Le CPU de mon PC monte à 50% d'utilisation

bust · le 3 novembre 2010

rapport de recherche avec USBfix:

############################## | UsbFix 7.034 | [Recherche]

Utilisateur: Sonny (Administrateur) # SONNY-PC [Acer Aspire 6920]

Mis à jour le 25/10/10 par El Desaparecido / C_XX

Lancé à 23:20:22 | 03/11/2010

Site Web: TEAM X SCRIPT : UsbFix - AD-Remover - FindyKill

Contact: eldesaparecido@teamxscript.org

CPU: Intel® Core2 Duo CPU T8100 @ 2.10GHz

CPU 2: Intel® Core2 Duo CPU T8100 @ 2.10GHz

Microsoft Windows 7 Professionnel (6.1.7600 64-Bit) #

Internet Explorer 8.0.7600.16385

Pare-feu Windows: Désactivé /!\

RAM -> 4094 Mo

C:\ (%systemdrive%) -> Disque fixe # 149 Go (41 Go libre(s) - 28%) [ACER] # NTFS

D:\ -> Disque fixe # 131 Go (57 Go libre(s) - 43%) [DATA] # NTFS

E:\ -> CD-ROM

F:\ -> CD-ROM

G:\ -> Disque fixe # 932 Go (276 Go libre(s) - 30%) [Elements] # NTFS

H:\ -> CD-ROM

################## | Éléments infectieux |

Présent! G:\Autorun.inf

################## | Registre |

################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{5e33aecc-cf0a-11df-8b04-001de093cca7}

Shell\AutoRun\Command = I:\LaunchU3.exe -a

HKCU\.\.\.\.\Explorer\MountPoints2\{6cb01dfb-5d1c-11df-9535-001de093cca7}

Shell\AutoRun\Command = I:\autorun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{c12b8fdf-2707-11df-977d-001de093cca7}

Shell\AutoRun\Command = F:\setup.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{ca55f696-499d-11df-90c9-00a0d1af5d6b}

Shell\AutoRun\Command = H:\noautorun.exe

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F |

par contre la supression bloque a 100% , je ne sais pas quoi faire.

EDIT: scuse moi il fallait juste etre tres patient (15 a 20 minutes pour generer le rapport apparamment ^^)

voici donc le rapport de supression:

############################## | UsbFix 7.034 | [suppression]

Utilisateur: Sonny (Administrateur) # SONNY-PC [Acer Aspire 6920]

Mis à jour le 25/10/10 par El Desaparecido / C_XX

Lancé à 23:35:47 | 03/11/2010

Site Web: http://www.teamxscript.org

Contact: eldesaparecido@teamxscript.org

CPU: Intel® Core2 Duo CPU T8100 @ 2.10GHz

CPU 2: Intel® Core2 Duo CPU T8100 @ 2.10GHz

Microsoft Windows 7 Professionnel (6.1.7600 64-Bit) #

Internet Explorer 8.0.7600.16385

Pare-feu Windows: Désactivé /!\

RAM -> 4094 Mo

C:\ (%systemdrive%) -> Disque fixe # 149 Go (31 Go libre(s) - 21%) [ACER] # NTFS

D:\ -> Disque fixe # 131 Go (61 Go libre(s) - 46%) [DATA] # NTFS

E:\ -> CD-ROM

F:\ -> CD-ROM

G:\ -> Disque fixe # 932 Go (276 Go libre(s) - 30%) [Elements] # NTFS

H:\ -> CD-ROM

################## | Éléments infectieux |

Supprimé! C:\$RECYCLE.BIN\S-1-5-21-1027354979-3635524200-1128645282-1001

Supprimé! D:\$RECYCLE.BIN\S-1-5-21-1027354979-3635524200-1128645282-1001

Supprimé! G:\$RECYCLE.BIN\S-1-5-21-1027354979-3635524200-1128645282-1001

################## | Registre |

################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{ca55f696-499d-11df-90c9-00a0d1af5d6b}

################## | Listing |

[03/11/2010 - 23:37:27 | SHD ] C:\$Recycle.Bin

[26/04/2010 - 14:40:59 | D ] C:\092d78f3d3f7763a95db

[05/10/2009 - 13:10:15 | D ] C:\ACER

[03/11/2010 - 23:08:29 | N | 2285] C:\Ad-Report-CLEAN[1].txt

[03/11/2010 - 23:04:12 | N | 1990] C:\Ad-Report-SCAN[1].txt

[03/11/2010 - 23:29:32 | RASHD ] C:\Autorun.inf

[03/03/2010 - 22:14:07 | D ] C:\BDS

[07/04/2010 - 23:01:27 | D ] C:\BlueJ

[26/03/2008 - 14:14:41 | D ] C:\book

[10/02/2010 - 14:56:48 | D ] C:\Boot

[14/07/2009 - 02:38:58 | RASH | 383562] C:\bootmgr

[10/02/2010 - 14:56:51 | N | 8192] C:\BOOTSECT.BAK

[02/11/2010 - 18:18:21 | D ] C:\Config.Msi

[26/03/2008 - 13:46:16 | D ] C:\Convesoft

[14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings

[09/12/2009 - 09:46:08 | D ] C:\DriveKey

[03/11/2010 - 23:09:33 | ASH | 3219988480] C:\hiberfil.sys

[26/03/2008 - 13:13:47 | D ] C:\Intel

[26/03/2008 - 13:46:49 | RHD ] C:\MSOCache

[20/12/2009 - 13:10:01 | D ] C:\NVIDIA

[03/11/2010 - 23:09:36 | ASH | 4293320704] C:\pagefile.sys

[14/07/2009 - 04:20:08 | D ] C:\PerfLogs

[01/11/2010 - 23:49:56 | D ] C:\Program Files

[03/11/2010 - 23:03:00 | D ] C:\Program Files (x86)

[02/09/2010 - 12:50:11 | HD ] C:\ProgramData

[10/02/2010 - 15:20:19 | SHD ] C:\Recovery

[02/11/2010 - 18:16:41 | SHD ] C:\System Volume Information

[20/09/2010 - 19:29:42 | D ] C:\Temp

[03/11/2010 - 23:37:27 | D ] C:\UsbFix

[03/11/2010 - 23:35:43 | A | 2671] C:\UsbFix.txt

[03/11/2010 - 23:32:16 | D ] C:\UsbFix_Upload_Me

[10/02/2010 - 15:20:32 | D ] C:\Users

[03/11/2010 - 23:09:45 | D ] C:\Windows

[03/11/2010 - 23:37:27 | SHD ] D:\$RECYCLE.BIN

[03/11/2010 - 23:29:32 | RASHD ] D:\Autorun.inf

[02/09/2010 - 13:10:21 | D ] D:\Clé

[17/04/2010 - 12:01:26 | N | 465983] D:\hebus_157913_1366x768.jpg

[02/11/2010 - 13:51:49 | D ] D:\Jeux

[25/12/2009 - 17:28:46 | D ] D:\Live

[05/10/2009 - 08:13:22 | SHD ] D:\System Volume Information

[03/11/2010 - 23:37:27 | SHD ] G:\$RECYCLE.BIN

[22/10/2010 - 16:34:41 | N | 6148] G:\.DS_Store

[22/10/2010 - 16:36:01 | D ] G:\.fseventsd

[22/10/2010 - 16:36:01 | D ] G:\.Trashes

[05/06/2010 - 14:48:30 | N | 4096] G:\._.Trashes

[05/06/2010 - 15:04:52 | N | 4096] G:\._daemon-tools_daemon_tools_4.35.6_francais_10729.exe

[05/06/2010 - 14:58:41 | N | 4096] G:\._tmuf-dtn.iso

[23/04/2007 - 22:50:12 | N | 736859868] G:\300 (2007).DVDSCR.XVID-NEPTUNE (reencoded).AVI

[25/06/2007 - 17:34:52 | N | 735068160] G:\A.Night.At.The.Roxbury.(1998).avi

[09/01/2010 - 10:52:30 | D ] G:\autorun

[03/11/2010 - 23:29:32 | RASHD ] G:\Autorun.inf

[05/06/2010 - 15:04:35 | N | 9591104] G:\daemon-tools_daemon_tools_4.35.6_francais_10729.exe

[07/10/2010 - 09:37:09 | D ] G:\didouseven

[06/04/2010 - 10:13:40 | D ] G:\Films

[09/06/2010 - 18:02:59 | N | 1748113] G:\Final.zip

[04/06/2010 - 22:36:51 | D ] G:\found.000

[02/11/2010 - 13:08:35 | D ] G:\Jeux

[04/10/2010 - 10:11:58 | D ] G:\Mangas

[07/10/2010 - 09:33:09 | D ] G:\music a chris

[02/04/2010 - 18:55:44 | D ] G:\Musique

[08/07/2010 - 00:11:23 | D ] G:\musique didou

[03/11/2010 - 23:29:25 | SHD ] G:\RECYCLER

[19/02/2010 - 23:33:30 | D ] G:\Sketchs , saga mp3 & autres

[20/10/2010 - 17:25:20 | SHD ] G:\System Volume Information

[09/10/2010 - 13:11:23 | D ] G:\Séries

[05/06/2010 - 14:57:10 | N | 1171048448] G:\tmuf-dtn.iso

################## | Vaccin |

C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)

D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)

G:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)

################## | E.O.F |

Modifié le 3 novembre 2010 par bust

bust · le 3 novembre 2010

Merci beaucoup a vous apparemment mon PC remarche.

C'était super sympa de votre part de m'aider , encore merci.

Par contre la courbe d'utilisation du proc fait de sacré bonds , c'est normal?

Il y a toujours un svchost.exe qui monte a 50% puis redescend a 0 , et ainsi de suite. je ne sais pas s'il s'agit du même problème.

EDIT: apparement apres une nuit le processus est toujours la ,snif.

Modifié le 4 novembre 2010 par bust

pear · le 4 novembre 2010

Bonjour,

Télécharger OTL sur le bureau

Double cliquer sur l'icône

Vérifiez que toutes les autres fenêtres sont fermées afin qu'il s'exécute sans interruption.

Cochez]----------------->Tous les utilisateurs

Sous Rapport

Cliquez ----------------------------->Rapport Standard

Sous Régistre Standard cocher Tous

Cochez------------------------------> Lop et Purity

Recherche du MD5:

Dans Pesonnalisation copier_coller le contenu ci dessous:

netsvcs

%SYSTEMDRIVE%\*.exe

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%appdata% *.exe /s

/md5start

userinit.exe

explorer.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

sceclt.dll

ntelogon.dll

logevent.dll

iaStor.sys

nvstor.sys

atapi.sys

cdrom.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\*. /mp /s

CREATERESTOREPOINT

Clic sur Analyse

une fois le scan terminé , les fichiers OTL.txt et Extras.txt vont s'ouvrir

Comment poster les rapports

Vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

Autre solution:

Aller sur le site :Ci-Joint

Appuyez sur Parcourir et chercher les rapports sur le disque,

Ensuite appuyez sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

bust · le 4 novembre 2010

voila le fichier OTL.txt:

OTL logfile created on: 04/11/2010 12:10:12 - Run 1

OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\Sonny\Desktop\nert

64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free

8,00 Gb Paging File | 7,00 Gb Available in Paging File | 83,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 149,04 Gb Total Space | 34,63 Gb Free Space | 23,24% Space Free | Partition Type: NTFS

Drive D: | 131,15 Gb Total Space | 60,66 Gb Free Space | 46,25% Space Free | Partition Type: NTFS

Drive G: | 931,51 Gb Total Space | 275,90 Gb Free Space | 29,62% Space Free | Partition Type: NTFS

Computer Name: SONNY-PC | User Name: Sonny | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/04 12:07:06 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Sonny\Desktop\nert\OTL.scr

PRC - [2010/10/29 13:00:34 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

PRC - [2010/10/29 13:00:33 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2010/03/03 19:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2010/03/03 19:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

PRC - [2009/10/30 12:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

========== Modules (SafeList) ==========

MOD - [2010/11/04 12:07:06 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Sonny\Desktop\nert\OTL.scr

MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/02/11 14:29:58 | 000,358,768 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)

SRV:64bit: - [2010/02/10 15:52:37 | 001,083,144 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)

SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/03 19:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®

SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/07/01 16:52:18 | 000,051,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)

DRV:64bit: - [2010/03/03 21:59:18 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2010/03/03 18:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010/02/11 14:35:36 | 000,015,872 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64)

DRV:64bit: - [2009/12/24 16:35:59 | 000,063,528 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)

DRV:64bit: - [2009/11/11 16:47:48 | 000,034,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64k.sys -- (Point64)

DRV:64bit: - [2009/11/11 16:47:46 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)

DRV:64bit: - [2009/08/28 19:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/14 00:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2009/06/30 10:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)

DRV:64bit: - [2009/06/10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)

DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Pilote de carte de liaison WiFi sans fil Intel®

DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2009/02/24 17:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)

DRV:64bit: - [2008/05/30 18:18:28 | 000,137,616 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)

DRV - [2009/02/24 17:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Sign In

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Sign In

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-1027354979-3635524200-1128645282-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_url = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKU\S-1-5-21-1027354979-3635524200-1128645282-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_search_url = Sign In

IE - HKU\S-1-5-21-1027354979-3635524200-1128645282-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm

IE - HKU\S-1-5-21-1027354979-3635524200-1128645282-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

IE - HKU\S-1-5-21-1027354979-3635524200-1128645282-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

IE - HKU\S-1-5-21-1027354979-3635524200-1128645282-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKU\S-1-5-21-1027354979-3635524200-1128645282-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 97 E0 17 06 52 7B CB 01 [binary data]

IE - HKU\S-1-5-21-1027354979-3635524200-1128645282-1001\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-1027354979-3635524200-1128645282-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.50

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.12

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/29 13:00:35 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/11/02 18:17:55 | 000,000,000 | ---D | M]

[2010/02/10 15:42:46 | 000,000,000 | ---D | M] -- C:\Users\Sonny\AppData\Roaming\Mozilla\Extensions

[2010/02/10 15:42:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sonny\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2010/11/04 00:38:38 | 000,000,000 | ---D | M] -- C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\hugv5q0r.default\extensions

[2010/11/03 13:31:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sonny\AppData\Roaming\Mozilla\Firefox\Profiles\hugv5q0r.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}

[2010/11/04 00:38:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2010/10/29 13:00:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2010/03/21 20:56:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

[2010/11/02 18:17:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2010/10/29 13:00:33 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll

[2010/10/29 13:00:33 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll

[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

[2010/10/29 13:00:34 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll

[2009/12/21 18:34:06 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll

[2010/08/24 00:46:33 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll

[2010/08/24 00:46:33 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll

[2010/08/24 00:46:33 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll

[2010/08/24 00:46:33 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll

[2010/08/24 00:46:33 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll

[2010/08/24 00:46:33 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll

[2010/08/24 00:46:33 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll

[2010/01/16 02:10:07 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazon-france.xml

[2010/01/16 02:10:07 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/01/16 02:10:07 | 000,000,757 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-france.xml

[2010/01/16 02:10:07 | 000,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.xml

[2010/01/16 02:10:07 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010/03/25 17:23:44 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/11/03 16:58:46 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)

O4:64bit: - HKLM..\Run: [intelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)

O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1027354979-3635524200-1128645282-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKU\S-1-5-21-1027354979-3635524200-1128645282-1001..\Run: [PlayNC Launcher] File not found

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17

O7 - HKU\S-1-5-21-1027354979-3635524200-1128645282-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0

O7 - HKU\S-1-5-21-1027354979-3635524200-1128645282-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)

O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.)

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_0_1_3.cab (Ma-Config control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.55.55

O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)

O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)

O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)

O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)

O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)

O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)

O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)

O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)

O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)

O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)

O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)

O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)

O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)

O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)

O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/11/03 23:49:49 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2010/11/03 23:49:50 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2010/01/09 10:52:30 | 000,000,000 | ---D | M] - G:\autorun -- [ NTFS ]

O32 - AutoRun File - [2010/11/03 23:49:58 | 000,000,000 | RHSD | M] - G:\Autorun.inf -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/11/03 23:49:49 | 000,000,000 | RHSD | C] -- C:\Autorun.inf

[2010/11/03 23:20:01 | 000,000,000 | ---D | C] -- C:\UsbFix

[2010/11/03 23:06:56 | 000,000,000 | ---D | C] -- C:\Users\Sonny\Desktop\nert

[2010/11/03 23:03:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Remover

[2010/11/03 17:07:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Liste Spéciale

[2010/11/03 17:02:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag

[2010/11/03 13:37:17 | 000,033,800 | ---- | C] (Panda Security, S.L.) -- C:\Windows\SysNative\drivers\pavboot64.sys

[2010/11/03 13:34:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security

[2010/11/03 13:31:42 | 000,000,000 | ---D | C] -- C:\Users\Sonny\AppData\Roaming\QuickScan

[2010/11/02 18:39:51 | 000,000,000 | ---D | C] -- C:\Users\Sonny\AppData\Roaming\.minecraft

[2010/11/02 18:18:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

[2010/11/02 18:17:54 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll

[2010/11/02 18:17:54 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe

[2010/11/02 18:17:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe

[2010/11/02 18:17:54 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe

[2010/11/02 13:18:45 | 000,000,000 | ---D | C] -- C:\Users\Sonny\AppData\Roaming\.minecraft server

[2010/11/02 13:12:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Quick Memory Editor

[2010/11/01 23:58:49 | 000,013,824 | ---- | C] (Kephyr) -- C:\Windows\SysNative\ffnd.exe

[2010/11/01 23:50:01 | 000,000,000 | ---D | C] -- C:\Users\Sonny\AppData\Roaming\FreeFixer

[2010/11/01 23:50:01 | 000,000,000 | ---D | C] -- C:\Users\Sonny\AppData\Local\FreeFixer

[2010/11/01 23:49:56 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFixer

[2010/10/28 11:36:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe

[2010/10/28 11:34:16 | 000,029,952 | ---- | C] (Borland International) -- C:\Windows\borlndmm.dll

[2010/10/27 13:18:45 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll

[2010/10/27 13:18:45 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll

[2010/10/27 13:18:45 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll

[2010/10/27 13:18:44 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax

[2010/10/27 13:18:44 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax

[2010/10/27 13:18:44 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax

[2010/10/27 13:18:44 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax

[2010/10/27 13:17:43 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys

[2010/10/14 12:43:54 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX

[2010/10/14 12:43:53 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL

[2010/10/14 12:43:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator

[2010/10/13 23:15:06 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll

[2010/10/13 23:15:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll

[2010/10/13 23:15:03 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll

[2010/10/13 23:14:50 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll

[2010/10/13 23:14:46 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll

[2010/10/13 23:14:43 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll

[2010/10/13 23:14:43 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll

[2010/10/13 23:14:41 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll

[2010/10/13 23:14:41 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll

[2010/10/13 23:14:11 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2010/10/13 23:14:11 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll

[2010/10/13 23:14:10 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2010/10/13 23:14:10 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2010/10/13 23:14:10 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2010/10/13 23:14:09 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2010/10/13 23:14:09 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2010/10/13 23:14:09 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2010/10/13 23:14:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2010/10/13 23:14:09 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2010/10/13 23:14:08 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2010/10/13 23:14:08 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2010/10/13 23:14:08 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2010/10/13 23:14:07 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2010/10/13 23:11:41 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll

[2010/10/13 23:11:40 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll

[2010/10/13 23:11:38 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL

[2010/10/13 23:11:38 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL

[2010/10/13 23:10:53 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll

[2010/10/07 19:38:57 | 000,000,000 | ---D | C] -- C:\Users\Sonny\AppData\Local\Macroplant

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/04 12:12:23 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/11/04 12:12:23 | 000,013,472 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/11/04 12:09:49 | 001,549,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010/11/04 12:09:49 | 000,704,480 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2010/11/04 12:09:49 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010/11/04 12:09:49 | 000,130,754 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2010/11/04 12:09:49 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010/11/04 12:05:06 | 000,000,435 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics

[2010/11/04 12:04:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/11/04 12:04:09 | 3219,988,480 | -HS- | M] () -- C:\hiberfil.sys

[2010/11/04 00:02:39 | 000,007,620 | ---- | M] () -- C:\Users\Sonny\AppData\Local\Resmon.ResmonCfg

[2010/11/03 16:58:46 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2010/11/02 17:19:29 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat

[2010/11/02 13:12:59 | 000,001,097 | ---- | M] () -- C:\Users\Sonny\Desktop\Quick Memory Editor.lnk

[2010/11/02 00:53:17 | 000,021,920 | ---- | M] () -- C:\Users\Sonny\Desktop\edt.gif

[2010/10/28 11:34:14 | 000,000,152 | ---- | M] () -- C:\Windows\SkiesSaver.ini

[2010/10/27 18:21:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01005.Wdf

[2010/10/27 18:21:10 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf

[2010/10/20 15:55:01 | 001,683,668 | ---- | M] () -- C:\Users\Sonny\Documents\leparcheminvole.pdf

[2010/10/20 15:54:57 | 001,027,772 | ---- | M] () -- C:\Users\Sonny\Documents\uneodeurdepoissonpasfrais.pdf

[2010/10/14 12:44:03 | 000,001,039 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk

[2010/10/14 02:35:05 | 000,305,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2010/10/08 11:00:07 | 000,037,961 | ---- | M] () -- C:\Users\Sonny\Desktop\CR tp1 final .odt

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/02 13:19:20 | 000,001,070 | ---- | C] () -- C:\Users\Sonny\AppData\Roaming\minecraft install & multiplayer_readme.txt

[2010/11/02 13:12:59 | 000,001,097 | ---- | C] () -- C:\Users\Sonny\Desktop\Quick Memory Editor.lnk

[2010/11/02 01:14:13 | 000,007,620 | ---- | C] () -- C:\Users\Sonny\AppData\Local\Resmon.ResmonCfg

[2010/11/02 00:53:14 | 000,021,920 | ---- | C] () -- C:\Users\Sonny\Desktop\edt.gif

[2010/10/28 11:34:15 | 000,100,864 | ---- | C] () -- C:\Windows\keyhook2.dll

[2010/10/28 11:34:14 | 000,003,775 | ---- | C] () -- C:\Windows\SkiesSaver_2.ole

[2010/10/28 11:34:13 | 000,003,775 | ---- | C] () -- C:\Windows\SkiesSaver_1.ole

[2010/10/28 11:34:12 | 000,542,472 | ---- | C] () -- C:\Windows\SkiesSaver.scr

[2010/10/28 11:34:11 | 002,348,965 | ---- | C] () -- C:\Windows\SkiesSaverA.exe

[2010/10/28 11:34:11 | 000,000,152 | ---- | C] () -- C:\Windows\SkiesSaver.ini

[2010/10/27 18:21:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01005.Wdf

[2010/10/27 18:21:10 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf

[2010/10/20 15:55:01 | 001,683,668 | ---- | C] () -- C:\Users\Sonny\Documents\leparcheminvole.pdf

[2010/10/20 15:54:57 | 001,027,772 | ---- | C] () -- C:\Users\Sonny\Documents\uneodeurdepoissonpasfrais.pdf

[2010/10/14 12:44:03 | 000,001,039 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk

[2010/10/14 12:43:54 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfcmnnt.dll

[2010/10/08 11:00:06 | 000,037,961 | ---- | C] () -- C:\Users\Sonny\Desktop\CR tp1 final .odt

[2010/09/22 15:55:58 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI

[2010/07/15 03:11:49 | 000,000,061 | ---- | C] () -- C:\Windows\wininit.ini

[2010/03/22 13:47:14 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\wnaspi32.dll

[2010/03/22 13:44:26 | 000,044,544 | ---- | C] () -- C:\Windows\SysWow64\GIF89.DLL

[2010/03/09 00:33:03 | 000,000,130 | ---- | C] () -- C:\Windows\cfplogvw.INI

[2010/02/21 11:22:41 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %appdata% *.exe /s >

< MD5 for: AGP440.SYS >

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys

[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys

[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CDROM.SYS >

[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys

[2009/07/14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: EXPLORER.EXE >

[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe

[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe

[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe

[2009/08/03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe

[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe

[2009/10/31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe

[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe

[2009/10/31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe

[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe

[2009/07/14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe

[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe

[2009/08/03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: IASTOR.SYS >

[2010/03/03 18:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys

< MD5 for: IASTORV.SYS >

[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys

[2009/07/14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >

[2009/07/14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll

[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll

[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >

[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys

[2009/07/14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >

[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll

[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll

[2009/07/14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: USERINIT.EXE >

[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe

[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[2009/07/14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< %systemroot%\*. /mp /s >

< End of report >

et le Extras.txt:

OTL Extras logfile created on: 04/11/2010 12:10:12 - Run 1

OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\Sonny\Desktop\nert

64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 68,00% Memory free

8,00 Gb Paging File | 7,00 Gb Available in Paging File | 83,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 149,04 Gb Total Space | 34,63 Gb Free Space | 23,24% Space Free | Partition Type: NTFS

Drive D: | 131,15 Gb Total Space | 60,66 Gb Free Space | 46,25% Space Free | Partition Type: NTFS

Drive G: | 931,51 Gb Total Space | 275,90 Gb Free Space | 29,62% Space Free | Partition Type: NTFS

Computer Name: SONNY-PC | User Name: Sonny | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1027354979-3635524200-1128645282-1001\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java 6 Update 20 (64-bit)

"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{5EBE0F1F-45DF-4298-AC6B-E8E54EAEC834}" = Microsoft IntelliPoint 7.1

"{64A3A4F4-B792-11D6-A78A-00B0D0160200}" = Java SE Development Kit 6 Update 20 (64-bit)

"{84BC87D4-0480-4E10-B15D-1E7886D55180}" = iTunes

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support

"{A70B4D94-0244-4C2A-9CB4-812391CB7F3E}" = Ma-Config.com (64 bits)

"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"COMODO Internet Security" = COMODO Internet Security

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"NVIDIA Display Control Panel" = NVIDIA Display Control Panel

"NVIDIA Drivers" = NVIDIA Drivers

"WinRAR archiver" = Logiciel d'archivage WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser

"{0627E8E9-6822-4A5E-9225-286741CDC3E4}" = FileViewerUtility 1.0

"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals

"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands

"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller

"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 22

"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = La Bataille pour la Terre du Milieu™ II

"{2D6BDF3A-6BDB-4169-909F-E882F23AB795}" = Camera Window

"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™

"{4EE2EF4B-25D3-4D44-8384-A2B96F811F55}" = OpenOffice.org 3.2

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1" = iPhone Explorer 2.005

"{83F12F73-D52E-40C0-93B1-463C311C4E17}" = Dawn Of War

"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II

"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist

"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab

"{A3E0FF15-90D5-40CD-8565-B80A433B0D4C}" = PhotoStitch

"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support

"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3 - Français

"{B08894AF-D523-46B1-9B9B-2DA6B29CDD23}" = RemoteCapture 2.6

"{B94061DC-B2BB-42F7-800D-BCBF678AA8B3}" = Canon Camera WIA Driver

"{BE99B4DC-754E-4D40-AFA6-AB43248231EC}" = Canon Camera WIA Driver

"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War

"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon Utilities ZoomBrowser EX

"{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}" = NCsoft Launcher

"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX

"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime

"{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and Conquer Generals - Heure H

"{FF39FC01-819B-42E4-AE49-1968AF12DDD4}" = Dawn of War - Dark Crusade

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"ActiveScan 2.0" = Panda ActiveScan 2.0

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Ad-Remover" = Ad-Remover By C_XX

"Age of Mythology 1.0" = Age of Mythology

"BlueJ_is1" = BlueJ 2.5.3

"Canon RAW Codec" = Canon RAW Codec

"CCleaner" = CCleaner

"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30

"FreeFixer0.58" = FreeFixer

"InstallShield_{0627E8E9-6822-4A5E-9225-286741CDC3E4}" = Canon Utilities FileViewerUtility 1.0

"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals

"InstallShield_{2D6BDF3A-6BDB-4169-909F-E882F23AB795}" = Fenêtre d'appareil photo Canon pour ZoomBrowser EX

"InstallShield_{A3E0FF15-90D5-40CD-8565-B80A433B0D4C}" = Canon Utilities PhotoStitch 3.1

"InstallShield_{B08894AF-D523-46B1-9B9B-2DA6B29CDD23}" = Canon Utilities RemoteCapture 2.6

"InstallShield_{B94061DC-B2BB-42F7-800D-BCBF678AA8B3}" = Canon PowerShot G3 Pilote WIA

"InstallShield_{BE99B4DC-754E-4D40-AFA6-AB43248231EC}" = Canon PowerShot G3 WIA Driver

"InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}" = Command and Conquer Generals - Heure H

"Magic Workstation_is1" = Magic Workstation 0.94f

"MagicDisc 2.7.106" = MagicDisc 2.7.106

"Mount&Blade Warband" = Mount&Blade Warband

"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)

"PhotoRecord" = Canon PhotoRecord

"Quick Memory Editor_is1" = Quick Memory Editor 5.5

"Runic Games Torchlight" = Torchlight

"SystemRequirementsLab" = System Requirements Lab

"Usbfix" = UsbFix By El Desaparecido & C_XX

"UT2004" = Unreal Tournament 2004

"uTorrent" = µTorrent

"VLC media player" = VLC media player 1.0.5

"Xfire" = Xfire (remove only)

"ZHPDiag_is1" = ZHPDiag 1.27

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 22/10/2010 07:21:45 | Computer Name = Sonny-PC | Source = VSS | ID = 12289

Description =

Error - 23/10/2010 00:22:16 | Computer Name = Sonny-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante jaucheck.exe, version : 2.0.2.1,

horodatage : 0x4b7d6dd6 Nom du module défaillant : jaucheck.exe, version : 2.0.2.1,

horodatage : 0x4b7d6dd6 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000c940

ID

du processus défaillant : 0x2210c Heure de début de l’application défaillante :

0x01cb7269dce4daaf Chemin d’accès de l’application défaillante : C:\Program Files

(x86)\Common Files\Java\Java Update\jaucheck.exe Chemin d’accès du module défaillant:

C:\Program Files (x86)\Common Files\Java\Java Update\jaucheck.exe ID de rapport

: 1db27002-de5d-11df-afb6-001e4cf084ef

Error - 01/11/2010 18:22:30 | Computer Name = Sonny-PC | Source = Application Hang | ID = 1002

Description = Le programme MinecraftEditByDarow.exe version 1.8.4.444 a cessé d’interagir

avec Windows et a été fermé. Pour déterminer si des informations supplémentaires

sont disponibles, consultez l’historique du problème dans le Centre de maintenance.

ID

de processus : 688 Heure de début : 01cb7a1325023499 Heure de fin : 0 Chemin d’accès

de l’application : D:\Jeux\DarowsminecraftEdit0.1.2-withsave\MinecraftEditByDarow.exe

ID

de rapport :

Error - 02/11/2010 08:22:57 | Computer Name = Sonny-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante MemEditor.exe, version : 5.5.0.0,

horodatage : 0x2a425e19 Nom du module défaillant : KERNELBASE.dll, version : 6.1.7600.16385,

horodatage : 0x4a5bdbdf Code d’exception : 0x0eedfade Décalage d’erreur : 0x0000b727

ID

du processus défaillant : 0x778 Heure de début de l’application défaillante : 0x01cb7a88ac1c88be

Chemin

d’accès de l’application défaillante : C:\Program Files (x86)\Quick Memory Editor\MemEditor.exe

Chemin

d’accès du module défaillant: C:\Windows\syswow64\KERNELBASE.dll ID de rapport :

ec39420b-e67b-11df-bca7-001de093cca7

Error - 02/11/2010 08:23:21 | Computer Name = Sonny-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante MemEditor.exe, version : 5.5.0.0,

horodatage : 0x2a425e19 Nom du module défaillant : KERNELBASE.dll, version : 6.1.7600.16385,

horodatage : 0x4a5bdbdf Code d’exception : 0x0eedfade Décalage d’erreur : 0x0000b727

ID

du processus défaillant : 0xc90 Heure de début de l’application défaillante : 0x01cb7a88bc320c79

Chemin

d’accès de l’application défaillante : C:\Program Files (x86)\Quick Memory Editor\MemEditor.exe

Chemin

d’accès du module défaillant: C:\Windows\syswow64\KERNELBASE.dll ID de rapport :

fad69f33-e67b-11df-bca7-001de093cca7

Error - 02/11/2010 16:02:40 | Computer Name = Sonny-PC | Source = Application Hang | ID = 1002

Description = Le programme HiJackThis.exe version 2.0.0.4 a cessé d’interagir avec

Windows et a été fermé. Pour déterminer si des informations supplémentaires sont

disponibles, consultez l’historique du problème dans le Centre de maintenance. ID

de processus : 644 Heure de début : 01cb7ac8c84ebef1 Heure de fin : 7 Chemin d’accès

de l’application : C:\Users\Sonny\Downloads\HiJackThis.exe ID de rapport : 1d3a9e1f-e6bc-11df-8bd7-00a0d1af5d6b

Error - 03/11/2010 12:04:00 | Computer Name = Sonny-PC | Source = Application Hang | ID = 1002

Description = Le programme ZHPDiag.exe version 1.2.7.7 a cessé d’interagir avec

Windows et a été fermé. Pour déterminer si des informations supplémentaires sont

disponibles, consultez l’historique du problème dans le Centre de maintenance. ID

de processus : 1b0fc Heure de début : 01cb7b7090ae05d2 Heure de fin : 25 Chemin d’accès

de l’application : C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe ID de rapport : eed8ab08-e763-11df-8bd7-00a0d1af5d6b

Error - 03/11/2010 12:05:37 | Computer Name = Sonny-PC | Source = Application Hang | ID = 1002

Description = Le programme ZHPDiag.exe version 1.2.7.7 a cessé d’interagir avec

Windows et a été fermé. Pour déterminer si des informations supplémentaires sont

disponibles, consultez l’historique du problème dans le Centre de maintenance. ID

de processus : 1b1b4 Heure de début : 01cb7b70c81e1e61 Heure de fin : 23 Chemin d’accès

de l’application : C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe ID de rapport : 30623562-e764-11df-8bd7-00a0d1af5d6b

Error - 03/11/2010 12:06:37 | Computer Name = Sonny-PC | Source = Application Hang | ID = 1002

Description = Le programme ZHPDiag.exe version 1.2.7.7 a cessé d’interagir avec

Windows et a été fermé. Pour déterminer si des informations supplémentaires sont

disponibles, consultez l’historique du problème dans le Centre de maintenance. ID

de processus : 1b32c Heure de début : 01cb7b71099cd322 Heure de fin : 24 Chemin d’accès

de l’application : C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe ID de rapport : 539e31d5-e764-11df-8bd7-00a0d1af5d6b

Error - 03/11/2010 18:35:33 | Computer Name = Sonny-PC | Source = Application Hang | ID = 1002

Description = Le programme UsbFix.exe version 3.3.6.1 a cessé d’interagir avec Windows

et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles,

consultez l’historique du problème dans le Centre de maintenance. ID de processus :

c3c Heure de début : 01cb7ba5e2e3d91b Heure de fin : 0 Chemin d’accès de l’application

: C:\UsbFix\UsbFix.exe ID de rapport :

[ System Events ]

Error - 03/11/2010 23:53:32 | Computer Name = Sonny-PC | Source = Disk | ID = 262155

Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 03/11/2010 23:53:47 | Computer Name = Sonny-PC | Source = ipnathlp | ID = 31004

Description =

Error - 04/11/2010 00:53:46 | Computer Name = Sonny-PC | Source = ipnathlp | ID = 31004

Description =

Error - 04/11/2010 01:53:46 | Computer Name = Sonny-PC | Source = Disk | ID = 262155

Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 04/11/2010 01:53:47 | Computer Name = Sonny-PC | Source = Disk | ID = 262155

Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 04/11/2010 02:44:54 | Computer Name = Sonny-PC | Source = Disk | ID = 262155

Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR1.

Error - 04/11/2010 07:05:06 | Computer Name = Sonny-PC | Source = ipnathlp | ID = 30013

Description =

Error - 04/11/2010 07:08:10 | Computer Name = Sonny-PC | Source = ipnathlp | ID = 34001

Description =

Error - 04/11/2010 07:08:11 | Computer Name = Sonny-PC | Source = ipnathlp | ID = 31004

Description =

Error - 04/11/2010 07:18:11 | Computer Name = Sonny-PC | Source = ipnathlp | ID = 34001