HTTPFilter = 1 STOPPED: WMPNetworkSvc: Service Partage réseau du Lecteur Windows Media upnphost = 1 STOPPED: WMPNetworkSvc: Service Partage réseau du Lecteur Windows Media SSDPSRV = 2 STOPPED: upnphost: Hôte de périphérique universel Plug-and-Play STOPPED: WMPNetworkSvc: Service Partage réseau du Lecteur Windows Media DMServer = 1 STOPPED: dmadmin: Service d'administration du Gestionnaire de disque logique EventSystem = 1 RUNNING: SENS: Notification d'événement système LanmanServer = 3 RUNNING: Browser: Explorateur d'ordinateur RUNNING: MSMQ: Message Queuing RUNNING: MSMQTriggers: Message Queuing Triggers LanmanWorkstation = 5 RUNNING: Alerter: Avertissement RUNNING: Browser: Explorateur d'ordinateur STOPPED: Messenger: Affichage des messages STOPPED: Netlogon: Ouverture de session réseau STOPPED: RpcLocator: Localisateur d'appels de procédure distante (RPC) Netman = 1 STOPPED: SharedAccess: Pare-feu Windows / Partage de connexion Internet Rasman = 1 STOPPED: RasAuto: Gestionnaire de connexion automatique d'accès distant Tapisrv = 2 RUNNING: RasMan: Gestionnaire de connexions d'accès distant STOPPED: RasAuto: Gestionnaire de connexion automatique d'accès distant winmgmt = 3 RUNNING: 6to4: Service d'application d'assistance IPv6 RUNNING: wscsvc: Centre de sécurité STOPPED: SharedAccess: Pare-feu Windows / Partage de connexion Internet TermService = 2 STOPPED: FastUserSwitchingCompatibility: Compatibilité avec le Changement rapide d'utilisateur STOPPED: WSearch: Windows Search RpcSs = 60 RUNNING: 6to4: Service d'application d'assistance IPv6 RUNNING: AudioSrv: Audio Windows RUNNING: BITS: Service de transfert intelligent en arrière-plan RUNNING: COMSysApp: Application système COM+ RUNNING: CryptSvc: Services de cryptographie RUNNING: Diskeeper: Diskeeper RUNNING: dmserver: Gestionnaire de disque logique RUNNING: ERSvc: Service de rapport d'erreurs RUNNING: EventSystem: Système d'événements de COM+ RUNNING: helpsvc: Aide et support RUNNING: HidServ: HID Input Service RUNNING: iPod Service: Service de liPod RUNNING: MDM: Machine Debug Manager RUNNING: MSDTC: Distributed Transaction Coordinator RUNNING: MSMQ: Message Queuing RUNNING: MSMQTriggers: Message Queuing Triggers RUNNING: Netman: Connexions réseau RUNNING: PolicyAgent: Services IPSEC RUNNING: ProtectedStorage: Emplacement protégé RUNNING: RasMan: Gestionnaire de connexions d'accès distant RUNNING: SamSs: Gestionnaire de comptes de sécurité RUNNING: Schedule: Planificateur de tâches RUNNING: SENS: Notification d'événement système RUNNING: ShellHWDetection: Détection matériel noyau RUNNING: Spooler: Spouleur d'impression RUNNING: srservice: Service de restauration système RUNNING: stisvc: Acquisition d'image Windows (WIA) RUNNING: TapiSrv: Téléphonie RUNNING: TrkWks: Client de suivi de lien distribué RUNNING: WebrootSpySweeperService: Webroot Spy Sweeper Engine RUNNING: winmgmt: Infrastructure de gestion Windows RUNNING: wscsvc: Centre de sécurité RUNNING: YahooAUService: Yahoo! Updater STOPPED: CiSvc: Service d'indexation STOPPED: dmadmin: Service d'administration du Gestionnaire de disque logique STOPPED: Dot3svc: Configuration automatique de réseau câblé STOPPED: EapHost: Service Protocole EAP (Extensible Authentication Protocol) STOPPED: FastUserSwitchingCompatibility: Compatibilité avec le Changement rapide d'utilisateur STOPPED: gupdate: Google Update Service (gupdate) STOPPED: hkmsvc: Service Gestion des clés et des certificats d'intégrité STOPPED: Messenger: Affichage des messages STOPPED: MSIServer: Windows Installer STOPPED: napagent: Agent de protection d'accès réseau STOPPED: NMIndexingService: NMIndexingService STOPPED: NtmsSvc: Stockage amovible STOPPED: RasAuto: Gestionnaire de connexion automatique d'accès distant STOPPED: RDSessMgr: Gestionnaire de session d'aide sur le Bureau à distance STOPPED: RemoteAccess: Routage et accès distant STOPPED: RemoteRegistry: Accès à distance au Registre STOPPED: RSVP: QoS RSVP STOPPED: SharedAccess: Pare-feu Windows / Partage de connexion Internet STOPPED: SupportSoft RemoteAssist: SupportSoft RemoteAssist STOPPED: SwPrv: MS Software Shadow Copy Provider STOPPED: TermService: Services Terminal Server STOPPED: TlntSvr: Telnet STOPPED: VSS: Cliché instantané de volume STOPPED: WmiApSrv: Carte de performance WMI STOPPED: WSearch: Windows Search STOPPED: WZCSVC: Configuration automatique sans fil STOPPED: xmlprov: Service d'approvisionnement réseau eaphost = 1 STOPPED: Dot3svc: Configuration automatique de réseau câblé TermService = 2 STOPPED: FastUserSwitchingCompatibility: Compatibilité avec le Changement rapide d'utilisateur STOPPED: WSearch: Windows Search J'ai aussi fait ceci: exeHelper by Raktor Build 20100414 Run at 18:56:14 on 12/05/10 Now searching... Checking for numerical processes... Checking for sysguard processes... Checking for bad processes... Checking for bad files... Checking for bad registry entries... Resetting filetype association for .exe Resetting filetype association for .com Resetting userinit and shell values... Resetting policies... --Finished--

Bonjour, Préalablement, je vous signale que j'ai fait une analyse de sécurité qui n'a rien trouvé (voir forum). Précédement, tout fonctionnait correctement, mais depuis quelques temps un processus s'emballe (Explorer, svchost.exe [je l'ai 7x], system, ou acs.exe) et consomme 98% du processor. Impossible de travailler, la souris bloque, ou saccade, comme le son, Outlook ne fonctionne plus et doit être fermé (difficile à relancer) tout comme les autres programmes. Note, si je "tue" le process qui consomme, 2 fois sur 3, un autre process prend la relève et consomme ses 98% processor. Je travaille avec: Sys exploitation : Win XP Pro Anti virus : ESET NOD 32 Firewall: Outpost Pro 7.0 Anti...: Webroot Spy Sweeper, Spybot,... Anti spam (Outlook): Vade Retro Défragmenteur : Diskeeper 2010 Quelqu'un peu m'aider?

C'est réglé!

Merci.

Bonjour, De temps en temps je reçois le message suivant: ou Peut-on m'expliquer? Merci.

Merci pour ton aide, au moins je suis sur que je n'ai pas de saleté dans ma machine!

Cela va mieux, mais de temps à autre ma souris semblent "aimantée"...

Bon, j'ai exécuté...et j'ai eu un 0x00000024, nfts.sys B9DFBB9D base B9D80000 48025be5 et j'en passe...

Non, la souris tremblait, maintenant elle se fige. Pour Copernic, il travaille avec Java, dont on a supprimé des lignes...

J'ai effectué, mais il y a de petits problèmes. Mon 'Copernic Dekstop' ne fonctionne plus et les appllications se figent (souris, écran...). Cela me pose problème...

Merci pour le contrôle. Commentaire: C:\Program Files\Usenet.nl En ce qui concerne ce programme, j'étais en période d'essai (non payant), mais pas d'intérêt, j'ai désinstallé. C:\Program Files\Collectorz.com Pour celui-ci, j'en ai besoin pour ma bibliothéque vituelle. C:\Program Files\A4Tech Ce programme est pour une souris. Enfin, je voudrais savoir ci cette manip proposée va effacer les programmes: O15 - HKCU\..Trusted Domains: acrobat.com ([www] https in Sites de confiance) O15 - HKCU\..Trusted Domains: amazon.fr ([www] https in Sites de confiance) O15 - HKCU\..Trusted Domains: bnpparibasfortis.be ([www] https in Sites de confiance) O15 - HKCU\..Trusted Domains: fgov.be ([ccff02.minfin] https in Sites de confiance) O15 - HKCU\..Trusted Domains: fortisbanking.be ([www] https in Sites de confiance) O15 - HKCU\..Trusted Domains: microsoft.com ([office] http in Sites de confiance) O15 - HKCU\..Trusted Domains: microsoft.com ([update] http in Sites de confiance) O15 - HKCU\..Trusted Domains: microsoft.com ([www] http in Sites de confiance) O15 - HKCU\..Trusted Domains: nero.com ([shopping] https in Sites de confiance) O15 - HKCU\..Trusted Domains: rbsworldpay.com ([secure.wp3] https in Sites de confiance) Merci.

• Extras.txt OTL Extras logfile created on: 22/11/2010 21:45:41 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\NACHTERGAELE\Bureau\Stabilisation PC Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 70,00% Memory free 5,00 Gb Paging File | 4,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): c:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 488,28 Gb Total Space | 428,19 Gb Free Space | 87,69% Space Free | Partition Type: NTFS Drive F: | 76,32 Gb Total Space | 55,58 Gb Free Space | 72,82% Space Free | Partition Type: NTFS Drive G: | 122,20 Mb Total Space | 4,77 Mb Free Space | 3,90% Space Free | Partition Type: FAT Drive H: | 443,23 Gb Total Space | 436,10 Gb Free Space | 98,39% Space Free | Partition Type: NTFS Drive I: | 149,01 Gb Total Space | 76,68 Gb Free Space | 51,46% Space Free | Partition Type: FAT32 Drive J: | 31,13 Mb Total Space | 6,63 Mb Free Space | 21,31% Space Free | Partition Type: FAT Drive K: | 1,88 Gb Total Space | 1,78 Gb Free Space | 94,67% Space Free | Partition Type: FAT Computer Name: NACHTERG-0DAA01 | User Name: NACHTERGAELE | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [ACDSee 11.0.Browse] -- "C:\Program Files\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated) "C:\Documents and Settings\NACHTERGAELE\Local Settings\Temp\stInstall.exe" = C:\Documents and Settings\NACHTERGAELE\Local Settings\Temp\stInstall.exe:*:Enabled:SpeedTouch Home Install Wizard -- File not found "C:\Program Files\Thomson\ST330\service\st330service.exe" = C:\Program Files\Thomson\ST330\service\st330service.exe:*:Enabled:ST330 service -- (THOMSON Telecom Belgium) "F:\Program Files\Age of Empire III\age3y.exe" = F:\Program Files\Age of Empire III\age3y.exe:*:Disabled:Age of Empires III - The Asian Dynasties -- (Microsoft Corporation) "C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe" = C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Disabled:Age of Empires III - The Asian Dynasties -- File not found "C:\Program Files\Ubisoft\THE SETTLERS - Bâtisseurs d'Empire\base\bin\Settlers6.exe" = C:\Program Files\Ubisoft\THE SETTLERS - Bâtisseurs d'Empire\base\bin\Settlers6.exe:*:Disabled:THE SETTLERS - Bâtisseurs d'Empire -- File not found "F:\Civilization IV\Civilization4.exe" = F:\Civilization IV\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4 -- (Firaxis Games) "F:\Civilization IV\Beyond the Sword\Civ4BeyondSword.exe" = F:\Civilization IV\Beyond the Sword\Civ4BeyondSword.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword -- (Firaxis Games) "F:\Civilization IV\Beyond the Sword\Civ4BeyondSword_PitBoss.exe" = F:\Civilization IV\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword Pitboss -- (Firaxis Games) "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.) "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software) "C:\Documents and Settings\NACHTERGAELE\Local Settings\Temporary Internet Files\Content.IE5\TEJWGSQQ\IM84536.JPG-www.myspace.com[1].exe" = C:\WINDOWS\infocard.exe:*:Enabled:Firewall Administrating -- File not found "F:\Program Files\Anno 1701\Anno1701.exe" = F:\Program Files\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701 -- (Related Designs Software GmbH) "F:\Program Files\Anno 1701\Anno1701AddOn.exe" = F:\Program Files\Anno 1701\Anno1701AddOn.exe:*:Enabled:Anno 1701 Add-On 01 -- (Related Designs Software GmbH) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser "{027AA9DB-7176-2929-ED2E-38C0317F3566}" = Catalyst Control Center Localization All "{03E494A7-F504-DA41-3079-9E2FB36736BC}" = CCC Help English "{04F67CE9-C706-7C07-B882-4790D01C5A76}" = Catalyst Control Center Graphics Previews Common "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Sociétés "{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA "{0DE817CB-9294-F350-64F0-36E42D7B27F2}" = CCC Help French "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration "{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup "{14BC810B-5907-B9C3-B2F4-12D5EEA253F4}" = Catalyst Control Center Graphics Previews Common "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{191DCDE8-C24A-495D-AEA7-F7F07F4AA70F}" = ArcGIS ArcReader "{1BF23060-E1E1-2EE1-037D-264D9EC15CBD}" = ccc-core-preinstall "{1BF38C77-E678-49AF-885A-BBD10AED2FF3}" = ACDSee RAW Image Decoder Plug-In Update 4.0 "{1D7CA81A-E1D8-4C8E-A98E-7EBE68B137EB}" = Torture Cérébrale "{1DB23D89-6942-4445-93BB-929FC571AF4D}" = Adobe Setup "{1EFE9082-F3EC-13CA-FD37-E1490531CDF3}" = CCC Help Greek "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FCC574F-AFA2-4432-9EF1-79CA7BA73431}_is1" = Spy Sweeper "{1FCC806A-5920-44B2-AA6A-81A67A31DDF3}" = Diskeeper 2010 "{1FCC8C70-66B9-420D-942C-2C2A8441C744}" = Imperial Glory "{241647C2-9318-D048-67BA-E64ED5F2CCC4}" = Catalyst Control Center Core Implementation "{243A1493-A09D-4E43-A58E-D82149B44468}" = Entraîneur Cérébral Version Intégrale "{25611B0A-54C2-69B9-723D-668201C22CD4}" = ccc-core-static "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 21 "{2A1625F9-8715-09B5-2166-3DB205FB435B}" = CCC Help Dutch "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour "{300578F9-9EFF-4B93-9AB1-C0E5707EF463}" = ACDSee Gestionnaire de photos 2009 "{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support "{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4 "{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0 "{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword "{34DD1D51-3B3E-2BDB-C277-0029C70DA65A}" = CCC Help Turkish "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{391334EE-AE29-4C80-A4EF-31648AE9FF85}" = Casse Briques Chinois "{399B10AC-4E84-20F8-5913-82526B16F561}" = Catalyst Control Center Graphics Light "{3A2F9455-922C-D7E6-2D31-E1F1E6E92ED0}" = CCC Help Finnish "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{3B7DAD74-8F16-4AEF-B0CA-4072CB1BF9AA}" = BlackBerry Desktop Software 4.2 "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core "{40420E84-2E4C-46B2-942C-F1249E40FDCB}" = Belgium Identity Card Runtime 3.5 "{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4 "{4451B8AB-D156-BA14-03EF-152E40A9DE48}" = ATI AVIVO Codecs "{4514B9C2-8E75-CF9D-B148-8ED40CAA35F0}" = Catalyst Control Center HydraVision Full "{485775E8-AEB8-46BD-922B-242879E03DD5}" = Age of Empires III "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4956D70D-E758-7CDC-D131-2895E8A5DAD4}" = CCC Help Spanish "{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840 "{4D7BE862-435C-0F6F-0558-B3E6DCA839E2}" = CCC Help Portuguese "{5091043D-D941-E17E-1E0F-0B2F1DBE4D9E}" = ccc-core-static "{5208C4EF-0D90-4BCD-9A05-76DDB576016B}" = Mah Jong Deluxe "{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = Six Engine "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57C23D06-7708-4778-9005-8C78BABA5513}" = ACDSee Retouche photo "{5E6BE0B1-55DE-411A-AD48-29743FBB15E0}" = ESET NOD32 Antivirus "{5EA0F360-CD37-7CDA-8018-8E4EE4450899}" = CCC Help Danish "{64ACFE24-FB82-84A6-9FB8-B90539752E5B}" = Catalyst Control Center Localization German "{64AF35AC-9D02-D379-4B37-F94D876F93AB}" = CCC Help Norwegian "{65962AC4-42C9-4006-97B1-CBB5E8C4E15C}" = Les Indispensables Éducation pour Microsoft Office "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{68DD4EAE-C5E4-1E34-F991-B99ABA6DC8E3}" = Catalyst Control Center Graphics Full New "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6AEE3DB1-9356-4E04-9171-5E85E51E6A35}_is1" = TribalSync 3.0 "{6AFFBA7A-F063-44F2-ADA0-65C67E071036}" = Nero 7 Essentials "{6CDC748B-47B0-45EB-B740-681E8429F7F9}" = Opera 10.01 "{6CF8A472-C63C-4614-AC3C-E909C87587F7}" = CCC Help Czech "{6D0955B9-C1D6-CB1C-6CE3-BFAC9696A882}" = CCC Help Polish "{71929EC1-FDB2-4A67-AAAD-936E4539FA84}_is1" = Driver Sweeper 2.1.0 "{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA "{745D2782-BB1E-51EA-5BDB-1E1BE7590594}" = CCC Help English "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{8279BD5B-F4B7-3B75-95F5-F1D2BB219C7F}" = ccc-utility "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{86069755-8AF8-42EF-D406-208B28A021C2}" = ATI Catalyst Install Manager "{8959A774-3FB3-B315-ACDF-4B7B70F5A169}" = Catalyst Control Center Core Implementation "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial "{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding "{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12 "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}" = Anno 1701 - La Malédiction du Dragon "{92BDB734-E81D-10EC-1243-074DA586BC96}" = CCC Help Russian "{93CB830F-517E-1695-C61B-2A1AA105CD78}" = Catalyst Control Center Localization French "{94928C91-8A2E-A94E-A7EF-C41FBE515718}" = Catalyst Control Center Graphics Previews Common "{94A065E8-455D-41C1-AF1F-F0C1AF8F50F3}" = Microsoft IntelliType Pro 7.0 "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95264530-5A22-8E7E-FE9D-D63A927BCAEA}" = Adobe Media Player "{95DCA618-9717-BBD3-B438-A5A9B1EB30C8}" = CCC Help German "{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}" = Driver Whiz "{984880C1-7AC7-5267-A7D9-AEC19C932950}" = Catalyst Control Center Graphics Full Existing "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9FE3951B-4F49-4401-B5EE-07B183197F3C}" = Belgium Identity Card Runtime 3.5 "{9FEF4EA5-025F-4D8B-9376-680CA8E77C9C}" = Delete FXP Files 2009 - Demo "{A08D0E9F-6E0F-43C7-9172-F12078D545FA}" = Lapin Malin Maternelle 1 2007 "{A23CF58C-E42C-F0B3-BC92-D3039ECFDB70}" = CCC Help Korean "{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701 "{A24F20F6-3BE3-4D25-BD0C-D7AEF7D180D4}" = Readiris Pro 12 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A454D257-0E6D-BCD1-2A10-78FEDB5BB21E}" = Catalyst Control Center Graphics Full New "{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1" = RunAlyzer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch "{AC76BA86-1033-F400-7761-000000000004}_941" = Adobe Acrobat 9.4.1 - CPSID_83708 "{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch "{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software "{AEBE3F70-585E-17C7-C91D-964C91772410}" = ccc-utility "{AEE9ABDF-CFFD-4CC2-8519-E8ECEB5A2AAF}" = PENTAX USB DISK Device "{AF7C627C-F354-4FF1-8450-398C806B436E}" = Power IEv3 "{B0D2BC40-119B-AD18-E697-E6073DD6D149}" = ccc-utility "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{B3542011-52A1-8782-EEB9-B72AB9EC7336}" = Catalyst Control Center Graphics Light "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B84AE471-81DD-D81F-CD20-B3464877E525}" = Skins "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Sauvegarde des Dossiers personnels Microsoft Outlook "{C69F959E-2386-8997-4E76-146DDA14D57E}" = CCC Help Chinese Standard "{C8BDD4B8-B376-4D66-98D1-DBD0FBAA0EB8}" = Adobe Creative Suite 4 Deployment Toolkit "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4 "{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}" = THE SETTLERS - Bâtisseurs d'Empire "{D488EEFC-E8B2-B4FA-6EB0-E238892F3B48}" = CCC Help Swedish "{D5D0178D-57E4-C32C-5275-401F384303A7}" = CCC Help Hungarian "{D84662AC-3461-918D-9067-F9E9F6A7EEF2}" = ATI Problem Report Wizard "{DAA29BAD-1C06-E8E0-CFE6-557F818C7AF7}" = CCC Help Dutch "{DB16DBA9-F371-89F6-84F1-4680B7BB8A4A}" = CCC Help Thai "{DB7EBA4A-44AF-DF22-EBA7-6BF4E011E319}" = CCC Help French "{DBAA7DF5-7DE0-DD8D-A748-5A35AC2DA420}" = CCC Help Italian "{DBB18C43-FE45-36DF-D171-E209B79A76F3}" = Catalyst Control Center Localization Dutch "{DD7C56A2-8E85-AABA-D807-F61C135CC1AE}" = Catalyst Control Center Graphics Full Existing "{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding "{E372D706-EC1C-333E-0D3E-2B065CEEC466}" = CCC Help Japanese "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{ECA2B21B-A180-4775-B93F-6E404E36A8CC}" = MSRuntime Libraries "{EE5AC826-8731-6406-9947-D0420143A7BD}" = ccc-core-preinstall "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{EF71A531-5B6C-4B20-8D1E-E6379C7FB6D3}" = Microsoft IntelliPoint 7.0 "{F08826AF-C414-6921-9A50-D39972C7D975}" = CCC Help German "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F104D914-EAE9-43BF-A5AE-E46409AC61BC}" = Disney Winnie l’Ourson La Chasse au Miel de Tigrou "{F4731524-D4E9-2CCD-4471-5ABE373C3691}" = CCC Help English "{F850707C-B6A0-4B56-8709-F89CF8F9AC6D}" = Eraser "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes "{FFC2CFE5-AAD6-A911-FA25-C0AA1BABB241}" = CCC Help Chinese Traditional "24h00" = 24h00 "A4Tech iKeyWorks" = iKeyWorks 7.64 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe_07e48daa09a3bc85c3c4503aaca751f" = Adobe Creative Suite 4 Deployment Toolkit "Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4 "Agnitum Outpost Firewall Pro_is1" = Outpost Firewall Pro 7.0.4 "aignesamdeadlink" = AM-DeadLink 3.3 "BlackBerry_{3B7DAD74-8F16-4AEF-B0CA-4072CB1BF9AA}" = BlackBerry Desktop Software 4.2 "Capture Ecran_is1" = Capture Ecran 1.1 "CCleaner" = CCleaner "Collectorz.com Book Collector" = Collectorz.com Book Collector "Copernic Agent Professional" = Copernic Agent Professional "Copernic Summarizer" = Copernic Summarizer "CopernicDesktopSearch2Corpo" = Copernic Desktop Search - Corporate "Delete FXP Files 2009 - Demo" = Delete FXP Files 2009 - Demo "Digital Editions" = Adobe Digital Editions "Eraser" = Eraser "FileDeleter_is1" = FileDeleter 3.1 "Gessys_is1" = Gessys "Glory of the Roman Empire" = Glory of the Roman Empire "Hide Folders XP 2_is1" = Hide Folders XP 2.9.8 for Windows XP/Vista "HP PrecisionScan" = HP PrecisionScan "ie8" = Windows Internet Explorer 8 "InstallShield_{485775E8-AEB8-46BD-922B-242879E03DD5}" = Age of Empires III "InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties "jv16 PowerTools 2008_is1" = jv16 PowerTools 2008 "jv16 PowerTools 2009_is1" = jv16 PowerTools 2009 "jv16 PowerTools 2010" = jv16 PowerTools 2010 "lvdrivers_12.0" = Coffret de pilotes Logitech Webcam Software "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Marvell Miniport Driver" = Marvell Miniport Driver "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NirSoft ShellExView" = NirSoft ShellExView "PROPLUS" = Microsoft Office Professional Plus 2007 "PS Tray Factory_is1" = PS Tray Factory 3.0 "Railroad Pioneer" = Railroad Pioneer "RealPlayer 12.0" = RealPlayer "RiseOfNations 1.0" = Microsoft Rise of Nations "RiseofNationsExpansion 1.0" = Rise of Nations Thrones and Patriots "SpeedTouch 330" = SpeedTouch 330 "ST6UNST #1" = RadioWeb Player V5 "Stellar Phoenix Outlook PST Repair_is1" = Stellar Phoenix Outlook PST Repair v4.0 "SystemRequirementsLab" = System Requirements Lab "URL Collector_is1" = URL Collector v1.6.2 "Usenet.nl_is1" = Usenet.nl "Vade Retro" = Vade Retro Outlook, Outlook Express, Windows Mail (Vista) "WheelMouse" = iOfficeWorks 7.64 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Lecteur Windows Media 11 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Yahoo! Companion" = Yahoo! Barre d'outils "Yahoo! Messenger" = Yahoo! Messenger "Yahoo! Software Update" = Yahoo! Software Update ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Bagh Chal" = Bagh Chal "Surakarta" = Surakarta "Xou Dou Qi" = Xou Dou Qi "Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 20/11/2010 20:58:48 | Computer Name = NACHTERG-0DAA01 | Source = Application Hang | ID = 1002 Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 20/11/2010 20:58:50 | Computer Name = NACHTERG-0DAA01 | Source = Application Hang | ID = 1001 Description = Détecteur d'erreurs 1180947459. Error - 20/11/2010 21:11:24 | Computer Name = NACHTERG-0DAA01 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 mom.exe, P2 2.0.0.0, P3 469cdcb3, P4 mscorlib, P5 2.0.0.0, P6 4be90358, P7 f4f, P8 7, P9 n3ctrye2kn3c34sgl4zqyrbfte4m13nb, P10 NIL. Error - 20/11/2010 21:17:44 | Computer Name = NACHTERG-0DAA01 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000 Description = EventType clr20r3, P1 mom.exe, P2 2.0.0.0, P3 469cdcb3, P4 mscorlib, P5 2.0.0.0, P6 4be90358, P7 f4f, P8 7, P9 n3ctrye2kn3c34sgl4zqyrbfte4m13nb, P10 NIL. Error - 20/11/2010 21:23:51 | Computer Name = NACHTERG-0DAA01 | Source = MsiInstaller | ID = 10005 Description = Produit : ccc-core-static -- Erreur interne 2753. installShell.exe Error - 20/11/2010 22:39:42 | Computer Name = NACHTERG-0DAA01 | Source = MsiInstaller | ID = 1013 Description = Produit : Microsoft .NET Framework 2.0 -- Setup cannot continue because this version of the .NET Framework is incompatible with a previously installed one. For more information, see Error message when you try to install the.NET Framework 2.0 on a computer that has the.NET Framework 2.0 Service Pack 1 installed: "Setup cannot continue because this version of the.NET Framework is incompatible with a previously installed one" Error - 21/11/2010 9:04:00 | Computer Name = NACHTERG-0DAA01 | Source = Application Hang | ID = 1002 Description = Application bloquée PSTrayFactory.exe, version 3.0.3.186, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000. Error - 21/11/2010 9:04:04 | Computer Name = NACHTERG-0DAA01 | Source = Application Error | ID = 1000 Description = Application défaillante explorer.exe, version 6.0.2900.5512, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x015313f1. Error - 21/11/2010 9:04:13 | Computer Name = NACHTERG-0DAA01 | Source = Application Hang | ID = 1001 Description = Détecteur d'erreurs 1237027210. Error - 21/11/2010 9:04:34 | Computer Name = NACHTERG-0DAA01 | Source = Application Error | ID = 1001 Description = Détecteur d'erreurs 1511102295. [ OSession Events ] Error - 25/07/2010 11:47:56 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 16065 seconds with 1440 seconds of active time. This session ended with a crash. Error - 16/08/2010 6:21:27 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 92 seconds with 60 seconds of active time. This session ended with a crash. Error - 31/08/2010 19:06:18 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 3627 seconds with 0 seconds of active time. This session ended with a crash. Error - 5/09/2010 15:23:37 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 9319 seconds with 660 seconds of active time. This session ended with a crash. Error - 7/09/2010 22:25:54 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 11275 seconds with 1380 seconds of active time. This session ended with a crash. Error - 11/09/2010 19:43:39 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 25482 seconds with 900 seconds of active time. This session ended with a crash. Error - 21/09/2010 14:59:25 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 74 seconds with 60 seconds of active time. This session ended with a crash. Error - 22/09/2010 14:23:04 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1910 seconds with 480 seconds of active time. This session ended with a crash. Error - 28/09/2010 11:06:19 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9182 seconds with 1740 seconds of active time. This session ended with a crash. Error - 1/10/2010 11:07:29 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 633 seconds with 360 seconds of active time. This session ended with a crash. [ System Events ] Error - 18/11/2010 15:16:15 | Computer Name = NACHTERG-0DAA01 | Source = Service Control Manager | ID = 7009 Description = Délai (30000 millisecondes) d'attente pour une connexion du service Windows Search. Error - 18/11/2010 15:16:15 | Computer Name = NACHTERG-0DAA01 | Source = Service Control Manager | ID = 7000 Description = Le service Windows Search n'a pas pu démarrer en raison de l'erreur : %%1053 Error - 18/11/2010 18:46:35 | Computer Name = NACHTERG-0DAA01 | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56} Error - 19/11/2010 22:07:00 | Computer Name = NACHTERG-0DAA01 | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56} Error - 20/11/2010 21:28:13 | Computer Name = NACHTERG-0DAA01 | Source = sr | ID = 1 Description = Le filtre de restauration du système à rencontré l'erreur inattendue '0xC0000243' pendant le traitement du fichier 'CX106911.inf' sur le volume 'HarddiskVolume1'. Ceci a entraîné l'arrêt de la surveillance du volume. Error - 21/11/2010 9:01:38 | Computer Name = NACHTERG-0DAA01 | Source = DCOM | ID = 10010 Description = Le serveur {B366DEBE-645B-43A5-B865-DDD82C345492} ne s'est pas enregistré sur DCOM avant la fin du temps imparti. Error - 21/11/2010 20:53:05 | Computer Name = NACHTERG-0DAA01 | Source = Dhcp | ID = 1000 Description = Votre ordinateur a perdu le bail de son adresse IP 192.168.1.64 sur la carte réseau d'adresse réseau 0022156B19BC. Error - 21/11/2010 20:56:35 | Computer Name = NACHTERG-0DAA01 | Source = mv61xx | ID = 262153 Description = Le périphérique \Device\Scsi\mv61xx1 n'a pas répondu dans le délai imparti. Error - 21/11/2010 20:56:35 | Computer Name = NACHTERG-0DAA01 | Source = Dhcp | ID = 1000 Description = Votre ordinateur a perdu le bail de son adresse IP 192.168.1.64 sur la carte réseau d'adresse réseau 0022156B19BC. Error - 22/11/2010 14:18:59 | Computer Name = NACHTERG-0DAA01 | Source = DCOM | ID = 10005 Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56} < End of report > • checkup.txt Results of screen317's Security Check version 0.99.6 Windows XP Service Pack 3 Internet Explorer 7 Out of date! `````````````````````````````` Antivirus/Firewall Check: ESET NOD32 Antivirus Outpost Firewall Pro 7.0.4 Antivirus up to date! ``````````````````````````````` Anti-malware/Other Utilities Check: MVPS Hosts File Malwarebytes' Anti-Malware CCleaner Java 6 Update 21 Out of date Java installed! Adobe Flash Player 10.1.53.64 ```````````````````````````````` Process Check: objlist.exe by Laurent ```````````````````````````````` DNS Vulnerability Check: GREAT! (Not vulnerable to DNS cache poisoning) ``````````End of Log````````````

• OTL.txt OTL logfile created on: 22/11/2010 21:45:41 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\NACHTERGAELE\Bureau\Stabilisation PC Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 70,00% Memory free 5,00 Gb Paging File | 4,00 Gb Available in Paging File | 79,00% Paging File free Paging file location(s): c:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 488,28 Gb Total Space | 428,19 Gb Free Space | 87,69% Space Free | Partition Type: NTFS Drive F: | 76,32 Gb Total Space | 55,58 Gb Free Space | 72,82% Space Free | Partition Type: NTFS Drive G: | 122,20 Mb Total Space | 4,77 Mb Free Space | 3,90% Space Free | Partition Type: FAT Drive H: | 443,23 Gb Total Space | 436,10 Gb Free Space | 98,39% Space Free | Partition Type: NTFS Drive I: | 149,01 Gb Total Space | 76,68 Gb Free Space | 51,46% Space Free | Partition Type: FAT32 Drive J: | 31,13 Mb Total Space | 6,63 Mb Free Space | 21,31% Space Free | Partition Type: FAT Drive K: | 1,88 Gb Total Space | 1,78 Gb Free Space | 94,67% Space Free | Partition Type: FAT Computer Name: NACHTERG-0DAA01 | User Name: NACHTERGAELE | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010/11/22 21:42:30 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\NACHTERGAELE\Bureau\Stabilisation PC\OTL.exe PRC - [2010/10/19 15:01:45 | 001,201,640 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/09/22 17:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe PRC - [2010/07/29 17:53:18 | 001,743,320 | ---- | M] (Copernic Inc.) -- C:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe PRC - [2010/06/01 09:17:48 | 005,252,408 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe PRC - [2010/04/07 20:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET NOD32 Antivirus\ekrn.exe PRC - [2010/04/07 20:07:04 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET NOD32 Antivirus\egui.exe PRC - [2010/04/05 14:50:00 | 000,494,920 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE PRC - [2009/12/24 08:55:22 | 001,732,960 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\2010\DkService.exe PRC - [2009/11/22 01:47:24 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe PRC - [2009/11/06 14:19:58 | 006,515,784 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe PRC - [2009/11/06 12:00:22 | 000,165,232 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\Spy Sweeper\SSU.exe PRC - [2009/11/06 11:00:22 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe PRC - [2009/05/08 10:35:50 | 002,780,432 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe PRC - [2009/05/08 10:34:08 | 000,559,888 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LQCVFX\COCIManager.exe PRC - [2009/04/30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe PRC - [2009/03/16 15:08:30 | 000,466,946 | ---- | M] (PS Soft Lab) -- C:\Program Files\PS Tray Factory\PSTrayFactory.exe PRC - [2008/12/14 02:36:24 | 000,581,632 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\ST330\service\st330service.exe PRC - [2008/12/12 20:26:22 | 000,557,149 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe PRC - [2008/11/14 15:51:16 | 002,294,272 | ---- | M] (Goto Software) -- C:\Program Files\Fichiers communs\Goto Software\Vaderetro_mgr.exe PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe PRC - [2008/09/04 13:22:50 | 002,023,424 | ---- | M] (Belgium Government) -- C:\Program Files\Belgium Identity Card\beid35gui.exe PRC - [2008/07/05 09:02:42 | 000,114,304 | ---- | M] () -- C:\Program Files\Hide Folders XP 2\hfxp.exe PRC - [2008/05/29 11:18:04 | 000,202,016 | R--- | M] (SupportSoft, Inc.) -- C:\Program Files\Belgacom\bin\sprtcmd.exe PRC - [2008/05/08 00:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe PRC - [2008/04/14 13:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008/03/24 12:43:16 | 000,884,736 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe PRC - [2008/03/17 05:29:48 | 001,040,384 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe PRC - [2007/12/23 00:03:28 | 000,916,240 | ---- | M] (The Eraser Project) -- C:\Program Files\Eraser\Eraser 5.8\Eraser.exe PRC - [2004/09/01 10:28:04 | 000,192,512 | ---- | M] (A4Tech Co., Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe PRC - [2004/08/31 13:33:22 | 000,061,440 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Keyboard\Ikeymain.exe PRC - [2004/08/09 05:03:38 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe PRC - [2004/01/28 13:42:30 | 001,531,904 | ---- | M] () -- C:\WINDOWS\adiras.exe PRC - [2003/06/19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE PRC - [2003/04/01 11:33:00 | 000,053,248 | ---- | M] (ali) -- C:\USBStorage\USBDetector.exe PRC - [2003/01/30 05:48:24 | 000,143,360 | ---- | M] () -- C:\WINDOWS\autoclk.exe ========== Modules (SafeList) ========== MOD - [2010/11/22 21:42:30 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\NACHTERGAELE\Bureau\Stabilisation PC\OTL.exe MOD - [2010/08/23 17:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll MOD - [2009/01/28 11:42:18 | 000,053,248 | ---- | M] () -- C:\Program Files\PS Tray Factory\HKDll.dll ========== Win32 Services (SafeList) ========== SRV - [2010/10/19 15:01:45 | 001,201,640 | ---- | M] (Webroot Software, Inc. ) [Auto | Running] -- C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe -- (WRConsumerService) SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/10/12 09:55:50 | 002,035,512 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- C:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe -- (acssrv) SRV - [2010/04/07 20:10:38 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2010/04/07 20:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2009/12/24 08:55:22 | 001,732,960 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\2010\DkService.exe -- (Diskeeper) SRV - [2009/11/06 11:00:22 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Running] -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- (WebrootSpySweeperService) SRV - [2009/04/30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2008/12/14 02:36:24 | 000,581,632 | ---- | M] (THOMSON Telecom Belgium) [Auto | Running] -- C:\Program Files\Thomson\ST330\service\st330service.exe -- (st330service) SRV - [2008/11/28 02:14:27 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2008/08/29 21:41:07 | 000,069,632 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service) SRV - [2008/05/29 11:17:12 | 000,382,320 | R--- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist) SRV - [2008/05/08 00:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Crypserv.exe -- (Crypkey License) SRV - [2006/12/23 17:54:04 | 000,262,144 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService) SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2005/11/14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003/06/19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\rt2870.sys -- (rt2870) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\NACHTE~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132) DRV - [2010/10/11 09:35:02 | 000,710,576 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SandBox.sys -- (SandBox) DRV - [2010/10/11 09:34:24 | 000,072,232 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Filt\ASWFilt.dll -- (ASWFilt) DRV - [2010/09/27 14:40:28 | 000,267,624 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afwcore.sys -- (afwcore) DRV - [2010/09/15 11:30:00 | 000,298,784 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2010/09/11 03:19:16 | 005,417,472 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2010/08/19 11:41:58 | 000,101,904 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService) DRV - [2010/07/27 08:15:20 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService) DRV - [2010/07/27 08:14:58 | 006,842,464 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) QuickCam Orbit/Sphere AF(UVC) DRV - [2010/07/27 08:13:26 | 000,066,528 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvselsus.sys -- (lvselsus) DRV - [2010/07/27 08:12:50 | 000,282,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS) DRV - [2010/04/20 15:05:16 | 000,034,280 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afw.sys -- (afw) DRV - [2010/04/07 20:08:08 | 000,095,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2010/04/07 20:07:08 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2010/04/07 20:03:44 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2010/02/11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2010/01/28 15:12:02 | 000,095,232 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009/12/10 14:48:40 | 000,041,504 | ---- | M] (Diskeeper Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DKRtWrt.sys -- (DKRtWrt) DRV - [2009/11/06 12:00:36 | 000,176,752 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ssidrv.sys -- (ssidrv) DRV - [2009/11/06 12:00:36 | 000,023,152 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sshrmd.sys -- (sshrmd) DRV - [2009/11/06 12:00:34 | 000,029,808 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ssfs0bbc.sys -- (ssfs0bbc) DRV - [2009/09/15 08:21:14 | 000,155,688 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx) DRV - [2009/04/30 16:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2008/10/12 09:47:20 | 000,040,320 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\steth.sys -- (STETH) DRV - [2008/08/30 14:25:57 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt) DRV - [2008/08/30 13:49:50 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt) DRV - [2008/08/29 20:05:27 | 000,032,000 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stppp.sys -- (stppp) DRV - [2008/08/29 20:05:27 | 000,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\st330.sys -- (ST330) DRV - [2008/08/29 20:05:27 | 000,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stbus.sys -- (STBUS) DRV - [2008/05/08 15:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST) DRV - [2008/04/14 13:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008/04/14 13:00:00 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC) DRV - [2008/04/14 13:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx) DRV - [2008/04/14 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb) DRV - [2008/04/14 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx) DRV - [2008/04/13 11:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM) DRV - [2008/03/24 09:08:14 | 000,331,264 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV - [2008/03/17 17:45:52 | 000,019,584 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\ckldrv.sys -- (NetworkX) DRV - [2007/12/17 10:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO) DRV - [2007/01/23 00:26:30 | 000,017,264 | ---- | M] (FSPro Labs) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HFXP2.SYS -- (HFXP2) DRV - [2006/03/24 19:14:46 | 000,033,536 | ---- | M] (Advanced Card Systems Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\a38usb.sys -- (ACSSCR) DRV - [2006/03/17 17:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService) DRV - [2004/08/13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! France IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://abonnes.lemonde.fr/ IE - HKCU\..\URLSearchHook: {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010/08/14 19:33:16 | 000,000,000 | ---D | M] O1 HOSTS File: ([2010/11/20 20:50:14 | 000,426,005 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 www.136136.net O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 14675 more lines... O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Barre d'outils Copernic Desktop Search - Corporate) - {B69A3268-DA39-49B0-B1A6-4E7E4B98BB45} - C:\Program Files\Copernic Desktop Search - Corporate\Toolbar\ToolbarContainer101000325.dll (Copernic Inc.) O3 - HKLM\..\Toolbar: (Yahoo! Barre d'outils) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.) O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [adiras] C:\WINDOWS\adiras.exe () O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [autoclk] C:\WINDOWS\autoclk.exe () O4 - HKLM..\Run: [belgacom] C:\Program Files\Belgacom\bin\sprtcmd.exe (SupportSoft, Inc.) O4 - HKLM..\Run: [diagnostics] C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe (THOMSON Telecom Belgium) O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [iKeyWorks] C:\Program Files\A4Tech\Keyboard\Ikeymain.exe (A4Tech Co.,Ltd.) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation) O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe (Agnitum Ltd.) O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe (Agnitum Ltd.) O4 - HKLM..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [spySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe (Webroot Software, Inc.) O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TrayFactory] C:\Program Files\PS Tray Factory\PSTrayFactory.exe (PS Soft Lab) O4 - HKLM..\Run: [uSBDetector] C:\USBStorage\USBDetector.exe (ali) O4 - HKLM..\Run: [VadeRetro Outlook] C:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe () O4 - HKLM..\Run: [VRManager] C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe (Goto Software) O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co., Ltd.) O4 - HKCU..\Run: [beid] C:\Program Files\Belgium Identity Card\beid35gui.exe (Belgium Government) O4 - HKCU..\Run: [Copernic Desktop Search - Corporate] C:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe (Copernic Inc.) O4 - HKCU..\Run: [Eraser] C:\Program Files\Eraser\Eraser 5.8\Eraser.exe (The Eraser Project) O4 - HKCU..\Run: [hfxp] C:\Program Files\Hide Folders XP 2\hfxp.exe () O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [PSTF] C:\Program Files\PS Tray Factory\PSTrayFactory.exe (PS Soft Lab) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 1 O8 - Extra context menu item: Ajouter à un fichier PDF existant - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.rdl (Copernic Technologies Inc.) O8 - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O8 - Extra context menu item: Résumer avec Copernic Summarizer - C:\Program Files\Copernic Summarizer\Web\SummarizePage.htm () O9 - Extra Button: Résumer - {0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} - C:\Program Files\Copernic Summarizer\CopernicSummarizerApp.dll () O9 - Extra 'Tools' menuitem : Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.) O9 - Extra Button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll (Agnitum Ltd.) O9 - Extra Button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.) O9 - Extra 'Tools' menuitem : Résumer avec Copernic Summarizer - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\Program Files\Copernic Summarizer\CopernicSummarizerApp.dll () O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: acrobat.com ([www] https in Sites de confiance) O15 - HKCU\..Trusted Domains: amazon.fr ([www] https in Sites de confiance) O15 - HKCU\..Trusted Domains: bnpparibasfortis.be ([www] https in Sites de confiance) O15 - HKCU\..Trusted Domains: fgov.be ([ccff02.minfin] https in Sites de confiance) O15 - HKCU\..Trusted Domains: fortisbanking.be ([www] https in Sites de confiance) O15 - HKCU\..Trusted Domains: microsoft.com ([office] http in Sites de confiance) O15 - HKCU\..Trusted Domains: microsoft.com ([update] http in Sites de confiance) O15 - HKCU\..Trusted Domains: microsoft.com ([www] http in Sites de confiance) O15 - HKCU\..Trusted Domains: nero.com ([shopping] https in Sites de confiance) O15 - HKCU\..Trusted Domains: rbsworldpay.com ([secure.wp3] https in Sites de confiance) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab (System Requirements Lab Class) O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1225364772296 (MUCatalogWebControl Class) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220053869343 (WUWebControl Class) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} Page introuvable | Facebook (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.) O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpost firewall pro\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook.dll (Agnitum Ltd.) O20 - AppInit_DLLs: (acaptuser32.dll) - C:\WINDOWS\System32\acaptuser32.dll (Adobe Systems Incorporated) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (s\x86_microsof) - File not found O30 - LSA: Security Packages - (indows.common-controls_6595b641) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2003/05/02 15:47:02 | 000,000,000 | RH-D | M] - I:\autorun -- [ FAT32 ] O32 - AutoRun File - [2002/10/17 09:56:50 | 000,000,036 | RH-- | M] () - I:\autorun.inf -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: Ias - File not found NetSvcs: Iprip - C:\WINDOWS\System32\iprip.dll (Microsoft Corporation) NetSvcs: Irmon - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point (0) ========== Files/Folders - Created Within 30 Days ========== [2010/11/22 21:16:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Application Data\Malwarebytes [2010/11/22 21:16:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/11/22 21:16:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/11/22 21:16:36 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/11/22 21:16:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/11/22 19:43:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\NACHTERGAELE\Recent [2010/11/21 06:02:30 | 000,000,000 | ---D | C] -- C:\Program Files\A4Tech [2010/11/21 06:01:57 | 000,036,864 | ---- | C] (A4Tech Co., Ltd.) -- C:\WINDOWS\System32\Amhooker.dll [2010/11/21 06:01:57 | 000,032,768 | ---- | C] (A4Tech Co., Ltd.) -- C:\WINDOWS\System32\Ikeyrfk8.dll [2010/11/21 06:01:57 | 000,012,800 | ---- | C] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\drivers\Amusbprt.sys [2010/11/21 06:01:57 | 000,012,800 | ---- | C] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\drivers\Amps2prt.sys [2010/11/21 06:01:57 | 000,007,424 | ---- | C] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\drivers\Amusbdev.sys [2010/11/21 06:01:57 | 000,006,656 | ---- | C] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\drivers\Amfilter.sys [2010/11/21 04:45:26 | 000,000,000 | ---D | C] -- C:\MSI5fddf.tmp [2010/11/21 04:44:54 | 000,101,904 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\drivers\AtihdXP3.sys [2010/11/21 04:43:04 | 000,000,000 | ---D | C] -- C:\AMD [2010/11/21 04:17:05 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intelide.sys [2010/11/21 03:41:08 | 000,000,000 | ---D | C] -- C:\MSIee6e8.tmp [2010/11/21 03:41:06 | 000,000,000 | ---D | C] -- C:\MSIee6e1.tmp [2010/11/21 03:41:02 | 000,000,000 | ---D | C] -- C:\MSIee6d2.tmp [2010/11/21 03:40:59 | 000,000,000 | ---D | C] -- C:\MSIee6c3.tmp [2010/11/21 03:40:56 | 000,000,000 | ---D | C] -- C:\MSIee6b4.tmp [2010/11/21 03:40:53 | 000,000,000 | ---D | C] -- C:\MSIee6a5.tmp [2010/11/21 03:40:51 | 000,000,000 | ---D | C] -- C:\MSIee69b.tmp [2010/11/21 03:40:37 | 000,000,000 | ---D | C] -- C:\MSIee659.tmp [2010/11/21 03:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau dossier (6) [2010/11/21 03:30:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau dossier (5) [2010/11/21 03:30:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Stabilisation PC [2010/11/21 03:20:59 | 000,000,000 | ---D | C] -- C:\MSIeb1e4.tmp [2010/11/21 03:20:47 | 000,000,000 | ---D | C] -- C:\MSIeb17c.tmp [2010/11/21 02:42:01 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Sweeper [2010/11/21 02:22:14 | 000,000,000 | ---D | C] -- C:\MSI60a7e.tmp [2010/11/21 02:22:12 | 000,000,000 | ---D | C] -- C:\MSI60a76.tmp [2010/11/21 02:22:00 | 000,000,000 | ---D | C] -- C:\MSI60a15.tmp [2010/11/21 01:32:15 | 000,000,000 | ---D | C] -- C:\MSI708c9.tmp [2010/11/21 01:32:04 | 000,000,000 | ---D | C] -- C:\MSI7088a.tmp [2010/11/21 01:32:02 | 000,000,000 | ---D | C] -- C:\MSI7087a.tmp [2010/11/21 01:31:56 | 000,000,000 | ---D | C] -- C:\MSI70852.tmp [2010/11/21 01:31:52 | 000,000,000 | ---D | C] -- C:\MSI7083a.tmp [2010/11/21 01:31:48 | 000,000,000 | ---D | C] -- C:\MSI7081a.tmp [2010/11/21 01:31:40 | 000,000,000 | ---D | C] -- C:\MSI707ea.tmp [2010/11/21 01:31:39 | 000,000,000 | ---D | C] -- C:\MSI707e2.tmp [2010/11/21 01:31:37 | 000,000,000 | ---D | C] -- C:\MSI707d6.tmp [2010/11/20 23:35:39 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft [2010/11/20 22:02:48 | 000,000,000 | ---D | C] -- C:\Program Files\HiJack [2010/11/20 19:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau dossier (3) [2010/11/20 19:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau dossier (2) [2010/11/20 01:20:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Local Settings\Application Data\Collectorz.com [2010/11/20 01:20:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Book Collector [2010/11/20 01:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\Collectorz.com [2010/11/18 22:24:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Usenet.nl [2010/11/18 22:24:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Application Data\Usenet.nl [2010/11/18 22:24:16 | 000,000,000 | ---D | C] -- C:\Program Files\Usenet.nl [2010/11/18 22:20:38 | 000,000,000 | ---D | C] -- C:\Program Files\Book Collector [2010/11/18 21:11:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Goldman Sachs [2010/11/18 21:11:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\NPM [2010/11/18 20:17:27 | 000,112,056 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\acaptuser32.dll [2010/11/17 04:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\Autoruns [2010/11/17 04:02:53 | 000,000,000 | ---D | C] -- C:\Program Files\Sync [2010/11/14 15:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Crise Etat providence [2010/11/14 15:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau dossier [2010/11/13 03:26:51 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfbmp70n.dll [2010/11/13 03:26:51 | 000,024,160 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\HP5300CU.cpl [2010/11/13 03:26:51 | 000,024,160 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\HP5300CP.cpl [2010/11/13 03:09:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Local Settings\Application Data\WinZip [2010/11/13 02:50:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinZip [2010/11/13 02:48:44 | 000,000,000 | ---D | C] -- C:\MSIe7c57.tmp [2010/11/13 02:15:20 | 000,000,000 | ---D | C] -- C:\Program Files\GPU [2010/11/13 02:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\ProcessExplorer [2010/11/13 01:21:22 | 000,000,000 | ---D | C] -- C:\sj664 [2010/11/13 00:35:40 | 000,000,000 | ---D | C] -- C:\Swsetup [2010/11/13 00:32:43 | 000,005,183 | ---- | C] (USB Compliance) -- C:\WINDOWS\System32\drivers\usbu2a.sys [2010/11/13 00:32:38 | 000,000,000 | ---D | C] -- C:\USBStorage [2010/11/13 00:32:10 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe [2010/11/12 16:10:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Unzipped [2010/11/12 15:58:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Downloads [2010/11/12 15:58:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\UAB [2010/11/12 15:58:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Local Settings\Application Data\PC_Drivers_Headquarters [2010/11/12 15:58:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz [2010/11/12 15:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Whiz [2010/11/12 14:14:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Application Data\ElevatedDiagnostics [2010/11/12 14:13:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell [2010/11/12 14:12:10 | 000,000,000 | ---D | C] -- C:\Program Files\Fixit [2010/11/11 01:26:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\LJM [2010/11/11 00:14:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Année du Lièvre 2011 [2010/11/11 00:14:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\SPPS Efficacité [2010/11/10 15:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Références biblio vade-mecum [2010/11/10 15:00:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Nouveau dossier (5) [2010/11/10 15:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Nouveau dossier (4) [2010/11/10 15:00:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Nouveau dossier (3) [2010/11/07 16:32:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\CE Pouvoir des contractuels us statutaires [2010/11/07 16:32:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Doc Parl Copernic [2010/11/07 16:32:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Bon-Papa [2010/11/07 16:22:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Immigration Tribalat_Konopnicki [2010/11/07 16:22:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Signature digitale [2010/11/07 16:05:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Documentation diverse [2010/11/07 16:05:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Scanner photos [2010/11/07 16:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\APPT 11 Nov [2010/11/07 15:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Dépannage informatique [2010/11/07 15:34:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Banque BNP_PB [2010/10/31 03:27:42 | 000,000,000 | ---D | C] -- C:\MSI81b5f.tmp [2010/10/31 03:26:26 | 000,000,000 | ---D | C] -- C:\MSI6e1b7.tmp [2010/10/29 01:39:03 | 000,000,000 | ---D | C] -- C:\MSI6e07a.tmp [2010/10/29 01:39:01 | 000,000,000 | ---D | C] -- C:\MSI6e070.tmp [2010/10/29 01:38:08 | 000,000,000 | ---D | C] -- C:\MSI6dff0.tmp [2010/10/29 01:34:49 | 000,000,000 | ---D | C] -- C:\MSI6dfe4.tmp [2010/10/29 01:34:48 | 000,000,000 | ---D | C] -- C:\MSI6dfdf.tmp [2010/10/29 01:34:34 | 000,000,000 | ---D | C] -- C:\MSI6dfcb.tmp [2010/10/29 01:29:06 | 000,000,000 | ---D | C] -- C:\MSI6df53.tmp [2010/10/29 01:28:15 | 000,000,000 | ---D | C] -- C:\MSI6df47.tmp [2010/10/29 01:27:23 | 000,000,000 | ---D | C] -- C:\MSI6df26.tmp [2010/10/29 01:27:12 | 000,000,000 | ---D | C] -- C:\MSI6debd.tmp [2010/10/29 00:56:59 | 004,419,584 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticaldd.dll [2010/10/29 00:56:59 | 000,450,560 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIDEMGX.dll [2010/10/29 00:56:59 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atibtmon.exe [2010/10/29 00:56:59 | 000,064,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\atimpc32.dll [2010/10/29 00:56:59 | 000,057,344 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalrt.dll [2010/10/29 00:56:59 | 000,053,248 | ---- | C] ( ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDDC.DLL [2010/10/29 00:56:59 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll [2010/10/29 00:56:59 | 000,026,112 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe [2010/10/29 00:56:59 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll [2010/10/29 00:56:59 | 000,017,408 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atitvo32.dll [2010/10/29 00:56:58 | 016,248,832 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atioglxx.dll [2010/10/29 00:56:58 | 000,634,880 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atikvmag.dll [2010/10/29 00:56:58 | 000,393,216 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiok3x2.dll [2010/10/29 00:56:58 | 000,311,296 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll [2010/10/29 00:56:58 | 000,208,896 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll [2010/10/29 00:56:58 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiapfxx.exe [2010/10/29 00:56:58 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2erec.dll [2010/10/29 00:56:58 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalcl.dll [2010/10/29 00:56:01 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2010/10/28 21:59:15 | 000,000,000 | ---D | C] -- C:\Program Files\Filedeleter [2010/10/26 15:58:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\FP Note de pol générale - clients [2010/10/24 18:20:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Guy Rama septembre 2010 [2010/10/24 17:50:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Application Data\Research In Motion [2010/10/24 17:49:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Application Data\Blackberry Desktop [2010/10/24 17:48:55 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Research In Motion [2010/10/24 17:48:40 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion [2010/10/24 16:23:47 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache [2010/02/20 09:27:08 | 004,938,120 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Silverlight.exe [8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [40 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/11/22 21:43:50 | 000,066,231 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Stabilisation.docx [2010/11/22 21:42:09 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync [2010/11/22 21:34:00 | 000,001,066 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010/11/22 21:15:11 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{19F31EB3-7330-4125-8086-3CBEB1491322}.job [2010/11/22 20:40:35 | 000,013,758 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/11/22 20:40:34 | 000,001,062 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010/11/22 20:40:33 | 000,000,326 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job [2010/11/22 20:31:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/11/22 20:31:41 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad [2010/11/22 18:57:35 | 000,059,392 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\10-11-20 Editorial Pyramides 2011[1].doc [2010/11/22 18:43:14 | 000,002,623 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Microsoft Office Outlook 2007.lnk [2010/11/21 23:55:09 | 000,000,166 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Google.url [2010/11/21 18:18:45 | 000,047,616 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Management and business education news from The Economist online - November 17th 2010.msg [2010/11/21 18:02:51 | 000,000,326 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Yahoo! - Mail.url [2010/11/21 14:03:16 | 000,001,704 | ---- | M] () -- C:\WINDOWS\tasks\wrSpySweeper_L4C185989763F40E7A2AB4B0E2604662E.job [2010/11/21 06:24:48 | 000,074,142 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101121_062443.reg [2010/11/21 04:46:35 | 000,015,763 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Cata.pdf [2010/11/21 04:40:43 | 000,001,769 | ---- | M] () -- C:\WINDOWS\Language_trs.ini [2010/11/21 03:22:19 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/11/21 03:22:15 | 000,015,143 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\ATI.pdf [2010/11/21 00:40:36 | 000,704,598 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2010/11/21 00:40:36 | 000,574,956 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/11/21 00:40:36 | 000,160,026 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2010/11/21 00:40:36 | 000,118,286 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/11/20 21:43:17 | 000,000,206 | -H-- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Collectorz.com Connect Cerap Profile.url [2010/11/20 20:50:14 | 000,426,005 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS [2010/11/20 19:36:56 | 000,013,760 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101120_193648.reg [2010/11/20 15:27:43 | 000,000,185 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Collectorz.fr.url [2010/11/20 14:19:29 | 000,024,385 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Collectorz.com Shop_ transaction completed.pdf [2010/11/20 01:20:27 | 000,000,946 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Book Collector.lnk [2010/11/19 18:28:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010/11/19 00:46:59 | 000,327,965 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\The Ethics of New Public Management.pdf [2010/11/19 00:28:57 | 000,180,467 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\NEW PUBLIC MANAGEMENT VALUES.pdf [2010/11/19 00:08:51 | 001,645,986 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\New Public Management The Transformation of ideas and Practice .pdf [2010/11/18 23:46:35 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010/11/18 22:27:04 | 000,102,422 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Usenet.nl.pdf [2010/11/18 22:11:35 | 000,020,889 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Approved Page.pdf [2010/11/18 21:40:37 | 000,084,282 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\The New Public Management.pdf [2010/11/18 21:26:03 | 000,109,618 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\assessment.pdf [2010/11/18 21:19:42 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Explication de l'exercice de simulation (PC In Basket).url [2010/11/18 03:24:44 | 000,119,055 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\National, International and Transnational Constructions of.pdf [2010/11/18 03:17:53 | 000,074,653 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\National, International and Transnational Constructions of NPM_2001_sahlin.pdf [2010/11/18 03:12:41 | 001,087,036 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Hood NPM 1991.pdf [2010/11/18 03:09:31 | 001,577,673 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Hood_NPM(1995).pdf [2010/11/18 03:04:15 | 004,831,506 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Transcending NPM.pdf [2010/11/18 02:56:28 | 001,055,514 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Pas de philosophie, SVP, nous sommes des managers Rochet.pdf [2010/11/18 02:53:29 | 000,345,681 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\New Public Management_ The Transformation of Ideas and Practice_ Amazon.fr_ .pdf [2010/11/17 21:36:54 | 000,015,361 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\MEMO Introduction Alex.docx [2010/11/17 20:49:00 | 000,055,808 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\10-10-28 Introduction Pyramides 2011.doc [2010/11/17 02:49:27 | 000,199,168 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/11/15 19:45:43 | 000,230,278 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Concession cimetière_Bon-Papa2.pdf [2010/11/15 19:37:23 | 000,286,820 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Concession cimetière_Bon-Papa.pdf [2010/11/15 00:31:38 | 000,040,539 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Avis de concours _ Chef de la comptabilité.pdf [2010/11/14 16:17:03 | 004,613,824 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Le rôle du secteur public_Causes et conséquences de l'élargissement du secteur public_Revue économique de l'OCDE No. 4, printemps 1985.pdf [2010/11/14 14:56:34 | 002,603,871 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Maîtrise des coûts_1992_oecd.pdf [2010/11/14 06:02:27 | 000,238,024 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Client déf.pdf [2010/11/14 04:04:46 | 000,413,279 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Copernic analyse NL_KUL 2005.pdf [2010/11/13 03:26:57 | 000,003,480 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG [2010/11/13 03:08:51 | 000,001,660 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk [2010/11/13 01:08:36 | 000,000,988 | ---- | M] () -- C:\UFantasy.ini [2010/11/13 00:49:46 | 000,018,099 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\DriverWhi.pdf [2010/11/12 20:17:32 | 000,027,652 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Copie de Commentaires autour de la notion de client.docx [2010/11/12 13:40:00 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs [2010/11/11 19:10:12 | 000,019,634 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Traduction VDB.docx [2010/11/11 14:48:16 | 002,633,737 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Hood Art of State.pdf [2010/11/11 04:23:33 | 000,010,836 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau Document Microsoft Office Word (3).docx [2010/11/11 03:14:11 | 007,297,673 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\BPR in public sector.pdf [2010/11/11 02:47:24 | 000,080,988 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Exploring public sector strategy - Google Livres.pdf [2010/11/11 01:27:09 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau Document Microsoft Office Word (4).docx [2010/11/11 01:16:05 | 000,242,157 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\NoVo_Open space.pdf [2010/11/11 00:44:11 | 000,773,120 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Copernic_DIRECTION CONTROLE dans SPF_IRGBelgium.24.11.2000.ppt [2010/11/10 14:15:03 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Py10 Edito.doc [2010/11/10 13:36:14 | 000,152,576 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\OCDE Construire aujourd'hui adm de demain 1999.doc [2010/11/10 08:30:55 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\amazon!.url [2010/11/10 00:53:44 | 000,470,764 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\PS_France_Egalité réelle.pdf [2010/11/08 15:15:39 | 000,046,522 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\LS_23.01.2001_fonction-publique-le-plan-copernic et conseil d'Etat.pdf [2010/11/08 15:13:00 | 000,047,248 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\LS_18.11.1999_la-fonction-publique-sur-le-gril-luc-.pdf [2010/11/08 15:04:48 | 000,044,515 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\LS_17.02.2000_le-citoyen-va-devenir-un-client_.pdf [2010/11/08 15:01:28 | 000,055,445 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\LS22.02.2000 VDB Clients.pdf [2010/11/08 13:45:00 | 000,079,872 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Economie verte.doc [2010/11/08 00:37:02 | 000,010,039 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Copie de Nouveau Document Microsoft Office Word.docx [2010/11/06 23:06:56 | 000,001,594 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Application Data\Microsoft\Internet Explorer\Quick Launch\jv16 PowerTools 2010.lnk [2010/11/05 14:53:22 | 000,098,009 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\attache_finances_adm_generale.pdf [2010/11/01 11:00:02 | 000,001,710 | ---- | M] () -- C:\WINDOWS\tasks\wrSpySweeper_L537C5D21A25C410195A1A24D8AF0DEAA.job [2010/10/31 04:21:40 | 000,000,460 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101031_042137.reg [2010/10/31 03:27:24 | 000,000,610 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk [2010/10/31 03:27:23 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Opera.lnk [2010/10/31 01:39:40 | 000,035,641 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Serment AR 14.06.2007.pdf [2010/10/29 03:01:44 | 000,471,618 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Common good as invisible hand3 Rochet.pdf [2010/10/29 02:45:44 | 000,061,581 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Warum_braucht_Europa_eine_Verfassung_Habermas.pdf [2010/10/29 02:21:19 | 000,192,693 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\“The Effects of Good Government on the City” 20.pdf [2010/10/29 02:04:16 | 000,161,239 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Wolfgang Drechsler 94-108.pdf [2010/10/29 01:57:24 | 000,060,393 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Wolfgang Drechsler, _The Rise and Demise of the New Public Management_, Post.pdf [2010/10/29 00:35:31 | 000,000,290 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101029_013524.reg [2010/10/29 00:34:52 | 000,001,098 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101029_013448.reg [2010/10/29 00:32:18 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk [2010/10/26 10:55:00 | 000,570,620 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Ph. Bèzes Aux origines des politiques de réforme administrative RFAP_102_2002.pdf [2010/10/26 10:55:00 | 000,246,966 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Ph. Bèzes Le renouveau du contrôle des bureaucraties. L’impact du New Public INSO_126 2005.pdf [2010/10/25 09:35:52 | 000,112,640 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\CV-thuhanguyen Frtrad .doc [8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [40 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/11/22 21:42:09 | 000,000,000 | -HS- | C] () -- C:\DkHyperbootSync [2010/11/22 18:57:35 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\10-11-20 Editorial Pyramides 2011[1].doc [2010/11/21 18:18:45 | 000,047,616 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Management and business education news from The Economist online - November 17th 2010.msg [2010/11/21 06:24:45 | 000,074,142 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101121_062443.reg [2010/11/21 04:46:29 | 000,015,763 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Cata.pdf [2010/11/21 04:40:43 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini [2010/11/21 03:30:33 | 000,066,231 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Stabilisation.docx [2010/11/21 03:22:09 | 000,015,143 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\ATI.pdf [2010/11/21 02:11:22 | 000,424,663 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\CCCInstall_201011210211227031.log [2010/11/20 19:36:51 | 000,013,760 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101120_193648.reg [2010/11/20 15:27:31 | 000,000,206 | -H-- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Collectorz.com Connect Cerap Profile.url [2010/11/20 15:18:45 | 000,000,185 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Collectorz.fr.url [2010/11/20 14:19:20 | 000,024,385 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Collectorz.com Shop_ transaction completed.pdf [2010/11/20 01:20:27 | 000,000,946 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Book Collector.lnk [2010/11/19 00:33:40 | 000,327,965 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\The Ethics of New Public Management.pdf [2010/11/19 00:24:43 | 000,180,467 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\NEW PUBLIC MANAGEMENT VALUES.pdf [2010/11/19 00:08:51 | 001,645,986 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\New Public Management The Transformation of ideas and Practice .pdf [2010/11/18 22:27:00 | 000,102,422 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Usenet.nl.pdf [2010/11/18 22:11:28 | 000,020,889 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Approved Page.pdf [2010/11/18 21:40:37 | 000,084,282 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\The New Public Management.pdf [2010/11/18 21:26:03 | 000,109,618 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\assessment.pdf [2010/11/18 21:19:42 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Explication de l'exercice de simulation (PC In Basket).url [2010/11/18 03:24:44 | 000,119,055 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\National, International and Transnational Constructions of.pdf [2010/11/18 03:17:53 | 000,074,653 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\National, International and Transnational Constructions of NPM_2001_sahlin.pdf [2010/11/18 03:12:41 | 001,087,036 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Hood NPM 1991.pdf [2010/11/18 03:09:31 | 001,577,673 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Hood_NPM(1995).pdf [2010/11/18 02:57:06 | 004,831,506 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Transcending NPM.pdf [2010/11/18 02:53:14 | 000,345,681 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\New Public Management_ The Transformation of Ideas and Practice_ Amazon.fr_ .pdf [2010/11/17 21:01:43 | 000,015,361 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\MEMO Introduction Alex.docx [2010/11/17 20:49:00 | 000,055,808 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\10-10-28 Introduction Pyramides 2011.doc [2010/11/15 19:45:43 | 000,230,278 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Concession cimetière_Bon-Papa2.pdf [2010/11/15 19:37:23 | 000,286,820 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Concession cimetière_Bon-Papa.pdf [2010/11/15 00:30:47 | 000,040,539 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Avis de concours _ Chef de la comptabilité.pdf [2010/11/14 15:02:21 | 004,613,824 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Le rôle du secteur public_Causes et conséquences de l'élargissement du secteur public_Revue économique de l'OCDE No. 4, printemps 1985.pdf [2010/11/14 14:56:34 | 002,603,871 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Maîtrise des coûts_1992_oecd.pdf [2010/11/14 05:56:44 | 000,238,024 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Client déf.pdf [2010/11/14 04:04:46 | 000,413,279 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Copernic analyse NL_KUL 2005.pdf [2010/11/13 03:08:51 | 000,001,660 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk [2010/11/13 01:08:35 | 000,000,988 | ---- | C] () -- C:\UFantasy.ini [2010/11/13 00:49:46 | 000,018,099 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\DriverWhi.pdf [2010/11/12 18:19:56 | 000,027,652 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Copie de Commentaires autour de la notion de client.docx [2010/11/11 14:15:21 | 002,633,737 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Hood Art of State.pdf [2010/11/11 03:31:56 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\amazon!.url [2010/11/11 02:58:38 | 007,297,673 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\BPR in public sector.pdf [2010/11/11 02:47:20 | 000,080,988 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Exploring public sector strategy - Google Livres.pdf [2010/11/11 01:27:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau Document Microsoft Office Word (4).docx [2010/11/11 01:27:05 | 000,010,836 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau Document Microsoft Office Word (3).docx [2010/11/11 01:26:48 | 000,019,634 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Traduction VDB.docx [2010/11/11 01:16:05 | 000,242,157 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\NoVo_Open space.pdf [2010/11/11 00:44:09 | 000,773,120 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Copernic_DIRECTION CONTROLE dans SPF_IRGBelgium.24.11.2000.ppt [2010/11/10 14:15:05 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Py10 Edito.doc [2010/11/10 14:14:14 | 000,000,275 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Courrier international.url [2010/11/10 14:03:57 | 000,021,338 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Ranking public services 15-12-2005 Economist.com.pdf [2010/11/10 13:36:25 | 000,152,576 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\OCDE Construire aujourd'hui adm de demain 1999.doc [2010/11/10 00:53:44 | 000,470,764 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\PS_France_Egalité réelle.pdf [2010/11/08 15:15:39 | 000,046,522 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\LS_23.01.2001_fonction-publique-le-plan-copernic et conseil d'Etat.pdf [2010/11/08 15:13:00 | 000,047,248 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\LS_18.11.1999_la-fonction-publique-sur-le-gril-luc-.pdf [2010/11/08 15:04:48 | 000,044,515 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\LS_17.02.2000_le-citoyen-va-devenir-un-client_.pdf [2010/11/08 15:01:28 | 000,055,445 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\LS22.02.2000 VDB Clients.pdf [2010/11/08 14:25:38 | 000,079,872 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Economie verte.doc [2010/11/05 14:53:22 | 000,098,009 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\attache_finances_adm_generale.pdf [2010/10/31 04:21:39 | 000,000,460 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101031_042137.reg [2010/10/29 03:19:18 | 001,055,514 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Pas de philosophie, SVP, nous sommes des managers Rochet.pdf [2010/10/29 03:01:44 | 000,471,618 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Common good as invisible hand3 Rochet.pdf [2010/10/29 02:45:44 | 000,061,581 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Warum_braucht_Europa_eine_Verfassung_Habermas.pdf [2010/10/29 02:21:19 | 000,192,693 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\“The Effects of Good Government on the City” 20.pdf [2010/10/29 02:04:16 | 000,161,239 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Wolfgang Drechsler 94-108.pdf [2010/10/29 01:57:21 | 000,060,393 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Wolfgang Drechsler, _The Rise and Demise of the New Public Management_, Post.pdf [2010/10/29 00:56:59 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2010/10/29 00:56:59 | 000,509,696 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.cap [2010/10/29 00:56:59 | 000,078,496 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb [2010/10/29 00:56:59 | 000,022,190 | ---- | C] () -- C:\WINDOWS\atiogl.xml [2010/10/29 00:56:58 | 000,224,342 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2010/10/29 00:56:58 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2010/10/29 00:35:25 | 000,000,290 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101029_013524.reg [2010/10/29 00:34:50 | 000,001,098 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101029_013448.reg [2010/10/29 00:32:18 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk [2010/10/26 10:55:00 | 000,570,620 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Ph. Bèzes Aux origines des politiques de réforme administrative RFAP_102_2002.pdf [2010/10/26 10:55:00 | 000,246,966 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Ph. Bèzes Le renouveau du contrôle des bureaucraties. L’impact du New Public INSO_126 2005.pdf [2010/10/25 09:26:08 | 000,112,640 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\CV-thuhanguyen Frtrad .doc [2010/07/27 08:03:20 | 010,829,656 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll [2010/07/27 08:03:18 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll [2010/07/17 16:57:02 | 000,001,579 | ---- | C] () -- C:\WINDOWS\disney.ini [2010/01/09 05:01:00 | 000,090,411 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2010/01/09 04:37:10 | 000,000,068 | ---- | C] () -- C:\WINDOWS\Crypkey.ini [2010/01/09 04:36:59 | 000,019,584 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys [2010/01/09 04:36:59 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll [2010/01/09 04:36:55 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\StellarProfile.dll [2009/11/06 12:00:28 | 000,031,088 | ---- | C] () -- C:\WINDOWS\System32\wrLZMA.dll [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009/05/08 10:13:04 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll [2009/04/30 16:00:12 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys [2009/03/30 13:24:09 | 000,000,138 | ---- | C] () -- C:\WINDOWS\Readiris.ini [2009/03/24 21:17:47 | 000,000,123 | ---- | C] () -- C:\WINDOWS\wininit.ini [2008/12/27 19:38:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\wt9sptlEN.INI [2008/12/27 19:37:05 | 000,000,090 | ---- | C] () -- C:\WINDOWS\printhse.ini [2008/12/27 19:37:05 | 000,000,070 | ---- | C] () -- C:\WINDOWS\country.ini [2008/11/29 15:14:30 | 004,202,496 | ---- | C] () -- C:\WINDOWS\System32\qt-mt334.dll [2008/11/18 22:40:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008/11/01 22:46:28 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\dcaccfeeec9_z.dll [2008/10/17 22:07:44 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\ArmAccess.dll [2008/08/30 13:49:50 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2008/08/30 13:49:50 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2008/08/30 10:08:32 | 000,000,077 | ---- | C] () -- C:\WINDOWS\adidsl.ini [2008/08/30 10:08:32 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini [2008/08/30 10:08:26 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll [2008/08/30 10:08:26 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll [2008/08/30 03:18:56 | 000,000,020 | ---- | C] () -- C:\WINDOWS\HP PrecisionScan Pro.INI [2008/08/30 00:25:10 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\hpgt53.dll [2008/08/29 22:35:18 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll [2008/08/29 22:35:18 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll [2008/08/29 22:16:58 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Local Settings\Application Data\fusioncache.dat [2008/08/29 20:37:11 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008/08/29 16:17:29 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2008/08/29 15:26:46 | 000,199,168 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/08/29 15:02:35 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll [2008/08/29 15:02:35 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys [2008/08/29 15:02:32 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys [2008/08/29 15:02:32 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys [2008/08/29 14:42:53 | 000,041,625 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini [2008/08/29 14:42:32 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2008/08/29 14:42:12 | 000,041,160 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2008/08/29 14:42:12 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2008/05/26 21:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2008/05/26 21:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2008/05/26 21:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2008/05/14 11:21:52 | 000,441,705 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll [2008/04/13 20:33:40 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2005/08/09 20:10:54 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\usbr38.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2009/10/24 21:14:13 | 000,000,212 | -HS- | M] () -- C:\boot.ini [2008/04/14 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010/07/03 02:41:23 | 000,001,080 | ---- | M] () -- C:\CKINFO.TXT [2008/09/05 14:37:35 | 000,000,216 | ---- | M] () -- C:\DebugTrace-RockallDLL.log [2010/11/22 21:42:09 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync [2009/04/02 18:02:48 | 017,801,512 | ---- | M] () -- C:\immudebug.log [2008/10/23 00:32:45 | 000,000,164 | ---- | M] () -- C:\install.dat [2010/10/17 00:27:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009/11/13 10:03:52 | 000,000,000 | ---- | M] () -- C:\Log.txt [2010/10/17 00:27:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008/04/14 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008/04/14 13:00:00 | 000,252,240 | RHS- | M] () -- C:\ntldr [2010/11/22 20:31:43 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2010/11/20 15:15:31 | 000,001,078 | ---- | M] () -- C:\stub.log [2010/11/13 01:08:36 | 000,000,988 | ---- | M] () -- C:\UFantasy.ini [40 C:\*.tmp files -> C:\*.tmp -> ] < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2010/09/11 02:43:44 | 000,450,560 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll [2008/04/14 13:00:00 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll [2009/03/08 03:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll [2009/03/08 03:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll [2010/06/24 13:25:22 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll [2009/11/06 12:00:28 | 000,031,088 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\wrLZMA.dll [6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2009/10/24 22:58:37 | 003,432,448 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2009/10/24 20:47:21 | 000,057,344 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav [2009/10/24 22:58:37 | 057,442,304 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2009/10/24 22:58:38 | 006,815,744 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav [1 C:\WINDOWS\System32\config\*.tmp files -> C:\WINDOWS\System32\config\*.tmp -> ] < %systemroot%\system32\drivers\*.sys /90 > [2010/09/27 14:40:28 | 000,267,624 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\system32\drivers\afwcore.sys [2010/09/11 03:19:16 | 005,417,472 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [2010/10/11 09:35:02 | 000,710,576 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\system32\drivers\SandBox.sys [2010/08/26 14:39:50 | 000,357,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys [2010/09/15 11:30:00 | 000,298,784 | ---- | M] (Marvell) -- C:\WINDOWS\system32\drivers\yk51x86.sys < End of report >