infection

ti_youles · le 16 décembre 2010

Bonjour ,et merci ..j ais repris l affaire !!! voici le rapport

OTL logfile created on: 16/12/2010 13:53:48 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = Z:\Téléchargements

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free

6,00 Gb Paging File | 4,00 Gb Available in Paging File | 73,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 119,16 Gb Total Space | 81,96 Gb Free Space | 68,79% Space Free | Partition Type: NTFS

Drive Y: | 913,94 Gb Total Space | 827,06 Gb Free Space | 90,49% Space Free | Partition Type: NTFS

Drive Z: | 913,94 Gb Total Space | 827,06 Gb Free Space | 90,49% Space Free | Partition Type: NTFS

Computer Name: PC-DE-JULES | User Name: Jules | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/16 15:05:51 | 000,575,488 | ---- | M] (OldTimer Tools) -- Z:\Téléchargements\OTL.scr

PRC - [2010/12/10 17:56:24 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe

PRC - [2010/12/10 17:56:23 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2010/11/10 01:13:30 | 000,025,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe

PRC - [2010/10/28 14:32:34 | 000,645,952 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe

PRC - [2010/10/28 14:31:10 | 001,483,072 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010/09/27 13:47:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

PRC - [2010/08/05 00:11:34 | 001,809,920 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

PRC - [2010/08/03 10:05:54 | 000,358,472 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe

PRC - [2010/08/03 10:03:46 | 003,649,096 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

PRC - [2010/08/03 09:44:06 | 000,498,760 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe

PRC - [2010/08/03 09:43:56 | 000,477,768 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe

PRC - [2010/08/03 09:43:18 | 001,809,992 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

PRC - [2010/08/03 09:43:02 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe

PRC - [2010/08/03 09:42:52 | 000,523,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe

PRC - [2010/08/03 09:42:42 | 000,676,424 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe

PRC - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2009/03/19 10:44:50 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

PRC - [2009/03/19 10:44:28 | 002,029,640 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

PRC - [2007/08/21 09:17:48 | 001,966,128 | ---- | M] (Acronis) -- C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe

PRC - [2007/08/20 17:20:48 | 000,148,760 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe

PRC - [2007/08/20 17:20:30 | 000,410,904 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe

PRC - [2007/03/04 15:01:54 | 000,646,656 | ---- | M] (anarpunk) -- C:\Program Files\BlueSourcesProject\ViDesk\ViDesk.exe

PRC - [2006/05/04 06:58:56 | 000,998,912 | ---- | M] () -- C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe

PRC - [2000/06/29 09:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) -- C:\Windows\System32\Crypserv.exe

========== Modules (SafeList) ==========

MOD - [2010/12/16 15:05:51 | 000,575,488 | ---- | M] (OldTimer Tools) -- Z:\Téléchargements\OTL.scr

MOD - [2010/11/03 15:39:40 | 000,034,208 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\idmmkb.dll

MOD - [2010/10/14 19:20:51 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\LMIRfsClientNP.dll

MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

MOD - [2009/07/14 02:16:19 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll

MOD - [2009/07/14 02:16:19 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll

MOD - [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll

MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll

MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll

MOD - [2009/07/14 02:16:11 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll

MOD - [2009/07/14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll

MOD - [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll

MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll

MOD - [2009/07/14 02:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drprov.dll

MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll

MOD - [2009/07/14 02:15:08 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll

MOD - [2009/07/14 02:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davhlpr.dll

MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll

MOD - [2009/07/14 02:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll

MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/10/28 14:31:10 | 001,483,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)

SRV - [2010/10/28 14:29:08 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)

SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2010/10/14 19:21:01 | 000,116,104 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)

SRV - [2010/09/27 13:47:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)

SRV - [2010/08/05 00:11:34 | 001,809,920 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)

SRV - [2010/06/04 15:52:12 | 000,049,504 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV - [2010/05/20 12:00:24 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2010/05/07 17:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/07/20 11:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)

SRV - [2009/07/14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)

SRV - [2009/07/14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)

SRV - [2009/07/14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)

SRV - [2009/07/14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)

SRV - [2009/07/14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)

SRV - [2009/07/14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)

SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)

SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)

SRV - [2009/07/14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)

SRV - [2009/07/14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)

SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2009/07/14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)

SRV - [2009/07/14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)

SRV - [2009/07/14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)

SRV - [2009/07/14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)

SRV - [2009/07/14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Programme d’installation ActiveX (AxInstSV)

SRV - [2009/07/14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)

SRV - [2009/07/14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)

SRV - [2009/03/19 10:48:08 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)

SRV - [2009/03/19 10:44:50 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)

SRV - [2008/08/11 11:41:00 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)

SRV - [2007/08/20 17:20:30 | 000,410,904 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (AcrSch2Svc)

SRV - [2000/06/29 09:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) [Auto | Running] -- C:\Windows\System32\Crypserv.exe -- (Crypkey License)

========== Driver Services (SafeList) ==========

DRV - [2010/12/09 06:40:38 | 000,084,208 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)

DRV - [2010/10/14 19:20:51 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)

DRV - [2010/10/07 13:34:32 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)

DRV - [2010/07/21 00:43:14 | 000,194,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV - [2010/07/10 05:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2010/05/14 23:04:02 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Pro Webcam C910(UVC)

DRV - [2010/05/14 23:02:48 | 000,066,528 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvselsus.sys -- (lvselsus)

DRV - [2010/05/14 23:02:26 | 000,276,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)

DRV - [2010/05/14 22:58:58 | 000,020,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvbusflt.sys -- (CompFilter)

DRV - [2010/05/07 17:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)

DRV - [2009/12/11 11:23:00 | 000,316,416 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)

DRV - [2009/12/11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)

DRV - [2009/11/23 17:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid)

DRV - [2009/11/23 17:37:08 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum)

DRV - [2009/10/01 01:01:10 | 000,400,864 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)

DRV - [2009/10/01 01:01:10 | 000,032,768 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)

DRV - [2009/10/01 01:01:08 | 000,120,992 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)

DRV - [2009/07/14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)

DRV - [2009/07/14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)

DRV - [2009/07/14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)

DRV - [2009/07/14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)

DRV - [2009/07/14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)

DRV - [2009/07/14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)

DRV - [2009/07/14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)

DRV - [2009/07/14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)

DRV - [2009/07/14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)

DRV - [2009/07/14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)

DRV - [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)

DRV - [2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)

DRV - [2009/07/14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)

DRV - [2009/07/14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)

DRV - [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)

DRV - [2009/07/14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)

DRV - [2009/07/14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2009/07/14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)

DRV - [2009/07/14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)

DRV - [2009/07/14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)

DRV - [2009/07/14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)

DRV - [2009/07/14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)

DRV - [2009/07/14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)

DRV - [2009/07/14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)

DRV - [2009/07/14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)

DRV - [2009/07/14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)

DRV - [2009/07/14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)

DRV - [2009/07/14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)

DRV - [2009/07/14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)

DRV - [2009/07/14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)

DRV - [2009/07/14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)

DRV - [2009/07/14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)

DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)

DRV - [2009/07/14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)

DRV - [2009/07/14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)

DRV - [2009/07/14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)

DRV - [2009/07/14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)

DRV - [2009/07/14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)

DRV - [2009/07/14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)

DRV - [2009/07/14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)

DRV - [2009/07/14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)

DRV - [2009/07/14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)

DRV - [2009/07/14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2009/07/14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)

DRV - [2009/07/14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)

DRV - [2009/07/14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)

DRV - [2009/07/14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)

DRV - [2009/07/14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)

DRV - [2009/07/14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)

DRV - [2009/07/14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)

DRV - [2009/07/14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)

DRV - [2009/07/14 00:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)

DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2009/07/14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)

DRV - [2009/07/14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)

DRV - [2009/07/14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)

DRV - [2009/07/14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)

DRV - [2009/07/14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)

DRV - [2009/07/14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)

DRV - [2009/07/14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)

DRV - [2009/07/14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)

DRV - [2009/07/14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)

DRV - [2009/07/14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)

DRV - [2009/07/13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2009/07/13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)

DRV - [2009/07/13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)

DRV - [2009/07/13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)

DRV - [2009/07/13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)

DRV - [2009/07/13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)

DRV - [2009/07/13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)

DRV - [2009/07/13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)

DRV - [2009/07/13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)

DRV - [2009/06/17 17:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)

DRV - [2009/06/17 17:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)

DRV - [2009/06/17 17:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)

DRV - [2009/06/17 17:55:58 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidEqd.sys -- (LHidEqd)

DRV - [2009/06/17 17:55:50 | 000,040,720 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LEqdUsb.sys -- (LEqdUsb)

DRV - [2009/06/17 17:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd)

DRV - [2009/04/16 14:40:40 | 000,528,256 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emOEM.sys -- (USB28xxOEM)

DRV - [2009/04/16 14:40:34 | 000,566,528 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emBDA.sys -- (USB28xxBGA)

DRV - [2009/03/19 10:45:40 | 000,093,312 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)

DRV - [2009/03/19 10:44:34 | 000,107,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)

DRV - [2009/03/19 10:41:38 | 000,113,960 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)

DRV - [2008/08/11 11:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)

DRV - [2008/08/11 11:41:00 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)

DRV - [2004/08/13 08:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

DRV - [2003/09/16 17:25:04 | 000,076,288 | ---- | M] (Rainbow Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\SENTINEL.SYS -- (Sentinel)

DRV - [2003/09/16 17:25:04 | 000,026,120 | ---- | M] (Rainbow Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SNTNLUSB.SYS -- (Sntnlusb)

DRV - [2000/02/03 20:53:12 | 000,024,608 | ---- | M] () [Kernel | System | Running] -- C:\Windows\system32\ckldrv.sys -- (NetworkX)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKLM\..\URLSearchHook: {346de098-61f9-4b42-89da-6dfba7091bb6} - Reg Error: Key error. File not found

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm

IE - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1

IE - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing

IE - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - Reg Error: Key error. File not found

IE - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.7

FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3

FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/06/30 10:28:31 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{59d42255-7f9c-49e5-8e68-a5fd16d06d76}: C:\Program Files\KeyLemon\extension\{59d42255-7f9c-49e5-8e68-a5fd16d06d76} [2010/10/30 16:44:45 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/10 17:56:26 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/15 21:54:30 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009/09/30 20:03:00 | 000,000,000 | ---D | M]

[2009/10/01 14:57:43 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\mozilla\Extensions

[2009/07/03 00:00:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jules\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

[2010/12/14 20:58:23 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions

[2010/04/30 17:51:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/03/18 19:28:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\{20c846c2-4c77-11dc-8314-0800200c9a66}

[2010/03/14 11:01:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\{29c4afe1-db19-4298-8785-fcc94d1d6c1d}

[2010/03/14 11:01:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\{331670ee-d8e6-47ae-83ba-c67bba95b1c4}

[2010/02/08 20:47:43 | 000,000,000 | ---D | M] (IMBooster4web-en Toolbar) -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\{346de098-61f9-4b42-89da-6dfba7091bb6}

[2010/12/01 11:30:33 | 000,000,000 | ---D | M] (Messenger Plus Live France Community Toolbar) -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\{59994074-c06d-4a75-9768-49e5a8c21264}

[2010/03/12 17:56:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}

[2010/04/06 15:07:37 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}

[2010/11/23 08:26:18 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2010/07/04 08:04:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\{dc572301-7619-498c-a57d-39143191b318}

[2010/07/04 08:04:19 | 000,000,000 | ---D | M] (myFireFox) -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}

[2009/12/13 14:44:19 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\capturefoxmovie@advancity.net

[2010/12/01 11:30:33 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\engine@conduit.com

[2010/02/08 20:47:43 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\fr@dictionaries.addons.mozilla.org

[2010/09/12 12:45:19 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\personas@christopher.beard

[2010/10/19 19:39:47 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\tabscope@xuldev.org

[2010/07/04 08:04:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\4rvcwt7b.default\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}\chrome\mozapps\extensions

[2009/10/01 14:48:54 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\8v12l2ng.default\extensions

[2009/10/01 14:48:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\8v12l2ng.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2009/10/01 00:20:34 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\mozilla\Firefox\Profiles\hprcue7w.default\extensions

[2010/12/15 13:39:05 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions

[2010/12/10 17:56:26 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2010/11/09 10:14:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/11/22 18:33:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2010/12/10 17:56:21 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll

[2010/12/10 17:56:21 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll

[2007/04/10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll

[2007/09/23 23:41:20 | 000,404,992 | ---- | M] (PLATINUM technology, inc.) -- C:\Program Files\mozilla firefox\plugins\npcosmop211.dll

[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2010/12/10 17:56:24 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll

[2006/10/26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL

[2010/11/06 11:37:34 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll

[2010/12/09 11:47:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll

[2010/12/09 11:47:53 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll

[2010/12/09 11:47:53 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll

[2010/12/09 11:47:53 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll

[2010/12/09 11:47:53 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll

[2010/12/09 11:47:53 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll

[2010/12/09 11:47:53 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll

[2010/12/10 17:56:25 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2010/12/10 17:56:25 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/12/10 17:56:25 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2010/12/10 17:56:25 | 000,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml

[2010/12/10 17:56:25 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2010/12/10 17:56:25 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/05/25 14:04:27 | 000,000,864 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com

O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (no name) - {346de098-61f9-4b42-89da-6dfba7091bb6} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000\..\Toolbar\WebBrowser: (no name) - {346DE098-61F9-4B42-89DA-6DFBA7091BB6} - No CLSID value found.

O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe (Acronis)

O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe (Acronis)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [DiscWizardMonitor.exe] C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)

O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)

O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (Hewlett-Packard)

O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)

O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)

O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)

O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)

O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)

O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)

O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe ()

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000..\Run: [bubble Dock] C:\Program Files\Nosibay\Bubble Dock\LBubble Dock.exe (Nosibay)

O4 - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)

O4 - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000..\Run: [PC Speed Maximizer] C:\Program Files\PC Speed Maximizer\SPMTray.exe ()

O4 - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe (SFX TEAM)

O4 - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000..\Run: [ViDesk] C:\Program Files\BlueSourcesProject\ViDesk\ViDesk.exe (anarpunk)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~Disabled [2010/12/14 21:16:37 | 000,000,000 | -H-D | M]

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17

O7 - HKU\S-1-5-21-2182866855-1228362895-1267479509-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()

O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()

O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()

O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab (Creative Software AutoUpdate Support Package)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\bubbledock {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)

O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)

O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\System32\relog_ap.dll (Acronis)

O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/10/18 16:45:26 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)

NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: SENTINEL - C:\Windows\System32\SNTI386.DLL (Rainbow Technologies, Inc.)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)

========== Files/Folders - Created Within 30 Days ==========

[2010/12/16 11:46:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2010/12/16 11:46:28 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2010/12/16 07:22:56 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{F6838520-DC26-4E70-930C-8B5F9D2C1605}

[2010/12/16 02:33:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2010/12/16 02:33:22 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2010/12/16 02:33:20 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2010/12/16 02:33:20 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2010/12/16 02:33:20 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2010/12/16 02:33:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2010/12/16 02:33:20 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2010/12/16 02:33:19 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2010/12/16 02:33:19 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2010/12/16 02:33:19 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2010/12/16 02:33:19 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2010/12/16 02:33:19 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2010/12/16 02:33:12 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll

[2010/12/16 02:33:12 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll

[2010/12/16 02:33:12 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll

[2010/12/16 02:33:12 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe

[2010/12/16 02:33:06 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2010/12/16 02:33:06 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2010/12/16 02:33:04 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll

[2010/12/16 02:33:03 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2010/12/16 02:33:03 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe

[2010/12/15 21:54:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER

[2010/12/15 19:22:16 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{4EA47E78-36AB-4188-AFF1-7B0A9B7C48F1}

[2010/12/15 11:22:27 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag

[2010/12/15 07:12:30 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{BF7EDE30-C878-45E5-BBED-332294C18A5B}

[2010/12/14 21:16:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\~Disabled

[2010/12/14 21:16:37 | 000,000,000 | -H-D | C] -- C:\Users\Jules\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~Disabled

[2010/12/14 21:09:18 | 000,046,592 | ---- | C] (NirSoft) -- C:\Users\Jules\Desktop\WhatInStartup.exe

[2010/12/14 19:11:54 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{9C79C5CF-601B-4022-8601-5A81DA7CBE83}

[2010/12/14 18:15:08 | 000,000,000 | ---D | C] -- C:\Program Files\Hijackthis Version Française

[2010/12/14 15:59:34 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Roaming\Malwarebytes

[2010/12/14 15:59:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010/12/14 15:59:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010/12/14 15:59:26 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/12/14 15:59:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/12/14 07:11:31 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{6B88654E-6372-4B13-A395-E6FF6CCBEF59}

[2010/12/13 19:10:56 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{84F5658A-5154-418D-8B88-5D4921042CCB}

[2010/12/13 07:10:21 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{B9A74B88-6DF8-4C3F-B50C-DB77CF18400B}

[2010/12/12 19:09:58 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{71A46E8C-E455-4F4A-8D48-89C77CCBFAA0}

[2010/12/12 07:09:27 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{BE4E8D42-8CC3-4E67-AF0F-4C4EB405042A}

[2010/12/11 18:38:57 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{340A5201-DC00-43C9-9119-91D63CA9D20B}

[2010/12/11 06:38:34 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{45D0DE00-60C1-4C1B-ABC4-7ECD55852C14}

[2010/12/10 18:38:11 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{7763F47A-B454-48C1-842A-EEB51D472EC1}

[2010/12/10 06:37:46 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{BA4DCFEE-C21F-4169-BE08-F3B77267FD24}

[2010/12/09 11:47:46 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2010/12/09 11:30:26 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{45660E55-C8F9-4BCD-B278-A2D22D8F1856}

[2010/12/09 09:02:21 | 000,084,208 | ---- | C] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys

[2010/12/08 22:20:10 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{1ACE6C33-400B-4E78-919C-079387F59E94}

[2010/12/08 22:19:45 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{4C1AF0C1-B9E8-4430-B6EC-88D429C4671A}

[2010/12/08 08:31:42 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{2FEF425B-CA70-4CAD-A974-38C30C36AD44}

[2010/12/07 20:31:19 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{CFBDDFEC-E885-4147-8EED-4B896EBBE10C}

[2010/12/07 08:30:44 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{90A5C1F1-2C83-4CA0-802E-35B65E8ED1D4}

[2010/12/06 20:30:20 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{48E83946-F1DE-4032-B245-ED0B37D2B24C}

[2010/12/06 08:29:38 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{4527C95A-BAA2-40F1-9A28-BA401D30E492}

[2010/12/05 18:28:27 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{A81A37FE-9C95-4DF8-A591-6F7F9F345B46}

[2010/12/05 09:18:08 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{0487BF08-93BC-4054-A76B-62967196AE0A}

[2010/12/04 15:29:16 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{E7594D64-E0ED-46CD-9277-3B6C55F86336}

[2010/12/04 03:29:04 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{6A5611CA-498A-404F-97ED-D3BD19B70086}

[2010/12/03 15:28:34 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{048117AF-ABFF-494E-BC0C-94A344C535DF}

[2010/12/03 03:17:01 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{D9FFFB17-9ACF-44F6-A6D8-A30E195BFE58}

[2010/12/02 11:56:45 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Local\{622F4DFE-457F-43A3-89F8-5A3F3FC1067B}

[2010/12/02 11:55:18 | 000,000,000 | ---D | C] -- C:\Windows\fr

[2010/12/02 11:51:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition

[2010/12/02 11:47:24 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll

[2010/12/02 11:47:24 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll

[2010/12/02 11:47:24 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll

[2010/12/02 11:47:19 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll

[2010/12/02 11:47:13 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll

[2010/12/02 11:47:12 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll

[2010/12/02 09:02:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2010/11/29 17:38:30 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx

[2010/11/29 17:38:30 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts

[2010/11/26 10:20:23 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Roaming\Logishrd

[2010/11/22 18:33:58 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2010/11/22 18:33:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2010/11/22 18:33:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2010/11/20 21:09:48 | 000,000,000 | ---D | C] -- C:\Users\Jules\AppData\Roaming\Cloudmark

[2010/11/20 21:09:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Cloudmark

[2010/11/20 21:09:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Cloudmark

[2010/11/20 21:09:46 | 000,000,000 | ---D | C] -- C:\Program Files\Cloudmark

[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/16 13:23:04 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job

[2010/12/16 13:23:03 | 000,001,048 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/12/16 13:22:52 | 000,010,288 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/12/16 13:22:52 | 000,010,288 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/12/16 13:21:56 | 000,706,998 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2010/12/16 13:21:56 | 000,618,714 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010/12/16 13:21:56 | 000,131,426 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2010/12/16 13:21:56 | 000,107,034 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010/12/16 13:17:49 | 000,409,352 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010/12/16 13:17:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/12/16 13:17:39 | 2408,931,328 | -HS- | M] () -- C:\hiberfil.sys

[2010/12/16 13:11:04 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/12/16 11:46:38 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2010/12/16 08:23:05 | 000,112,594 | ---- | M] () -- C:\Users\Jules\Desktop\copie de windows.JPG

[2010/12/15 11:22:28 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk

[2010/12/15 11:22:28 | 000,000,953 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk

[2010/12/15 11:22:28 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk

[2010/12/15 11:20:10 | 000,000,853 | ---- | M] () -- C:\Users\Jules\Desktop\WhatInStartup.cfg

[2010/12/15 08:27:14 | 000,087,313 | ---- | M] () -- C:\Users\Jules\Desktop\chaufferie.jpg

[2010/12/15 08:20:34 | 000,091,788 | ---- | M] () -- C:\Users\Jules\Desktop\DSC00830 [800x600].jpg

[2010/12/15 04:11:31 | 000,002,290 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2010/12/14 21:33:05 | 000,000,037 | ---- | M] () -- C:\Users\Jules\.mjsync_fr_FR

[2010/12/14 19:24:23 | 000,000,193 | ---- | M] () -- C:\Windows\WORDPAD.INI

[2010/12/14 18:15:09 | 000,001,107 | ---- | M] () -- C:\Users\Jules\Desktop\Hijackthis Version Française.lnk

[2010/12/14 15:59:31 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/12/09 18:41:02 | 000,000,986 | ---- | M] () -- C:\Users\Jules\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk

[2010/12/09 18:41:02 | 000,000,962 | ---- | M] () -- C:\Users\Jules\Desktop\Glary Utilities.lnk

[2010/12/09 11:47:50 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2010/12/09 06:40:38 | 000,084,208 | ---- | M] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys

[2010/12/07 11:36:05 | 000,011,965 | ---- | M] () -- C:\Users\Jules\Desktop\caricature.JPG

[2010/12/05 10:04:43 | 000,061,298 | ---- | M] () -- C:\Users\Jules\Desktop\Picture 5 [800x600].jpg

[2010/12/01 20:50:42 | 000,000,020 | ---- | M] () -- C:\Windows\h÷l

[2010/11/29 18:15:28 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini

[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/11/29 17:38:30 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx

[2010/11/29 17:38:30 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts

[2010/11/26 10:28:06 | 000,001,913 | ---- | M] () -- C:\Users\Jules\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2010/11/26 10:28:06 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2010/11/24 20:44:54 | 000,023,105 | ---- | M] () -- C:\Users\Jules\Desktop\Capture 2.JPG

[2010/11/24 11:11:53 | 000,038,205 | ---- | M] () -- C:\Users\Jules\Desktop\cadastre definitif [800x600].jpg

[2010/11/24 11:05:34 | 000,091,571 | ---- | M] () -- C:\Users\Jules\Desktop\cadastre definitif.JPG

[2010/11/23 20:15:44 | 000,117,469 | ---- | M] () -- C:\Users\Jules\Desktop\cadastre 2.JPG

[2010/11/23 20:00:44 | 000,485,916 | ---- | M] () -- C:\Users\Jules\Desktop\cadastre.pdf

[2010/11/22 13:17:34 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2010/11/22 11:57:42 | 000,031,565 | ---- | M] () -- C:\Users\Jules\Desktop\vue pano [800x600].jpg

[2010/11/20 16:19:39 | 000,082,822 | ---- | M] () -- C:\Users\Jules\Desktop\pano.jpg

[2010/11/20 16:15:55 | 000,065,263 | ---- | M] () -- C:\Users\Jules\Desktop\DSC00804 [800x600].jpg

[2010/11/20 16:15:41 | 000,059,062 | ---- | M] () -- C:\Users\Jules\Desktop\DSC00803 [800x600].jpg

[2010/11/20 16:15:01 | 000,060,879 | ---- | M] () -- C:\Users\Jules\Desktop\DSC00802 [800x600].jpg

[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/16 11:46:38 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2010/12/16 08:23:05 | 000,112,594 | ---- | C] () -- C:\Users\Jules\Desktop\copie de windows.JPG

[2010/12/15 11:22:28 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk

[2010/12/15 11:22:28 | 000,000,953 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk

[2010/12/15 11:22:28 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk

[2010/12/15 11:20:10 | 000,000,853 | ---- | C] () -- C:\Users\Jules\Desktop\WhatInStartup.cfg

[2010/12/15 08:27:11 | 000,087,313 | ---- | C] () -- C:\Users\Jules\Desktop\chaufferie.jpg

[2010/12/15 08:20:34 | 000,091,788 | ---- | C] () -- C:\Users\Jules\Desktop\DSC00830 [800x600].jpg

[2010/12/14 21:12:57 | 000,004,224 | ---- | C] () -- C:\Users\Jules\Desktop\WhatInStartup_lng.ini

[2010/12/14 19:24:23 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI

[2010/12/14 18:15:09 | 000,001,107 | ---- | C] () -- C:\Users\Jules\Desktop\Hijackthis Version Française.lnk

[2010/12/14 15:59:31 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/12/09 11:47:50 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2010/12/07 11:36:05 | 000,011,965 | ---- | C] () -- C:\Users\Jules\Desktop\caricature.JPG

[2010/12/05 10:04:43 | 000,061,298 | ---- | C] () -- C:\Users\Jules\Desktop\Picture 5 [800x600].jpg

[2010/12/01 20:50:42 | 000,000,020 | ---- | C] () -- C:\Windows\h÷l

[2010/11/24 20:44:54 | 000,023,105 | ---- | C] () -- C:\Users\Jules\Desktop\Capture 2.JPG

[2010/11/24 11:11:53 | 000,038,205 | ---- | C] () -- C:\Users\Jules\Desktop\cadastre definitif [800x600].jpg

[2010/11/24 11:05:31 | 000,091,571 | ---- | C] () -- C:\Users\Jules\Desktop\cadastre definitif.JPG

[2010/11/23 20:07:22 | 000,117,469 | ---- | C] () -- C:\Users\Jules\Desktop\cadastre 2.JPG

[2010/11/23 20:00:44 | 000,485,916 | ---- | C] () -- C:\Users\Jules\Desktop\cadastre.pdf

[2010/11/22 11:57:42 | 000,031,565 | ---- | C] () -- C:\Users\Jules\Desktop\vue pano [800x600].jpg

[2010/11/20 16:17:40 | 000,082,822 | ---- | C] () -- C:\Users\Jules\Desktop\pano.jpg

[2010/11/20 16:15:55 | 000,065,263 | ---- | C] () -- C:\Users\Jules\Desktop\DSC00804 [800x600].jpg

[2010/11/20 16:15:41 | 000,059,062 | ---- | C] () -- C:\Users\Jules\Desktop\DSC00803 [800x600].jpg

[2010/11/20 16:15:01 | 000,060,879 | ---- | C] () -- C:\Users\Jules\Desktop\DSC00802 [800x600].jpg

[2010/06/07 10:29:44 | 000,238,080 | ---- | C] () -- C:\Windows\System32\KLWindowsCredentialsProvider.dll

[2010/05/16 16:19:44 | 001,755,576 | ---- | C] () -- C:\Users\Jules\AppData\Roaming\theme.themepack

[2010/05/14 22:56:06 | 010,830,680 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll

[2010/05/14 22:55:58 | 000,290,648 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll

[2010/05/14 22:47:00 | 000,090,071 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

[2010/05/07 17:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll

[2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys

[2010/01/26 20:45:01 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2010/01/16 09:48:07 | 000,000,000 | ---- | C] () -- C:\Windows\hpqEmlSz.INI

[2009/12/21 19:09:44 | 000,248,832 | ---- | C] () -- C:\Windows\System32\ECircles.dll

[2009/12/21 19:09:44 | 000,153,088 | ---- | C] () -- C:\Windows\System32\SoyWeb.dll

[2009/12/21 19:09:01 | 000,100,864 | ---- | C] () -- C:\Windows\System32\Dc50ip32.dll

[2009/12/21 19:09:01 | 000,065,864 | ---- | C] () -- C:\Windows\System32\Digita.sys

[2009/12/21 19:09:01 | 000,007,808 | ---- | C] () -- C:\Windows\System32\dc240u.sys

[2009/12/21 19:09:01 | 000,006,144 | ---- | C] () -- C:\Windows\System32\ImgLibLead.dll

[2009/12/21 19:08:57 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL

[2009/12/14 17:51:45 | 000,000,245 | ---- | C] () -- C:\Windows\Maxsea.ini

[2009/12/14 17:51:43 | 000,000,044 | ---- | C] () -- C:\Windows\Crypkey.ini

[2009/12/14 17:51:39 | 000,024,608 | ---- | C] () -- C:\Windows\System32\Ckldrv.sys

[2009/12/14 17:51:39 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll

[2009/12/06 16:14:26 | 000,000,022 | ---- | C] () -- C:\Windows\sevens.ini

[2009/11/01 14:37:43 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2009/10/30 18:05:10 | 000,014,336 | ---- | C] () -- C:\Windows\System32\vsmon1.dll

[2009/10/04 15:20:05 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini

[2009/10/01 14:39:24 | 000,001,185 | ---- | C] () -- C:\ProgramData\hpzinstall.log

[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll

[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2007/09/23 23:41:20 | 000,779,776 | ---- | C] () -- C:\Windows\System32\cp211_main.dll

[2007/09/23 23:41:20 | 000,285,184 | ---- | C] () -- C:\Windows\System32\cp211_graphicslarge8.dll

[2007/09/23 23:41:20 | 000,285,184 | ---- | C] () -- C:\Windows\System32\cp211_graphicslarge16.dll

[2007/09/23 23:41:20 | 000,252,416 | ---- | C] () -- C:\Windows\System32\cp211_javascript.dll

[2007/09/23 23:41:20 | 000,226,304 | ---- | C] () -- C:\Windows\System32\cp211_msjava.dll

[2007/09/23 23:41:20 | 000,167,936 | ---- | C] () -- C:\Windows\System32\cp211_graphicsmed8.dll

[2007/09/23 23:41:20 | 000,167,936 | ---- | C] () -- C:\Windows\System32\cp211_graphicsmed16.dll

[2007/09/23 23:41:20 | 000,133,120 | ---- | C] () -- C:\Windows\System32\cp211_vrml1to2.dll

[2007/09/23 23:41:20 | 000,057,856 | ---- | C] () -- C:\Windows\System32\cp211_graphicssmall8.dll

[2007/09/23 23:41:20 | 000,057,856 | ---- | C] () -- C:\Windows\System32\cp211_graphicssmall16.dll

[2007/09/23 23:41:20 | 000,049,152 | ---- | C] () -- C:\Windows\System32\cp211_lang.dll

[2007/09/23 23:41:20 | 000,026,624 | ---- | C] () -- C:\Windows\System32\cp211_basic.dll

[2007/09/23 23:41:20 | 000,013,312 | ---- | C] () -- C:\Windows\System32\cp211_graphicspos.dll

[2007/03/09 15:27:58 | 000,053,248 | ---- | C] () -- C:\Windows\System32\zlib.dll

[2004/08/13 08:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

========== LOP Check ==========

[2010/11/20 21:22:56 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\Cloudmark

[2010/12/15 21:55:11 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\DMCache

[2009/11/02 18:13:21 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\eXPert PDF Editor

[2009/10/01 00:51:47 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\GlarySoft

[2009/11/08 14:59:36 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\High Sign

[2009/10/04 17:57:29 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\IcoFX

[2010/07/15 13:22:53 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\Icones

[2010/12/09 18:12:01 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\IDM

[2009/11/01 14:31:11 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\KC Softwares

[2009/10/01 00:58:38 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\Leadertech

[2010/10/27 16:25:45 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\Luxand

[2009/11/27 17:59:34 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\PC Speed Maximizer

[2009/11/05 07:50:08 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\Spamihilator

[2010/10/26 17:23:50 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\tmp

[2010/11/02 17:57:58 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\TuneUp Software

[2010/12/15 08:20:37 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\VSO

[2010/10/20 09:35:33 | 000,000,000 | ---D | M] -- C:\Users\Jules\AppData\Roaming\Windows Live Writer

[2010/12/16 13:23:04 | 000,000,312 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job

[2010/07/17 20:25:50 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %appdata% *.exe /s >

< MD5 for: AGP440.SYS >

[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys

[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys

[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< MD5 for: ATAPI.SYS >

[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys

[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys

[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: CDROM.SYS >

[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys

[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys

[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

< MD5 for: CNGAUDIT.DLL >

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: EXPLORER.EXE >

[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe

[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe

[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe

[2010/01/05 11:35:48 | 002,641,408 | ---- | M] (Microsoft Corporation) MD5=275A17C9FBB57295E8A33483CE7930E4 -- C:\Users\Jules\Documents\Downloads\Compressed\Darkclear7__Final___by_caeszer_2\Darkclear _7_(Final)_by_Caeszer\System Files\32-bit\Start Button\explorer.exe

[2010/02/11 15:12:53 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=7A5AD3BB30BA435CCDCC98A519E6C8D0 -- C:\Users\Jules\Documents\Downloads\Compressed\Darkclear7__Final___by_caeszer_2\Darkclear _7_(Final)_by_Caeszer\System Files\64-bit\Start Button\explorer.exe

[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe

[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe

[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: IASTORV.SYS >

[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys

[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys

[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

< MD5 for: NETLOGON.DLL >

[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll

[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVSTOR.SYS >

[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys

[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys

[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >

[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll

[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< MD5 for: USERINIT.EXE >

[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe

[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WININIT.EXE >

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< %systemroot%\*. /mp /s >

========== Files - Unicode (All) ==========

[2009/12/15 13:56:14 | 000,000,000 | ---D | M](C:\Windows\System32\??á?A??) -- C:\Windows\System32\áꮐĀ瞻

[2009/12/15 13:56:14 | 000,000,000 | ---D | C](C:\Windows\System32\??á?A??) -- C:\Windows\System32\áꮐĀ瞻

========== Alternate Data Streams ==========

@Alternate Data Stream - 85 bytes -> Z:\Documents\DSC00599 [320x200].JPG:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\pompe.JPG:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\jules [640x480].gif:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\DSC00695 [640x480].JPG:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\DSC00693 [640x480].JPG:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\DSC00690 [640x480].JPG:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\DSC00689 [640x480].JPG:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\DSC00684 [640x480].JPG:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\DSC00680 [640x480].JPG:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\DSC00679 [640x480].JPG:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\DSC00627 [320x200].JPG:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\DSC_0578 [320x200].JPG:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\DSC_0575 [320x200].JPG:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\DSC_0569 [320x200].JPG:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\devis plombier 20001 [320x200].tif:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\chalet Mr0001 [320x200].tif:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\chalet Mr 20001 [320x200].tif:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\ch alex (sous la fuite ).JPG:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\ch agathe.JPG:VsoSummaryInformation

@Alternate Data Stream - 85 bytes -> C:\Users\Jules\Desktop\burinage du socle (1).JPG:VsoSummaryInformation

@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

Encore merci pour votre patience

pear · le 16 décembre 2010

Relancez Otl:

Sous Custom scan Files ou Personnalisation

Copiez Collez

:OTL