Page internet qui s'ouvre seul sur Vista

lmanson · le 26 décembre 2010

RESOLU

Bonjour,

Je poste ici car on m'a dit que des pro répondent personnelement à chaque problème, je m'en remet donc à vous.

Je suis sur Windows Vista, et depuis un certains temps, internet s'ouvre régulièrement tout seul (sans que je l'utilise puisque je suis sur Firefox)pour s'ouvrir sur des pages diverses (poker, vente en ligne, site de rencontre...)

J'ai vu plusieurs postes sur le même problème, mais on m'as dit que chaque problème était unique et donc se résolvait différemment. De plus je ne suis pas une tête en informatique, même si je connais les bases, et je comprends pas toujours tout aux explications données (ligne de code etc)

Pour mon antivirus j'utilise la version free de Avast.

De plus, je ne sais pas si c'est à cause du même problème, mais mon ordi que j'ai depuis deux ans mais qui a toujours super bien marché (hp pavillon dv6000) commence a ramer notamment kan je suis sur le net (pour Firefox).

Quelqu'un peut-il m'expliquer une procédure sans risque pour résoudre le problème? car j'ai vu des explications qui impliquait de supprimer des ligne, et des avis très défavorable sur cette solution qui risque une "crash" de l'ordi.

Merci par avance.

Mathias

Modifié le 29 décembre 2010 par lmanson

lance_yien · le 27 décembre 2010

Bonjour lmanson,

Très Important!

>>> A faire immédiatement:

- En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

- Sauvegarder (en copiant) tous les documents personnels sur un support autre que la partition système: Clé USB, CD/DVD, Disque Dur externe etc.

>>> Que faire durant ce nettoyage, merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

>>> Que faire à la réception de nouvelles instructions,

Lire la totalité du message.
Télécharger et enregistrer les utilitaires DIRECTEMENT sur le Bureau ou les déplacer (tout de suite après par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller".
Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau.
Prendre l'habitude de désactiver tous les programmes de protection au début de chaque nouvelle étape et de les réactiver à la fin.
Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.

>>> Comment répondre:

- Cliquer sur le bouton (et non sur car je n'ai pas besoin de relire mes messages précédents).

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...).

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau:

Malware Bytes Anti-Malware depuis ici.
Security Check (par screen317) depuis ici ou ici.
TDSSKiller.zip depuis ici et le dé-zipper (clic-droit => "Extraire ici").

>>> Utiliser Malwarebytes' Anti-Malware Fermer tout et cliquer sur mbam-setup.exe. Suivre les indications en laissant tout par défaut. Cliquer sur Terminer sans rien changer.

- Lancer le programme depuis son icône sur le bureau ou depuis "Démarrer" => "Tous les programmes" => "Malwarebytes' Anti-Malware".

- Faire les Mises à jour depuis l'onglet du même nom). Si problème avec les mises à jour automatiques, cliquer ICI pour les télécharger et les installer manuellement.

- Dans l'onglet "Recherche" laisser la case "Exécuter un examen rapide" cochée et cliquer sur "Rechercher".

Patienter jusqu'à la fin (affichage du message ci-dessous)

Cliquer sur OK, pour fermer ce message.

- Cliquer sur "Afficher les résultats" puis sur "Supprimer la sélection".

Le programme procède alors au nettoyage. S'il vous demande de redémarrer le PC, ACCEPTER (c'est pour supprimer certains fichiers spécifiques).

A la fin un rapport s'affiche (accessible à tout moment depuis l'onglet Rapport/Logs de la fenêtre principale de MBAM. Poster son contenu dans la prochaine réponse.

>>> TDSSKiller: Dézipper TDSSKiller.zip (clic-droit dessus => "Extraire ici". Glisser TDSSKiller.zip dans la corbeille pour le supprimer.

Fermer tout et désactiver antivirus et tout autre programme de protection. Cliquer sur TDSSKiller.exe pour lancer le programme.
Cliquer sur le bouton Start Scan et patienter jusqu'à la fin de l'analyse.
Si un fichier infecté est détecté, l'action par défaut sera Cure. Cliquer sur le bouton Continue Sans rien changer.
Si un fichier suspect est détecté, l'action par défaut sera Skip. Cliquer sur le bouton Continue Sans rien changer.

Si vous êtes invité à redémarre la machine pour finir le processus (reboot the computer to complete the process), cliquez sur le bouton Reboot Now. Le rapport sera sauvegardé à la racine de la partition système, là où Windows est installé (généralement C:\); son format est du type "TDSSKiller.[Version]_[Date]_[Heure]_log.txt" (par exemple, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Poster son contenu.

Si aucun redémarrage n'est requis, cliquer sur Report. Un fichier texte s'ouvre et sera sauvegardé de la même manière, poster son contenu.

>>> Utiliser SecurityCheck: Fermer tout et double-cliquer sur "SecurityCheck.exe" pour lancer le programme.

Appuyer sur une touche comme demandé et suivre les indications.

Note: Si un des programmes de sécurité demande la permission d'accéder à Internet depuis dig.exe, acceptez.

Le Rapport checkup.txt s'ouvre à la fin. Poster son contenu.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

Poster son contenu.

Rapports demandés:

Malwarebytes Anti-Malware log
TDSSKiller_log.txt
checkup.txt

lmanson · le 27 décembre 2010

voici le rapport de MBAM

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Version de la base de données: 5404

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18999

27/12/2010 18:52:20

mbam-log-2010-12-27 (18-52-20).txt

Type d'examen: Examen rapide

Elément(s) analysé(s): 156134

Temps écoulé: 4 minute(s), 19 seconde(s)

Processus mémoire infecté(s): 1

Module(s) mémoire infecté(s): 1

Clé(s) du Registre infectée(s): 1

Valeur(s) du Registre infectée(s): 7

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 1

Fichier(s) infecté(s): 8

Processus mémoire infecté(s):

c:\program files\installpedia\lnetworker.exe (Adware.InstallPedia) -> 2772 -> Unloaded process successfully.

Module(s) mémoire infecté(s):

c:\Users\thias\AppData\Local\assembly\dl3\0J2NW5P8.70E\832LX7H2.DKA\370d9396\00d34a37_f353cb01\Utils.DLL (Adware.InstallPedia) -> Delete on reboot.

Clé(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\I.P services (Adware.InstallPedia) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\IP Network (Adware.InstallPedia) -> Value: IP Network -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> Value: {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Value: bf -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Value: bk -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Value: iu -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Value: mu -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

c:\program files\installpedia (Adware.InstallPedia) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):

c:\program files\installpedia\lnetworker.exe (Adware.InstallPedia) -> Quarantined and deleted successfully.

c:\Users\thias\AppData\Local\assembly\dl3\0J2NW5P8.70E\832LX7H2.DKA\370d9396\00d34a37_f353cb01\Utils.DLL (Adware.InstallPedia) -> Delete on reboot.

c:\program files\installpedia\service.exe (Adware.InstallPedia) -> Quarantined and deleted successfully.

c:\Windows\System32\Utils.dll (Adware.InstallPedia) -> Quarantined and deleted successfully.

c:\program files\installpedia\networker.exe (Adware.InstallPedia) -> Quarantined and deleted successfully.

c:\program files\installpedia\pref_updater.exe (Adware.InstallPedia) -> Quarantined and deleted successfully.

c:\program files\installpedia\ionic.zip.reduced.dll (Adware.InstallPedia) -> Quarantined and deleted successfully.

c:\program files\installpedia\Utils.dll (Adware.InstallPedia) -> Quarantined and deleted successfully.

lmanson · le 27 décembre 2010

Voici le rapport de TDSS KILLER

2010/12/27 19:01:48.0122 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46

2010/12/27 19:01:48.0122 ================================================================================

2010/12/27 19:01:48.0122 SystemInfo:

2010/12/27 19:01:48.0122

2010/12/27 19:01:48.0122 OS Version: 6.0.6002 ServicePack: 2.0

2010/12/27 19:01:48.0122 Product type: Workstation

2010/12/27 19:01:48.0123 ComputerName: PC-DE-THIAS

2010/12/27 19:01:48.0123 UserName: thias

2010/12/27 19:01:48.0123 Windows directory: C:\Windows

2010/12/27 19:01:48.0123 System windows directory: C:\Windows

2010/12/27 19:01:48.0123 Processor architecture: Intel x86

2010/12/27 19:01:48.0123 Number of processors: 2

2010/12/27 19:01:48.0123 Page size: 0x1000

2010/12/27 19:01:48.0123 Boot type: Normal boot

2010/12/27 19:01:48.0123 ================================================================================

2010/12/27 19:01:48.0527 Initialize success

2010/12/27 19:02:11.0267 ================================================================================

2010/12/27 19:02:11.0267 Scan started

2010/12/27 19:02:11.0267 Mode: Manual;

2010/12/27 19:02:11.0267 ================================================================================

2010/12/27 19:02:11.0960 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

2010/12/27 19:02:12.0184 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

2010/12/27 19:02:12.0233 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

2010/12/27 19:02:13.0069 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

2010/12/27 19:02:13.0114 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

2010/12/27 19:02:13.0917 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys

2010/12/27 19:02:14.0005 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

2010/12/27 19:02:14.0825 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

2010/12/27 19:02:14.0909 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys

2010/12/27 19:02:14.0947 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

2010/12/27 19:02:14.0975 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys

2010/12/27 19:02:15.0013 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

2010/12/27 19:02:15.0064 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys

2010/12/27 19:02:15.0135 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

2010/12/27 19:02:15.0188 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

2010/12/27 19:02:15.0257 aswFsBlk (1b6ed99291ddf5d2501554cc5757aab6) C:\Windows\system32\drivers\aswFsBlk.sys

2010/12/27 19:02:16.0088 aswMonFlt (58254e06b36b984e33ae314c0ea8f1a5) C:\Windows\system32\drivers\aswMonFlt.sys

2010/12/27 19:02:17.0132 aswRdr (3e2b6112d2766f87eda8466fde86a986) C:\Windows\system32\drivers\aswRdr.sys

2010/12/27 19:02:17.0230 aswSP (d78b644816db540e103d0b0766fd9967) C:\Windows\system32\drivers\aswSP.sys

2010/12/27 19:02:17.0428 aswTdi (606d731008d98b6ef946730c597c1642) C:\Windows\system32\drivers\aswTdi.sys

2010/12/27 19:02:18.0136 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

2010/12/27 19:02:18.0408 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

2010/12/27 19:02:18.0771 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys

2010/12/27 19:02:18.0939 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

2010/12/27 19:02:19.0215 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys

2010/12/27 19:02:19.0283 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

2010/12/27 19:02:19.0317 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

2010/12/27 19:02:19.0348 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

2010/12/27 19:02:19.0375 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

2010/12/27 19:02:19.0422 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

2010/12/27 19:02:19.0447 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

2010/12/27 19:02:19.0509 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys

2010/12/27 19:02:19.0577 BTHMODEM (9a966a8e86d1771911ae34a20d11bff3) C:\Windows\system32\DRIVERS\bthmodem.sys

2010/12/27 19:02:19.0641 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys

2010/12/27 19:02:19.0711 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys

2010/12/27 19:02:19.0785 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys

2010/12/27 19:02:19.0862 btwaudio (99aeea7cefdfc6e4151a8f620d682088) C:\Windows\system32\drivers\btwaudio.sys

2010/12/27 19:02:19.0933 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\Windows\system32\drivers\btwavdt.sys

2010/12/27 19:02:19.0966 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\Windows\system32\DRIVERS\btwrchid.sys

2010/12/27 19:02:20.0057 CamDrL (0f5ca31bb3fdb5c1e63c170cfbecc93b) C:\Windows\system32\DRIVERS\Camdrl.sys

2010/12/27 19:02:20.0146 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

2010/12/27 19:02:20.0212 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

2010/12/27 19:02:20.0320 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys

2010/12/27 19:02:20.0530 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

2010/12/27 19:02:20.0643 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

2010/12/27 19:02:20.0699 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys

2010/12/27 19:02:20.0754 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

2010/12/27 19:02:20.0785 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

2010/12/27 19:02:20.0824 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

2010/12/27 19:02:20.0917 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys

2010/12/27 19:02:21.0001 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

2010/12/27 19:02:21.0082 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys

2010/12/27 19:02:21.0117 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys

2010/12/27 19:02:21.0147 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys

2010/12/27 19:02:21.0204 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

2010/12/27 19:02:21.0284 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys

2010/12/27 19:02:21.0355 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys

2010/12/27 19:02:21.0415 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

2010/12/27 19:02:21.0496 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

2010/12/27 19:02:21.0544 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

2010/12/27 19:02:21.0661 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

2010/12/27 19:02:21.0704 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

2010/12/27 19:02:21.0750 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

2010/12/27 19:02:21.0828 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

2010/12/27 19:02:21.0874 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

2010/12/27 19:02:21.0938 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

2010/12/27 19:02:21.0993 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

2010/12/27 19:02:22.0068 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

2010/12/27 19:02:22.0097 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

2010/12/27 19:02:22.0172 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys

2010/12/27 19:02:22.0242 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

2010/12/27 19:02:22.0294 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

2010/12/27 19:02:22.0334 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

2010/12/27 19:02:22.0366 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

2010/12/27 19:02:22.0417 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

2010/12/27 19:02:22.0490 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

2010/12/27 19:02:22.0558 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys

2010/12/27 19:02:22.0583 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys

2010/12/27 19:02:22.0642 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS

2010/12/27 19:02:22.0695 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS

2010/12/27 19:02:22.0789 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

2010/12/27 19:02:22.0836 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

2010/12/27 19:02:22.0894 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

2010/12/27 19:02:22.0993 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys

2010/12/27 19:02:23.0081 iaStor (2358c53f30cb9dcd1d3843c4e2f299b2) C:\Windows\system32\DRIVERS\iaStor.sys

2010/12/27 19:02:23.0123 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

2010/12/27 19:02:23.0179 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

2010/12/27 19:02:23.0325 IntcAzAudAddService (9f5898ebd3bbe82eadf2efa595f02a72) C:\Windows\system32\drivers\RTKVHDA.sys

2010/12/27 19:02:23.0514 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

2010/12/27 19:02:23.0712 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

2010/12/27 19:02:23.0849 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2010/12/27 19:02:23.0934 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

2010/12/27 19:02:23.0991 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

2010/12/27 19:02:24.0094 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

2010/12/27 19:02:24.0144 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys

2010/12/27 19:02:24.0218 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

2010/12/27 19:02:24.0295 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

2010/12/27 19:02:24.0350 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

2010/12/27 19:02:24.0402 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

2010/12/27 19:02:24.0482 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys

2010/12/27 19:02:24.0544 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

2010/12/27 19:02:24.0623 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

2010/12/27 19:02:24.0683 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

2010/12/27 19:02:24.0746 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

2010/12/27 19:02:24.0786 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

2010/12/27 19:02:24.0842 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

2010/12/27 19:02:24.0956 LVcKap (9a3d4fc6b86e7e36473079ab76ac703d) C:\Windows\system32\DRIVERS\LVcKap.sys

2010/12/27 19:02:25.0123 LVMVDrv (0acbc11f19320af6c19f2e20013d9095) C:\Windows\system32\DRIVERS\LVMVDrv.sys

2010/12/27 19:02:25.0198 LVPr2Mon (12866641284ebb41e627bb53c04da959) C:\Windows\system32\DRIVERS\LVPr2Mon.sys

2010/12/27 19:02:25.0281 LVUSBSta (64bc29c3a0388bfc580bb8b1346f7659) C:\Windows\system32\drivers\LVUSBSta.sys

2010/12/27 19:02:25.0480 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

2010/12/27 19:02:25.0536 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

2010/12/27 19:02:25.0586 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

2010/12/27 19:02:25.0812 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

2010/12/27 19:02:25.0942 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

2010/12/27 19:02:26.0014 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

2010/12/27 19:02:26.0092 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

2010/12/27 19:02:26.0151 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

2010/12/27 19:02:26.0179 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

2010/12/27 19:02:26.0236 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

2010/12/27 19:02:26.0289 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys

2010/12/27 19:02:26.0321 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2010/12/27 19:02:26.0351 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2010/12/27 19:02:26.0381 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys

2010/12/27 19:02:26.0423 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

2010/12/27 19:02:26.0465 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

2010/12/27 19:02:26.0520 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

2010/12/27 19:02:26.0598 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

2010/12/27 19:02:26.0674 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

2010/12/27 19:02:26.0712 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

2010/12/27 19:02:26.0785 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

2010/12/27 19:02:26.0835 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

2010/12/27 19:02:26.0935 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

2010/12/27 19:02:27.0003 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

2010/12/27 19:02:27.0105 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

2010/12/27 19:02:27.0172 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

2010/12/27 19:02:27.0221 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

2010/12/27 19:02:27.0297 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

2010/12/27 19:02:27.0342 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

2010/12/27 19:02:27.0395 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

2010/12/27 19:02:27.0501 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

2010/12/27 19:02:27.0563 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

2010/12/27 19:02:27.0688 NETw4v32 (25acccfc33dd448b9d3037c5e439e830) C:\Windows\system32\DRIVERS\NETw4v32.sys

2010/12/27 19:02:27.0946 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

2010/12/27 19:02:28.0122 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

2010/12/27 19:02:28.0188 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

2010/12/27 19:02:28.0261 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

2010/12/27 19:02:28.0338 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

2010/12/27 19:02:28.0389 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

2010/12/27 19:02:28.0734 nvlddmkm (24000b817cc84ac1555f41929879af5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys

2010/12/27 19:02:28.0918 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

2010/12/27 19:02:28.0972 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

2010/12/27 19:02:29.0036 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys

2010/12/27 19:02:29.0173 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

2010/12/27 19:02:29.0526 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

2010/12/27 19:02:29.0750 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

2010/12/27 19:02:29.0850 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

2010/12/27 19:02:29.0939 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

2010/12/27 19:02:29.0974 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys

2010/12/27 19:02:30.0025 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

2010/12/27 19:02:30.0132 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

2010/12/27 19:02:30.0404 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

2010/12/27 19:02:30.0486 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

2010/12/27 19:02:30.0567 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

2010/12/27 19:02:30.0616 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys

2010/12/27 19:02:30.0754 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

2010/12/27 19:02:30.0819 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

2010/12/27 19:02:30.0897 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

2010/12/27 19:02:30.0962 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

2010/12/27 19:02:31.0022 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

2010/12/27 19:02:31.0092 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

2010/12/27 19:02:31.0130 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

2010/12/27 19:02:31.0218 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

2010/12/27 19:02:31.0269 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

2010/12/27 19:02:31.0324 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys

2010/12/27 19:02:31.0361 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

2010/12/27 19:02:31.0409 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

2010/12/27 19:02:31.0467 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys

2010/12/27 19:02:31.0522 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys

2010/12/27 19:02:31.0538 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys

2010/12/27 19:02:31.0628 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys

2010/12/27 19:02:31.0811 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

2010/12/27 19:02:31.0954 RTL8169 (9a929308a64183d3d9dccbb6df4badae) C:\Windows\system32\DRIVERS\Rtlh86.sys

2010/12/27 19:02:32.0186 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

2010/12/27 19:02:32.0250 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys

2010/12/27 19:02:32.0283 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

2010/12/27 19:02:32.0335 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

2010/12/27 19:02:32.0374 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

2010/12/27 19:02:32.0443 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

2010/12/27 19:02:32.0556 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys

2010/12/27 19:02:32.0621 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys

2010/12/27 19:02:32.0657 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys

2010/12/27 19:02:32.0696 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys

2010/12/27 19:02:32.0737 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys

2010/12/27 19:02:32.0759 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

2010/12/27 19:02:32.0789 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

2010/12/27 19:02:32.0841 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

2010/12/27 19:02:32.0949 smserial (63b3b77bdb67ee674771c0e6fb96da9e) C:\Windows\system32\DRIVERS\smserial.sys

2010/12/27 19:02:33.0041 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

2010/12/27 19:02:33.0129 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys

2010/12/27 19:02:33.0184 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys

2010/12/27 19:02:33.0217 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys

2010/12/27 19:02:33.0305 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

2010/12/27 19:02:34.0097 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

2010/12/27 19:02:35.0113 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

2010/12/27 19:02:35.0203 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

2010/12/27 19:02:35.0248 SynTP (3d6316279c3540aa268bf025f4621ef3) C:\Windows\system32\DRIVERS\SynTP.sys

2010/12/27 19:02:35.0336 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys

2010/12/27 19:02:35.0417 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys

2010/12/27 19:02:36.0115 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

2010/12/27 19:02:36.0166 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

2010/12/27 19:02:36.0233 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

2010/12/27 19:02:36.0304 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

2010/12/27 19:02:36.0342 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

2010/12/27 19:02:36.0407 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

2010/12/27 19:02:36.0495 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

2010/12/27 19:02:36.0535 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

2010/12/27 19:02:36.0572 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

2010/12/27 19:02:36.0643 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

2010/12/27 19:02:36.0682 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys

2010/12/27 19:02:36.0723 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

2010/12/27 19:02:36.0760 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

2010/12/27 19:02:36.0787 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

2010/12/27 19:02:36.0871 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

2010/12/27 19:02:36.0919 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys

2010/12/27 19:02:36.0984 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys

2010/12/27 19:02:37.0039 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

2010/12/27 19:02:37.0078 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

2010/12/27 19:02:37.0120 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

2010/12/27 19:02:37.0170 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

2010/12/27 19:02:37.0201 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

2010/12/27 19:02:37.0241 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

2010/12/27 19:02:37.0285 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

2010/12/27 19:02:37.0325 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2010/12/27 19:02:37.0368 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

2010/12/27 19:02:37.0438 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

2010/12/27 19:02:37.0487 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys

2010/12/27 19:02:37.0518 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

2010/12/27 19:02:37.0564 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys

2010/12/27 19:02:37.0589 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

2010/12/27 19:02:37.0622 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys

2010/12/27 19:02:37.0665 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

2010/12/27 19:02:37.0717 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

2010/12/27 19:02:37.0769 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

2010/12/27 19:02:37.0813 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

2010/12/27 19:02:37.0865 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

2010/12/27 19:02:37.0954 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2010/12/27 19:02:37.0965 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

2010/12/27 19:02:38.0017 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

2010/12/27 19:02:38.0070 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

2010/12/27 19:02:38.0135 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS

2010/12/27 19:02:38.0452 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

2010/12/27 19:02:38.0595 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

2010/12/27 19:02:38.0649 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

2010/12/27 19:02:38.0710 WsAudioDevice_383 (85ece26f326c2d07ba77a60343468272) C:\Windows\system32\drivers\WsAudioDevice_383.sys

2010/12/27 19:02:38.0781 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

2010/12/27 19:02:38.0866 {22D78859-9CE9-4B77-BF18-AC83E81A9263} (8903c6979ea677a9af3d36e0d3709203) C:\Program Files\HP\QuickPlay\000.fcl

2010/12/27 19:02:38.0922 ================================================================================

2010/12/27 19:02:38.0922 Scan finished

2010/12/27 19:02:38.0922 ================================================================================

lmanson · le 27 décembre 2010

et le dernier rapport. la procédure est terminé? le problème a-t-il été résolu?

Merci pour votre réactivité

Results of screen317's Security Check version 0.99.8

Windows Vista Service Pack 2 (UAC is disabled!)

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

avast! Free Antivirus

McAfee Security Scan Plus

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Wikikou Messenger Cleaner

Java 6 Update 22

Java 6 Update 2

Java 6 Update 5

Java 6 Update 7

Out of date Java installed!

Adobe Flash Player 10.1.102.64

Adobe Reader 8.1.6 - Français

Out of date Adobe Reader installed!

````````````````````````````````

Process Check:

objlist.exe by Laurent

Alwil Software Avast5 AvastSvc.exe

Alwil Software Avast5 AvastUI.exe

``````````End of Log````````````

lance_yien · le 28 décembre 2010

Bonjour,

C'est moi qui avais demandé dans mon 1er post de "NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial."

Pas d'infection grave mais on va assurer quand même.

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau:

ComboFix© (par sUBs) depuis ici ou ici
OTL (par OldTimer) depuis ici ou ici.

>>> Utiliser ComboFix: Fermer tout, désactive antivirus/ pare-feu/ antispyware et cliquer ComboFix.exe. Suivre les instructions.

Accepter l'Agrément de la licence et l'installation de la Console de Récupération (proposée sous XP si pas installée).

NE PAS TOUCHER la machine avant la fin (même si les choses semblent ne pas avancer).

Quand c'est fini, un rapport (ComboFix.txt) s'affiche. Il est sauvegardé, automatiquement, à la racine de la partition système (généralement C:\)

Poster son contenu.

>>> Utiliser OTL: Brancher et allumer tous les médias amovibles ayant servi à un quelconque transfert de données (clés USB...).

Fermer tout et double-cliquer sur OTL.exe (Vista/ Windows7, clic-droit dessus => Exécuter en tant qu'Admin).

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs
drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

Rapports demandés:

ComboFix.txt
OTL.txt
Extras.txt

lmanson · le 28 décembre 2010

Bonjour,

Mon ordinateur semble fonctionner à nouveau correctement.

Dois-je tout de même effectuer ces dernières analyses par sécurité?

Cordialement.

lance_yien · le 28 décembre 2010

Oui, ça ne coute rien et surtout pour assurer.

lmanson · le 28 décembre 2010

Bonjour, voici le rapport de ComboFix

ComboFix 10-12-26.01 - thias 28/12/2010 14:37:21.1.2 - x86

Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3069.1654 [GMT 1:00]

Lancé depuis: c:\users\thias\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}

SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\programdata\vlc-0.9.4-win32.exe

c:\programdata\vlc-0.9.9-win32.exe

c:\programdata\vlc-1.0.2-win32.exe

c:\programdata\vlc-1.0.5-win32.exe

c:\windows\system32\KBL.LOG

c:\windows\system32\logs

.

((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_oUltraf

((((((((((((((((((((((((((((( Fichiers créés du 2010-11-28 au 2010-12-28 ))))))))))))))))))))))))))))))))))))

.

2010-12-28 11:57 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{793CB042-EB84-49DD-A60F-99B105589A33}\mpengine.dll

2010-12-27 17:46 . 2010-12-27 17:46 -------- d-----w- c:\users\thias\AppData\Roaming\Malwarebytes

2010-12-27 17:46 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-12-27 17:46 . 2010-12-27 17:46 -------- d-----w- c:\programdata\Malwarebytes

2010-12-27 17:46 . 2010-12-27 17:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-12-27 17:46 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-12-25 14:38 . 2010-12-25 14:42 -------- d-----w- c:\users\thias\AppData\Roaming\PCFix

2010-12-24 19:22 . 2010-12-24 19:22 -------- d-----w- c:\program files\iPod

2010-12-24 19:22 . 2010-12-24 19:24 -------- d-----w- c:\program files\iTunes

2010-12-24 19:08 . 2010-12-24 19:08 -------- d-----w- c:\programdata\MessengerDiscovery 2

2010-12-15 15:15 . 2010-10-12 15:53 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll

2010-12-15 15:15 . 2010-10-12 13:41 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe

2010-12-15 15:15 . 2010-10-12 13:41 515584 ----a-w- c:\program files\Windows Mail\wab.exe

2010-12-15 15:15 . 2010-11-04 18:55 352768 ----a-w- c:\windows\system32\taskschd.dll

2010-12-15 15:15 . 2010-11-04 18:55 601600 ----a-w- c:\windows\system32\schedsvc.dll

2010-12-15 15:15 . 2010-11-04 18:56 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-12-15 15:15 . 2010-11-04 18:55 270336 ----a-w- c:\windows\system32\taskcomp.dll

2010-12-15 15:15 . 2010-11-04 16:34 171520 ----a-w- c:\windows\system32\taskeng.exe

2010-12-15 15:10 . 2010-10-18 13:31 2038272 ----a-w- c:\windows\system32\win32k.sys

2010-12-15 15:09 . 2010-10-18 13:37 81920 ----a-w- c:\windows\system32\consent.exe

2010-12-15 15:09 . 2010-10-28 15:44 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-12-15 15:09 . 2010-10-28 13:27 292352 ----a-w- c:\windows\system32\atmfd.dll

2010-12-15 15:09 . 2010-06-16 15:30 72704 ----a-w- c:\windows\system32\fontsub.dll

2010-12-15 15:01 . 2010-11-03 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat

2010-12-14 13:32 . 2010-12-14 13:32 -------- d-----w- c:\program files\Common Files\Skype

2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-10-19 09:41 . 2009-10-04 19:03 222080 ------w- c:\windows\system32\MpSigStub.exe

2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll

2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]

"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-09-26 2356088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]

"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-17 202256]

"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]

"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-21 47904]

"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]

"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 13826664]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]

c:\users\thias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-9-5 727592]

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup

backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk

backup=c:\windows\pss\Logitech Desktop Messenger.lnk.CommonStartup

backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

%ProgramFiles%\Windows Defender\MSASCui.exe -hide [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2008-10-15 00:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]

2008-10-09 05:58 75008 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2007-05-08 14:24 54840 ----a-w- c:\program files\Hp\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]

2007-07-25 06:02 174616 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]

2004-07-27 15:50 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]

2004-07-27 15:50 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2010-12-13 16:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]

2007-02-07 23:12 488984 ----a-w- c:\program files\Common Files\logishrd\LComMgr\Communications_Helper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]

2007-02-07 23:13 774168 ----a-w- c:\program files\Logitech\QuickCam10\QuickCam10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

2009-10-03 09:40 13826664 ----a-w- c:\windows\System32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

2009-10-03 09:40 92776 ----a-w- c:\windows\System32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay]

2007-09-04 11:54 554320 ----a-w- c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]

2008-08-21 01:18 443968 ----a-w- c:\program files\Picasa2\PicasaMediaDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]

2007-09-30 17:34 181544 ----a-w- c:\program files\Hp\QuickPlay\QPService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

2007-08-17 13:27 4702208 ----a-w- c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]

2007-01-17 13:34 634880 ----a-w- c:\program files\Motorola\SMSERIAL\sm56hlpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

2010-03-17 16:23 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]

2008-06-13 17:11 210216 ------w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]

R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

R3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\WsAudioDevice_383.sys [2008-11-19 16640]

S1 aswSP;aswSP; [x]

S2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};{22D78859-9CE9-4B77-BF18-AC83E81A9263};c:\program files\HP\QuickPlay\000.fcl [2007-09-30 39408]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-05-06 51792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Contenu du dossier 'Tâches planifiées'

2010-12-28 c:\windows\Tasks\User_Feed_Synchronization-{92F34DC7-E7DF-4FAF-A4EF-402552E1D649}.job

- c:\windows\system32\msfeedssync.exe [2010-12-15 04:25]

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://www.mivolo.com

mStart Page = hxxp://www.mivolo.com

uInternet Settings,ProxyOverride = *.local

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Free YouTube Download - c:\users\thias\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm

IE: Free YouTube to Mp3 Converter - c:\users\thias\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm

IE: Sauver &fichier media avec Flash and Media Capture - c:\program files\MetaProducts Flash & Media Capture\FMCapt.dll/savemedia.htm

IE: Sauver &image avec Flash and Media Capture - c:\program files\MetaProducts Flash & Media Capture\FMCapt.dll/saveimg.htm

Trusted Zone: o2.co.uk\*.broadband

Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

FF - ProfilePath - c:\users\thias\AppData\Roaming\Mozilla\Firefox\Profiles\d83h6bja.default\

FF - prefs.js: browser.search.selectedEngine - Live Search

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: Cooliris: piclens@cooliris.com - %profile%\extensions\piclens@cooliris.com

FF - Ext: UnPlug: unplug@compunach - %profile%\extensions\unplug@compunach

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

.

- - - - ORPHELINS SUPPRIMES - - - -

BHO-{5E1A0E46-1F27-4ED7-83F8-1EC7F908CC67} - c:\windows\system32\AuxiliaryDisplayDriverLi.dll

MSConfigStartUp-AppleSyncNotifier - c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

MSConfigStartUp-O2 - c:\program files\O2\bin\sprtcmd.exe

MSConfigStartUp-QlbCtrl - %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

**************************************************************************

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès

Fichiers cachés:

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{22D78859-9CE9-4B77-BF18-AC83E81A9263}]

"ImagePath"="\??\c:\program files\HP\QuickPlay\000.fcl"

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(11072)

c:\program files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll

c:\windows\system32\btmmhook.dll

c:\windows\system32\btncopy.dll

.

------------------------ Autres processus actifs ------------------------

.

c:\windows\system32\nvvsvc.exe

c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe

c:\program files\Alwil Software\Avast5\AvastSvc.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

c:\windows\system32\nvvsvc.exe

c:\program files\CyberLink\Shared Files\RichVideo.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe

c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\conime.exe

c:\program files\Alwil Software\Avast5\AvastUI.exe

c:\program files\Synaptics\SynTP\SynTPEnh.exe

c:\windows\system32\wbem\unsecapp.exe

c:\program files\Hewlett-Packard\Shared\HpqToaster.exe

c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe

c:\program files\Windows Media Player\wmpnetwk.exe

.

**************************************************************************

.

Heure de fin: 2010-12-28 15:04:18 - La machine a redémarré

ComboFix-quarantined-files.txt 2010-12-28 14:04

Avant-CF: 78 369 611 776 octets libres

Après-CF: 78 392 193 024 octets libres

Current=1 Default=1 Failed=0 LastKnownGood=11 Sets=1,2,3,4,5,6,7,8,9,11

- - End Of File - - 6D8CF4FA58405F4D466941348E0653B1

lmanson · le 28 décembre 2010

OTL logfile created on: 28/12/2010 15:10:03 - Run 1

OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\thias\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18999)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 286,10 Gb Total Space | 73,14 Gb Free Space | 25,56% Space Free | Partition Type: NTFS

Drive D: | 11,99 Gb Total Space | 2,12 Gb Free Space | 17,69% Space Free | Partition Type: NTFS

Drive F: | 465,76 Gb Total Space | 230,81 Gb Free Space | 49,56% Space Free | Partition Type: NTFS

Drive G: | 465,64 Gb Total Space | 10,35 Gb Free Space | 2,22% Space Free | Partition Type: FAT32

Computer Name: PC-DE-THIAS | User Name: thias | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/28 14:31:15 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\thias\Desktop\OTL.exe

PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PRC - [2010/05/06 21:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe

PRC - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2010/03/17 17:23:43 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe

PRC - [2010/01/15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

PRC - [2009/04/11 07:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE

PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

PRC - [2007/09/15 09:29:10 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe

PRC - [2007/09/05 12:09:54 | 001,620,520 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

PRC - [2007/09/05 12:09:54 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

PRC - [2007/07/25 07:02:44 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

PRC - [2007/02/06 16:45:26 | 000,109,344 | ---- | M] (Logitech Inc.) -- c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe

========== Modules (SafeList) ==========

MOD - [2010/12/28 14:31:15 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\thias\Desktop\OTL.exe

MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll

MOD - [2007/09/05 12:09:22 | 000,208,896 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\BtMmHook.dll

MOD - [2007/09/05 12:03:06 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll

MOD - [2007/02/06 16:45:14 | 000,092,960 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)

SRV - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)

SRV - [2010/05/06 21:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)

SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2008/11/19 18:23:16 | 000,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)

SRV - [2008/10/09 21:02:19 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2008/03/25 20:27:36 | 000,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)

SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2007/07/25 07:02:44 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel®

SRV - [2007/03/05 09:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)

SRV - [2007/02/06 16:47:12 | 000,105,248 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)

SRV - [2007/02/06 16:45:26 | 000,109,344 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe -- (LVPrcSrv)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SymIM.sys -- (SymIMMP)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | On_Demand | Running] -- C:\ComboFix\catchme.sys -- (catchme)

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)

DRV - [2010/05/06 21:39:23 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2010/05/06 21:39:00 | 000,164,048 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2010/05/06 21:34:27 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2010/05/06 21:34:10 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV - [2010/05/06 21:33:47 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2009/10/03 05:02:06 | 009,905,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2009/04/11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)

DRV - [2008/11/19 08:41:08 | 000,016,640 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudioDevice_383.sys -- (WsAudioDevice_383)

DRV - [2007/09/30 18:34:02 | 000,039,408 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\HP\QuickPlay\000.fcl -- ({22D78859-9CE9-4B77-BF18-AC83E81A9263})

DRV - [2007/09/18 14:12:28 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)

DRV - [2007/09/18 14:12:28 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)

DRV - [2007/09/18 14:12:28 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)

DRV - [2007/09/18 00:17:36 | 000,098,816 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)

DRV - [2007/09/15 09:50:56 | 000,191,408 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)

DRV - [2007/08/22 19:44:18 | 001,950,552 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2007/07/13 05:35:02 | 000,305,176 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)

DRV - [2007/07/11 09:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid)

DRV - [2007/06/28 16:09:56 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Pilote de carte Intel®

DRV - [2007/06/18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

DRV - [2007/03/21 21:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)

DRV - [2007/02/24 13:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)

DRV - [2007/02/06 16:45:04 | 000,025,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)

DRV - [2007/02/06 16:44:36 | 001,964,064 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)

DRV - [2007/02/06 16:42:40 | 001,691,808 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)

DRV - [2007/02/03 09:32:36 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)

DRV - [2007/02/03 09:25:56 | 001,075,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl)

DRV - [2007/01/23 15:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)

DRV - [2007/01/17 14:38:52 | 000,983,936 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)

DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)

DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)

DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2006/11/02 10:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2006/11/02 10:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2006/11/02 10:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006/11/02 08:41:50 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (HSF_DPV)

DRV - [2006/11/02 08:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)

DRV - [2006/11/02 08:41:48 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf)

DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®

DRV - [2006/11/02 08:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV)

DRV - [2006/10/19 03:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4A 35 24 78 28 AB CA 01 [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Live Search"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"

FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.0.36605

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: unplug@compunach:2.028

FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..keyword.URL: "http://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/24 20:18:01 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/24 20:18:00 | 000,000,000 | ---D | M]

[2009/05/21 15:06:37 | 000,000,000 | ---D | M] -- C:\Users\thias\AppData\Roaming\mozilla\Extensions

[2009/05/21 15:06:37 | 000,000,000 | ---D | M] -- C:\Users\thias\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

[2010/12/28 13:40:23 | 000,000,000 | ---D | M] -- C:\Users\thias\AppData\Roaming\mozilla\Firefox\Profiles\d83h6bja.default\extensions

[2010/04/28 09:56:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\thias\AppData\Roaming\mozilla\Firefox\Profiles\d83h6bja.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/08/01 12:40:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\thias\AppData\Roaming\mozilla\Firefox\Profiles\d83h6bja.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2010/06/04 00:56:42 | 000,000,000 | ---D | M] -- C:\Users\thias\AppData\Roaming\mozilla\Firefox\Profiles\d83h6bja.default\extensions\piclens@cooliris.com

[2010/06/04 00:56:42 | 000,000,000 | ---D | M] -- C:\Users\thias\AppData\Roaming\mozilla\Firefox\Profiles\d83h6bja.default\extensions\piclens@cooliris.com-trash

[2010/08/05 18:06:19 | 000,000,000 | ---D | M] -- C:\Users\thias\AppData\Roaming\mozilla\Firefox\Profiles\d83h6bja.default\extensions\unplug@compunach

[2010/12/28 13:40:23 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions

[2010/07/17 11:08:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/08/08 12:36:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/11/07 23:32:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2010/10/22 08:45:28 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2010/10/22 08:45:28 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/10/22 08:45:28 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2008/12/18 11:55:22 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml

[2010/10/22 08:45:28 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2010/10/22 08:45:28 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/12/28 14:54:58 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.

O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found.

O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)

O4 - HKLM..\Run: [avast5] C:\Programmes\Alwil Software\Avast5\AvastUI.exe File not found

O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)

O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [uCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKCU..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)

O4 - Startup: C:\Users\thias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Free YouTube Download - C:\Users\thias\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\thias\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKCU\..Trusted Domains: o2.co.uk ([*.broadband] http in Trusted sites)

O15 - HKCU\..Trusted Domains: o2.co.uk ([*.broadband] https in Trusted sites)

O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\thias\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\thias\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2007/11/27 03:42:33 | 000,000,074 | ---- | M] () - C:\autoexec.000 -- [ NTFS ]

O32 - AutoRun File - [2009/10/06 15:19:06 | 000,000,118 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2005/09/11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]

O32 - AutoRun File - [2002/10/17 09:56:50 | 000,000,036 | RH-- | M] () - G:\autorun.inf -- [ FAT32 ]

O32 - AutoRun File - [2006/02/09 14:59:36 | 000,000,000 | RH-D | M] - G:\autorun -- [ FAT32 ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)

Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)

Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()

Drivers32: VIDC.I420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)

Drivers32: vidc.iv31 - C:\Windows\System32\ir32_32.dll (Intel® Corporation)

Drivers32: vidc.iv32 - C:\Windows\System32\ir32_32.dll (Intel® Corporation)

Drivers32: vidc.iv41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)

Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)

Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()

Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/12/28 15:04:21 | 000,000,000 | ---D | C] -- C:\Users\thias\AppData\Local\temp

[2010/12/28 14:55:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2010/12/28 14:34:04 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2010/12/28 14:34:04 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2010/12/28 14:34:04 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2010/12/28 14:33:56 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2010/12/28 14:33:55 | 000,000,000 | ---D | C] -- C:\ComboFix

[2010/12/28 14:33:10 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/12/28 14:32:53 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe

[2010/12/28 14:31:14 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\thias\Desktop\OTL.exe

[2010/12/28 12:51:50 | 000,000,000 | ---D | C] -- C:\Users\thias\Documents\Mes enregistrements de webcam

[2010/12/28 12:50:39 | 000,000,000 | ---D | C] -- C:\Users\thias\Documents\Dossier Bluetooth Exchange

[2010/12/27 18:46:27 | 000,000,000 | ---D | C] -- C:\Users\thias\AppData\Roaming\Malwarebytes

[2010/12/27 18:46:23 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010/12/27 18:46:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010/12/27 18:46:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/12/27 18:46:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/12/25 15:38:54 | 000,000,000 | ---D | C] -- C:\Users\thias\AppData\Roaming\PCFix

[2010/12/24 20:22:17 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2010/12/24 20:22:16 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2010/12/24 20:17:38 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2010/12/24 20:08:13 | 000,000,000 | ---D | C] -- C:\ProgramData\MessengerDiscovery 2

[2010/12/15 16:15:11 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll

[2010/12/15 16:15:10 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll

[2010/12/15 16:15:10 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll

[2010/12/15 16:15:03 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2010/12/15 16:14:56 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2010/12/15 16:14:55 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2010/12/15 16:14:55 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2010/12/15 16:14:55 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2010/12/15 16:14:55 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2010/12/15 16:14:55 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2010/12/15 16:14:55 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2010/12/15 16:14:55 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2010/12/15 16:14:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2010/12/15 16:14:55 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2010/12/15 16:14:55 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2010/12/15 16:14:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2010/12/15 16:14:55 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2010/12/15 16:14:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2010/12/15 16:14:54 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2010/12/15 16:14:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2010/12/15 16:14:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2010/12/15 16:10:23 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2010/12/15 16:09:48 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe

[2010/12/15 16:09:47 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2010/12/15 16:09:47 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll

[2010/12/15 16:09:47 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2010/12/14 14:32:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype

[2010/11/29 17:38:30 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx

[2010/11/29 17:38:30 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts

[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[1 C:\Users\thias\Documents\*.tmp files -> C:\Users\thias\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/28 15:10:27 | 000,681,798 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2010/12/28 15:10:27 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010/12/28 15:10:27 | 000,127,504 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2010/12/28 15:10:27 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010/12/28 14:55:46 | 000,418,432 | ---- | M] () -- C:\ProgramData\nvModes.001

[2010/12/28 14:54:58 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2010/12/28 14:54:42 | 000,418,432 | ---- | M] () -- C:\ProgramData\nvModes.dat

[2010/12/28 14:54:18 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010/12/28 14:54:18 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010/12/28 14:54:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/12/28 14:52:59 | 000,003,204 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2010/12/28 14:31:34 | 000,015,796 | ---- | M] () -- C:\Users\thias\Desktop\Bonjour.docx

[2010/12/28 14:31:34 | 000,000,162 | -H-- | M] () -- C:\Users\thias\Desktop\~$onjour.docx

[2010/12/28 14:31:15 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\thias\Desktop\OTL.exe

[2010/12/28 14:30:49 | 003,998,686 | R--- | M] () -- C:\Users\thias\Desktop\ComboFix.exe

[2010/12/28 14:28:37 | 000,083,968 | ---- | M] () -- C:\Users\thias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/12/28 14:02:56 | 000,013,220 | ---- | M] () -- C:\Users\thias\Documents\Belkin.jpg

[2010/12/28 13:06:17 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{92F34DC7-E7DF-4FAF-A4EF-402552E1D649}.job

[2010/12/27 18:52:44 | 000,000,162 | -H-- | M] () -- C:\Users\thias\Desktop\~$ès Important.docx

[2010/12/27 13:32:44 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.INI

[2010/12/26 18:02:18 | 336,898,655 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2010/12/24 23:00:43 | 000,001,664 | ---- | M] () -- C:\Users\thias\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk

[2010/12/22 19:45:26 | 1694,853,838 | ---- | M] () -- C:\Users\thias\Documents\Les insurgés.mp4

[2010/12/22 14:50:20 | 000,000,100 | ---- | M] () -- C:\Users\thias\AppData\Roaming\Movies2iPhone.ini

[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/12/17 01:20:18 | 000,403,936 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010/12/07 16:24:11 | 000,013,277 | ---- | M] () -- C:\Users\thias\Documents\compte.xlsx

[2010/12/02 00:12:38 | 000,136,604 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat

[2010/11/29 17:38:30 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx

[2010/11/29 17:38:30 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts

[2010/11/29 17:00:40 | 000,025,473 | ---- | M] () -- C:\Users\thias\Documents\fb.jpg

[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[1 C:\Users\thias\Documents\*.tmp files -> C:\Users\thias\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/28 14:34:04 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe

[2010/12/28 14:34:04 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2010/12/28 14:34:04 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe

[2010/12/28 14:34:04 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2010/12/28 14:34:04 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2010/12/28 14:31:34 | 000,000,162 | -H-- | C] () -- C:\Users\thias\Desktop\~$onjour.docx

[2010/12/28 14:31:33 | 000,015,796 | ---- | C] () -- C:\Users\thias\Desktop\Bonjour.docx

[2010/12/28 14:30:41 | 003,998,686 | R--- | C] () -- C:\Users\thias\Desktop\ComboFix.exe

[2010/12/28 14:02:56 | 000,013,220 | ---- | C] () -- C:\Users\thias\Documents\Belkin.jpg

[2010/12/27 18:52:44 | 000,000,162 | -H-- | C] () -- C:\Users\thias\Desktop\~$ès Important.docx

[2010/12/26 18:02:18 | 336,898,655 | ---- | C] () -- C:\Windows\MEMORY.DMP

[2010/12/24 23:00:43 | 000,001,664 | ---- | C] () -- C:\Users\thias\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk

[2010/12/22 14:02:18 | 1694,853,838 | ---- | C] () -- C:\Users\thias\Documents\Les insurgés.mp4

[2010/12/07 23:27:14 | 000,000,100 | ---- | C] () -- C:\Users\thias\AppData\Roaming\Movies2iPhone.ini

[2010/12/02 00:12:38 | 000,136,604 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat

[2010/11/29 17:00:40 | 000,025,473 | ---- | C] () -- C:\Users\thias\Documents\fb.jpg

[2010/04/15 15:35:58 | 000,000,604 | ---- | C] () -- C:\Windows\Sof2.INI

[2009/12/05 20:53:18 | 000,044,544 | ---- | C] () -- C:\Windows\System32\GIF89.DLL

[2009/12/05 20:53:15 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll

[2009/12/04 16:01:46 | 000,418,432 | ---- | C] () -- C:\ProgramData\nvModes.001

[2009/12/04 16:01:44 | 000,418,432 | ---- | C] () -- C:\ProgramData\nvModes.dat

[2009/11/16 23:04:43 | 008,676,883 | ---- | C] () -- C:\Windows\System32\NCMedia2.dll

[2009/11/09 19:16:55 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll

[2009/11/01 22:45:36 | 000,000,098 | ---- | C] () -- C:\Users\thias\AppData\Roaming\wklnhst.dat

[2009/10/20 19:15:16 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll

[2009/01/20 20:38:33 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI

[2008/11/04 09:58:53 | 000,000,600 | ---- | C] () -- C:\Users\thias\AppData\Roaming\winscp.rnd

[2008/10/28 10:43:37 | 000,000,680 | ---- | C] () -- C:\Users\thias\AppData\Local\d3d9caps.dat

[2008/10/24 12:34:34 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll

[2008/10/04 00:15:47 | 000,000,000 | ---- | C] () -- C:\Users\thias\AppData\Local\FnF4.txt

[2008/09/23 21:35:52 | 000,003,148 | ---- | C] () -- C:\ProgramData\hpzinstall.log

[2008/07/24 22:05:16 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.INI

[2008/07/20 00:48:56 | 000,000,970 | ---- | C] () -- C:\Windows\cdplayer.ini

[2008/06/29 17:07:44 | 000,000,536 | ---- | C] () -- C:\Windows\_delis32.ini

[2008/06/29 10:59:22 | 000,129,667 | ---- | C] () -- C:\Users\thias\AppData\Roaming\nvModes.001

[2008/06/29 06:23:14 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2008/06/29 06:23:12 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll

[2008/06/29 06:23:12 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2008/06/29 06:23:12 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2008/06/29 06:23:11 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2008/06/29 06:12:29 | 000,129,667 | ---- | C] () -- C:\Users\thias\AppData\Roaming\nvModes.dat

[2008/06/26 21:08:50 | 000,083,968 | ---- | C] () -- C:\Users\thias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/06/26 19:59:28 | 000,000,000 | ---- | C] () -- C:\Users\thias\AppData\Local\QSwitch.txt

[2008/06/26 19:59:28 | 000,000,000 | ---- | C] () -- C:\Users\thias\AppData\Local\DSwitch.txt

[2008/06/26 19:59:28 | 000,000,000 | ---- | C] () -- C:\Users\thias\AppData\Local\AtStart.txt

[2008/05/19 23:29:10 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll

[2007/09/05 11:52:04 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll

[2007/02/06 16:45:04 | 000,025,632 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys

[2007/02/06 16:42:40 | 001,691,808 | ---- | C] () -- C:\Windows\System32\drivers\Lvckap.sys

[2007/02/03 07:59:04 | 000,050,127 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll

[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006/03/09 23:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

[2004/11/02 21:25:52 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini

[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

[1999/01/27 12:39:06 | 000,065,024 | ---- | C] () -- C:\Windows\System32\indounin.dll

[1997/06/13 06:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2007/11/27 03:42:33 | 000,000,074 | ---- | M] () -- C:\autoexec.000

[2009/10/06 15:19:06 | 000,000,118 | ---- | M] () -- C:\autoexec.bat

[2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr

[2010/12/28 15:04:19 | 000,020,635 | ---- | M] () -- C:\ComboFix.txt

[2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys

[2008/10/21 16:39:41 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2007/11/27 03:18:29 | 000,000,360 | -H-- | M] () -- C:\IPH.PH

[2008/06/29 17:18:02 | 000,000,183 | ---- | M] () -- C:\LogiSetup.log

[2008/12/10 18:03:10 | 000,004,547 | ---- | M] () -- C:\MDL 2.0 Debug.txt

[2008/10/21 16:39:41 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2008/06/29 17:27:12 | 000,530,616 | ---- | M] () -- C:\MSIInstall.log

[2004/02/29 16:44:34 | 000,052,576 | ---- | M] () -- C:\orange.bmp

[2010/12/28 14:53:57 | 3533,172,736 | -HS- | M] () -- C:\pagefile.sys

[2008/09/21 12:25:17 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm

[2008/09/21 12:25:17 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm

[2010/12/27 19:03:50 | 000,062,982 | ---- | M] () -- C:\TDSSKiller.2.4.12.0_27.12.2010_19.01.48_log.txt

[2008/10/19 19:45:42 | 000,000,594 | ---- | M] () -- C:\updatedatfix.log

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

[2009/04/11 07:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll

[2009/04/11 07:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

[4 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

[2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2006/11/02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\drivers\*.sys /90 >

[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

< End of report >

OTL Extras logfile created on: 28/12/2010 15:10:03 - Run 1

OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\thias\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18999)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 286,10 Gb Total Space | 73,14 Gb Free Space | 25,56% Space Free | Partition Type: NTFS

Drive D: | 11,99 Gb Total Space | 2,12 Gb Free Space | 17,69% Space Free | Partition Type: NTFS

Drive F: | 465,76 Gb Total Space | 230,81 Gb Free Space | 49,56% Space Free | Partition Type: NTFS

Drive G: | 465,64 Gb Total Space | 10,35 Gb Free Space | 2,22% Space Free | Partition Type: FAT32

Computer Name: PC-DE-THIAS | User Name: thias | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{01727C03-0FFD-432B-AE02-902C928053B4}" = lport=10243 | protocol=6 | dir=in | app=system |

"{086458A8-6565-4394-A78A-CECE994F00CC}" = rport=137 | protocol=17 | dir=out | app=system |

"{13C1415C-5B70-43AB-8B3E-5A5D72C81E93}" = lport=2869 | protocol=6 | dir=in | app=system |

"{17D5D38E-14C8-4929-9046-991A70ADCA2C}" = rport=10243 | protocol=6 | dir=out | app=system |

"{1A2E79D1-5F2E-44BE-BDD3-01FF2338C42A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{2F4E00B9-4C0D-4BF2-9D5A-61E2CBBDB5BB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{358DF8E0-153D-445C-87D7-8E16E7AC63A4}" = lport=445 | protocol=6 | dir=in | app=system |

"{3693C6C5-21BA-4B2A-9E33-2A58C814A5D6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{422EC452-1BC9-4F26-88E1-EFD679801282}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{4FF406FF-18EF-4991-A091-265E9F850196}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{5A616220-837E-4098-A3EB-DDE246D57001}" = rport=138 | protocol=17 | dir=out | app=system |

"{652E3D9F-A74D-4752-931B-E677E3568657}" = rport=445 | protocol=6 | dir=out | app=system |

"{7FCA4E27-BF90-4CC3-88BB-A988891904F9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{94335595-7A69-420F-8BA5-C0EE62804E15}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

"{967DF2E5-AACE-420B-AFC5-2F52AE96A9E7}" = lport=139 | protocol=6 | dir=in | app=system |

"{C641458D-F799-4F34-B0C9-0E6911846594}" = lport=137 | protocol=17 | dir=in | app=system |

"{CA85758D-FBFB-44B4-9BB9-EFBB79FD60BC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{DCAAAD4C-A2C9-4D18-97E9-DA5C80C00649}" = lport=138 | protocol=17 | dir=in | app=system |

"{E524CA89-0AA6-426F-9606-72DD657158DB}" = lport=2869 | protocol=6 | dir=in | app=system |

"{E76457EA-9185-4878-86DD-622B0AA984A1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{FA21DEFF-CF10-48B5-BE4C-A448136D6ADA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{FE13D414-A361-44E1-B285-15C9E263FC69}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{03DADA03-1C55-4FA7-A398-9522757EB65C}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{0417A6A6-F70F-4D44-B1B2-7AEEEBFC40E1}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{060D820E-6A05-4455-867C-C0B5E0013342}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |

"{0618C7F8-E880-4328-8999-1B9C69759C16}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |

"{07A3C71A-7019-400D-B28C-023DBCF01D5C}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |

"{0F9B4A5C-8F04-460C-A5D4-AA85291CA2C7}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{1046EB69-B373-468D-A1B8-3B71F6C4FCA4}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{12BA57E6-D49D-4706-A9F4-424EB9D8EC06}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{14ED1C49-4D39-4BE9-A7FE-9735EC781C75}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{14FF9B8E-F414-4934-9BF6-E59858A0A10F}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{17AA7EFE-F60E-44C5-BC5B-432299E14D55}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |

"{193DAF2B-E008-4B37-9039-EA1C687DD5E5}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |

"{19CF97CF-1700-43E1-ACE0-1F0156F0A54B}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{19F71F54-C7D6-4D6E-955B-E211C45F6CA0}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{1CCFEACA-64D0-46B0-9727-EDBAC846F3B3}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |

"{1E0C0424-8876-4C81-BEE3-B8C2159DA1A3}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{1FD82B81-19E3-4A78-B0AF-2B50BC3C4C57}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |

"{20F6A139-B2BC-456F-93C7-EB1F9BD0A0C0}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |

"{2180754A-8340-4C05-98B1-AB7018D4016A}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{2332238C-4975-43F4-B657-B995871979E1}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{2359BD3C-AE01-4698-BA1D-20754B25DF8B}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{23CA00E9-1D13-4F99-8108-721AA34A4B9D}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |

"{2A757894-B878-471B-AA8E-F1D7C722AA5B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{2E7851F6-135A-4CE6-9284-C4857352CC74}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{2EBE69A7-E72B-4705-A64A-6204EE99DFA1}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{329E36AD-B665-4719-A959-B31D9CB24952}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{3804EF51-AF0F-4A00-99FF-05D7CCBBE21B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{3AB39A56-C6B4-461F-8741-615E76AC3837}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |

"{4033EA1F-7FE4-401F-9B46-2135414FC723}" = protocol=6 | dir=out | app=system |

"{4069C321-9342-4166-92B4-51DF9A7EA10F}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{40AC49DE-93E8-4137-85E6-415F36CEE17B}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{42EDD9A2-A59F-4AC2-9522-AD3E10567B63}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{49D1B5FB-6272-4BDD-B112-5DCC982C2301}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |

"{4A57F09A-407D-4A01-ADB6-07D4DB8CA66C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{4B949449-BBC7-4A70-B89E-D7807D85B7BE}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{4C0C6133-4B16-4247-8130-7B2D8F974F23}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{51063319-AA6C-4651-AAAF-CE16BBC90FB4}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{5272FC5E-9924-4FD2-8382-EB8286850AEE}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{53423797-5825-49D4-AEE0-3B08649CFD9B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{53E352C5-2A66-4BD8-8A15-93B921B09A3D}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{58DA72AE-6DEA-494F-81D4-54CA3FAB1C0F}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{5A322E12-5977-44A1-A6EE-61CD9ED1669F}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{5D86D390-15FD-418E-A39D-76D1F0CCD45C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{5FCE979F-AC1F-47A0-B7B6-2837DAD9BA87}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{6377009C-A49D-49DA-A870-10A6DEF57D2B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{65CC9572-EB32-4D4D-8EED-2690ABC133BB}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{65D1F26B-BA4F-45DF-8BCD-D5FEBB1545D8}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |

"{668B74B0-6BAE-487E-9B7E-A5FDC7C8DA12}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{67A2E1A7-B43B-4197-B81C-1A8AFA2BB9C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{67F352BD-8156-48C7-890D-40AF9D75F949}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{6B59EE11-BE37-4E8A-994F-C8A58B8CD710}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{6CC52E28-7DA4-4D6D-989A-977725EDE7BA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{6E6B0A07-DD22-41C7-9BE9-0553DE8FCEF6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{6F6207A6-15FA-4472-BE32-4CFB60988151}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |

"{72533CE8-EB64-4E5C-A9FC-FABB1F619DC0}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{73F2310B-45C3-44BF-B5AD-76E981BA849C}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{743E9110-E6DF-413C-86CC-28EFFFD0D5B3}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |

"{7639D90E-03A5-4B4A-AB8A-698E495C71F6}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |

"{7BD8C5B0-9677-4E5D-A8B6-444E0DA14790}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |

"{7BDABB77-97B7-4B97-BD32-2A94AD41BAEE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{7D137B9A-1AE3-4157-BCEF-ADDE84FBC5D2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{82A02FB0-C780-47E8-B2B0-F8E2DFD2E173}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |

"{83B154DC-7FB0-4FA7-8A75-12423FE4D49E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{86A092D5-07C0-4374-BF6B-FD3BE1D34A70}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |

"{88BA9636-33E2-4913-B70A-A8004659E58D}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{8AF78A1E-CF0A-4CE4-89BA-C1072DD76E54}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{8B605482-A703-41DA-92B7-3186A11304BF}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{8B98325A-C920-4AE8-AF83-29CAF1F30E36}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{8EBD4438-664E-4B07-9B8E-BC209BF0CB03}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{90D1DD4D-DB5F-41D0-A0E1-7BD914EE4BE5}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{92BAB78A-2539-467B-9767-ADF9B7FAFAA0}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{959F3549-67F3-4399-B121-F6D02A2BF7F2}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{9D52AC95-3DD0-48A6-866B-7E37E2B508F9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{9E1C6313-CE36-4A39-AE29-6AF7EDDB4A7C}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{9EB8382A-F334-4369-9122-2C5EF709E2B9}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{9FAB61D8-42D9-4F00-8ADA-3B3DA759DA18}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{A000783B-BEA3-4DDE-9A80-6BC3BBC4C5F4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{A0C16120-8AF1-4852-B0B5-8E011EA47532}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{A836BA78-1BA7-4134-941A-521ECACE3E5C}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |

"{A9681A32-EE17-4A52-94B0-A494607F17DD}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{AA3DE0EC-427E-466A-9D2B-4CF036AA6F67}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{AB75D94D-5D26-4FF8-8723-A9F125909C00}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{ACCF5AD3-F1BF-493B-84EA-3CF19A3EF47F}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{AEF3DC29-8296-4800-A57F-3CC082537A0B}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |

"{B05DBE3B-3B51-470E-976C-260507064F8D}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |

"{B3444873-BDBD-47BC-AC78-476185CBCB59}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{B5CA2DB5-8D3C-4196-8A51-1DFB4A5A280F}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{B5D0F7EB-18B6-4E32-B9AE-F4E4C9B4CA45}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{B7303020-43C5-45D1-9B4A-19BF1B132C4C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{B8A95CF8-52FE-4BBA-8A1A-5433A4E38F45}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |

"{BD046E90-F042-4ADF-98F0-49D0BF91FFDA}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |

"{BDDEC121-2AB4-495F-BE22-55258DF600A3}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{BE848C43-8B80-4B82-A57A-9EED80AB97F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{BF02186D-EAFD-47D6-84C1-07AA9459B6BB}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{C2E4969D-B353-4848-ADAE-2FA617CC0984}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |

"{C63A2891-5F8F-4A36-B92C-2F21F1CFF236}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{CCE02EC7-AE2F-4649-B5DF-BFD2F0D6AA5B}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{D0758E3F-BA7E-4A69-B71C-1D7A7F53A926}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{D362324F-D902-43DB-ABAB-7D018D887F0C}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{D4F283DA-A2F9-4185-BE92-C9AD297614C9}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |

"{D50D052A-C85F-4DC0-B423-D9BCB6639FCE}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{D99603C3-EECD-4256-93B7-EBF02F546C54}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{DA6B7BDB-4541-4649-9C9F-B96A344BA221}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{DA82AC17-3335-491D-87B1-B6BBF55858E9}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{DF71427D-6406-4DFD-ABD8-1A5066BACD93}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{E4E6A902-671F-4F2B-A366-69AB3C3954C6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{E4F0BAD0-6648-41AD-A27D-B9C49D3F3D56}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{E74D5612-D89E-482C-90FC-54ECFCCCBB1A}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{EF4CC983-3C23-4708-8BCA-E34CBC70D174}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{F00F5E9D-9A7A-4C68-8D8F-E08D78CBF2E0}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{F17138ED-DC0B-4292-B063-4CC68810FB62}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{F24E8F7D-DFEE-44E8-AFBB-B65523D7C855}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{F30B09E2-ACB9-42EC-B4B3-AE6D5DD6DD87}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{F4813A50-0F38-4BD0-94E3-7BF70DBA801B}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{F573F7B8-1BCF-44F8-B662-624F8B0C24D6}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |

"{F7B056D2-0143-498D-8B62-7BCCDA1ABEC4}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |

"{F7D45AC0-ED5F-4C36-B2CE-F814273668F9}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"TCP Query User{03C06C11-73AA-4481-B9BE-F2F199CA008C}C:\program files\messengerdiscovery\messengerdiscovery live.exe" = protocol=6 | dir=in | app=c:\program files\messengerdiscovery\messengerdiscovery live.exe |

"TCP Query User{20854614-A201-4EDE-B427-C957760CA7C5}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |

"TCP Query User{260E2582-A1BE-40CF-BB52-014311A81106}C:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe |

"TCP Query User{273ACC75-4BFC-45C7-9824-5398F6826800}C:\program files\tightvnc\winvnc.exe" = protocol=6 | dir=in | app=c:\program files\tightvnc\winvnc.exe |

"TCP Query User{337CA225-DF2D-4823-B898-47F844B2F9AA}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"TCP Query User{375AED80-BC7D-4D07-BC1C-DD0951E15082}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |

"TCP Query User{3EE7F299-3A41-46E3-B8E5-EF97F092D77E}C:\program files\messengerdiscovery\messengerdiscovery live.exe" = protocol=6 | dir=in | app=c:\program files\messengerdiscovery\messengerdiscovery live.exe |

"TCP Query User{49A37F83-2E3A-41A7-8BA4-E32A2DCF595B}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |

"TCP Query User{4D8BE58C-0AB1-44DC-BB99-112C40FB63CE}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"TCP Query User{4E860074-2AF5-4179-9D63-264EBE10ADAF}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

"TCP Query User{9721D7A9-2116-44A6-AFF8-78D2ED9E3AA6}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |

"TCP Query User{B751D311-18CA-4E85-AF21-2BF5935EDEEB}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |

"TCP Query User{BB67D6A3-3C8C-4F3D-8DAD-C042BE49F80A}C:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe |

"TCP Query User{C1C00619-4D55-4DC9-BFAA-7A0E6EF04FD2}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |

"TCP Query User{F1878EAB-999A-4AD3-A1BE-E905DF854B5E}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"TCP Query User{F20D8D60-5741-433B-B989-10FC405EEE84}C:\program files\tightvnc\winvnc.exe" = protocol=6 | dir=in | app=c:\program files\tightvnc\winvnc.exe |

"UDP Query User{15635BCA-0E95-4154-B5DB-3BEB427C5447}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |

"UDP Query User{25074E53-F5B1-41F4-A24D-4ACB557A2D9F}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

"UDP Query User{3C468211-2679-4F6C-BBC1-373D1EB4B944}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |

"UDP Query User{52E21A83-F7DD-4F93-A082-63BC94174CD2}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |

"UDP Query User{53DE6D9B-F822-49C9-AABE-7F6248E5A1A3}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |

"UDP Query User{655E3D8B-DC7E-4CBF-B1B6-785E667D145C}C:\program files\tightvnc\winvnc.exe" = protocol=17 | dir=in | app=c:\program files\tightvnc\winvnc.exe |

"UDP Query User{95BC456B-B41B-4C3C-8B75-6AB38F196BF5}C:\program files\messengerdiscovery\messengerdiscovery live.exe" = protocol=17 | dir=in | app=c:\program files\messengerdiscovery\messengerdiscovery live.exe |

"UDP Query User{A710B3D7-6179-4E90-BDC8-6D7A1117F83E}C:\program files\messengerdiscovery\messengerdiscovery live.exe" = protocol=17 | dir=in | app=c:\program files\messengerdiscovery\messengerdiscovery live.exe |

"UDP Query User{A94A1E12-2E35-45EB-8001-7BBA16813081}C:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe |

"UDP Query User{C1A2451D-0DBE-4206-A6ED-62B1659C6BDF}C:\program files\tightvnc\winvnc.exe" = protocol=17 | dir=in | app=c:\program files\tightvnc\winvnc.exe |

"UDP Query User{E2DF1E78-F176-48E0-9531-BE8F9B2124CF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"UDP Query User{E50F0341-0E40-439B-84FC-8440319CE24B}C:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe |

"UDP Query User{EFBE9FA9-A565-4C23-BA59-7D63FB1A3E85}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"UDP Query User{F40FA067-0873-4ED8-AF0B-28316EB5F44B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"UDP Query User{F9CC21CA-8F6A-455A-8775-673A89D212F7}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status

"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.5500

"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3

"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer

"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Assistant de connexion Windows Live ID

"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting

"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack

"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live

"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan

"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg

"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live

"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{236BB7C4-4419-42FD-040C-1E257A25E34D}" = Adobe Photoshop CS2

"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2

"{250E9609-E830-43EB-B379-DAB7546A2422}" = muvee autoProducer 6.1

"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library

"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer

"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java 6 Update 22

"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager

"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support

"{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2

"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5

"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 E1

"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant

"{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy

"{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll

"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger

"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6

"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live

"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4BDB76C6-902E-41D5-9064-68768E02886B}" = Adobe Dreamweaver CS3

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{4D49757C-367A-4333-BDB3-68966162B14E}" = HP User Guides 0087

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01

"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7

"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library

"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder

"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker

"{6E12D9F6-E86A-4EE3-BA5A-965FDBC6687F}" = O2InstV3Win7UpdateV1

"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder

"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0

"{7D2370AC-D8E6-4996-986A-19824F8A167C}" = Logitech QuickCam

"{7DC4A410-9986-4329-9E5D-687B2C42CA39}" = HP QuickTouch 1.00 C4

"{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1" = iPhone Explorer 2.005

"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver

"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder

"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support

"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer

"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool

"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger

"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95140000-007A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow! Deluxe

"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch

"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend

"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp

"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps

"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder

"{AC76BA86-7AD7-1036-7B44-A81300000003}" = Adobe Reader 8.1.6 - Français

"{AD3FDC40-BCF4-476D-A2D6-C4B154DD9DF5}" = ESU for Microsoft Vista

"{AEBBFC67-7A03-4DF3-9E71-BA5C9EB4FBEF}" = MobileMe Control Panel

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{b02df929-29a7-4fd2-9a70-81a644b635f7}" = HP Total Care Advisor

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call

"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0

"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player

"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0

"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3

"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements

"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3

"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint

"{C716522C-3731-4667-8579-40B098294500}" = Toolbox

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant

"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client

"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component

"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files

"{D2E18162-47FB-4216-8AB3-F420C1AF75A4}" = Adobe Setup

"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!

"{D61524CF-93FE-4193-91AD-C6E21FEEAA5A}" = Logitech Harmony Remote Software 7

"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport

"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E60B8506-DDC7-433d-AF9E-999D0F543C4A}" = 2570_Help

"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0

"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3

"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext

"{E87F5651-CE15-493F-AE99-3B670E25A54E}" = MSCU for Microsoft Vista

"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0

"{EA7FE7AB-34AE-4e14-84C5-187E6EC0AB9B}" = 2570

"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential

"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply

"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support

"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax

"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0

"{F66D5732-C2A6-4f88-B8FE-AEDA10355FBD}" = 2570Trb

"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = Utilitaire de configuration iPhone

"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner

"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update

"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour

"8461-7759-5462-8226" = Vuze

"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-040C-1E257A25E34D}" = Adobe Photoshop CS2

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2

"Adobe_ad19d2ae8332572b119cf35fd0a30d8" = Adobe Dreamweaver CS3

"avast5" = avast! Free Antivirus

"AviSynth" = AviSynth 2.5

"CamStudio 2.0 Fr_is1" = CamStudio 2.0 Fr

"CopyTrans Suite" = CopyTrans Suite Remove Only

"DivXG400" = DivXG400

"eMule" = eMule

"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4

"Free DVD Video Burner_is1" = Free DVD Video Burner version 2.1

"Free Easy Burner_is1" = Free Easy Burner V 4.1

"Free Studio_is1" = Free Studio version 4.9.12

"Free Video to DVD Converter_is1" = Free Video to DVD Converter version 1.2

"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 3.2

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8

"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter

"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25149)

"HP Imaging Device Functions" = HP Imaging Device Functions 8.0

"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0

"HPExtendedCapabilities" = HP Customer Participation Program 8.0

"HPOCR" = HP OCR Software 8.0

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 3.9.5

"LimeWire" = LimeWire 5.1.2

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"McAfee Security Scan" = McAfee Security Scan Plus

"Messenger Plus! Live" = Messenger Plus! Live

"MessengerDiscovery 2.1_is1" = MessengerDiscovery 2.1.79

"MessengerDiscovery Live_is1" = MessengerDiscovery Live 1.5.0700

"MessengerDiscovery_is1" = MessengerDiscovery 2.5.99

"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"Movies2iPhone" = Movies2iPhone 1.21 beta for Windows

"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)

"NVIDIA Drivers" = NVIDIA Drivers

"PhotoFiltre" = PhotoFiltre

"Picasa2" = Picasa 2

"PROPLUS" = Microsoft Office Professional Plus 2007

"QcDrv" = Programme de gestion Camera de Logitech®

"RealPlayer 12.0" = RealPlayer

"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.4

"SMSERIAL" = Motorola SM56 Data Fax Modem

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"TightVNC_is1" = TightVNC 1.3.10

"Uninstall_is1" = Uninstall 1.0.0.1

"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions

"VLC media player" = VLC media player 1.0.1

"Wikikou Messenger Cleaner" = Wikikou Messenger Cleaner

"WildTangent hp Master Uninstall" = My HP Games

"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner

"WinLiveSuite" = Windows Live

"WinLiveSuite_Wave3" = Installation Windows Live

"WinRAR archiver" = Archiveur WinRAR

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"BitTorrent" = BitTorrent

"SparkAngels" = SparkAngels

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]

Error - 29/03/2010 06:24:29 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522

Description =

Error - 29/03/2010 06:24:29 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522

Description =

Error - 29/03/2010 06:24:29 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522

Description =

Error - 29/03/2010 06:24:29 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522

Description =

Error - 29/03/2010 06:24:30 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522

Description =

Error - 29/03/2010 06:24:30 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522

Description =

Error - 29/03/2010 06:24:30 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522

Description =

Error - 29/03/2010 06:24:30 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522

Description =

Error - 29/03/2010 06:24:30 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522

Description =

Error - 29/03/2010 06:24:30 | Computer Name = PC-de-thias | Source = avast! | ID = 33554522

Description =

[ Application Events ]

Error - 24/12/2010 21:48:16 | Computer Name = PC-de-thias | Source = Bonjour Service | ID = 100

Description = 384: ERROR: read_msg errno 10054 (Une connexion existante a dû être

fermée par l'hôte distant.)

Error - 25/12/2010 08:34:11 | Computer Name = PC-de-thias | Source = Redownloader | ID = 0

Description = Le service ne peut pas être démarré. System.NullReferenceException:

La référence d'objet n'est pas définie à une instance d'un objet. à pref_updater.Program.modif_home_page(String

start_page) à pref_updater.Program.Main(String[] args) à System.AppDomain._nExecuteAssembly(Assembly

assembly, String[] args) à System.AppDomain.ExecuteAssembly(String assemblyFile,

Evidence assemblySecurity, String[] args) à System.AppDomain.ExecuteAssembly(String

assemblyFile, Evidence assemblySecurity) à System.AppDomain.ExecuteAssembly(String

assemblyFile, Evidence assemblySecurity) à service.service.launch_update()

à service.service.OnStart(String[] args) à System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object

state)

Error - 25/12/2010 13:53:22 | Computer Name = PC-de-thias | Source = Redownloader | ID = 0