Infection GOMEO [Résolu]

[jdoe]

Bonjour,

Mon ordinateur à subi une infection.

Cela a commencé par des lancements intempestifs d'une application nommée OfferBox installée

sans mon accord.

J'ai réussi à la désinstaller via 'Ajout/Suppression de programmes'.

En paralléle Antivir a lancé une alerte 'Logiciel malveillant détecté'

/ TR/Dropper.Gen pour le fichier :

 

AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

 

J'ai réussi à supprimer ce fichier aprés avoir tué le processus.

 

Par la suite la navigation sur internet a été détournée.

La moindre consultation d'une page était détournée sur

un site nommé 'Gomeo'.

Donc j'ai lancé le mode sans échec et j'ai suivi la

procédure suivante : Supprimer Gomeo

Donc l'ordinateur a été scanné et traité par AD-R, MBAM et ComboFix.

Ces actions semblent avoir porté leur fruit.

Je demande donc l'assistance d'une personne qualifiée

pour finaliser l'opération.

Quels rapports doit-je poster ?

D'avance merci.

Modifié le 28 décembre 2010 par jdoe

[lance_yien]

Bonjour jdoe,

 

Poste les rapports de MBAM et ComboFix. On verra après!

[jdoe]

Voici le rapport MBAM :

 

Malwarebytes' Anti-Malware 1.50

www.malwarebytes.org

 

Version de la base de données: 5378

 

Windows 6.0.6002 Service Pack 2 (Safe Mode)

Internet Explorer 8.0.6001.18999

 

22/12/2010 22:41:18

mbam-log-2010-12-22 (22-41-18).txt

 

Type d'examen: Examen complet (C:\|D:\|)

Elément(s) analysé(s): 287736

Temps écoulé: 34 minute(s), 4 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 1

Valeur(s) du Registre infectée(s): 2

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 2

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jxhkmore (Trojan.FakeAlert) -> Value: jxhkmore -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuaucldt (Trojan.Agent) -> Value: wuaucldt -> Quarantined and deleted successfully.

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

c:\Users\Aude\AppData\Local\Temp\lgpkwncks\fuidjltlajb.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

c:\Users\Aude\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\regmem32.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

[jdoe]

Et pour ComboFix:

 

ComboFix 10-12-22.05 - Aude 23/12/2010 10:09:32.1.2 - x86

Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.1914.786 [GMT 1:00]

Lancé depuis: c:\users\Aude\Downloads\ComboFix.exe

AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\programdata\Microsoft\Network\Downloader\qmgr0.dat

c:\programdata\Microsoft\Network\Downloader\qmgr1.dat

c:\users\Aude\AppData\Local\cleanmgr.dll

c:\users\Aude\AppData\Local\cleanmgr.exe

c:\users\Aude\AppData\Roaming\mdjaw.dat

c:\users\Aude\AppData\Roaming\Microsoft\Windows\Recent\iPhone de Gianni.compta.pif

c:\windows\system\Agcgauge.ax

c:\windows\system32\pthreadVC.dll

 

----- BITS: Il y a peut-être des sites infectés -----

 

hxxp://update.snugtv.com

.

((((((((((((((((((((((((((((( Fichiers créés du 2010-11-23 au 2010-12-23 ))))))))))))))))))))))))))))))))))))

.

 

2010-12-23 09:19 . 2010-12-23 09:19 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-12-22 21:03 . 2010-12-22 21:03 -------- d-----w- c:\users\Aude\AppData\Roaming\Malwarebytes

2010-12-22 21:03 . 2010-12-22 21:03 -------- d-----w- c:\programdata\Malwarebytes

2010-12-22 21:03 . 2010-11-29 16:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-12-22 21:03 . 2010-12-22 21:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-12-22 21:03 . 2010-11-29 16:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-12-22 20:51 . 2010-12-22 20:51 -------- d-----w- c:\program files\Ad-Remover

2010-12-22 06:07 . 2010-12-22 06:07 -------- d-----w- c:\program files\Haali

2010-12-22 05:55 . 2010-12-22 05:55 -------- d-----w- c:\users\Aude\AppData\Roaming\SpiritON TV Software

2010-12-21 09:24 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C275C9E4-8EDE-494A-B54D-99FFC3D8DA83}\mpengine.dll

2010-12-09 12:19 . 2009-03-18 08:09 178176 ----a-w- c:\windows\system32\CNMIU9X.DLL

2010-12-09 12:16 . 2010-12-09 12:16 -------- d--h--w- c:\program files\CanonBJ

2010-12-08 08:47 . 2010-12-08 08:47 84621672 ----a-w- c:\program files\Common Files\Windows Live\.cache\wlc28EC.tmp

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-11-12 18:46 . 2010-11-12 18:46 4280320 ----a-w- c:\windows\system32\GPhotos.scr

2010-10-19 09:41 . 2010-02-02 18:14 222080 ------w- c:\windows\system32\MpSigStub.exe

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-06-27 262144]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-01 39408]

"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

"AnyDVD"="c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe" [2010-03-19 3353536]

"Google Update"="c:\users\Aude\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-10-15 136176]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="RtHDVCpl.exe" [2008-07-03 6295552]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-04 150040]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-04 170520]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-04 145944]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]

"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-03 317280]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]

"MarketingTools"="c:\program files\Sony\Marketing Tools\MarketingTools.exe" [2010-01-31 24576]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

"Skytel"="Skytel.exe" [2008-07-03 1826816]

"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-03-05 1135912]

"VMware hqtray"="c:\program files\VMware\VMware Player\hqtray.exe" [2010-01-22 64048]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]

"NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-07-21 141608]

"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-11-29 963976]

 

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

AVer HID Receiver.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2010-6-5 159744]

AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2010-6-13 651264]

SnugTV Quick Start.lnk - c:\windows\Installer\{AACA8099-4687-4D03-8DCD-6F56D6FFF8F0}\NewShortcut1_46FEF19C05F1475DAA14D9007DC15270_2.exe [2010-8-2 57344]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

"EnableLinkedConnections"= 1 (0x1)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2008-07-07 10:28 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

 

R2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]

R3 AVerAF15DMBTH;AVerMedia A850 USB;c:\windows\system32\Drivers\AVerAF15DMBTH.sys [2009-01-05 487168]

R3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\DRIVERS\camdrv21.sys [x]

R3 Service CANALPLAY;Service CANALPLAY;c:\program files\Lecteur CANALPLAY\CanalPlayService.exe [2007-10-01 423584]

R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-05-20 103712]

R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-05-20 353568]

R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-05-20 62752]

R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-06-11 337184]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2009-09-08 83312]

R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-04-09 722288]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-21 691696]

S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2009-12-17 123280]

S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2009-12-17 41616]

S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]

S2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2009-04-08 344064]

S2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-12-09 405504]

S2 AVerUpdateServer;AVerUpdateServer;c:\program files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2010-07-06 168448]

S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [2010-07-09 20328]

S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]

S2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2008-06-27 299008]

S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]

S2 RtkAudioService;Realtek Audio Service;c:\windows\RtkAudioService.exe [2008-07-03 104992]

S2 SnugTV Service;SnugTV Service;c:\program files\SnugTV\SnugTV Station\AMAServer.exe [2010-07-27 518144]

S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2008-06-19 411488]

S2 VCFw;VAIO Content Folder Watcher;c:\program files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-03-05 5189992]

S2 vmci;VMware vmci;c:\windows\system32\Drivers\vmci.sys [2010-01-22 70704]

S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-01-22 563760]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-03-10 9344]

S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2009-12-17 99152]

S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2009-12-17 110096]

 

.

Contenu du dossier 'Tâches planifiées'

 

2010-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 21:40]

 

2010-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 21:40]

 

2010-12-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003Core.job

- c:\users\Aude\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-07 10:38]

 

2010-12-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003UA.job

- c:\users\Aude\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-07 10:38]

.

.

------- Examen supplémentaire -------

.

uInternet Settings,ProxyOverride = <local>

uInternet Settings,ProxyServer = http=127.0.0.1:8074

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

LSP: c:\program files\VMware\VMware Player\vsocklib.dll

Trusted Zone: canalplay.com

Trusted Zone: canalplusactive.com

FF - ProfilePath - c:\users\Aude\AppData\Roaming\Mozilla\Firefox\Profiles\29ml9a1p.default\

FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?mkt=fr-FR&form=MIMWA5&q=

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: Session Manager: {1280606b-2510-4fe0-97ef-9b5a22eafe30} - %profile%\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}

FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

FF - Ext: BitDefender QuickScan: {e001c731-5e37-4538-a5cb-8168736a2360} - %profile%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}

.

- - - - ORPHELINS SUPPRIMES - - - -

 

AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe

AddRemove-Notification de cadeaux MSN - c:\users\Aude\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe

 

 

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-12-23 10:19

Windows 6.0.6002 Service Pack 2 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:0000003d

.

Heure de fin: 2010-12-23 10:22:22

ComboFix-quarantined-files.txt 2010-12-23 09:22

 

Avant-CF: 42 128 471 552 octets libres

Après-CF: 44 592 731 136 octets libres

 

- - End Of File - - D5EE79EE4E0E3E5FC71A6BD02078027D

[lance_yien]

Bonjour jdoe,

 

---

Très Important!

 

>>> A faire immédiatement:

- En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

- Sauvegarder (en copiant) tous les documents personnels sur un support autre que la partition système: Clé USB, CD/DVD, Disque Dur externe etc.

 

>>> Que faire durant ce nettoyage, merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

 

>>> Que faire à la réception de nouvelles instructions,

• Lire la totalité du message.
  
• Télécharger et enregistrer les utilitaires DIRECTEMENT sur le Bureau ou les déplacer (tout de suite après par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller".
  Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau.
  
• Prendre l'habitude de désactiver tous les programmes de protection au début de chaque nouvelle étape et de les réactiver à la fin.
  
• Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
  
• NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.
  

>>> Comment répondre:

- Cliquer sur le bouton (et non sur car je n'ai pas besoin de relire mes messages précédents).

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...).

---

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau:

 

• OTL (par OldTimer) depuis ici ou ici.
• Security Check (par screen317) depuis ici ou ici.

 

>>> Utiliser OTL: Brancher et allumer tous les médias amovibles ayant servi à un quelconque transfert de données (clés USB...).

Fermer tout et double-cliquer sur OTL.exe (Vista/ Windows7, clic-droit dessus => Exécuter en tant qu'Admin).

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs

drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

 

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

 

>>> Utiliser SecurityCheck: Fermer tout et double-cliquer sur "SecurityCheck.exe" pour lancer le programme.

Appuyer sur une touche comme demandé et suivre les indications.

Note: Si un des programmes de sécurité demande la permission d'accéder à Internet depuis dig.exe, acceptez.

Le Rapport checkup.txt s'ouvre à la fin. Poster son contenu.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

Poster son contenu.

 

 

Rapports demandés:

• OTL.txt
• Extras.txt
• checkup.txt

[jdoe]

Bonsoir,

comme convenu voici le contenu du fichier 'OTL.txt' :

 

OTL logfile created on: 27/12/2010 23:30:59 - Run 1

OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Aude\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18999)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free

4,00 Gb Paging File | 2,00 Gb Available in Paging File | 56,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 112,00 Gb Total Space | 41,27 Gb Free Space | 36,85% Space Free | Partition Type: NTFS

Drive D: | 112,93 Gb Total Space | 30,42 Gb Free Space | 26,94% Space Free | Partition Type: NTFS

Drive I: | 232,88 Gb Total Space | 12,37 Gb Free Space | 5,31% Space Free | Partition Type: NTFS

 

Computer Name: PC-DE-AUDE | User Name: Aude | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2010/12/27 23:18:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Aude\Desktop\OTL.exe

PRC - [2010/12/09 00:28:23 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Users\Aude\AppData\Local\Google\Chrome\Application\chrome.exe

PRC - [2010/07/27 08:59:20 | 000,518,144 | ---- | M] (AVerMedia Technologies, Inc.) -- C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe

PRC - [2010/07/06 12:04:40 | 000,168,448 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe

PRC - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010/04/09 13:37:34 | 001,459,568 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe

PRC - [2010/03/25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe

PRC - [2010/03/05 16:32:28 | 001,135,912 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe

PRC - [2010/02/01 01:05:11 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2010/01/31 16:17:26 | 000,024,576 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Marketing Tools\MarketingTools.exe

PRC - [2010/01/22 21:57:08 | 000,395,824 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe

PRC - [2010/01/22 21:56:46 | 000,064,048 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\hqtray.exe

PRC - [2010/01/22 21:56:44 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe

PRC - [2010/01/22 21:56:28 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe

PRC - [2010/01/22 21:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe

PRC - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

PRC - [2009/04/08 10:49:30 | 000,344,064 | ---- | M] (AVerMedia) -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe

PRC - [2009/03/05 18:47:40 | 000,313,264 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

PRC - [2009/03/05 18:47:40 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

PRC - [2009/03/05 18:41:58 | 005,189,992 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

PRC - [2009/03/02 12:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2008/12/09 17:01:50 | 000,405,504 | ---- | M] () -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe

PRC - [2008/07/07 11:28:04 | 000,182,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

PRC - [2008/07/07 11:28:04 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe

PRC - [2008/07/04 04:02:44 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe

PRC - [2008/07/03 07:06:17 | 000,104,992 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE

PRC - [2008/06/27 21:01:36 | 000,299,008 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Network Utility\NSUService.exe

PRC - [2008/06/27 21:01:34 | 000,262,144 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Network Utility\LANUtil.exe

PRC - [2008/06/19 18:53:20 | 001,771,360 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

PRC - [2008/06/19 18:53:20 | 000,411,488 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe

PRC - [2008/06/10 11:34:02 | 000,159,744 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe

PRC - [2008/04/03 19:03:38 | 000,317,280 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe

PRC - [2008/01/21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

PRC - [2007/01/04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010/12/27 23:18:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Aude\Desktop\OTL.exe

MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)

SRV - [2010/07/27 08:59:20 | 000,518,144 | ---- | M] (AVerMedia Technologies, Inc.) [Auto | Running] -- C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe -- (SnugTV Service)

SRV - [2010/07/06 12:04:40 | 000,168,448 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Auto | Running] -- C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe -- (AVerUpdateServer)

SRV - [2010/06/10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2010/04/09 13:37:34 | 000,722,288 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)

SRV - [2010/03/25 13:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2010/01/22 21:57:08 | 000,395,824 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service)

SRV - [2010/01/22 21:56:44 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)

SRV - [2010/01/22 21:56:28 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)

SRV - [2010/01/22 21:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)

SRV - [2009/10/12 14:32:24 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60)

SRV - [2009/09/08 18:09:14 | 000,083,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)

SRV - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2009/04/08 10:49:30 | 000,344,064 | ---- | M] (AVerMedia) [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)

SRV - [2009/04/02 00:15:30 | 000,114,688 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)

SRV - [2009/03/05 18:47:40 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)

SRV - [2009/03/05 18:47:40 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)

SRV - [2009/03/05 18:47:40 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)

SRV - [2009/03/05 18:41:58 | 005,189,992 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)

SRV - [2008/12/09 17:01:50 | 000,405,504 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)

SRV - [2008/07/07 11:28:04 | 000,182,112 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)

SRV - [2008/07/03 07:06:17 | 000,104,992 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Windows\RTKAUDIOSERVICE.EXE -- (RtkAudioService)

SRV - [2008/06/27 21:01:36 | 000,299,008 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\Network Utility\NSUService.exe -- (NSUService)

SRV - [2008/06/19 18:53:20 | 000,411,488 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)

SRV - [2008/06/11 23:13:24 | 000,337,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)

SRV - [2008/05/20 19:05:40 | 000,353,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms)

SRV - [2008/05/20 19:05:40 | 000,103,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)

SRV - [2008/05/20 19:05:40 | 000,062,752 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs)

SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2007/10/01 18:27:46 | 000,423,584 | ---- | M] (Canal+ Active) [On_Demand | Stopped] -- C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe -- (Service CANALPLAY)

SRV - [2007/01/04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\UIUSYS.SYS -- (UIUSys)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - [2010/07/09 12:18:54 | 000,020,328 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz134_x32.sys -- (cpuz134)

DRV - [2010/03/21 11:28:45 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)

DRV - [2010/03/18 17:45:47 | 000,104,768 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)

DRV - [2010/01/22 21:57:58 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)

DRV - [2010/01/22 21:57:56 | 000,023,216 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd)

DRV - [2010/01/22 21:57:54 | 000,854,192 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86)

DRV - [2010/01/22 21:57:54 | 000,070,704 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci)

DRV - [2010/01/22 21:00:42 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon)

DRV - [2010/01/22 17:13:00 | 000,036,400 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)

DRV - [2010/01/22 17:13:00 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)

DRV - [2010/01/01 18:20:34 | 000,026,024 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\ElbyCDIO.sys -- (ElbyCDIO)

DRV - [2009/12/17 14:02:34 | 000,123,280 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)

DRV - [2009/12/17 14:02:34 | 000,110,096 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)

DRV - [2009/12/17 14:02:34 | 000,099,152 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

DRV - [2009/12/17 14:02:34 | 000,041,616 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)

DRV - [2009/11/25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2009/10/12 14:31:52 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60)

DRV - [2009/05/11 09:11:52 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2009/04/11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)

DRV - [2009/03/30 09:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2009/01/05 07:47:18 | 000,487,168 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerAF15DMBTH.sys -- (AVerAF15DMBTH)

DRV - [2008/10/20 14:57:20 | 000,937,984 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)

DRV - [2008/07/09 01:05:17 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)

DRV - [2008/07/04 04:02:38 | 002,377,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)

DRV - [2008/07/03 07:06:02 | 002,149,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2008/06/28 01:33:45 | 000,068,608 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)

DRV - [2008/06/27 17:37:42 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)

DRV - [2008/06/21 01:03:04 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk)

DRV - [2008/06/07 01:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)

DRV - [2008/05/28 01:07:16 | 000,310,272 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)

DRV - [2008/04/22 01:20:41 | 000,312,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)

DRV - [2008/03/10 12:01:26 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)

DRV - [2008/01/25 03:14:25 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)

DRV - [2008/01/25 03:14:16 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)

DRV - [2008/01/25 03:14:12 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)

DRV - [2008/01/25 03:14:12 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)

DRV - [2008/01/21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)

DRV - [2008/01/21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2008/01/21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2008/01/21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2008/01/21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2008/01/21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2008/01/21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2008/01/21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2008/01/21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2008/01/21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®

DRV - [2008/01/21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2008/01/21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2008/01/21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2008/01/21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2008/01/21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2008/01/21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2008/01/21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2008/01/21 03:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)

DRV - [2008/01/21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2008/01/21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)

DRV - [2008/01/21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2008/01/21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2008/01/21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2008/01/21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2007/04/17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)

DRV - [2007/03/10 03:42:50 | 000,181,560 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)

DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2006/09/24 14:28:46 | 000,005,248 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)

DRV - [2004/05/19 00:38:08 | 000,253,909 | ---- | M] (Philips Components BU Imaging Solutions) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\camdrv21.sys -- (camvid20)

DRV - [1996/04/03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data over 100 bytes]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8074

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "http://fr.msn.com/"

FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.6.9

FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.50

FF - prefs.js..keyword.URL: "http://www.bing.com/search?mkt=fr-FR&form=MIMWA5&q="

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/16 20:10:48 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/16 20:10:48 | 000,000,000 | ---D | M]

 

[2010/01/31 23:28:23 | 000,000,000 | ---D | M] -- C:\Users\Aude\AppData\Roaming\mozilla\Extensions

[2010/12/27 08:57:27 | 000,000,000 | ---D | M] -- C:\Users\Aude\AppData\Roaming\mozilla\Firefox\Profiles\29ml9a1p.default\extensions

[2010/10/16 07:21:12 | 000,000,000 | ---D | M] (Session Manager) -- C:\Users\Aude\AppData\Roaming\mozilla\Firefox\Profiles\29ml9a1p.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}

[2010/06/05 14:56:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Aude\AppData\Roaming\mozilla\Firefox\Profiles\29ml9a1p.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/12/03 08:29:49 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Aude\AppData\Roaming\mozilla\Firefox\Profiles\29ml9a1p.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2010/10/28 12:28:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aude\AppData\Roaming\mozilla\Firefox\Profiles\29ml9a1p.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}

[2010/03/17 20:51:20 | 000,002,650 | ---- | M] () -- C:\Users\Aude\AppData\Roaming\Mozilla\FireFox\Profiles\29ml9a1p.default\searchplugins\bing.xml

[2010/12/27 08:57:27 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions

[2010/01/16 02:10:07 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2010/01/16 02:10:07 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/01/16 02:10:07 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2010/01/16 02:10:07 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2010/03/31 23:02:16 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2010/12/23 10:19:11 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)

O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (Your Company Name)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)

O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [VMware hqtray] C:\Program Files\VMware\VMware Player\hqtray.exe (VMware, Inc.)

O4 - HKCU..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)

O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)

O9 - Extra Button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)

O15 - HKLM\..Trusted Domains: canalplay.com ([]* in Trusted sites)

O15 - HKLM\..Trusted Domains: canalplusactive.com ([]* in Trusted sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)

O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)

O24 - Desktop WallPaper: D:\AUDE\photos zen\animaux insecte\Le-Papillon.jpg

O24 - Desktop BackupWallPaper: D:\AUDE\photos zen\animaux insecte\Le-Papillon.jpg

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2007/01/24 15:05:34 | 000,000,000 | ---D | M] - I:\autorun -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)

Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)

Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()

Drivers32: VIDC.I420 - msh263.drv File not found

Drivers32: VIDC.VMnc - C:\Windows\System32\vmnc.dll (VMware, Inc.)

Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

 

CREATERESTOREPOINT

Error creating restore point.

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010/12/27 23:18:09 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Aude\Desktop\OTL.exe

[2010/12/23 10:32:12 | 000,000,000 | ---D | C] -- C:\Program Files\RichFLV

[2010/12/23 10:31:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR

[2010/12/23 10:22:28 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2010/12/23 10:04:38 | 000,000,000 | ---D | C] -- C:\ComboFix

[2010/12/23 10:03:36 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe

[2010/12/23 10:02:31 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2010/12/23 10:02:31 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2010/12/23 10:02:31 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2010/12/23 10:02:22 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2010/12/23 10:00:45 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/12/22 22:03:54 | 000,000,000 | ---D | C] -- C:\Users\Aude\AppData\Roaming\Malwarebytes

[2010/12/22 22:03:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010/12/22 22:03:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010/12/22 22:03:33 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/12/22 22:03:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/12/22 21:51:35 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover

[2010/12/22 07:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\Haali

[2010/12/22 06:55:28 | 000,000,000 | ---D | C] -- C:\Users\Aude\Documents\SpiritON TV Software

[2010/12/22 06:55:28 | 000,000,000 | ---D | C] -- C:\Users\Aude\AppData\Roaming\SpiritON TV Software

[2010/12/22 06:55:27 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2010/12/15 21:59:48 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2010/12/15 21:59:45 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll

[2010/12/15 21:59:44 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll

[2010/12/15 21:59:44 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll

[2010/12/15 21:59:41 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe

[2010/12/15 21:59:39 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2010/12/15 21:59:39 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll

[2010/12/15 21:59:39 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2010/12/15 21:59:34 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2010/12/15 21:59:33 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2010/12/15 21:59:33 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2010/12/15 21:59:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2010/12/15 21:59:32 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2010/12/15 21:59:32 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2010/12/15 21:59:32 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2010/12/15 21:59:32 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2010/12/15 21:59:32 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2010/12/15 21:59:32 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2010/12/15 21:59:32 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2010/12/15 21:59:32 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2010/12/15 21:59:32 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2010/12/15 21:59:32 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2010/12/15 21:59:32 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2010/12/15 21:59:32 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2010/12/15 21:59:31 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2010/12/15 21:59:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2010/12/09 13:19:03 | 000,178,176 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMIU9X.DLL

[2010/12/09 13:16:35 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2010/12/27 23:29:43 | 000,672,250 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2010/12/27 23:29:43 | 000,589,862 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010/12/27 23:29:43 | 000,124,766 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2010/12/27 23:29:43 | 000,102,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010/12/27 23:21:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003UA.job

[2010/12/27 23:18:24 | 000,879,047 | ---- | M] () -- C:\Users\Aude\Desktop\SecurityCheck.exe

[2010/12/27 23:18:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Aude\Desktop\OTL.exe

[2010/12/27 23:04:15 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010/12/27 23:04:15 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010/12/27 22:43:02 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/12/27 21:04:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/12/27 16:13:14 | 000,001,020 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003Core.job

[2010/12/27 12:43:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/12/23 14:04:49 | 000,020,992 | ---- | M] () -- C:\Users\Aude\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/12/23 10:32:12 | 000,000,738 | ---- | M] () -- C:\Users\Public\Desktop\RichFLV.lnk

[2010/12/23 10:19:11 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2010/12/22 22:47:03 | 000,002,032 | ---- | M] () -- C:\Users\Aude\AppData\Local\d3d9caps.dat

[2010/12/22 22:03:36 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/12/22 21:55:25 | 000,001,676 | ---- | M] () -- C:\Users\Aude\Desktop\AD-R.lnk

[2010/12/22 21:35:08 | 000,000,016 | ---- | M] () -- C:\Users\Aude\AppData\Roaming\mchagw.dat

[2010/12/21 21:22:28 | 019,985,265 | ---- | M] () -- C:\Users\Aude\Documents\vlc-1.1.5-win32.exe

[2010/12/16 03:25:15 | 000,392,096 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010/12/14 17:17:47 | 000,002,037 | ---- | M] () -- C:\Users\Aude\Desktop\Google Chrome.lnk

[2010/12/14 17:17:47 | 000,001,999 | ---- | M] () -- C:\Users\Aude\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010/12/27 23:18:18 | 000,879,047 | ---- | C] () -- C:\Users\Aude\Desktop\SecurityCheck.exe

[2010/12/23 10:32:12 | 000,000,738 | ---- | C] () -- C:\Users\Public\Desktop\RichFLV.lnk

[2010/12/23 10:02:31 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe

[2010/12/23 10:02:31 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2010/12/23 10:02:31 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe

[2010/12/23 10:02:31 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2010/12/23 10:02:31 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2010/12/22 22:03:36 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/12/22 21:51:36 | 000,001,676 | ---- | C] () -- C:\Users\Aude\Desktop\AD-R.lnk

[2010/12/22 21:35:07 | 000,000,016 | ---- | C] () -- C:\Users\Aude\AppData\Roaming\mchagw.dat

[2010/12/21 21:20:48 | 019,985,265 | ---- | C] () -- C:\Users\Aude\Documents\vlc-1.1.5-win32.exe

[2010/07/10 18:00:12 | 000,000,000 | ---- | C] () -- C:\Users\Aude\AppData\Roaming\.NANotifyHere

[2010/06/13 14:06:02 | 000,049,152 | ---- | C] () -- C:\Windows\System32\AVerIO.dll

[2010/06/13 14:06:02 | 000,003,456 | ---- | C] () -- C:\Windows\System32\AVerIO.sys

[2010/06/13 14:05:55 | 000,598,016 | ---- | C] () -- C:\Windows\System32\sptlib21.dll

[2010/06/13 14:05:55 | 000,311,296 | ---- | C] () -- C:\Windows\System32\sptlib01.dll

[2010/06/13 14:05:55 | 000,294,912 | ---- | C] () -- C:\Windows\System32\sptlib11.dll

[2010/06/13 14:05:55 | 000,290,816 | ---- | C] () -- C:\Windows\System32\sptlib22.dll

[2010/06/13 14:05:55 | 000,249,856 | ---- | C] () -- C:\Windows\System32\sptlib03.dll

[2010/06/13 14:05:55 | 000,225,280 | ---- | C] () -- C:\Windows\System32\sptlib02.dll

[2010/06/13 14:05:55 | 000,135,168 | ---- | C] () -- C:\Windows\System32\sptlib12.dll

[2010/06/12 10:07:11 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2010/03/21 11:28:45 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys

[2010/03/20 17:47:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/03/11 21:06:37 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll

[2010/02/10 00:22:34 | 000,000,031 | -HS- | C] () -- C:\ProgramData\.zreglib

[2010/02/06 09:35:52 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI

[2010/02/04 23:36:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2010/01/31 20:00:29 | 000,020,992 | ---- | C] () -- C:\Users\Aude\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/01/31 16:41:21 | 000,002,032 | ---- | C] () -- C:\Users\Aude\AppData\Local\d3d9caps.dat

[2010/01/31 16:25:47 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI

[2008/07/09 21:35:41 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1511.dll

[2008/07/09 21:35:40 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll

[2008/07/09 21:32:52 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2010/03/21 12:26:42 | 000,001,024 | ---- | M] () -- C:\.rnd

[2010/12/22 21:56:47 | 000,002,627 | ---- | M] () -- C:\Ad-Report-CLEAN[1].txt

[2010/12/22 21:52:19 | 000,002,381 | ---- | M] () -- C:\Ad-Report-SCAN[1].txt

[2006/09/18 22:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr

[2008/07/09 21:24:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK

[2010/12/23 10:22:22 | 000,012,929 | ---- | M] () -- C:\ComboFix.txt

[2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys

[2010/01/31 16:04:37 | 000,000,187 | ---- | M] () -- C:\Installer_Setup.log

[2010/12/23 09:53:30 | 2321,874,944 | -HS- | M] () -- C:\pagefile.sys

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll

[2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

[2008/01/21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2008/01/21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2008/01/21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 

< %systemroot%\system32\drivers\*.sys /90 >

[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

 

< End of report >

[jdoe]

... et 'Extras.txt' :

 

 

OTL Extras logfile created on: 27/12/2010 23:30:59 - Run 1

OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Aude\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18999)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free

4,00 Gb Paging File | 2,00 Gb Available in Paging File | 56,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 112,00 Gb Total Space | 41,27 Gb Free Space | 36,85% Space Free | Partition Type: NTFS

Drive D: | 112,93 Gb Total Space | 30,42 Gb Free Space | 26,94% Space Free | Partition Type: NTFS

Drive I: | 232,88 Gb Total Space | 12,37 Gb Free Space | 5,31% Space Free | Partition Type: NTFS

 

Computer Name: PC-DE-AUDE | User Name: Aude | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{1260510E-5AE2-48FB-BAAB-2DF5A21625EE}" = lport=445 | protocol=6 | dir=in | app=system |

"{4C14F2CE-DE22-422D-BA7A-19A90E143821}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{57CA2754-6740-4A40-9081-5C32043BBDF8}" = lport=2869 | protocol=6 | dir=in | app=system |

"{5A854DA4-9865-43FA-94E7-7ECB63C02150}" = rport=138 | protocol=17 | dir=out | app=system |

"{64A4FEBC-D682-41DB-A54E-941C97516933}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{73DFA7A6-B77A-41F1-87DF-908BE3BD0D88}" = lport=138 | protocol=17 | dir=in | app=system |

"{79BC294D-FE91-402B-846E-C5079E5866C1}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |

"{85D3A4A7-3D49-485D-9532-2A3B30B0B1DE}" = rport=445 | protocol=6 | dir=out | app=system |

"{876C4E3D-5BD1-4E0C-8C7C-3E8638BB53EE}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{8991933E-7338-43BD-911F-3288B191B628}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{92DF03D8-4987-44CC-A1FC-1511235F8E25}" = lport=137 | protocol=17 | dir=in | app=system |

"{968EF115-1FCA-4643-B10A-713BA9075BAB}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

"{A3AD9D23-162B-4F89-B1B0-F731D1CE761D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{A6A095C8-062D-410F-824A-DEEE1007F8C8}" = lport=139 | protocol=6 | dir=in | app=system |

"{CE313A42-8D5D-4775-84C1-1B8A8F1E7F90}" = rport=137 | protocol=17 | dir=out | app=system |

"{D4CF0A15-59A4-4059-9F48-37E83DB4BA83}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{D4D24ED1-909F-4C7C-886A-1D0AEB23C164}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{E92D419D-F1D3-4598-AFEB-633810868B53}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{FB018F6C-15B0-4B1A-80CC-26D7D0D8F7EF}" = rport=139 | protocol=6 | dir=out | app=system |

"{FBD90891-873D-4E55-9B8E-95F44644A673}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{00B90023-5443-40FC-9E2D-723FBA70B2DE}" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\configmaster.exe |

"{0105C09F-C394-4106-AB5B-A38E86904CE2}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |

"{1698992B-4A66-4275-9E48-57E45717B6EF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{170DA1D3-0737-456A-BD2B-3C51E3E4EF66}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{1ECCFFC4-0DB4-4A11-88EE-BD25E44315D3}" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\configmaster.exe |

"{287C7132-3210-496C-A3BC-50DEE99BBF11}" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\configwizard.exe |

"{33E8172F-BD74-4396-AA5B-B0CD9A6CD4DE}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |

"{37702F96-CE47-4A06-BCD4-A2ED633A77B6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{509D51F7-D4EA-49A1-8121-89414C859B3C}" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\configmaster.exe |

"{530D2B0D-CC18-44E6-AAB7-E27982879D85}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{53CF7385-AC3F-47D2-A5BE-6E9E2946B206}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |

"{583CB55A-5CDF-447E-9F6D-37952093B574}" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\configmaster.exe |

"{58688ADE-AA71-4BDF-A988-19506EAA0E0A}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{5D487081-C37F-46D9-B0EE-927473A6D6FF}" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\configwizard.exe |

"{857AC73C-5250-4CDE-892A-4F127E2852A4}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |

"{85D99EE4-7612-4A4C-AE00-448C7C83868F}" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\amaserver.exe |

"{9EBE6E92-77E0-4F88-B03D-F83C3FB7596C}" = protocol=6 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |

"{A74713DD-5BD7-4BFE-B71D-F5179CDEC428}" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\amaserver.exe |

"{A76638CC-E5B0-49AE-AF6F-79A0E959A639}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |

"{B0B6EE5F-F1D5-4994-971F-E6C5AD8A8CF6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{BD7B264E-6BE9-4D7A-BA71-495D8ACB3FAA}" = protocol=17 | dir=in | app=c:\program files\vmware\vmware player\vmware-authd.exe |

"{C028AC9B-D1A5-4C75-A9BB-515409A8E086}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{C43B5F52-ECA1-4C56-8BC3-AB94836B09C4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{CBE6BBD8-0DD0-478C-BF80-052760133B69}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |

"{CFF6386E-85AE-455A-8EA1-98DCF5E7E724}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{D41CDCC7-5529-416B-9517-DACE6D8C9C33}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{E76DAEA4-4198-4A83-993E-DB485D3228DE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{EEFF39FF-B3CF-40F5-A147-EBF60903DD6D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{F18C5BB4-7F0C-47F2-9F1D-B4F754FB09AD}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"TCP Query User{02F29336-216A-4AC1-8828-9E6ADE39140E}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"TCP Query User{0B88A3C2-0563-47DB-B2E3-98B3D044FFB8}C:\users\aude\appdata\local\temp\rar$ex01.348\filezilla-3.3.4.1\filezilla.exe" = protocol=6 | dir=in | app=c:\users\aude\appdata\local\temp\rar$ex01.348\filezilla-3.3.4.1\filezilla.exe |

"TCP Query User{0C786DD6-71F9-4406-B910-7B46C1551434}C:\users\aude\appdata\local\temp\ixp000.tmp\smwinvnc.exe" = protocol=6 | dir=in | app=c:\users\aude\appdata\local\temp\ixp000.tmp\smwinvnc.exe |

"TCP Query User{23F7B9F0-081D-48F6-B219-8B5CD5C8B0D6}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

"TCP Query User{44442990-A82D-412A-B7A9-68B026D9000A}C:\program files\snugtv\snugtv station\configwizard.exe" = protocol=6 | dir=in | app=c:\program files\snugtv\snugtv station\configwizard.exe |

"TCP Query User{B18BA1B5-BDD2-4838-AC56-90CD6EBDADF4}C:\program files\senstic\air cam\aircamwin.exe" = protocol=6 | dir=in | app=c:\program files\senstic\air cam\aircamwin.exe |

"TCP Query User{B4188840-84D3-48CC-9D8A-0F78449AF9E0}C:\users\aude\appdata\local\temp\ixp000.tmp\smpcsetup.exe" = protocol=6 | dir=in | app=c:\users\aude\appdata\local\temp\ixp000.tmp\smpcsetup.exe |

"UDP Query User{11B6C324-DD12-475F-ACEA-444088410B7A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"UDP Query User{18B42973-737F-4728-B3D2-8C166A55941A}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

"UDP Query User{53F96FA6-1FC4-4DC4-B590-65861325511E}C:\users\aude\appdata\local\temp\rar$ex01.348\filezilla-3.3.4.1\filezilla.exe" = protocol=17 | dir=in | app=c:\users\aude\appdata\local\temp\rar$ex01.348\filezilla-3.3.4.1\filezilla.exe |

"UDP Query User{618C910B-BFC1-46BE-B57A-0D4DE9E5DB29}C:\program files\senstic\air cam\aircamwin.exe" = protocol=17 | dir=in | app=c:\program files\senstic\air cam\aircamwin.exe |

"UDP Query User{749E1AB6-A1C9-4922-9F22-35502129903B}C:\users\aude\appdata\local\temp\ixp000.tmp\smpcsetup.exe" = protocol=17 | dir=in | app=c:\users\aude\appdata\local\temp\ixp000.tmp\smpcsetup.exe |

"UDP Query User{797E731D-0E46-4C80-AEC3-E52F8510E64B}C:\program files\snugtv\snugtv station\configwizard.exe" = protocol=17 | dir=in | app=c:\program files\snugtv\snugtv station\configwizard.exe |

"UDP Query User{CD0D2BC5-2758-441D-A923-F287A552F25F}C:\users\aude\appdata\local\temp\ixp000.tmp\smwinvnc.exe" = protocol=17 | dir=in | app=c:\users\aude\appdata\local\temp\ixp000.tmp\smwinvnc.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library

"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)

"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data

"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series" = Canon MP270 series MP Drivers

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers

"{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings

"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus

"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live

"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter

"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo

"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher

"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{18510937-0146-417B-95D8-14706649C384}" = VAIO Content Metadata Manager Settings

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools

"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10

"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Support de Présentation VAIO

"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10

"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting

"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10

"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 18

"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10

"{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java 6 Update 6

"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide

"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)

"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)

"{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}" = Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)

"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10

"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network

"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime

"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector

"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker

"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger

"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor

"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox

"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)

"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ

"{53FED732-39DF-4973-85CD-854115455007}" = Sun VirtualBox

"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)

"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = Outil de restauration de données VAIO

"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic

"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update

"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" =

"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8

"{5D38959D-2B4D-8AB0-FD1B-27C324E78DB0}" = RichFLV

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)

"{5F5867F0-2D23-4338-A206-01A76C823924}" = Gestion de l’alimentation de VAIO

"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)

"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc

"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform

"{6C50525A-2D77-4C22-B058-9AA2F27ACFF2}" = VAIO Content Metadata Intelligent Analyzing Manager

"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10

"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data

"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10

"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center

"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)

"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10

"{7BC57149-BF98-49C9-9E7F-850091CE4B2C}" = Air Cam

"{80157B54-DB3E-4EE9-8AD8-63A905765FF4}_is1" = Opti Drive Control 1.44

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support

"{8BD60AEF-3F9D-47AE-B80A-FB7FFCE335A0}" = VAIO Movie Story

"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10

"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{90283F22-0731-43B6-81FD-E6DD911A31FB}" = Microsoft SQL Server Native Client

"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes

"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)

"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10

"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =

"{974CAE3B-192C-4988-8841-4685CB3BC239}" = Click to Disc

"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music

"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10

"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)

"{9D210D79-AEC5-453B-960C-4DD2C73931E1}" = Services d’impression Bonjour

"{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library

"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player

"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting

"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series

"{A92A4DB0-CD37-42D1-BE1D-603D53C24328}" = Utilitaire d'identification du processeur Intel®

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AACA8099-4687-4D03-8DCD-6F56D6FFF8F0}" = SnugTV Station

"{AC76BA86-7AD7-1036-7B44-A81200000003}" = Adobe Reader 8.1.2 - Français

"{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}" = OpenMG Secure Module 5.4.00

"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter

"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story

"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support

"{B3668C08-EBB1-40F4-B4F9-4F8E13501A7D}" = VAIO Entertainment Platform

"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call

"{B513C7B0-024A-498F-B0F5-00C67E2440A9}" = VAIO Content Metadata Intelligent Analyzing Manager

"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy

"{BACD22AE-5B6B-4F23-B506-3FCFF13AC137}" = VAIO Media plus

"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)

"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)

"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10

"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service

"{C74B273E-DF20-4955-899B-15205119894C}" = Microsoft SQL Server VSS Writer

"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005

"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility

"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents

"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)

"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live

"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10

"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV

"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10

"{E9E37358-E3E1-47BA-9E21-375EF3616BC9}" = Lecteur CANALPLAY 2.3

"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core

"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F1B1BB41-2494-4FC2-BEF7-9C282B6815A8}" = Image Resizer Powertoy Clone for Windows

"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10

"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)

"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =

"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic

"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)

"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10

"{F88A7EB0-90F4-4012-9194-33AF2F1C5BF1}" = VAIO Movie Story 1.5 Upgrade

"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10

"{FD72E69E-CF34-4071-BFD6-FD081A365E2C}" = VAIO Content Metadata Intelligent Analyzing Manager

"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Ad-Remover" = Ad-Remover By C_XX

"AnyDVD" = AnyDVD

"AVerMedia A850 USB DMB-TH" = AVerMedia A850 USB DMB-TH 1.0.0.26

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"BFG-Big Fish Games Suite de jeu" = Big Fish Games Suite de jeu

"CCleaner" = CCleaner

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP

"CPUID CPU-Z_is1" = CPUID CPU-Z 1.55

"de.benz.RichFLV.A73E9F89A0F07611DDC8DCF9F06D33E089C383B6.1" = RichFLV

"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters

"DivX Setup.divx.com" = Configuration DivX

"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders

"dt icon module" =

"DVD Decrypter" = DVD Decrypter (Remove Only)

"DVD Shrink_is1" = DVD Shrink 3.2

"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]

"gtfirstboot Setting Request" =

"HaaliMkx" = Haali Media Splitter

"HDMI" = Intel® Graphics Media Accelerator Driver

"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO

"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor

"InstallShield_{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}" = OpenMG Secure Module 5.4.00

"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"MarketingTools" = VAIO Marketing Tools

"MFU Module" =

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)

"Picasa 3" = Picasa 3

"Pouchin TV Mod" = Pouchin TV Mod

"SpeedFan" = SpeedFan (remove only)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"uTorrent" = µTorrent

"VAIO Help and Support" =

"VLC media player" = VLC media player 1.0.5

"VMware_Player" = VMware Player

"WinLiveSuite_Wave3" = Installation Windows Live

"WinRAR archiver" = Logiciel d'archivage WinRAR

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 14/12/2010 05:08:48 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 14/12/2010 05:08:48 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 5226

 

Error - 14/12/2010 05:08:48 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 5226

 

Error - 14/12/2010 11:06:56 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 14/12/2010 11:06:56 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 1061

 

Error - 14/12/2010 11:06:56 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 1061

 

Error - 14/12/2010 11:06:57 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 14/12/2010 11:06:57 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 2169

 

Error - 14/12/2010 11:06:57 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 2169

 

Error - 14/12/2010 11:06:58 | Computer Name = PC-de-Aude | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

[ AVer AutoUpdate Events ]

Error - 21/11/2010 09:31:37 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0

Description =

 

Error - 21/11/2010 13:42:47 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0

Description =

 

Error - 28/11/2010 07:51:37 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0

Description =

 

Error - 03/12/2010 07:51:17 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0

Description =

 

Error - 24/12/2010 07:51:00 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0

Description =

 

Error - 24/12/2010 08:51:01 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0

Description =

 

Error - 24/12/2010 08:51:02 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0

Description =

 

Error - 24/12/2010 08:51:03 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0

Description =

 

Error - 24/12/2010 08:51:04 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0

Description =

 

Error - 24/12/2010 08:51:07 | Computer Name = PC-de-Aude | Source = AVerUpdate Server | ID = 0

Description =

 

[ AVer MediaAnywhere Events ]

Error - 18/11/2010 15:59:19 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 16389

Description =

 

Error - 19/11/2010 03:00:40 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 470759

Description =

 

Error - 19/11/2010 03:00:59 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 16389

Description =

 

Error - 19/11/2010 18:48:36 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583

Description = Cannot find any network adapter.

 

Error - 19/11/2010 18:48:39 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583

Description = Cannot find any network adapter.

 

Error - 19/11/2010 18:48:39 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583

Description = Cannot find any network adapter.

 

Error - 19/11/2010 18:48:40 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583

Description = Cannot find any network adapter.

 

Error - 19/11/2010 18:48:41 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583

Description = Cannot find any network adapter.

 

Error - 19/11/2010 18:48:41 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583

Description = Cannot find any network adapter.

 

Error - 20/11/2010 03:57:41 | Computer Name = PC-de-Aude | Source = AMA Server | ID = 131583

Description = Cannot find any network adapter.

 

[ System Events ]

Error - 23/12/2010 04:53:47 | Computer Name = PC-de-Aude | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000

Description =

 

Error - 23/12/2010 04:55:06 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7000

Description =

 

Error - 23/12/2010 05:00:43 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7030

Description =

 

Error - 23/12/2010 05:03:58 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7030

Description =

 

Error - 23/12/2010 05:08:23 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7034

Description =

 

Error - 23/12/2010 05:09:07 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7030

Description =

 

Error - 23/12/2010 05:19:14 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7030

Description =

 

Error - 24/12/2010 07:51:15 | Computer Name = PC-de-Aude | Source = Dhcp | ID = 1002

Description = Le bail de l'adresse IP 192.168.1.12 pour la carte réseau dont l'adresse

réseau est 001FE1D71941 a été refusé par le serveur DHCP 192.168.0.1 (celui-ci

a envoyé un message DHCPNACK).

 

Error - 26/12/2010 07:18:51 | Computer Name = PC-de-Aude | Source = Service Control Manager | ID = 7011

Description =

 

Error - 26/12/2010 15:49:25 | Computer Name = PC-de-Aude | Source = Dhcp | ID = 1002

Description = Le bail de l'adresse IP 192.168.0.7 pour la carte réseau dont l'adresse

réseau est 001FE1D71941 a été refusé par le serveur DHCP 192.168.1.254 (celui-ci

a envoyé un message DHCPNACK).

 

 

< End of report >

[jdoe]

... enfin 'checkup.txt' :

 

Results of screen317's Security Check version 0.99.8

Windows Vista Service Pack 2 (UAC is enabled)

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Avira AntiVir Personal - Free Antivirus

WMI entry may not exist for antivirus; attempting automatic update.

Avira successfully updated!

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

CCleaner

Java 6 Update 18

Java 6 Update 6

Out of date Java installed!

Adobe Flash Player 10.1.102.64

Adobe Reader 8.1.2 - Français

Out of date Adobe Reader installed!

Mozilla Firefox (3.6.13)

````````````````````````````````

Process Check:

objlist.exe by Laurent

Windows Defender MSASCui.exe

Avira Antivir avgnt.exe

Avira Antivir avguard.exe

Windows Defender MSASCui.exe

``````````End of Log````````````

[lance_yien]

Bonjour,

 

Surveille les espaces libres sur tes partitions (15 à 20% minimum). A voir quand on a fini ensemble.

Drive C: | 112,00 Gb Total Space | 41,27 Gb Free Space | 36,85% Space Free | Partition Type: NTFS

Drive D: | 112,93 Gb Total Space | 30,42 Gb Free Space | 26,94% Space Free | Partition Type: NTFS

Drive I: | 232,88 Gb Total Space | 12,37 Gb Free Space | 5,31% Space Free | Partition Type: NTFS

--

 

>>> Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation".

 

:OTL

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8074

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)

 

:Files

C:\Windows\tasks\*.job

 

:Services

 

:Reg

 

:Commands

[EMPTYTEMP]

[EMPTYFLASH]

[RESETHOSTS]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier son contenu et le coller dans une nouvelle réponse. Fermer le rapport et OTL.

 

>>> Mises à jour. Toute ancienne version d'un programme quel qu'il soit peut comporter des vulnérabilités susceptibles d'être exploitées pour infecter un PC et notre meilleur moyen pour limiter les dégâts c'est la mise à jour régulièrement:

• Java: Utiliser, IMPÉRATIVEMENT, Internet Explorer pour téléchargez (sur le Bureau) la dernière version qui correspond à votre Système d'exploitation (32 ou 64 bits): Téléchargements Java pour tous les systèmes d'exploitation.
   
  
  

  
   
  Avant l'installation il est important de commencer par supprimer TOUTES les anciennes versions dans votre machine parce qu'elles peuvent contenir des vulnérabilités de sécurité:
  Cliquer sur "Démarrer" => "Panneau de Configuration" => "Ajout/ Suppr des Programmes".
  Chercher, dans la liste les lignes concernant Java (J2SE Runtime Environment.... ) et repérables avec cette icône .
  Sélectionner une ligne à la fois et cliquer sur Modifier/ Supprimer.
  Quand il n'y en a plus fermez tout et installez la nouvelle version en cliquant sur le fichier que vous avez téléchargé.
   
  

• Ta version de Adobe Acrobat Reader n'est pas à jour. La désinstaller et télécharger la dernière version ici (Décocher la case Inclure dans votre téléchargement).

 

 

Rapports demandés:

• OTL

As-tu encore d'autres soucis?

[jdoe]

Bonjour,

voici le rapport OTL :

 

 

All processes killed

========== OTL ==========

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.

Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.

Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.

Starting removal of ActiveX control {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\ not found.

Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.

========== FILES ==========

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003Core.job moved successfully.

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-835074155-1869494518-3106102108-1003UA.job moved successfully.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Aude

->Temp folder emptied: 169118 bytes

->Temporary Internet Files folder emptied: 204163871 bytes

->Java cache emptied: 264085 bytes

->FireFox cache emptied: 134363789 bytes

->Google Chrome cache emptied: 241627449 bytes

->Flash cache emptied: 168797 bytes

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

->Flash cache emptied: 56502 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Public

->Temp folder emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 68624 bytes

RecycleBin emptied: 63706 bytes

 

Total Files Cleaned = 554,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Aude

->Flash cache emptied: 0 bytes

 

User: Default

->Flash cache emptied: 0 bytes

 

User: Default User

->Flash cache emptied: 0 bytes

 

User: Public

 

Total Flash Files Cleaned = 0,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.18.0 log created on 12282010_121645

 

Files\Folders moved on Reboot...

C:\Windows\temp\vmware-SYSTEM\vmware-usbarb-SYSTEM-2532.log moved successfully.

 

Registry entries deleted on Reboot...