Stabilité déficiente

[Tranphu]

Mes icônes tremblent, ma souris se fige ou est imprécise et tremble, mes fenêtres se bloquent...

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:09:13, on 20/11/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Thomson\ST330\service\st330service.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\PS Tray Factory\PSTrayFactory.exe

C:\Program Files\Analog Devices\SoundMAX\Smax4.exe

C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe

C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe

C:\WINDOWS\autoclk.exe

C:\WINDOWS\adiras.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe

C:\Program Files\Belgacom\bin\sprtcmd.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe

C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

C:\Program Files\Microsoft IntelliType Pro\itype.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

C:\USBStorage\USBDetector.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Hide Folders XP 2\hfxp.exe

C:\Program Files\Belgium Identity Card\beid35gui.exe

C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe

C:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe

C:\Program Files\Eraser\Eraser 5.8\Eraser.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\crypserv.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Program Files\Diskeeper Corporation\Diskeeper\2010\DkService.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\tcpsvcs.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\WINDOWS\system32\mqsvc.exe

C:\WINDOWS\system32\mqtgsvc.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Program Files\HiJack\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://abonnes.lemonde.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! France

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Barre d'outils Copernic Desktop Search - Corporate - {B69A3268-DA39-49B0-B1A6-4E7E4B98BB45} - C:\Program Files\Copernic Desktop Search - Corporate\Toolbar\ToolbarContainer101000325.dll

O3 - Toolbar: (no name) - {435FAE9B-81A9-49D8-A0B1-A85ED3121976} - (no file)

O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe"

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" -startup

O4 - HKLM\..\Run: [diagnostics] "C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe" /icon -l:fr

O4 - HKLM\..\Run: [autoclk] "C:\WINDOWS\autoclk.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [adiras] "C:\WINDOWS\adiras.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom

O4 - HKLM\..\Run: [TrayFactory] "C:\Program Files\PS Tray Factory\PSTrayFactory.exe" /start

O4 - HKLM\..\Run: [soundMAXPnP] "C:\Program Files\Analog Devices\Core\smax4pnp.exe"

O4 - HKLM\..\Run: [MsmqIntCert] "regsvr32" /s mqrt.dll

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [VadeRetro Outlook] "C:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe" -s

O4 - HKLM\..\Run: [VRManager] "C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe"

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide

O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:os_startup

O4 - HKLM\..\Run: [OutpostMonitor] "C:\PROGRA~1\Agnitum\Outpost Firewall Pro\op_mon.exe" /tray /noservice

O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [uSBDetector] "C:\USBStorage\USBDetector.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray

O4 - HKLM\..\RunOnce: [PSTF] C:\Program Files\PS Tray Factory\PSTrayFactory.exe /start

O4 - HKCU\..\Run: [spybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"

O4 - HKCU\..\Run: [hfxp] "C:\Program Files\Hide Folders XP 2\hfxp.exe" /s

O4 - HKCU\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe"

O4 - HKCU\..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe"

O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - HKCU\..\Run: [Copernic Desktop Search - Corporate] "C:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe" /tray

O4 - HKCU\..\Run: [Eraser] "C:\Program Files\Eraser\Eraser 5.8\Eraser.exe" -hide

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT

O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Résumer avec Copernic Summarizer - C:\PROGRA~1\COPERN~3\Web\SummarizePage.htm

O9 - Extra button: Résumer - {0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} - C:\PROGRA~1\COPERN~3\CopernicSummarizerApp.dll

O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE

O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE

O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll

O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~3\CopernicSummarizerApp.dll

O9 - Extra 'Tools' menuitem: Résumer avec Copernic Summarizer - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\PROGRA~1\COPERN~3\CopernicSummarizerApp.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O15 - Trusted Zone: Promotion Belgacom / Proximus: Promo - Belgacom TV Gratuit, Belgacom Internet / ADSL

O15 - Trusted Zone: Connexion

O15 - Trusted Zone: Achat et vente d'objets de collection (timbres, monnaies, cartes postales,...) : collections aux enchères en ligne !

O15 - Trusted Zone: Delcampe Auctions - buy & sell collectibles, postcards, coins, rare stamps, paper money, old paper, antiques & more

O15 - Trusted Zone: The Economist - World News, Politics, Economics, Business & Finance

O15 - Trusted Zone: Guerre Tribale - Le jeu par navigateur

O15 - Trusted Zone: Guerre Tribale - Le jeu par navigateur

O15 - Trusted Zone: Guerre Tribale - Le jeu par navigateur

O15 - Trusted Zone: Guerre Tribale - Le jeu par navigateur

O15 - Trusted Zone: Search HP US

O15 - Trusted Zone: http://abonnes.lemonde.fr

O15 - Trusted Zone: Les Royaumes Renaissants - Jeu de role gratuit et multijoueurs, jeu medieval realiste

O15 - Trusted Zone: Marvell Technology Group Ltd. -- The Market leader in Switching, Transceivers, Wireless, PC Connectivity, Gateways, Communications Controllers, and Storage

O15 - Trusted Zone: Actualités en temps réel - journal d'information - Nouvelobs.com

O15 - Trusted Zone: http://www.smileysgames.com

O15 - Trusted Zone: La Terre des Rois - Jeu gratuit en ligne - Gestion economique et strategie - Medieval fantastique

O15 - Trusted Zone: Bienvenue sur Tools4tribalwars.com!

O15 - Trusted Zone: Usenet.nl - Le meilleur du téléchargement depuis 1979

O15 - Trusted Zone: Warnation - Jeu multijoueurs

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab

O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1225364772296

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220053869343

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - Page introuvable | Facebook

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} (Java Plug-in 1.6.0_17) -

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{E6EF5819-54BE-4570-A832-6E6C9FA0DC85}: NameServer = 195.238.2.22 195.238.2.21

O20 - AppInit_DLLs: c:\progra~1\agnitum\outpost firewall pro\wl_hook.dll acaptuser32.dll

O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\Outpost Firewall Pro\acs.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\2010\DkService.exe

O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe

O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe

O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe

O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe

O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Program Files/Thomson/ST330/service/st330service.exe

O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe

O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe

O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe

O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

 

--

End of file - 19272 bytes

[lance_yien]

Bonjour Tranphu,

 

---

Très Important!

 

>>> A faire immédiatement:

En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

 

>>> Que faire durant ce nettoyage, merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

 

>>> Que faire à la réception de nouvelles instructions,

• Lire la totalité du message.
  
• Télécharger et enregistrer les utilitaires DIRECTEMENT sur le Bureau ou les déplacer (tout de suite après par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller".
  Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau.
  
• Prendre l'habitude de désactiver tous les programmes de protection au début de chaque nouvelle étape et de les réactiver à la fin.
  
• Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
  
• NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.
  

>>> Comment répondre: Cliquer sur le bouton car je n'ai pas besoin de relire mes messages précédents.

---

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment.

 

 

>>> HijackThis: Désactiver TeaTimer de Spybot-S&D parce qu'il peut interférer avec ce programme.

Lancer HijackThis, cliquer sur "do only a scan" et attendre la fin de l'analyse.

Cocher les cases devant les lignes suivantes (si présentes):

O3 - Toolbar: (no name) - {435FAE9B-81A9-49D8-A0B1-A85ED3121976} - (no file)

O15 - Trusted Zone: Promotion Belgacom / Proximus: Promo - Belgacom TV Gratuit, Belgacom Internet / ADSL

O15 - Trusted Zone: Connexion

O15 - Trusted Zone: Achat et vente d'objets de collection (timbres, monnaies, cartes postales,...) : collections aux enchères en ligne !

O15 - Trusted Zone: Delcampe Auctions - buy & sell collectibles, postcards, coins, rare stamps, paper money, old paper, antiques & more

O15 - Trusted Zone: The Economist - World News, Politics, Economics, Business & Finance

O15 - Trusted Zone: Guerre Tribale - Le jeu par navigateur

O15 - Trusted Zone: Guerre Tribale - Le jeu par navigateur

O15 - Trusted Zone: Guerre Tribale - Le jeu par navigateur

O15 - Trusted Zone: Guerre Tribale - Le jeu par navigateur

O15 - Trusted Zone: Search HP US

O15 - Trusted Zone: http://abonnes.lemonde.fr

O15 - Trusted Zone: Les Royaumes Renaissants - Jeu de role gratuit et multijoueurs, jeu medieval realiste

O15 - Trusted Zone: Marvell Technology Group Ltd. -- The Market leader in Switching, Transceivers, Wireless, PC Connectivity, Gateways, Communications Controllers, and Storage

O15 - Trusted Zone: Actualités en temps réel - journal d'information - Nouvelobs.com

O15 - Trusted Zone: http://www.smileysgames.com

O15 - Trusted Zone: La Terre des Rois - Jeu gratuit en ligne - Gestion economique et strategie - Medieval fantastique

O15 - Trusted Zone: Bienvenue sur Tools4tribalwars.com!

O15 - Trusted Zone: Usenet.nl - Le meilleur du téléchargement depuis 1979

O15 - Trusted Zone: Warnation - Jeu multijoueurs

Fermer toutes les autres fenêtres et applications y compris Internet et cliquer sur "fix checked" puis sur OK (pour confirmer).

Redémarrer le PC.

 

 

>>> Analyse de fichier(s):

• Copier la 1ère ligne de la liste suivante et aller sur le site Jotti.
   
  C:\WINDOWS\autoclk.exe
  C:\WINDOWS\adiras.exe
   
  
• Cliquer sur Parcourir....
  
• Dans la nouvelle fenêtre, cliquer-droit dans "Nom du fichier" => "Coller" puis cliquer sur "Ouvrir".
  
• Cliquer sur Envoyer et laisser faire l'analyse.
  
• A la fin cliquer-droit sur le bouton Votre lien permanent... => "Copier l'adresse du lien".
  Ouvrir le bloc-note et cliquer-droit => "Coller"
  
  

  
  

• Recommencer avec l'autre ligne de ma liste en cliquant sur le bouton "Prochain fichier" et coller l'adresse dans le bloc-note.
  

Copier le contenu du bloc-note et le coller dans la prochaine réponse.

 

Note: Si Jotti est surchargé aller sur Virustotal,

 

 

>>> Télécharger, sur le Bureau:

• MBAM' StartUpLite depuis ici
• OTL (par OldTimer) depuis ici ou ici.
• Security Check (par screen317) depuis ici ou ici.

 

 

>>> StartUpLite Il y a toujours des programmes qui se lancent INUTILEMENT en même temps que Windows.

Double-cliquer sur StartUpLite.exe pour lancer le programme.

Il affichera toutes les entrées inutiles en démarrage automatique

Sélectionner TOUTES les entrées affichées et cliquer sur Continue.

S'il affiche "No unnecessary..." , c'est qu'il n'y a rien à faire.

 

2- >>> Brancher et allumer tous les médias amovibles ayant servi à un quelconque transfert de données (clés USB...).

Fermer tout et double-cliquer sur OTL.exe (Vista/ Windows7, clic-droit dessus => Exécuter en tant qu'Admin).

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

CREATERESTOREPOINT

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

 

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

 

>>> SecurityCheck: Fermer tout et double-cliquer sur "SecurityCheck.exe" pour lancer le programme.

Appuyer sur une touche comme demandé et suivre les indications.

Note: Si un des programmes de sécurité demande la permission d'accéder à Internet depuis dig.exe, acceptez.

Le Rapport checkup.txt s'ouvre à la fin. Poster son contenu.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

Poster son contenu.

 

Rapport demandés:

• scan-results
• Malwarebytes Anti-Malware log
• OTL.txt
• Extras.txt
• checkup.txt

Il y a du mieux?

[Tranphu]

Merci pour la réponse rapide.

Voici les éléments demandés.

 

 

scan-results

 

autoclk.exe - Le scanner antivirus de Jotti

 

adiras.exe - Le scanner antivirus de Jotti

 

Malware bytes Anti-Malware log

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Version de la base de données: 5172

 

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.13

 

22/11/2010 21:24:18

mbam-log-2010-11-22 (21-24-18).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 155795

Temps écoulé: 6 minute(s), 30 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

StartUpLite

 

3 entrées supprimées

Modifié le 22 novembre 2010 par Tranphu

[Tranphu]

• OTL.txt

 

 

OTL logfile created on: 22/11/2010 21:45:41 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\NACHTERGAELE\Bureau\Stabilisation PC

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 70,00% Memory free

5,00 Gb Paging File | 4,00 Gb Available in Paging File | 79,00% Paging File free

Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 488,28 Gb Total Space | 428,19 Gb Free Space | 87,69% Space Free | Partition Type: NTFS

Drive F: | 76,32 Gb Total Space | 55,58 Gb Free Space | 72,82% Space Free | Partition Type: NTFS

Drive G: | 122,20 Mb Total Space | 4,77 Mb Free Space | 3,90% Space Free | Partition Type: FAT

Drive H: | 443,23 Gb Total Space | 436,10 Gb Free Space | 98,39% Space Free | Partition Type: NTFS

Drive I: | 149,01 Gb Total Space | 76,68 Gb Free Space | 51,46% Space Free | Partition Type: FAT32

Drive J: | 31,13 Mb Total Space | 6,63 Mb Free Space | 21,31% Space Free | Partition Type: FAT

Drive K: | 1,88 Gb Total Space | 1,78 Gb Free Space | 94,67% Space Free | Partition Type: FAT

 

Computer Name: NACHTERG-0DAA01 | User Name: NACHTERGAELE | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2010/11/22 21:42:30 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\NACHTERGAELE\Bureau\Stabilisation PC\OTL.exe

PRC - [2010/10/19 15:01:45 | 001,201,640 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe

PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010/09/22 17:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

PRC - [2010/07/29 17:53:18 | 001,743,320 | ---- | M] (Copernic Inc.) -- C:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe

PRC - [2010/06/01 09:17:48 | 005,252,408 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

PRC - [2010/04/07 20:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET NOD32 Antivirus\ekrn.exe

PRC - [2010/04/07 20:07:04 | 002,145,000 | ---- | M] (ESET) -- C:\Program Files\Eset\ESET NOD32 Antivirus\egui.exe

PRC - [2010/04/05 14:50:00 | 000,494,920 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE

PRC - [2009/12/24 08:55:22 | 001,732,960 | ---- | M] (Diskeeper Corporation) -- C:\Program Files\Diskeeper Corporation\Diskeeper\2010\DkService.exe

PRC - [2009/11/22 01:47:24 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

PRC - [2009/11/06 14:19:58 | 006,515,784 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe

PRC - [2009/11/06 12:00:22 | 000,165,232 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\Spy Sweeper\SSU.exe

PRC - [2009/11/06 11:00:22 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

PRC - [2009/05/08 10:35:50 | 002,780,432 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

PRC - [2009/05/08 10:34:08 | 000,559,888 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LQCVFX\COCIManager.exe

PRC - [2009/04/30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

PRC - [2009/03/16 15:08:30 | 000,466,946 | ---- | M] (PS Soft Lab) -- C:\Program Files\PS Tray Factory\PSTrayFactory.exe

PRC - [2008/12/14 02:36:24 | 000,581,632 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\ST330\service\st330service.exe

PRC - [2008/12/12 20:26:22 | 000,557,149 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe

PRC - [2008/11/14 15:51:16 | 002,294,272 | ---- | M] (Goto Software) -- C:\Program Files\Fichiers communs\Goto Software\Vaderetro_mgr.exe

PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

PRC - [2008/09/04 13:22:50 | 002,023,424 | ---- | M] (Belgium Government) -- C:\Program Files\Belgium Identity Card\beid35gui.exe

PRC - [2008/07/05 09:02:42 | 000,114,304 | ---- | M] () -- C:\Program Files\Hide Folders XP 2\hfxp.exe

PRC - [2008/05/29 11:18:04 | 000,202,016 | R--- | M] (SupportSoft, Inc.) -- C:\Program Files\Belgacom\bin\sprtcmd.exe

PRC - [2008/05/08 00:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe

PRC - [2008/04/14 13:00:00 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2008/03/24 12:43:16 | 000,884,736 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe

PRC - [2008/03/17 05:29:48 | 001,040,384 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe

PRC - [2007/12/23 00:03:28 | 000,916,240 | ---- | M] (The Eraser Project) -- C:\Program Files\Eraser\Eraser 5.8\Eraser.exe

PRC - [2004/09/01 10:28:04 | 000,192,512 | ---- | M] (A4Tech Co., Ltd.) -- C:\Program Files\A4Tech\Mouse\Amoumain.exe

PRC - [2004/08/31 13:33:22 | 000,061,440 | ---- | M] (A4Tech Co.,Ltd.) -- C:\Program Files\A4Tech\Keyboard\Ikeymain.exe

PRC - [2004/08/09 05:03:38 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe

PRC - [2004/01/28 13:42:30 | 001,531,904 | ---- | M] () -- C:\WINDOWS\adiras.exe

PRC - [2003/06/19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE

PRC - [2003/04/01 11:33:00 | 000,053,248 | ---- | M] (ali) -- C:\USBStorage\USBDetector.exe

PRC - [2003/01/30 05:48:24 | 000,143,360 | ---- | M] () -- C:\WINDOWS\autoclk.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010/11/22 21:42:30 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\NACHTERGAELE\Bureau\Stabilisation PC\OTL.exe

MOD - [2010/08/23 17:12:39 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MOD - [2009/01/28 11:42:18 | 000,053,248 | ---- | M] () -- C:\Program Files\PS Tray Factory\HKDll.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2010/10/19 15:01:45 | 001,201,640 | ---- | M] (Webroot Software, Inc. ) [Auto | Running] -- C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe -- (WRConsumerService)

SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2010/10/12 09:55:50 | 002,035,512 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- C:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe -- (acssrv)

SRV - [2010/04/07 20:10:38 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)

SRV - [2010/04/07 20:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)

SRV - [2009/12/24 08:55:22 | 001,732,960 | ---- | M] (Diskeeper Corporation) [Auto | Running] -- C:\Program Files\Diskeeper Corporation\Diskeeper\2010\DkService.exe -- (Diskeeper)

SRV - [2009/11/06 11:00:22 | 004,048,240 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Running] -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- (WebrootSpySweeperService)

SRV - [2009/04/30 16:01:10 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)

SRV - [2008/12/14 02:36:24 | 000,581,632 | ---- | M] (THOMSON Telecom Belgium) [Auto | Running] -- C:\Program Files\Thomson\ST330\service\st330service.exe -- (st330service)

SRV - [2008/11/28 02:14:27 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

SRV - [2008/11/04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)

SRV - [2008/08/29 21:41:07 | 000,069,632 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)

SRV - [2008/05/29 11:17:12 | 000,382,320 | R--- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Fichiers communs\Supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)

SRV - [2008/05/08 00:29:38 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)

SRV - [2006/12/23 17:54:04 | 000,262,144 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)

SRV - [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2005/11/14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)

SRV - [2003/06/19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\rt2870.sys -- (rt2870)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\NACHTE~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)

DRV - [2010/10/11 09:35:02 | 000,710,576 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SandBox.sys -- (SandBox)

DRV - [2010/10/11 09:34:24 | 000,072,232 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Filt\ASWFilt.dll -- (ASWFilt)

DRV - [2010/09/27 14:40:28 | 000,267,624 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afwcore.sys -- (afwcore)

DRV - [2010/09/15 11:30:00 | 000,298,784 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)

DRV - [2010/09/11 03:19:16 | 005,417,472 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

DRV - [2010/08/19 11:41:58 | 000,101,904 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)

DRV - [2010/07/27 08:15:20 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)

DRV - [2010/07/27 08:14:58 | 006,842,464 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) QuickCam Orbit/Sphere AF(UVC)

DRV - [2010/07/27 08:13:26 | 000,066,528 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvselsus.sys -- (lvselsus)

DRV - [2010/07/27 08:12:50 | 000,282,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)

DRV - [2010/04/20 15:05:16 | 000,034,280 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afw.sys -- (afw)

DRV - [2010/04/07 20:08:08 | 000,095,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)

DRV - [2010/04/07 20:07:08 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)

DRV - [2010/04/07 20:03:44 | 000,139,192 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)

DRV - [2010/02/11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)

DRV - [2010/01/28 15:12:02 | 000,095,232 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV - [2009/12/10 14:48:40 | 000,041,504 | ---- | M] (Diskeeper Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DKRtWrt.sys -- (DKRtWrt)

DRV - [2009/11/06 12:00:36 | 000,176,752 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ssidrv.sys -- (ssidrv)

DRV - [2009/11/06 12:00:36 | 000,023,152 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sshrmd.sys -- (sshrmd)

DRV - [2009/11/06 12:00:34 | 000,029,808 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ssfs0bbc.sys -- (ssfs0bbc)

DRV - [2009/09/15 08:21:14 | 000,155,688 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx)

DRV - [2009/04/30 16:00:12 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)

DRV - [2008/10/12 09:47:20 | 000,040,320 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\steth.sys -- (STETH)

DRV - [2008/08/30 14:25:57 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)

DRV - [2008/08/30 13:49:50 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)

DRV - [2008/08/29 20:05:27 | 000,032,000 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stppp.sys -- (stppp)

DRV - [2008/08/29 20:05:27 | 000,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\st330.sys -- (ST330)

DRV - [2008/08/29 20:05:27 | 000,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stbus.sys -- (STBUS)

DRV - [2008/05/08 15:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)

DRV - [2008/04/14 13:00:00 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)

DRV - [2008/04/14 13:00:00 | 000,092,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)

DRV - [2008/04/14 13:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)

DRV - [2008/04/14 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)

DRV - [2008/04/14 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)

DRV - [2008/04/13 11:45:14 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)

DRV - [2008/03/24 09:08:14 | 000,331,264 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)

DRV - [2008/03/17 17:45:52 | 000,019,584 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\ckldrv.sys -- (NetworkX)

DRV - [2007/12/17 10:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)

DRV - [2007/01/23 00:26:30 | 000,017,264 | ---- | M] (FSPro Labs) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HFXP2.SYS -- (HFXP2)

DRV - [2006/03/24 19:14:46 | 000,033,536 | ---- | M] (Advanced Card Systems Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\a38usb.sys -- (ACSSCR)

DRV - [2006/03/17 17:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)

DRV - [2004/08/13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! France

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://abonnes.lemonde.fr/

IE - HKCU\..\URLSearchHook: {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010/08/14 19:33:16 | 000,000,000 | ---D | M]

 

 

O1 HOSTS File: ([2010/11/20 20:50:14 | 000,426,005 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 123topsearch.com

O1 - Hosts: 127.0.0.1 www.123topsearch.com

O1 - Hosts: 127.0.0.1 132.com

O1 - Hosts: 127.0.0.1 www.132.com

O1 - Hosts: 127.0.0.1 www.136136.net

O1 - Hosts: 127.0.0.1 136136.net

O1 - Hosts: 14675 more lines...

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Barre d'outils Copernic Desktop Search - Corporate) - {B69A3268-DA39-49B0-B1A6-4E7E4B98BB45} - C:\Program Files\Copernic Desktop Search - Corporate\Toolbar\ToolbarContainer101000325.dll (Copernic Inc.)

O3 - HKLM\..\Toolbar: (Yahoo! Barre d'outils) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O3 - HKLM\..\Toolbar: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKCU\..\Toolbar\WebBrowser: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [adiras] C:\WINDOWS\adiras.exe ()

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [autoclk] C:\WINDOWS\autoclk.exe ()

O4 - HKLM..\Run: [belgacom] C:\Program Files\Belgacom\bin\sprtcmd.exe (SupportSoft, Inc.)

O4 - HKLM..\Run: [diagnostics] C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe (THOMSON Telecom Belgium)

O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)

O4 - HKLM..\Run: [iKeyWorks] C:\Program Files\A4Tech\Keyboard\Ikeymain.exe (A4Tech Co.,Ltd.)

O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()

O4 - HKLM..\Run: [MsmqIntCert] C:\WINDOWS\System32\mqrt.dll (Microsoft Corporation)

O4 - HKLM..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe (Agnitum Ltd.)

O4 - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe (Agnitum Ltd.)

O4 - HKLM..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [spySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe (Webroot Software, Inc.)

O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [TrayFactory] C:\Program Files\PS Tray Factory\PSTrayFactory.exe (PS Soft Lab)

O4 - HKLM..\Run: [uSBDetector] C:\USBStorage\USBDetector.exe (ali)

O4 - HKLM..\Run: [VadeRetro Outlook] C:\Program Files\Goto Software\Vade Retro\VrMoRegister.exe ()

O4 - HKLM..\Run: [VRManager] C:\Program Files\Fichiers communs\Goto Software\Vaderetro_Mgr.exe (Goto Software)

O4 - HKLM..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe (A4Tech Co., Ltd.)

O4 - HKCU..\Run: [beid] C:\Program Files\Belgium Identity Card\beid35gui.exe (Belgium Government)

O4 - HKCU..\Run: [Copernic Desktop Search - Corporate] C:\Program Files\Copernic Desktop Search - Corporate\DesktopSearchService.exe (Copernic Inc.)

O4 - HKCU..\Run: [Eraser] C:\Program Files\Eraser\Eraser 5.8\Eraser.exe (The Eraser Project)

O4 - HKCU..\Run: [hfxp] C:\Program Files\Hide Folders XP 2\hfxp.exe ()

O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)

O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\RunOnce: [PSTF] C:\Program Files\PS Tray Factory\PSTrayFactory.exe (PS Soft Lab)

O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyDocs = 1

O8 - Extra context menu item: Ajouter à un fichier PDF existant - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Chercher avec Copernic Agent - C:\Program Files\Copernic Agent\CopernicAgentExt.rdl (Copernic Technologies Inc.)

O8 - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Résumer avec Copernic Summarizer - C:\Program Files\Copernic Summarizer\Web\SummarizePage.htm ()

O9 - Extra Button: Résumer - {0F2D17A0-E7DF-4847-995B-6F3ABF5BF187} - C:\Program Files\Copernic Summarizer\CopernicSummarizerApp.dll ()

O9 - Extra 'Tools' menuitem : Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)

O9 - Extra Button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll (Agnitum Ltd.)

O9 - Extra Button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)

O9 - Extra 'Tools' menuitem : Résumer avec Copernic Summarizer - {B533C4C2-3FE2-4728-8661-AC93DF5D35A2} - C:\Program Files\Copernic Summarizer\CopernicSummarizerApp.dll ()

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKCU\..Trusted Domains: acrobat.com ([www] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: amazon.fr ([www] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: bnpparibasfortis.be ([www] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: fgov.be ([ccff02.minfin] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: fortisbanking.be ([www] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: microsoft.com ([office] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: microsoft.com ([update] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: microsoft.com ([www] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: nero.com ([shopping] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: rbsworldpay.com ([secure.wp3] https in Sites de confiance)

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab (System Requirements Lab Class)

O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1225364772296 (MUCatalogWebControl Class)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1220053869343 (WUWebControl Class)

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} Page introuvable | Facebook (Facebook Photo Uploader 5 Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)

O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpost firewall pro\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook.dll (Agnitum Ltd.)

O20 - AppInit_DLLs: (acaptuser32.dll) - C:\WINDOWS\System32\acaptuser32.dll (Adobe Systems Incorporated)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Ma page d'accueil) - About:Home

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp

O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (s\x86_microsof) - File not found

O30 - LSA: Security Packages - (indows.common-controls_6595b641) - File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2003/05/02 15:47:02 | 000,000,000 | RH-D | M] - I:\autorun -- [ FAT32 ]

O32 - AutoRun File - [2002/10/17 09:56:50 | 000,000,036 | RH-- | M] () - I:\autorun.inf -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: Ias - File not found

NetSvcs: Iprip - C:\WINDOWS\System32\iprip.dll (Microsoft Corporation)

NetSvcs: Irmon - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: WmdmPmSp - File not found

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point (0)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010/11/22 21:16:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Application Data\Malwarebytes

[2010/11/22 21:16:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/11/22 21:16:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes

[2010/11/22 21:16:36 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/11/22 21:16:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/11/22 19:43:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\NACHTERGAELE\Recent

[2010/11/21 06:02:30 | 000,000,000 | ---D | C] -- C:\Program Files\A4Tech

[2010/11/21 06:01:57 | 000,036,864 | ---- | C] (A4Tech Co., Ltd.) -- C:\WINDOWS\System32\Amhooker.dll

[2010/11/21 06:01:57 | 000,032,768 | ---- | C] (A4Tech Co., Ltd.) -- C:\WINDOWS\System32\Ikeyrfk8.dll

[2010/11/21 06:01:57 | 000,012,800 | ---- | C] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\drivers\Amusbprt.sys

[2010/11/21 06:01:57 | 000,012,800 | ---- | C] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\drivers\Amps2prt.sys

[2010/11/21 06:01:57 | 000,007,424 | ---- | C] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\drivers\Amusbdev.sys

[2010/11/21 06:01:57 | 000,006,656 | ---- | C] (A4Tech Co.,Ltd.) -- C:\WINDOWS\System32\drivers\Amfilter.sys

[2010/11/21 04:45:26 | 000,000,000 | ---D | C] -- C:\MSI5fddf.tmp

[2010/11/21 04:44:54 | 000,101,904 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\drivers\AtihdXP3.sys

[2010/11/21 04:43:04 | 000,000,000 | ---D | C] -- C:\AMD

[2010/11/21 04:17:05 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intelide.sys

[2010/11/21 03:41:08 | 000,000,000 | ---D | C] -- C:\MSIee6e8.tmp

[2010/11/21 03:41:06 | 000,000,000 | ---D | C] -- C:\MSIee6e1.tmp

[2010/11/21 03:41:02 | 000,000,000 | ---D | C] -- C:\MSIee6d2.tmp

[2010/11/21 03:40:59 | 000,000,000 | ---D | C] -- C:\MSIee6c3.tmp

[2010/11/21 03:40:56 | 000,000,000 | ---D | C] -- C:\MSIee6b4.tmp

[2010/11/21 03:40:53 | 000,000,000 | ---D | C] -- C:\MSIee6a5.tmp

[2010/11/21 03:40:51 | 000,000,000 | ---D | C] -- C:\MSIee69b.tmp

[2010/11/21 03:40:37 | 000,000,000 | ---D | C] -- C:\MSIee659.tmp

[2010/11/21 03:30:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau dossier (6)

[2010/11/21 03:30:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau dossier (5)

[2010/11/21 03:30:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Stabilisation PC

[2010/11/21 03:20:59 | 000,000,000 | ---D | C] -- C:\MSIeb1e4.tmp

[2010/11/21 03:20:47 | 000,000,000 | ---D | C] -- C:\MSIeb17c.tmp

[2010/11/21 02:42:01 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Sweeper

[2010/11/21 02:22:14 | 000,000,000 | ---D | C] -- C:\MSI60a7e.tmp

[2010/11/21 02:22:12 | 000,000,000 | ---D | C] -- C:\MSI60a76.tmp

[2010/11/21 02:22:00 | 000,000,000 | ---D | C] -- C:\MSI60a15.tmp

[2010/11/21 01:32:15 | 000,000,000 | ---D | C] -- C:\MSI708c9.tmp

[2010/11/21 01:32:04 | 000,000,000 | ---D | C] -- C:\MSI7088a.tmp

[2010/11/21 01:32:02 | 000,000,000 | ---D | C] -- C:\MSI7087a.tmp

[2010/11/21 01:31:56 | 000,000,000 | ---D | C] -- C:\MSI70852.tmp

[2010/11/21 01:31:52 | 000,000,000 | ---D | C] -- C:\MSI7083a.tmp

[2010/11/21 01:31:48 | 000,000,000 | ---D | C] -- C:\MSI7081a.tmp

[2010/11/21 01:31:40 | 000,000,000 | ---D | C] -- C:\MSI707ea.tmp

[2010/11/21 01:31:39 | 000,000,000 | ---D | C] -- C:\MSI707e2.tmp

[2010/11/21 01:31:37 | 000,000,000 | ---D | C] -- C:\MSI707d6.tmp

[2010/11/20 23:35:39 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft

[2010/11/20 22:02:48 | 000,000,000 | ---D | C] -- C:\Program Files\HiJack

[2010/11/20 19:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau dossier (3)

[2010/11/20 19:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau dossier (2)

[2010/11/20 01:20:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Local Settings\Application Data\Collectorz.com

[2010/11/20 01:20:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Book Collector

[2010/11/20 01:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\Collectorz.com

[2010/11/18 22:24:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Usenet.nl

[2010/11/18 22:24:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Application Data\Usenet.nl

[2010/11/18 22:24:16 | 000,000,000 | ---D | C] -- C:\Program Files\Usenet.nl

[2010/11/18 22:20:38 | 000,000,000 | ---D | C] -- C:\Program Files\Book Collector

[2010/11/18 21:11:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Goldman Sachs

[2010/11/18 21:11:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\NPM

[2010/11/18 20:17:27 | 000,112,056 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\acaptuser32.dll

[2010/11/17 04:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\Autoruns

[2010/11/17 04:02:53 | 000,000,000 | ---D | C] -- C:\Program Files\Sync

[2010/11/14 15:57:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Crise Etat providence

[2010/11/14 15:57:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau dossier

[2010/11/13 03:26:51 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfbmp70n.dll

[2010/11/13 03:26:51 | 000,024,160 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\HP5300CU.cpl

[2010/11/13 03:26:51 | 000,024,160 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\HP5300CP.cpl

[2010/11/13 03:09:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Local Settings\Application Data\WinZip

[2010/11/13 02:50:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WinZip

[2010/11/13 02:48:44 | 000,000,000 | ---D | C] -- C:\MSIe7c57.tmp

[2010/11/13 02:15:20 | 000,000,000 | ---D | C] -- C:\Program Files\GPU

[2010/11/13 02:15:16 | 000,000,000 | ---D | C] -- C:\Program Files\ProcessExplorer

[2010/11/13 01:21:22 | 000,000,000 | ---D | C] -- C:\sj664

[2010/11/13 00:35:40 | 000,000,000 | ---D | C] -- C:\Swsetup

[2010/11/13 00:32:43 | 000,005,183 | ---- | C] (USB Compliance) -- C:\WINDOWS\System32\drivers\usbu2a.sys

[2010/11/13 00:32:38 | 000,000,000 | ---D | C] -- C:\USBStorage

[2010/11/13 00:32:10 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe

[2010/11/12 16:10:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Unzipped

[2010/11/12 15:58:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Downloads

[2010/11/12 15:58:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\UAB

[2010/11/12 15:58:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Local Settings\Application Data\PC_Drivers_Headquarters

[2010/11/12 15:58:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz

[2010/11/12 15:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Whiz

[2010/11/12 14:14:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Application Data\ElevatedDiagnostics

[2010/11/12 14:13:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell

[2010/11/12 14:12:10 | 000,000,000 | ---D | C] -- C:\Program Files\Fixit

[2010/11/11 01:26:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\LJM

[2010/11/11 00:14:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Année du Lièvre 2011

[2010/11/11 00:14:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\SPPS Efficacité

[2010/11/10 15:00:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Références biblio vade-mecum

[2010/11/10 15:00:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Nouveau dossier (5)

[2010/11/10 15:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Nouveau dossier (4)

[2010/11/10 15:00:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Nouveau dossier (3)

[2010/11/07 16:32:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\CE Pouvoir des contractuels us statutaires

[2010/11/07 16:32:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Doc Parl Copernic

[2010/11/07 16:32:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Bon-Papa

[2010/11/07 16:22:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Immigration Tribalat_Konopnicki

[2010/11/07 16:22:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Signature digitale

[2010/11/07 16:05:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Documentation diverse

[2010/11/07 16:05:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Scanner photos

[2010/11/07 16:05:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\APPT 11 Nov

[2010/11/07 15:35:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Dépannage informatique

[2010/11/07 15:34:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Banque BNP_PB

[2010/10/31 03:27:42 | 000,000,000 | ---D | C] -- C:\MSI81b5f.tmp

[2010/10/31 03:26:26 | 000,000,000 | ---D | C] -- C:\MSI6e1b7.tmp

[2010/10/29 01:39:03 | 000,000,000 | ---D | C] -- C:\MSI6e07a.tmp

[2010/10/29 01:39:01 | 000,000,000 | ---D | C] -- C:\MSI6e070.tmp

[2010/10/29 01:38:08 | 000,000,000 | ---D | C] -- C:\MSI6dff0.tmp

[2010/10/29 01:34:49 | 000,000,000 | ---D | C] -- C:\MSI6dfe4.tmp

[2010/10/29 01:34:48 | 000,000,000 | ---D | C] -- C:\MSI6dfdf.tmp

[2010/10/29 01:34:34 | 000,000,000 | ---D | C] -- C:\MSI6dfcb.tmp

[2010/10/29 01:29:06 | 000,000,000 | ---D | C] -- C:\MSI6df53.tmp

[2010/10/29 01:28:15 | 000,000,000 | ---D | C] -- C:\MSI6df47.tmp

[2010/10/29 01:27:23 | 000,000,000 | ---D | C] -- C:\MSI6df26.tmp

[2010/10/29 01:27:12 | 000,000,000 | ---D | C] -- C:\MSI6debd.tmp

[2010/10/29 00:56:59 | 004,419,584 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticaldd.dll

[2010/10/29 00:56:59 | 000,450,560 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIDEMGX.dll

[2010/10/29 00:56:59 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atibtmon.exe

[2010/10/29 00:56:59 | 000,064,512 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\atimpc32.dll

[2010/10/29 00:56:59 | 000,057,344 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalrt.dll

[2010/10/29 00:56:59 | 000,053,248 | ---- | C] ( ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDDC.DLL

[2010/10/29 00:56:59 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll

[2010/10/29 00:56:59 | 000,026,112 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe

[2010/10/29 00:56:59 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll

[2010/10/29 00:56:59 | 000,017,408 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atitvo32.dll

[2010/10/29 00:56:58 | 016,248,832 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atioglxx.dll

[2010/10/29 00:56:58 | 000,634,880 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atikvmag.dll

[2010/10/29 00:56:58 | 000,393,216 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiok3x2.dll

[2010/10/29 00:56:58 | 000,311,296 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll

[2010/10/29 00:56:58 | 000,208,896 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll

[2010/10/29 00:56:58 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiapfxx.exe

[2010/10/29 00:56:58 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2erec.dll

[2010/10/29 00:56:58 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalcl.dll

[2010/10/29 00:56:01 | 000,000,000 | ---D | C] -- C:\Program Files\ATI

[2010/10/28 21:59:15 | 000,000,000 | ---D | C] -- C:\Program Files\Filedeleter

[2010/10/26 15:58:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\FP Note de pol générale - clients

[2010/10/24 18:20:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Bureau\Guy Rama septembre 2010

[2010/10/24 17:50:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Application Data\Research In Motion

[2010/10/24 17:49:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NACHTERGAELE\Application Data\Blackberry Desktop

[2010/10/24 17:48:55 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Research In Motion

[2010/10/24 17:48:40 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion

[2010/10/24 16:23:47 | 000,000,000 | -HSD | C] -- C:\WINDOWS\ftpcache

[2010/02/20 09:27:08 | 004,938,120 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Silverlight.exe

[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[40 C:\*.tmp files -> C:\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2010/11/22 21:43:50 | 000,066,231 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Stabilisation.docx

[2010/11/22 21:42:09 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync

[2010/11/22 21:34:00 | 000,001,066 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2010/11/22 21:15:11 | 000,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{19F31EB3-7330-4125-8086-3CBEB1491322}.job

[2010/11/22 20:40:35 | 000,013,758 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/11/22 20:40:34 | 000,001,062 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2010/11/22 20:40:33 | 000,000,326 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job

[2010/11/22 20:31:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/11/22 20:31:41 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad

[2010/11/22 18:57:35 | 000,059,392 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\10-11-20 Editorial Pyramides 2011[1].doc

[2010/11/22 18:43:14 | 000,002,623 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Microsoft Office Outlook 2007.lnk

[2010/11/21 23:55:09 | 000,000,166 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Google.url

[2010/11/21 18:18:45 | 000,047,616 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Management and business education news from The Economist online - November 17th 2010.msg

[2010/11/21 18:02:51 | 000,000,326 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Yahoo! - Mail.url

[2010/11/21 14:03:16 | 000,001,704 | ---- | M] () -- C:\WINDOWS\tasks\wrSpySweeper_L4C185989763F40E7A2AB4B0E2604662E.job

[2010/11/21 06:24:48 | 000,074,142 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101121_062443.reg

[2010/11/21 04:46:35 | 000,015,763 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Cata.pdf

[2010/11/21 04:40:43 | 000,001,769 | ---- | M] () -- C:\WINDOWS\Language_trs.ini

[2010/11/21 03:22:19 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2010/11/21 03:22:15 | 000,015,143 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\ATI.pdf

[2010/11/21 00:40:36 | 000,704,598 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat

[2010/11/21 00:40:36 | 000,574,956 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010/11/21 00:40:36 | 000,160,026 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat

[2010/11/21 00:40:36 | 000,118,286 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010/11/20 21:43:17 | 000,000,206 | -H-- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Collectorz.com Connect Cerap Profile.url

[2010/11/20 20:50:14 | 000,426,005 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS

[2010/11/20 19:36:56 | 000,013,760 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101120_193648.reg

[2010/11/20 15:27:43 | 000,000,185 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Collectorz.fr.url

[2010/11/20 14:19:29 | 000,024,385 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Collectorz.com Shop_ transaction completed.pdf

[2010/11/20 01:20:27 | 000,000,946 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Book Collector.lnk

[2010/11/19 18:28:00 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010/11/19 00:46:59 | 000,327,965 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\The Ethics of New Public Management.pdf

[2010/11/19 00:28:57 | 000,180,467 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\NEW PUBLIC MANAGEMENT VALUES.pdf

[2010/11/19 00:08:51 | 001,645,986 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\New Public Management The Transformation of ideas and Practice .pdf

[2010/11/18 23:46:35 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010/11/18 22:27:04 | 000,102,422 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Usenet.nl.pdf

[2010/11/18 22:11:35 | 000,020,889 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Approved Page.pdf

[2010/11/18 21:40:37 | 000,084,282 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\The New Public Management.pdf

[2010/11/18 21:26:03 | 000,109,618 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\assessment.pdf

[2010/11/18 21:19:42 | 000,000,148 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Explication de l'exercice de simulation (PC In Basket).url

[2010/11/18 03:24:44 | 000,119,055 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\National, International and Transnational Constructions of.pdf

[2010/11/18 03:17:53 | 000,074,653 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\National, International and Transnational Constructions of NPM_2001_sahlin.pdf

[2010/11/18 03:12:41 | 001,087,036 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Hood NPM 1991.pdf

[2010/11/18 03:09:31 | 001,577,673 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Hood_NPM(1995).pdf

[2010/11/18 03:04:15 | 004,831,506 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Transcending NPM.pdf

[2010/11/18 02:56:28 | 001,055,514 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Pas de philosophie, SVP, nous sommes des managers Rochet.pdf

[2010/11/18 02:53:29 | 000,345,681 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\New Public Management_ The Transformation of Ideas and Practice_ Amazon.fr_ .pdf

[2010/11/17 21:36:54 | 000,015,361 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\MEMO Introduction Alex.docx

[2010/11/17 20:49:00 | 000,055,808 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\10-10-28 Introduction Pyramides 2011.doc

[2010/11/17 02:49:27 | 000,199,168 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/11/15 19:45:43 | 000,230,278 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Concession cimetière_Bon-Papa2.pdf

[2010/11/15 19:37:23 | 000,286,820 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Concession cimetière_Bon-Papa.pdf

[2010/11/15 00:31:38 | 000,040,539 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Avis de concours _ Chef de la comptabilité.pdf

[2010/11/14 16:17:03 | 004,613,824 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Le rôle du secteur public_Causes et conséquences de l'élargissement du secteur public_Revue économique de l'OCDE No. 4, printemps 1985.pdf

[2010/11/14 14:56:34 | 002,603,871 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Maîtrise des coûts_1992_oecd.pdf

[2010/11/14 06:02:27 | 000,238,024 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Client déf.pdf

[2010/11/14 04:04:46 | 000,413,279 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Copernic analyse NL_KUL 2005.pdf

[2010/11/13 03:26:57 | 000,003,480 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG

[2010/11/13 03:08:51 | 000,001,660 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk

[2010/11/13 01:08:36 | 000,000,988 | ---- | M] () -- C:\UFantasy.ini

[2010/11/13 00:49:46 | 000,018,099 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\DriverWhi.pdf

[2010/11/12 20:17:32 | 000,027,652 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Copie de Commentaires autour de la notion de client.docx

[2010/11/12 13:40:00 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs

[2010/11/11 19:10:12 | 000,019,634 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Traduction VDB.docx

[2010/11/11 14:48:16 | 002,633,737 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Hood Art of State.pdf

[2010/11/11 04:23:33 | 000,010,836 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau Document Microsoft Office Word (3).docx

[2010/11/11 03:14:11 | 007,297,673 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\BPR in public sector.pdf

[2010/11/11 02:47:24 | 000,080,988 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Exploring public sector strategy - Google Livres.pdf

[2010/11/11 01:27:09 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau Document Microsoft Office Word (4).docx

[2010/11/11 01:16:05 | 000,242,157 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\NoVo_Open space.pdf

[2010/11/11 00:44:11 | 000,773,120 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Copernic_DIRECTION CONTROLE dans SPF_IRGBelgium.24.11.2000.ppt

[2010/11/10 14:15:03 | 000,028,160 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Py10 Edito.doc

[2010/11/10 13:36:14 | 000,152,576 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\OCDE Construire aujourd'hui adm de demain 1999.doc

[2010/11/10 08:30:55 | 000,000,678 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\amazon!.url

[2010/11/10 00:53:44 | 000,470,764 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\PS_France_Egalité réelle.pdf

[2010/11/08 15:15:39 | 000,046,522 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\LS_23.01.2001_fonction-publique-le-plan-copernic et conseil d'Etat.pdf

[2010/11/08 15:13:00 | 000,047,248 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\LS_18.11.1999_la-fonction-publique-sur-le-gril-luc-.pdf

[2010/11/08 15:04:48 | 000,044,515 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\LS_17.02.2000_le-citoyen-va-devenir-un-client_.pdf

[2010/11/08 15:01:28 | 000,055,445 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\LS22.02.2000 VDB Clients.pdf

[2010/11/08 13:45:00 | 000,079,872 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Economie verte.doc

[2010/11/08 00:37:02 | 000,010,039 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Copie de Nouveau Document Microsoft Office Word.docx

[2010/11/06 23:06:56 | 000,001,594 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Application Data\Microsoft\Internet Explorer\Quick Launch\jv16 PowerTools 2010.lnk

[2010/11/05 14:53:22 | 000,098,009 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\attache_finances_adm_generale.pdf

[2010/11/01 11:00:02 | 000,001,710 | ---- | M] () -- C:\WINDOWS\tasks\wrSpySweeper_L537C5D21A25C410195A1A24D8AF0DEAA.job

[2010/10/31 04:21:40 | 000,000,460 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101031_042137.reg

[2010/10/31 03:27:24 | 000,000,610 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk

[2010/10/31 03:27:23 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Opera.lnk

[2010/10/31 01:39:40 | 000,035,641 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Serment AR 14.06.2007.pdf

[2010/10/29 03:01:44 | 000,471,618 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Common good as invisible hand3 Rochet.pdf

[2010/10/29 02:45:44 | 000,061,581 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Warum_braucht_Europa_eine_Verfassung_Habermas.pdf

[2010/10/29 02:21:19 | 000,192,693 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\“The Effects of Good Government on the City” 20.pdf

[2010/10/29 02:04:16 | 000,161,239 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Wolfgang Drechsler 94-108.pdf

[2010/10/29 01:57:24 | 000,060,393 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Wolfgang Drechsler, _The Rise and Demise of the New Public Management_, Post.pdf

[2010/10/29 00:35:31 | 000,000,290 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101029_013524.reg

[2010/10/29 00:34:52 | 000,001,098 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101029_013448.reg

[2010/10/29 00:32:18 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk

[2010/10/26 10:55:00 | 000,570,620 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Ph. Bèzes Aux origines des politiques de réforme administrative RFAP_102_2002.pdf

[2010/10/26 10:55:00 | 000,246,966 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Ph. Bèzes Le renouveau du contrôle des bureaucraties. L’impact du New Public INSO_126 2005.pdf

[2010/10/25 09:35:52 | 000,112,640 | ---- | M] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\CV-thuhanguyen Frtrad .doc

[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[40 C:\*.tmp files -> C:\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010/11/22 21:42:09 | 000,000,000 | -HS- | C] () -- C:\DkHyperbootSync

[2010/11/22 18:57:35 | 000,059,392 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\10-11-20 Editorial Pyramides 2011[1].doc

[2010/11/21 18:18:45 | 000,047,616 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Management and business education news from The Economist online - November 17th 2010.msg

[2010/11/21 06:24:45 | 000,074,142 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101121_062443.reg

[2010/11/21 04:46:29 | 000,015,763 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Cata.pdf

[2010/11/21 04:40:43 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini

[2010/11/21 03:30:33 | 000,066,231 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Stabilisation.docx

[2010/11/21 03:22:09 | 000,015,143 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\ATI.pdf

[2010/11/21 02:11:22 | 000,424,663 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\CCCInstall_201011210211227031.log

[2010/11/20 19:36:51 | 000,013,760 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101120_193648.reg

[2010/11/20 15:27:31 | 000,000,206 | -H-- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Collectorz.com Connect Cerap Profile.url

[2010/11/20 15:18:45 | 000,000,185 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Collectorz.fr.url

[2010/11/20 14:19:20 | 000,024,385 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Collectorz.com Shop_ transaction completed.pdf

[2010/11/20 01:20:27 | 000,000,946 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Book Collector.lnk

[2010/11/19 00:33:40 | 000,327,965 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\The Ethics of New Public Management.pdf

[2010/11/19 00:24:43 | 000,180,467 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\NEW PUBLIC MANAGEMENT VALUES.pdf

[2010/11/19 00:08:51 | 001,645,986 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\New Public Management The Transformation of ideas and Practice .pdf

[2010/11/18 22:27:00 | 000,102,422 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Usenet.nl.pdf

[2010/11/18 22:11:28 | 000,020,889 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Approved Page.pdf

[2010/11/18 21:40:37 | 000,084,282 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\The New Public Management.pdf

[2010/11/18 21:26:03 | 000,109,618 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\assessment.pdf

[2010/11/18 21:19:42 | 000,000,148 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Explication de l'exercice de simulation (PC In Basket).url

[2010/11/18 03:24:44 | 000,119,055 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\National, International and Transnational Constructions of.pdf

[2010/11/18 03:17:53 | 000,074,653 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\National, International and Transnational Constructions of NPM_2001_sahlin.pdf

[2010/11/18 03:12:41 | 001,087,036 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Hood NPM 1991.pdf

[2010/11/18 03:09:31 | 001,577,673 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Hood_NPM(1995).pdf

[2010/11/18 02:57:06 | 004,831,506 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Transcending NPM.pdf

[2010/11/18 02:53:14 | 000,345,681 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\New Public Management_ The Transformation of Ideas and Practice_ Amazon.fr_ .pdf

[2010/11/17 21:01:43 | 000,015,361 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\MEMO Introduction Alex.docx

[2010/11/17 20:49:00 | 000,055,808 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\10-10-28 Introduction Pyramides 2011.doc

[2010/11/15 19:45:43 | 000,230,278 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Concession cimetière_Bon-Papa2.pdf

[2010/11/15 19:37:23 | 000,286,820 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Concession cimetière_Bon-Papa.pdf

[2010/11/15 00:30:47 | 000,040,539 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Avis de concours _ Chef de la comptabilité.pdf

[2010/11/14 15:02:21 | 004,613,824 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Le rôle du secteur public_Causes et conséquences de l'élargissement du secteur public_Revue économique de l'OCDE No. 4, printemps 1985.pdf

[2010/11/14 14:56:34 | 002,603,871 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Maîtrise des coûts_1992_oecd.pdf

[2010/11/14 05:56:44 | 000,238,024 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Client déf.pdf

[2010/11/14 04:04:46 | 000,413,279 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Copernic analyse NL_KUL 2005.pdf

[2010/11/13 03:08:51 | 000,001,660 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WinZip Quick Pick.lnk

[2010/11/13 01:08:35 | 000,000,988 | ---- | C] () -- C:\UFantasy.ini

[2010/11/13 00:49:46 | 000,018,099 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\DriverWhi.pdf

[2010/11/12 18:19:56 | 000,027,652 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Copie de Commentaires autour de la notion de client.docx

[2010/11/11 14:15:21 | 002,633,737 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Hood Art of State.pdf

[2010/11/11 03:31:56 | 000,000,678 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\amazon!.url

[2010/11/11 02:58:38 | 007,297,673 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\BPR in public sector.pdf

[2010/11/11 02:47:20 | 000,080,988 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Exploring public sector strategy - Google Livres.pdf

[2010/11/11 01:27:09 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau Document Microsoft Office Word (4).docx

[2010/11/11 01:27:05 | 000,010,836 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Nouveau Document Microsoft Office Word (3).docx

[2010/11/11 01:26:48 | 000,019,634 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Traduction VDB.docx

[2010/11/11 01:16:05 | 000,242,157 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\NoVo_Open space.pdf

[2010/11/11 00:44:09 | 000,773,120 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Copernic_DIRECTION CONTROLE dans SPF_IRGBelgium.24.11.2000.ppt

[2010/11/10 14:15:05 | 000,028,160 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Py10 Edito.doc

[2010/11/10 14:14:14 | 000,000,275 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Courrier international.url

[2010/11/10 14:03:57 | 000,021,338 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Ranking public services 15-12-2005 Economist.com.pdf

[2010/11/10 13:36:25 | 000,152,576 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\OCDE Construire aujourd'hui adm de demain 1999.doc

[2010/11/10 00:53:44 | 000,470,764 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\PS_France_Egalité réelle.pdf

[2010/11/08 15:15:39 | 000,046,522 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\LS_23.01.2001_fonction-publique-le-plan-copernic et conseil d'Etat.pdf

[2010/11/08 15:13:00 | 000,047,248 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\LS_18.11.1999_la-fonction-publique-sur-le-gril-luc-.pdf

[2010/11/08 15:04:48 | 000,044,515 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\LS_17.02.2000_le-citoyen-va-devenir-un-client_.pdf

[2010/11/08 15:01:28 | 000,055,445 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\LS22.02.2000 VDB Clients.pdf

[2010/11/08 14:25:38 | 000,079,872 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\Economie verte.doc

[2010/11/05 14:53:22 | 000,098,009 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\attache_finances_adm_generale.pdf

[2010/10/31 04:21:39 | 000,000,460 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101031_042137.reg

[2010/10/29 03:19:18 | 001,055,514 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Pas de philosophie, SVP, nous sommes des managers Rochet.pdf

[2010/10/29 03:01:44 | 000,471,618 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Common good as invisible hand3 Rochet.pdf

[2010/10/29 02:45:44 | 000,061,581 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Warum_braucht_Europa_eine_Verfassung_Habermas.pdf

[2010/10/29 02:21:19 | 000,192,693 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\“The Effects of Good Government on the City” 20.pdf

[2010/10/29 02:04:16 | 000,161,239 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Wolfgang Drechsler 94-108.pdf

[2010/10/29 01:57:21 | 000,060,393 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Wolfgang Drechsler, _The Rise and Demise of the New Public Management_, Post.pdf

[2010/10/29 00:56:59 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat

[2010/10/29 00:56:59 | 000,509,696 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.cap

[2010/10/29 00:56:59 | 000,078,496 | ---- | C] () -- C:\WINDOWS\System32\atiapfxx.blb

[2010/10/29 00:56:59 | 000,022,190 | ---- | C] () -- C:\WINDOWS\atiogl.xml

[2010/10/29 00:56:58 | 000,224,342 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2010/10/29 00:56:58 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat

[2010/10/29 00:35:25 | 000,000,290 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101029_013524.reg

[2010/10/29 00:34:50 | 000,001,098 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Mes documents\cc_20101029_013448.reg

[2010/10/29 00:32:18 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk

[2010/10/26 10:55:00 | 000,570,620 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Ph. Bèzes Aux origines des politiques de réforme administrative RFAP_102_2002.pdf

[2010/10/26 10:55:00 | 000,246,966 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\Ph. Bèzes Le renouveau du contrôle des bureaucraties. L’impact du New Public INSO_126 2005.pdf

[2010/10/25 09:26:08 | 000,112,640 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Bureau\CV-thuhanguyen Frtrad .doc

[2010/07/27 08:03:20 | 010,829,656 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll

[2010/07/27 08:03:18 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll

[2010/07/17 16:57:02 | 000,001,579 | ---- | C] () -- C:\WINDOWS\disney.ini

[2010/01/09 05:01:00 | 000,090,411 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini

[2010/01/09 04:37:10 | 000,000,068 | ---- | C] () -- C:\WINDOWS\Crypkey.ini

[2010/01/09 04:36:59 | 000,019,584 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys

[2010/01/09 04:36:59 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll

[2010/01/09 04:36:55 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\StellarProfile.dll

[2009/11/06 12:00:28 | 000,031,088 | ---- | C] () -- C:\WINDOWS\System32\wrLZMA.dll

[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll

[2009/05/08 10:13:04 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll

[2009/04/30 16:00:12 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys

[2009/03/30 13:24:09 | 000,000,138 | ---- | C] () -- C:\WINDOWS\Readiris.ini

[2009/03/24 21:17:47 | 000,000,123 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2008/12/27 19:38:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\wt9sptlEN.INI

[2008/12/27 19:37:05 | 000,000,090 | ---- | C] () -- C:\WINDOWS\printhse.ini

[2008/12/27 19:37:05 | 000,000,070 | ---- | C] () -- C:\WINDOWS\country.ini

[2008/11/29 15:14:30 | 004,202,496 | ---- | C] () -- C:\WINDOWS\System32\qt-mt334.dll

[2008/11/18 22:40:39 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2008/11/01 22:46:28 | 000,000,206 | ---- | C] () -- C:\WINDOWS\System32\dcaccfeeec9_z.dll

[2008/10/17 22:07:44 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\ArmAccess.dll

[2008/08/30 13:49:50 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys

[2008/08/30 13:49:50 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys

[2008/08/30 10:08:32 | 000,000,077 | ---- | C] () -- C:\WINDOWS\adidsl.ini

[2008/08/30 10:08:32 | 000,000,021 | ---- | C] () -- C:\WINDOWS\Fast800.ini

[2008/08/30 10:08:26 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\coclassfast.dll

[2008/08/30 10:08:26 | 000,046,892 | ---- | C] () -- C:\WINDOWS\System32\adadix16.dll

[2008/08/30 03:18:56 | 000,000,020 | ---- | C] () -- C:\WINDOWS\HP PrecisionScan Pro.INI

[2008/08/30 00:25:10 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\hpgt53.dll

[2008/08/29 22:35:18 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll

[2008/08/29 22:35:18 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll

[2008/08/29 22:16:58 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Local Settings\Application Data\fusioncache.dat

[2008/08/29 20:37:11 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2008/08/29 16:17:29 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2008/08/29 15:26:46 | 000,199,168 | ---- | C] () -- C:\Documents and Settings\NACHTERGAELE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/08/29 15:02:35 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll

[2008/08/29 15:02:35 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys

[2008/08/29 15:02:32 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys

[2008/08/29 15:02:32 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys

[2008/08/29 14:42:53 | 000,041,625 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini

[2008/08/29 14:42:32 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys

[2008/08/29 14:42:12 | 000,041,160 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini

[2008/08/29 14:42:12 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS

[2008/05/26 21:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini

[2008/05/26 21:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini

[2008/05/26 21:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini

[2008/05/14 11:21:52 | 000,441,705 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll

[2008/04/13 20:33:40 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2005/08/09 20:10:54 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\usbr38.dll

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2009/10/24 21:14:13 | 000,000,212 | -HS- | M] () -- C:\boot.ini

[2008/04/14 13:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin

[2010/07/03 02:41:23 | 000,001,080 | ---- | M] () -- C:\CKINFO.TXT

[2008/09/05 14:37:35 | 000,000,216 | ---- | M] () -- C:\DebugTrace-RockallDLL.log

[2010/11/22 21:42:09 | 000,000,000 | -HS- | M] () -- C:\DkHyperbootSync

[2009/04/02 18:02:48 | 017,801,512 | ---- | M] () -- C:\immudebug.log

[2008/10/23 00:32:45 | 000,000,164 | ---- | M] () -- C:\install.dat

[2010/10/17 00:27:31 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2009/11/13 10:03:52 | 000,000,000 | ---- | M] () -- C:\Log.txt

[2010/10/17 00:27:31 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2008/04/14 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2008/04/14 13:00:00 | 000,252,240 | RHS- | M] () -- C:\ntldr

[2010/11/22 20:31:43 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys

[2010/11/20 15:15:31 | 000,001,078 | ---- | M] () -- C:\stub.log

[2010/11/13 01:08:36 | 000,000,988 | ---- | M] () -- C:\UFantasy.ini

[40 C:\*.tmp files -> C:\*.tmp -> ]

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2010/09/11 02:43:44 | 000,450,560 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll

[2008/04/14 13:00:00 | 001,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll

[2009/03/08 03:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll

[2009/03/08 03:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll

[2010/06/24 13:25:22 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iepeers.dll

[2009/11/06 12:00:28 | 000,031,088 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\wrLZMA.dll

[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

[2009/10/24 22:58:37 | 003,432,448 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav

[2009/10/24 20:47:21 | 000,057,344 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav

[2009/10/24 22:58:37 | 057,442,304 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav

[2009/10/24 22:58:38 | 006,815,744 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

[1 C:\WINDOWS\System32\config\*.tmp files -> C:\WINDOWS\System32\config\*.tmp -> ]

 

< %systemroot%\system32\drivers\*.sys /90 >

[2010/09/27 14:40:28 | 000,267,624 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\system32\drivers\afwcore.sys

[2010/09/11 03:19:16 | 005,417,472 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys

[2010/10/11 09:35:02 | 000,710,576 | ---- | M] (Agnitum Ltd.) -- C:\WINDOWS\system32\drivers\SandBox.sys

[2010/08/26 14:39:50 | 000,357,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\srv.sys

[2010/09/15 11:30:00 | 000,298,784 | ---- | M] (Marvell) -- C:\WINDOWS\system32\drivers\yk51x86.sys

 

< End of report >

[Tranphu]

• Extras.txt

 

OTL Extras logfile created on: 22/11/2010 21:45:41 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\NACHTERGAELE\Bureau\Stabilisation PC

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 70,00% Memory free

5,00 Gb Paging File | 4,00 Gb Available in Paging File | 79,00% Paging File free

Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 488,28 Gb Total Space | 428,19 Gb Free Space | 87,69% Space Free | Partition Type: NTFS

Drive F: | 76,32 Gb Total Space | 55,58 Gb Free Space | 72,82% Space Free | Partition Type: NTFS

Drive G: | 122,20 Mb Total Space | 4,77 Mb Free Space | 3,90% Space Free | Partition Type: FAT

Drive H: | 443,23 Gb Total Space | 436,10 Gb Free Space | 98,39% Space Free | Partition Type: NTFS

Drive I: | 149,01 Gb Total Space | 76,68 Gb Free Space | 51,46% Space Free | Partition Type: FAT32

Drive J: | 31,13 Mb Total Space | 6,63 Mb Free Space | 21,31% Space Free | Partition Type: FAT

Drive K: | 1,88 Gb Total Space | 1,78 Gb Free Space | 94,67% Space Free | Partition Type: FAT

 

Computer Name: NACHTERG-0DAA01 | User Name: NACHTERGAELE | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [ACDSee 11.0.Browse] -- "C:\Program Files\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)

"C:\Documents and Settings\NACHTERGAELE\Local Settings\Temp\stInstall.exe" = C:\Documents and Settings\NACHTERGAELE\Local Settings\Temp\stInstall.exe:*:Enabled:SpeedTouch Home Install Wizard -- File not found

"C:\Program Files\Thomson\ST330\service\st330service.exe" = C:\Program Files\Thomson\ST330\service\st330service.exe:*:Enabled:ST330 service -- (THOMSON Telecom Belgium)

"F:\Program Files\Age of Empire III\age3y.exe" = F:\Program Files\Age of Empire III\age3y.exe:*:Disabled:Age of Empires III - The Asian Dynasties -- (Microsoft Corporation)

"C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe" = C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Disabled:Age of Empires III - The Asian Dynasties -- File not found

"C:\Program Files\Ubisoft\THE SETTLERS - Bâtisseurs d'Empire\base\bin\Settlers6.exe" = C:\Program Files\Ubisoft\THE SETTLERS - Bâtisseurs d'Empire\base\bin\Settlers6.exe:*:Disabled:THE SETTLERS - Bâtisseurs d'Empire -- File not found

"F:\Civilization IV\Civilization4.exe" = F:\Civilization IV\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4 -- (Firaxis Games)

"F:\Civilization IV\Beyond the Sword\Civ4BeyondSword.exe" = F:\Civilization IV\Beyond the Sword\Civ4BeyondSword.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword -- (Firaxis Games)

"F:\Civilization IV\Beyond the Sword\Civ4BeyondSword_PitBoss.exe" = F:\Civilization IV\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword Pitboss -- (Firaxis Games)

"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)

"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)

"C:\Documents and Settings\NACHTERGAELE\Local Settings\Temporary Internet Files\Content.IE5\TEJWGSQQ\IM84536.JPG-www.myspace.com[1].exe" = C:\WINDOWS\infocard.exe:*:Enabled:Firewall Administrating -- File not found

"F:\Program Files\Anno 1701\Anno1701.exe" = F:\Program Files\Anno 1701\Anno1701.exe:*:Enabled:Anno 1701 -- (Related Designs Software GmbH)

"F:\Program Files\Anno 1701\Anno1701AddOn.exe" = F:\Program Files\Anno 1701\Anno1701AddOn.exe:*:Enabled:Anno 1701 Add-On 01 -- (Related Designs Software GmbH)

"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser

"{027AA9DB-7176-2929-ED2E-38C0317F3566}" = Catalyst Control Center Localization All

"{03E494A7-F504-DA41-3079-9E2FB36736BC}" = CCC Help English

"{04F67CE9-C706-7C07-B882-4790D01C5A76}" = Catalyst Control Center Graphics Previews Common

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4

"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center

"{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}" = SimCity™ Sociétés

"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA

"{0DE817CB-9294-F350-64F0-36E42D7B27F2}" = CCC Help French

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration

"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup

"{14BC810B-5907-B9C3-B2F4-12D5EEA253F4}" = Catalyst Control Center Graphics Previews Common

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{191DCDE8-C24A-495D-AEA7-F7F07F4AA70F}" = ArcGIS ArcReader

"{1BF23060-E1E1-2EE1-037D-264D9EC15CBD}" = ccc-core-preinstall

"{1BF38C77-E678-49AF-885A-BBD10AED2FF3}" = ACDSee RAW Image Decoder Plug-In Update 4.0

"{1D7CA81A-E1D8-4C8E-A98E-7EBE68B137EB}" = Torture Cérébrale

"{1DB23D89-6942-4445-93BB-929FC571AF4D}" = Adobe Setup

"{1EFE9082-F3EC-13CA-FD37-E1490531CDF3}" = CCC Help Greek

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1FCC574F-AFA2-4432-9EF1-79CA7BA73431}_is1" = Spy Sweeper

"{1FCC806A-5920-44B2-AA6A-81A67A31DDF3}" = Diskeeper 2010

"{1FCC8C70-66B9-420D-942C-2C2A8441C744}" = Imperial Glory

"{241647C2-9318-D048-67BA-E64ED5F2CCC4}" = Catalyst Control Center Core Implementation

"{243A1493-A09D-4E43-A58E-D82149B44468}" = Entraîneur Cérébral Version Intégrale

"{25611B0A-54C2-69B9-723D-668201C22CD4}" = ccc-core-static

"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 21

"{2A1625F9-8715-09B5-2166-3DB205FB435B}" = CCC Help Dutch

"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour

"{300578F9-9EFF-4B93-9AB1-C0E5707EF463}" = ACDSee Gestionnaire de photos 2009

"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support

"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4

"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0

"{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword

"{34DD1D51-3B3E-2BDB-C277-0029C70DA65A}" = CCC Help Turkish

"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder

"{391334EE-AE29-4C80-A4EF-31648AE9FF85}" = Casse Briques Chinois

"{399B10AC-4E84-20F8-5913-82526B16F561}" = Catalyst Control Center Graphics Light

"{3A2F9455-922C-D7E6-2D31-E1F1E6E92ED0}" = CCC Help Finnish

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3B7DAD74-8F16-4AEF-B0CA-4072CB1BF9AA}" = BlackBerry Desktop Software 4.2

"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra

"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core

"{40420E84-2E4C-46B2-942C-F1249E40FDCB}" = Belgium Identity Card Runtime 3.5

"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4

"{4451B8AB-D156-BA14-03EF-152E40A9DE48}" = ATI AVIVO Codecs

"{4514B9C2-8E75-CF9D-B148-8ED40CAA35F0}" = Catalyst Control Center HydraVision Full

"{485775E8-AEB8-46BD-922B-242879E03DD5}" = Age of Empires III

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4956D70D-E758-7CDC-D131-2895E8A5DAD4}" = CCC Help Spanish

"{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}" = SAGEM F@st 800-840

"{4D7BE862-435C-0F6F-0558-B3E6DCA839E2}" = CCC Help Portuguese

"{5091043D-D941-E17E-1E0F-0B2F1DBE4D9E}" = ccc-core-static

"{5208C4EF-0D90-4BCD-9A05-76DDB576016B}" = Mah Jong Deluxe

"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = Six Engine

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{57C23D06-7708-4778-9005-8C78BABA5513}" = ACDSee Retouche photo

"{5E6BE0B1-55DE-411A-AD48-29743FBB15E0}" = ESET NOD32 Antivirus

"{5EA0F360-CD37-7CDA-8018-8E4EE4450899}" = CCC Help Danish

"{64ACFE24-FB82-84A6-9FB8-B90539752E5B}" = Catalyst Control Center Localization German

"{64AF35AC-9D02-D379-4B37-F94D876F93AB}" = CCC Help Norwegian

"{65962AC4-42C9-4006-97B1-CBB5E8C4E15C}" = Les Indispensables Éducation pour Microsoft Office

"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4

"{68DD4EAE-C5E4-1E34-F991-B99ABA6DC8E3}" = Catalyst Control Center Graphics Full New

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6AEE3DB1-9356-4E04-9171-5E85E51E6A35}_is1" = TribalSync 3.0

"{6AFFBA7A-F063-44F2-ADA0-65C67E071036}" = Nero 7 Essentials

"{6CDC748B-47B0-45EB-B740-681E8429F7F9}" = Opera 10.01

"{6CF8A472-C63C-4614-AC3C-E909C87587F7}" = CCC Help Czech

"{6D0955B9-C1D6-CB1C-6CE3-BFAC9696A882}" = CCC Help Polish

"{71929EC1-FDB2-4A67-AAAD-936E4539FA84}_is1" = Driver Sweeper 2.1.0

"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA

"{745D2782-BB1E-51EA-5BDB-1E1BE7590594}" = CCC Help English

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{8279BD5B-F4B7-3B75-95F5-F1D2BB219C7F}" = ccc-utility

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{86069755-8AF8-42EF-D406-208B28A021C2}" = ATI Catalyst Install Manager

"{8959A774-3FB3-B315-ACDF-4B7B70F5A169}" = Catalyst Control Center Core Implementation

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial

"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding

"{90120000-0010-040C-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (French) 12

"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}" = Anno 1701 - La Malédiction du Dragon

"{92BDB734-E81D-10EC-1243-074DA586BC96}" = CCC Help Russian

"{93CB830F-517E-1695-C61B-2A1AA105CD78}" = Catalyst Control Center Localization French

"{94928C91-8A2E-A94E-A7EF-C41FBE515718}" = Catalyst Control Center Graphics Previews Common

"{94A065E8-455D-41C1-AF1F-F0C1AF8F50F3}" = Microsoft IntelliType Pro 7.0

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95264530-5A22-8E7E-FE9D-D63A927BCAEA}" = Adobe Media Player

"{95DCA618-9717-BBD3-B438-A5A9B1EB30C8}" = CCC Help German

"{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}" = Driver Whiz

"{984880C1-7AC7-5267-A7D9-AEC19C932950}" = Catalyst Control Center Graphics Full Existing

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9FE3951B-4F49-4401-B5EE-07B183197F3C}" = Belgium Identity Card Runtime 3.5

"{9FEF4EA5-025F-4D8B-9376-680CA8E77C9C}" = Delete FXP Files 2009 - Demo

"{A08D0E9F-6E0F-43C7-9172-F12078D545FA}" = Lapin Malin Maternelle 1 2007

"{A23CF58C-E42C-F0B3-BC92-D3039ECFDB70}" = CCC Help Korean

"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701

"{A24F20F6-3BE3-4D25-BD0C-D7AEF7D180D4}" = Readiris Pro 12

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{A454D257-0E6D-BCD1-2A10-78FEDB5BB21E}" = Catalyst Control Center Graphics Full New

"{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1" = RunAlyzer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch

"{AC76BA86-1033-F400-7761-000000000004}_941" = Adobe Acrobat 9.4.1 - CPSID_83708

"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch

"{AC96671C-2001-432C-9826-5266D84EF1DC}" = Logitech Webcam Software

"{AEBE3F70-585E-17C7-C91D-964C91772410}" = ccc-utility

"{AEE9ABDF-CFFD-4CC2-8519-E8ECEB5A2AAF}" = PENTAX USB DISK Device

"{AF7C627C-F354-4FF1-8450-398C806B436E}" = Power IEv3

"{B0D2BC40-119B-AD18-E697-E6073DD6D149}" = ccc-utility

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B3542011-52A1-8782-EEB9-B72AB9EC7336}" = Catalyst Control Center Graphics Light

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B84AE471-81DD-D81F-CD20-B3464877E525}" = Skins

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Sauvegarde des Dossiers personnels Microsoft Outlook

"{C69F959E-2386-8997-4E76-146DDA14D57E}" = CCC Help Chinese Standard

"{C8BDD4B8-B376-4D66-98D1-DBD0FBAA0EB8}" = Adobe Creative Suite 4 Deployment Toolkit

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4

"{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}" = THE SETTLERS - Bâtisseurs d'Empire

"{D488EEFC-E8B2-B4FA-6EB0-E238892F3B48}" = CCC Help Swedish

"{D5D0178D-57E4-C32C-5275-401F384303A7}" = CCC Help Hungarian

"{D84662AC-3461-918D-9067-F9E9F6A7EEF2}" = ATI Problem Report Wizard

"{DAA29BAD-1C06-E8E0-CFE6-557F818C7AF7}" = CCC Help Dutch

"{DB16DBA9-F371-89F6-84F1-4680B7BB8A4A}" = CCC Help Thai

"{DB7EBA4A-44AF-DF22-EBA7-6BF4E011E319}" = CCC Help French

"{DBAA7DF5-7DE0-DD8D-A748-5A35AC2DA420}" = CCC Help Italian

"{DBB18C43-FE45-36DF-D171-E209B79A76F3}" = Catalyst Control Center Localization Dutch

"{DD7C56A2-8E85-AABA-D807-F61C135CC1AE}" = Catalyst Control Center Graphics Full Existing

"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding

"{E372D706-EC1C-333E-0D3E-2B065CEEC466}" = CCC Help Japanese

"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime

"{ECA2B21B-A180-4775-B93F-6E404E36A8CC}" = MSRuntime Libraries

"{EE5AC826-8731-6406-9947-D0420143A7BD}" = ccc-core-preinstall

"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support

"{EF71A531-5B6C-4B20-8D1E-E6379C7FB6D3}" = Microsoft IntelliPoint 7.0

"{F08826AF-C414-6921-9A50-D39972C7D975}" = CCC Help German

"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F104D914-EAE9-43BF-A5AE-E46409AC61BC}" = Disney Winnie l’Ourson La Chasse au Miel de Tigrou

"{F4731524-D4E9-2CCD-4471-5ABE373C3691}" = CCC Help English

"{F850707C-B6A0-4B56-8709-F89CF8F9AC6D}" = Eraser

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes

"{FFC2CFE5-AAD6-A911-FA25-C0AA1BABB241}" = CCC Help Chinese Traditional

"24h00" = 24h00

"A4Tech iKeyWorks" = iKeyWorks 7.64

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Adobe_07e48daa09a3bc85c3c4503aaca751f" = Adobe Creative Suite 4 Deployment Toolkit

"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4

"Agnitum Outpost Firewall Pro_is1" = Outpost Firewall Pro 7.0.4

"aignesamdeadlink" = AM-DeadLink 3.3

"BlackBerry_{3B7DAD74-8F16-4AEF-B0CA-4072CB1BF9AA}" = BlackBerry Desktop Software 4.2

"Capture Ecran_is1" = Capture Ecran 1.1

"CCleaner" = CCleaner

"Collectorz.com Book Collector" = Collectorz.com Book Collector

"Copernic Agent Professional" = Copernic Agent Professional

"Copernic Summarizer" = Copernic Summarizer

"CopernicDesktopSearch2Corpo" = Copernic Desktop Search - Corporate

"Delete FXP Files 2009 - Demo" = Delete FXP Files 2009 - Demo

"Digital Editions" = Adobe Digital Editions

"Eraser" = Eraser

"FileDeleter_is1" = FileDeleter 3.1

"Gessys_is1" = Gessys

"Glory of the Roman Empire" = Glory of the Roman Empire

"Hide Folders XP 2_is1" = Hide Folders XP 2.9.8 for Windows XP/Vista

"HP PrecisionScan" = HP PrecisionScan

"ie8" = Windows Internet Explorer 8

"InstallShield_{485775E8-AEB8-46BD-922B-242879E03DD5}" = Age of Empires III

"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties

"jv16 PowerTools 2008_is1" = jv16 PowerTools 2008

"jv16 PowerTools 2009_is1" = jv16 PowerTools 2009

"jv16 PowerTools 2010" = jv16 PowerTools 2010

"lvdrivers_12.0" = Coffret de pilotes Logitech Webcam Software

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Marvell Miniport Driver" = Marvell Miniport Driver

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"NirSoft ShellExView" = NirSoft ShellExView

"PROPLUS" = Microsoft Office Professional Plus 2007

"PS Tray Factory_is1" = PS Tray Factory 3.0

"Railroad Pioneer" = Railroad Pioneer

"RealPlayer 12.0" = RealPlayer

"RiseOfNations 1.0" = Microsoft Rise of Nations

"RiseofNationsExpansion 1.0" = Rise of Nations Thrones and Patriots

"SpeedTouch 330" = SpeedTouch 330

"ST6UNST #1" = RadioWeb Player V5

"Stellar Phoenix Outlook PST Repair_is1" = Stellar Phoenix Outlook PST Repair v4.0

"SystemRequirementsLab" = System Requirements Lab

"URL Collector_is1" = URL Collector v1.6.2

"Usenet.nl_is1" = Usenet.nl

"Vade Retro" = Vade Retro Outlook, Outlook Express, Windows Mail (Vista)

"WheelMouse" = iOfficeWorks 7.64

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Lecteur Windows Media 11

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Yahoo! Companion" = Yahoo! Barre d'outils

"Yahoo! Messenger" = Yahoo! Messenger

"Yahoo! Software Update" = Yahoo! Software Update

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Bagh Chal" = Bagh Chal

"Surakarta" = Surakarta

"Xou Dou Qi" = Xou Dou Qi

"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 20/11/2010 20:58:48 | Computer Name = NACHTERG-0DAA01 | Source = Application Hang | ID = 1002

Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 20/11/2010 20:58:50 | Computer Name = NACHTERG-0DAA01 | Source = Application Hang | ID = 1001

Description = Détecteur d'erreurs 1180947459.

 

Error - 20/11/2010 21:11:24 | Computer Name = NACHTERG-0DAA01 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000

Description = EventType clr20r3, P1 mom.exe, P2 2.0.0.0, P3 469cdcb3, P4 mscorlib,

P5 2.0.0.0, P6 4be90358, P7 f4f, P8 7, P9 n3ctrye2kn3c34sgl4zqyrbfte4m13nb, P10

NIL.

 

Error - 20/11/2010 21:17:44 | Computer Name = NACHTERG-0DAA01 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000

Description = EventType clr20r3, P1 mom.exe, P2 2.0.0.0, P3 469cdcb3, P4 mscorlib,

P5 2.0.0.0, P6 4be90358, P7 f4f, P8 7, P9 n3ctrye2kn3c34sgl4zqyrbfte4m13nb, P10

NIL.

 

Error - 20/11/2010 21:23:51 | Computer Name = NACHTERG-0DAA01 | Source = MsiInstaller | ID = 10005

Description = Produit : ccc-core-static -- Erreur interne 2753. installShell.exe

 

Error - 20/11/2010 22:39:42 | Computer Name = NACHTERG-0DAA01 | Source = MsiInstaller | ID = 1013

Description = Produit : Microsoft .NET Framework 2.0 -- Setup cannot continue because

this version of the .NET Framework is incompatible with a previously installed

one. For more information, see Error message when you try to install the.NET Framework 2.0 on a computer that has the.NET Framework 2.0 Service Pack 1 installed: "Setup cannot continue because this version of the.NET Framework is incompatible with a previously installed one"

 

Error - 21/11/2010 9:04:00 | Computer Name = NACHTERG-0DAA01 | Source = Application Hang | ID = 1002

Description = Application bloquée PSTrayFactory.exe, version 3.0.3.186, module bloqué

hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

 

Error - 21/11/2010 9:04:04 | Computer Name = NACHTERG-0DAA01 | Source = Application Error | ID = 1000

Description = Application défaillante explorer.exe, version 6.0.2900.5512, module

défaillant unknown, version 0.0.0.0, adresse de défaillance 0x015313f1.

 

Error - 21/11/2010 9:04:13 | Computer Name = NACHTERG-0DAA01 | Source = Application Hang | ID = 1001

Description = Détecteur d'erreurs 1237027210.

 

Error - 21/11/2010 9:04:34 | Computer Name = NACHTERG-0DAA01 | Source = Application Error | ID = 1001

Description = Détecteur d'erreurs 1511102295.

 

[ OSession Events ]

Error - 25/07/2010 11:47:56 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 16065

seconds with 1440 seconds of active time. This session ended with a crash.

 

Error - 16/08/2010 6:21:27 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 92

seconds with 60 seconds of active time. This session ended with a crash.

 

Error - 31/08/2010 19:06:18 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 3627

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 5/09/2010 15:23:37 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 9319

seconds with 660 seconds of active time. This session ended with a crash.

 

Error - 7/09/2010 22:25:54 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 11275

seconds with 1380 seconds of active time. This session ended with a crash.

 

Error - 11/09/2010 19:43:39 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 25482

seconds with 900 seconds of active time. This session ended with a crash.

 

Error - 21/09/2010 14:59:25 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 74

seconds with 60 seconds of active time. This session ended with a crash.

 

Error - 22/09/2010 14:23:04 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1910

seconds with 480 seconds of active time. This session ended with a crash.

 

Error - 28/09/2010 11:06:19 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9182

seconds with 1740 seconds of active time. This session ended with a crash.

 

Error - 1/10/2010 11:07:29 | Computer Name = NACHTERG-0DAA01 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 633

seconds with 360 seconds of active time. This session ended with a crash.

 

[ System Events ]

Error - 18/11/2010 15:16:15 | Computer Name = NACHTERG-0DAA01 | Source = Service Control Manager | ID = 7009

Description = Délai (30000 millisecondes) d'attente pour une connexion du service

Windows Search.

 

Error - 18/11/2010 15:16:15 | Computer Name = NACHTERG-0DAA01 | Source = Service Control Manager | ID = 7000

Description = Le service Windows Search n'a pas pu démarrer en raison de l'erreur :

%%1053

 

Error - 18/11/2010 18:46:35 | Computer Name = NACHTERG-0DAA01 | Source = DCOM | ID = 10005

Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost

avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}

 

Error - 19/11/2010 22:07:00 | Computer Name = NACHTERG-0DAA01 | Source = DCOM | ID = 10005

Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost

avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}

 

Error - 20/11/2010 21:28:13 | Computer Name = NACHTERG-0DAA01 | Source = sr | ID = 1

Description = Le filtre de restauration du système à rencontré l'erreur inattendue

'0xC0000243' pendant le traitement du fichier 'CX106911.inf' sur le volume 'HarddiskVolume1'.

Ceci a entraîné l'arrêt de la surveillance du volume.

 

Error - 21/11/2010 9:01:38 | Computer Name = NACHTERG-0DAA01 | Source = DCOM | ID = 10010

Description = Le serveur {B366DEBE-645B-43A5-B865-DDD82C345492} ne s'est pas enregistré

sur DCOM avant la fin du temps imparti.

 

Error - 21/11/2010 20:53:05 | Computer Name = NACHTERG-0DAA01 | Source = Dhcp | ID = 1000

Description = Votre ordinateur a perdu le bail de son adresse IP 192.168.1.64 sur

la carte réseau d'adresse réseau 0022156B19BC.

 

Error - 21/11/2010 20:56:35 | Computer Name = NACHTERG-0DAA01 | Source = mv61xx | ID = 262153

Description = Le périphérique \Device\Scsi\mv61xx1 n'a pas répondu dans le délai

imparti.

 

Error - 21/11/2010 20:56:35 | Computer Name = NACHTERG-0DAA01 | Source = Dhcp | ID = 1000

Description = Votre ordinateur a perdu le bail de son adresse IP 192.168.1.64 sur

la carte réseau d'adresse réseau 0022156B19BC.

 

Error - 22/11/2010 14:18:59 | Computer Name = NACHTERG-0DAA01 | Source = DCOM | ID = 10005

Description = DCOM a reçu l'erreur "%1058" lors de la mise en route du service upnphost

avec les arguments "" pour démarrer le serveur : {204810B9-73B2-11D4-BF42-00B0D0118B56}

 

 

< End of report >

 

• checkup.txt

 

Results of screen317's Security Check version 0.99.6

Windows XP Service Pack 3

Internet Explorer 7 Out of date!

``````````````````````````````

Antivirus/Firewall Check:

ESET NOD32 Antivirus

Outpost Firewall Pro 7.0.4

Antivirus up to date!

```````````````````````````````

Anti-malware/Other Utilities Check:

MVPS Hosts File

Malwarebytes' Anti-Malware

CCleaner

Java 6 Update 21

Out of date Java installed!

Adobe Flash Player 10.1.53.64

````````````````````````````````

Process Check:

objlist.exe by Laurent

````````````````````````````````

DNS Vulnerability Check:

GREAT! (Not vulnerable to DNS cache poisoning)

 

``````````End of Log````````````

[lance_yien]

Bonjour,

 

C'est vraiment utile d'installer ces programmes pour effectuer des achats (ou autre chose) sur des sites?

C:\Program Files\A4Tech <== A4tech Web Site

C:\Program Files\Collectorz.com <== Collection Database Software for Windows, Mac OS X, iPhone, iPad and Android

 

Et pour celui-ci, C:\Program Files\Usenet.nl <== un témoignage

 

 

Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation".

 

:OTL

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\rt2870.sys -- (rt2870)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\NACHTE~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O15 - HKCU\..Trusted Domains: acrobat.com ([www] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: amazon.fr ([www] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: bnpparibasfortis.be ([www] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: fgov.be ([ccff02.minfin] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: fortisbanking.be ([www] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: microsoft.com ([office] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: microsoft.com ([update] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: microsoft.com ([www] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: nero.com ([shopping] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: rbsworldpay.com ([secure.wp3] https in Sites de confiance)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)

 

:Files

C:\WINDOWS\tasks\*.job

C:\*.tmp

 

:Services

 

:Reg

 

:Commands

[EMPTYTEMP]

[RESETHOSTS]

[REBOOT]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme vous demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier tout son contenu et le coller dans une nouvelle réponse du forum. Fermer le rapport et OTL.

 

Rapports demandés:

• OTL

As-tu encore des soucis avec ta machine?

[Tranphu]

Merci pour le contrôle.

 

Commentaire:

 

C:\Program Files\Usenet.nl

 

En ce qui concerne ce programme, j'étais en période d'essai (non payant), mais pas d'intérêt, j'ai désinstallé.

 

C:\Program Files\Collectorz.com

 

Pour celui-ci, j'en ai besoin pour ma bibliothéque vituelle.

 

C:\Program Files\A4Tech

 

Ce programme est pour une souris.

 

 

Enfin, je voudrais savoir ci cette manip proposée va effacer les programmes:

 

O15 - HKCU\..Trusted Domains: acrobat.com ([www] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: amazon.fr ([www] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: bnpparibasfortis.be ([www] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: fgov.be ([ccff02.minfin] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: fortisbanking.be ([www] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: microsoft.com ([office] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: microsoft.com ([update] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: microsoft.com ([www] http in Sites de confiance)

O15 - HKCU\..Trusted Domains: nero.com ([shopping] https in Sites de confiance)

O15 - HKCU\..Trusted Domains: rbsworldpay.com ([secure.wp3] https in Sites de confiance)

 

 

Merci.

Modifié le 23 novembre 2010 par Tranphu

[lance_yien]

Pas de soucis, c'était juste pour attirer ton attention!

 

as-tu encore des problèmes pour passer à la suite?

[Tranphu]

J'ai effectué, mais il y a de petits problèmes.

 

Mon 'Copernic Dekstop' ne fonctionne plus et les appllications se figent (souris, écran...).

 

Cela me pose problème...

[lance_yien]

Re,

 

Tu as ré-édité ton message précédent pour ajouter du texte mais j'avais déjà répondu . Voici la réponse à ton ajout: oui cela supprime les lignes O15 (ce sont des site ajoutés à la zone de confiance).

 

Pour ton problème de souris... C'est bien le problème que tu as signalé dans ton 1er post:

Mes icônes tremblent, ma souris se fige ou est imprécise et tremble, mes fenêtres se bloquent...

...

 

Rien à ma connaissance ne correspond à ton 'Copernic Dekstop'. Réinstalle-le!