Virus, ou simple bug de Windows ?

fiber · le 31 août 2011

voici le rapport.

j'ai placé les fichiers en quarantaine mais rien n'a changé !

IncrediMail_Install.exe C:\Documents and Settings\cyril\AppData\Local\Application Data\IM\Runtime Adware.IncrediMail.5 Quarantaine.

IncrediMail_Install.exe C:\Documents and Settings\cyril\AppData\Local\IM\Runtime Adware.IncrediMail.5 Chemin invalide pour le fichier

CopyTransManager.exe C:\Documents and Settings\cyril\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications Probablement Trojan.Packed.191 Quarantaine.

CopyTransManager.exe C:\Documents and Settings\cyril\Application Data\WindSolutions\CopyTransControlCenter\Applications Probablement Trojan.Packed.191 Chemin invalide pour le fichier

IncrediMail_Install.exe C:\Users\cyril\AppData\Local\IM\Runtime Adware.IncrediMail.5 Chemin invalide pour le fichier

CopyTransManager.exe C:\Users\cyril\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications Probablement Trojan.Packed.191 Chemin invalide pour le fichier

IncrediMail_Install.exe W:\Documents and Settings\Administrateur\Local Settings\Application Data\IM\Runtime Adware.IncrediMail.5 Quarantaine.

incredimail_install[1].exe W:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\AU7KR64X Adware.IncrediMail.5 Quarantaine.

2422684b.qua\data001 W:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\2422684b.qua Probablement Trojan.Packed.Based

2422684b.qua W:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED Conteneur comporte des objets infectés Quarantaine.

lance_yien · le 31 août 2011

Tu as quoi comme machine?

Tu peux expliquer ceci stp?

C:\Documents and Settings\cyril\AppData\Local\Application Data\...

W:\Documents and Settings\Administrateur\Local Settings\Application Data\

Windows est sur lequel? Et tu lances les outils depuis où?

Modifié le 31 août 2011 par lance_yien

fiber · le 31 août 2011

bonjour,

j'ai 2 disques 1 avec windows seven mon C: et 1 avec windows XP mon W: "au cas ou seven planterait,ce qui est le cas"

tous les logs ont été lancés avec W7 en mode sans echec

Sous W xp le C: de seven est visible et disponible ..

je pense à un bug de windows peut-etre suite à une mise à jour ?

lance_yien · le 31 août 2011

bonjour,

j'ai 2 disques 1 avec windows seven mon C: et 1 avec windows XP mon W: "au cas ou seven planterait,ce qui est le cas"

Mais compliqué à gérer surtout que c'est facile de réparer W7 en cas de plantage.

Compliqué aussi pour les outils d'être en présence de deux partition système actives.

tous les logs ont été lancés avec W7 en mode sans echec

Mais ce qui était demandé c'est en "Mode sans échec avec prise en charge réseau". Ce n'est pas la même chose, laquelle tu as utilisée?

... je pense à un bug de windows peut-etre suite à une mise à jour ?

Pourquoi pas? Dans ce cas une restauration à une date antérieure au problème pourrait résoudre ton souci, as-tu essayé? (ou fais-le maintenant).

Tiens-moi au courant!

fiber · le 31 août 2011

Non pas compliqué à gérer je suis en multiboot au démarrage...il suffit juste de choisir le système d' exploitation.

Au début j' avais installé les 2 systèmes car je n' avais pas confiance en windows "qui a l' habitude de sortir des produits non terminés avec des bugs et des incompatibilités" mon XP ,lui était très stable ensuite j'ai migré progressivement sur seven qui est plus agréable visuellement,mais j'ai toujours gardé mon XP au cas ou et je vois aujourd'hui que j'ai bien fait !

Facile de réparer W7 ...apparemment pas ,puisque je n'y arrive pas pour l' instant.

oups pardon pour cette imprécision effectivement j'ai lancé en mode sans echec avec prise en charge réseau.

Malheureusement je n' avais pas activé la sauvegarde du disque donc je n'ai pas pu restaurer,c'est d' ailleurs la première chose que j'ai essayé de faire .

sinon j'ai une petite idée..J'ai crée un compte utilisateur avec tout les droits administrateur, je vais migrer les programmes et messagerie et ensuite supprimer le compte qui ne fonctionne plus

Quand pense-tu ?

lance_yien · le 1 septembre 2011

Bonjour,

Fais selon ta "... petite idée" L'essentiel c'est de résoudre le problème.

Si OK, fais ceci (sur W7):

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

Fermer toutes les applications et fenêtres ouvertes.

Cliquer-droit sur OTL.exe => Exécuter en tant qu'administrateur et copier/ coller ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs
drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

SAVEMBR:0

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: "OTL.txt" (qui s'ouvre dans le bloc-note) et "Extras.txt" (qui sera minimisé dans la Barre des tâches).

Copier/ coller le contenu de chaque rapport dans une prochaine réponse, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

Modifié le 1 septembre 2011 par lance_yien

fiber · le 1 septembre 2011

voici le otl.txt

OTL logfile created on: 01/09/2011 19:08:14 - Run 1

OTL by OldTimer - Version 3.2.27.0 Folder = Z:\

Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 63,61% Memory free

6,00 Gb Paging File | 4,38 Gb Available in Paging File | 73,09% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 139,73 Gb Total Space | 29,73 Gb Free Space | 21,28% Space Free | Partition Type: NTFS

Drive F: | 465,73 Gb Total Space | 22,64 Gb Free Space | 4,86% Space Free | Partition Type: NTFS

Drive W: | 48,83 Gb Total Space | 12,99 Gb Free Space | 26,60% Space Free | Partition Type: NTFS

Drive Z: | 547,33 Gb Total Space | 270,81 Gb Free Space | 49,48% Space Free | Partition Type: NTFS

Computer Name: CYRIL-PC | User Name: cyril | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/01 19:06:46 | 000,581,120 | ---- | M] (OldTimer Tools) -- Z:\OTL.exe

PRC - [2011/09/01 18:36:22 | 000,243,360 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10w_ActiveX.exe

PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011/07/04 13:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe

PRC - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2011/04/20 04:04:36 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe

PRC - [2011/04/20 04:04:06 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe

PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2010/11/17 10:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

PRC - [2010/09/30 15:16:10 | 002,159,352 | ---- | M] () -- C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe

PRC - [2010/09/08 11:45:10 | 001,034,752 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe

PRC - [2010/09/08 11:44:50 | 000,484,352 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe

PRC - [2010/09/08 11:42:28 | 005,185,536 | ---- | M] (Western Digital Technologies, Inc.) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe

PRC - [2010/09/08 11:41:36 | 000,237,056 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

PRC - [2010/07/19 18:31:56 | 000,976,192 | ---- | M] (SFR) -- C:\Program Files\SFR\Kit\9props.exe

PRC - [2010/06/26 02:15:32 | 001,311,312 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe

PRC - [2010/06/22 21:09:20 | 000,112,208 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe

PRC - [2010/04/30 11:32:00 | 000,126,904 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\ccSvcHst.exe

PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

PRC - [2009/11/08 00:51:28 | 002,230,192 | ---- | M] (Beepa P/L) -- C:\Fraps\fraps.exe

PRC - [2009/10/30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe

PRC - [2009/09/22 12:51:56 | 000,339,968 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard Driver\KMProcess.exe

PRC - [2009/09/22 12:45:58 | 000,391,168 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard Driver\KMCONFIG.exe

PRC - [2009/09/16 22:14:48 | 000,153,608 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Gaming Software\LWEMon.exe

PRC - [2009/08/31 23:00:28 | 001,821,184 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard Driver\KMWDSrv.exe

PRC - [2009/07/14 03:14:28 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe

PRC - [2009/02/10 17:54:02 | 000,485,376 | ---- | M] (Micro Application) -- C:\Program Files\Micro Application\LauncherMA.exe

PRC - [2008/05/30 02:22:36 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Keyboard Driver\StartAutorun.exe

PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe

========== Modules (No Company Name) ==========

MOD - [2011/08/24 16:16:18 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\bb04320c07e3c71ac2d18cb382d97f41\WindowsFormsIntegration.ni.dll

MOD - [2011/08/24 16:15:23 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7f94f6b13f92f1e093716d3e15bf86d1\PresentationFramework.Aero.ni.dll

MOD - [2011/08/24 16:14:58 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c60906a715473ceccf93f0559527e84d\PresentationFramework.ni.dll

MOD - [2011/08/24 16:14:58 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\4a63fb97b3c648a28b8047697869ee7d\UIAutomationProvider.ni.dll

MOD - [2011/08/24 16:14:49 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5566b57732d9edea236f54d06149835a\PresentationCore.ni.dll

MOD - [2011/08/24 16:14:42 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6124dbbfd45927c4a6226d6e6bca6253\WindowsBase.ni.dll

MOD - [2011/08/24 16:13:05 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3e3b399b69c569ab1ed3b0ace2c8c20\System.Runtime.Remoting.ni.dll

MOD - [2011/08/24 16:13:00 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\33b601c8e2cf4993e68d763389246197\System.Web.ni.dll

MOD - [2011/08/24 15:53:45 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll

MOD - [2011/08/24 15:53:40 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll

MOD - [2011/08/24 15:53:34 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\ebdaeeb5ef1a6209d67a2f70fcaf5cd5\System.Core.ni.dll

MOD - [2011/08/24 15:53:29 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll

MOD - [2011/08/24 15:53:26 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll

MOD - [2011/08/24 15:53:25 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll

MOD - [2011/08/24 15:53:20 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll

MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011/04/19 22:16:28 | 000,243,712 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

MOD - [2010/11/13 01:35:38 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll

MOD - [2010/07/19 18:32:06 | 000,079,168 | ---- | M] () -- C:\Program Files\SFR\Kit\9unelevate.dll

MOD - [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

MOD - [2008/06/16 10:06:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Keyboard Driver\MouseHook.dll

MOD - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe

MOD - [2007/09/02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll

MOD - [2007/03/29 13:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files\Keyboard Driver\keydll.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (PEVSystemStart)

SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011/07/04 13:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2011/06/17 09:33:46 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ)

SRV - [2011/04/20 04:04:06 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)

SRV - [2011/01/09 14:52:48 | 000,310,640 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)

SRV - [2010/09/30 15:16:10 | 002,159,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe -- (OS Selector)

SRV - [2010/09/08 11:45:10 | 001,034,752 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)

SRV - [2010/09/08 11:44:50 | 000,484,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)

SRV - [2010/09/08 11:41:36 | 000,237,056 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)

SRV - [2010/06/03 10:30:58 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2010/04/30 11:32:00 | 000,126,904 | R--- | M] (Symantec Corporation) [unknown | Running] -- C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\ccSvcHst.exe -- (NSL)

SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2009/08/31 23:00:28 | 001,821,184 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Keyboard Driver\KMWDSrv.exe -- (KMWDSERVICE)

SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011/08/30 18:41:18 | 000,166,976 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)

DRV - [2011/08/29 21:12:54 | 000,309,320 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\Trufos.sys -- (Trufos)

DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2011/07/04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV - [2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2011/04/30 14:00:18 | 000,039,064 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)

DRV - [2011/04/30 14:00:06 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)

DRV - [2011/04/20 04:43:40 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)

DRV - [2011/04/20 04:43:40 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)

DRV - [2011/04/20 03:22:08 | 000,243,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)

DRV - [2011/03/30 20:46:36 | 000,100,880 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)

DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2010/11/19 11:34:14 | 000,141,568 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)

DRV - [2010/11/19 11:34:12 | 000,062,208 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)

DRV - [2010/09/23 11:11:28 | 000,316,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)

DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)

DRV - [2010/03/18 11:02:32 | 000,028,624 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)

DRV - [2010/03/09 12:21:26 | 000,107,024 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV - [2009/11/17 11:54:34 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)

DRV - [2009/09/16 17:55:00 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)

DRV - [2009/09/11 13:48:04 | 000,066,056 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore)

DRV - [2009/09/11 13:47:54 | 000,014,984 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid)

DRV - [2009/09/11 13:47:42 | 000,031,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmHidLo.sys -- (WmHidLo)

DRV - [2009/09/11 13:47:32 | 000,035,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter)

DRV - [2009/09/11 13:47:22 | 000,022,792 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum)

DRV - [2009/08/26 13:45:10 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)

DRV - [2009/04/29 16:37:26 | 000,025,088 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTERx86)

DRV - [2009/02/13 13:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)

DRV - [2007/02/16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)

DRV - [2007/02/03 11:32:36 | 000,041,504 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)

DRV - [2007/02/03 11:25:56 | 001,075,360 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl)

DRV - [2004/08/13 10:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

DRV - [2002/09/16 19:07:24 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\PQNTDRV.sys -- (PQNTDrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 49 FD E4 15 63 67 CA 01 [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\..\URLSearchHook: {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\cyril\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\cyril\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.0.0.60\coFFNST\ [2010/06/07 09:38:15 | 000,000,000 | ---D | M]

[2010/09/26 22:41:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010/06/03 10:39:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/08/21 10:33:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR)

O2 - BHO: (IncrediMail MediaBar Francais 2 Toolbar) - {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.)

O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)

O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\CoIEPlg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (IncrediMail MediaBar Francais 2 Toolbar) - {249d74a3-bd19-4657-b6ce-e62f480a20de} - C:\Program Files\IncrediMail_MediaBar_Francais_2\prxtbIncr.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\CoIEPlg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\1.0.0.60\CoIEPlg.dll (Symantec Corporation)

O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)

O4 - HKLM..\Run: [Disk SpeedUp] C:\Program Files\Glarysoft\Disk SpeedUp\Defrag.exe (Glarysoft Ltd)

O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)

O4 - HKLM..\Run: [KMCONFIG] File not found

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)

O4 - HKLM..\Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)

O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKCU..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (SFR)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)

O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()

O4 - Startup: C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lanceur.lnk = C:\Program Files\Micro Application\LauncherMA.exe (Micro Application)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 4

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 4

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 12 = msconfig.exe (Microsoft Corporation)

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s hoc k wave/cab s /fla s h/s wfla s h.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3CECBD22-FEC5-4023-A6EE-773293212762}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88FFEBA4-1F0E-4452-8F1C-15EDA8CC6AFE}: DhcpNameServer = 192.168.1.1

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - C:\Program Files\Stardock\Object Desktop\DeskScapes3\deskscapes.dll (Stardock Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{b61d46d0-0391-11e0-bf84-806e6f6e6963}\Shell - "" = AutoRun

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()

Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)

Drivers32: VIDC.I420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)

Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)

Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)

Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()

Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011/08/31 11:51:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2011/08/31 10:03:22 | 000,000,000 | ---D | C] -- C:\Users\cyril\Documents\BlackMirrorIII

[2011/08/31 09:12:58 | 000,000,000 | ---D | C] -- C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viva Media

[2011/08/30 22:43:50 | 000,000,000 | ---D | C] -- C:\Users\cyril\DoctorWeb

[2011/08/30 18:41:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis

[2011/08/30 18:41:18 | 000,166,976 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\snapman.sys

[2011/08/30 18:41:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis

[2011/08/30 18:41:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Acronis

[2011/08/30 18:41:11 | 000,000,000 | ---D | C] -- C:\Program Files\Acronis

[2011/08/30 18:39:28 | 000,000,000 | ---D | C] -- C:\Users\cyril\AppData\Local\CrashDumps

[2011/08/29 21:21:26 | 000,000,000 | ---D | C] -- C:\Users\cyril\AppData\Local\NPE

[2011/08/29 21:12:54 | 000,309,320 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\Trufos.sys

[2011/08/29 19:24:06 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2011/08/29 17:34:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2011/08/29 17:34:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2011/08/29 17:34:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2011/08/29 17:34:49 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2011/08/29 17:33:53 | 000,000,000 | ---D | C] -- C:\Qoobox

[2011/08/28 23:32:48 | 000,000,000 | ---D | C] -- C:\Nouveau dossier

[2011/08/26 22:35:25 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner

[2011/08/24 23:26:39 | 000,000,000 | ---D | C] -- C:\Users\cyril\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ad-Remover

[2011/08/24 23:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Remover

[2011/08/24 23:20:29 | 000,000,000 | ---D | C] -- C:\Users\cyril\AppData\Roaming\Malwarebytes

[2011/08/24 23:20:25 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011/08/24 23:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/08/24 23:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/08/24 23:20:22 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011/08/24 23:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/08/24 16:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes

[2011/08/24 13:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2011/08/24 13:53:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011/08/24 11:03:44 | 000,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes

[2011/08/24 09:54:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2011/08/23 23:31:54 | 000,000,000 | ---D | C] -- C:\Users\cyril\Desktop\Maroc 2011

[2011/08/22 12:25:44 | 000,000,000 | ---D | C] -- C:\Users\cyril\Desktop\copie contacts iphone

[2011/08/22 11:50:53 | 000,000,000 | ---D | C] -- C:\Users\cyril\Desktop\dernieres photos iphone

[2011/08/22 10:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2011/08/22 10:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011/08/22 10:54:41 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2011/08/21 00:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Carte Bleue LCL

[2011/08/21 00:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\e-Carte Bleue LCL

[2011/08/20 22:29:12 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011/08/20 22:29:11 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2011/08/20 22:29:11 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2011/08/20 22:29:10 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2011/08/20 22:29:10 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011/08/20 21:38:39 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2011/08/20 21:38:38 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2011/08/20 21:38:11 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

[2011/08/20 21:38:10 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll

[2011/08/20 21:38:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll

[2011/08/20 21:38:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll

[2011/08/20 21:38:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll

[2011/08/20 21:38:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll

[2011/08/20 21:38:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll

[2011/08/20 21:38:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll

[2011/08/20 21:38:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll

[2011/08/20 21:38:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll

[2011/08/20 21:38:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll

[2011/08/20 21:38:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll

[2011/08/20 21:38:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll

[2011/08/20 21:38:07 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll

[2011/08/20 21:38:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll

[2011/08/20 21:38:07 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll

[2011/08/20 21:38:07 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll

[2011/08/20 21:38:07 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll

[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/01 19:10:20 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/09/01 18:38:03 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/09/01 18:38:00 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-952067579-1566468737-2390835133-1000UA.job

[2011/09/01 18:37:08 | 000,013,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/09/01 18:37:08 | 000,013,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/09/01 18:36:22 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2011/09/01 18:34:21 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job

[2011/09/01 18:34:20 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/09/01 18:29:57 | 000,402,768 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/09/01 18:29:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/09/01 18:29:47 | 2415,173,632 | -HS- | M] () -- C:\hiberfil.sys

[2011/08/31 23:35:58 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys

[2011/08/31 21:38:00 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-952067579-1566468737-2390835133-1000Core.job

[2011/08/31 08:39:49 | 000,001,524 | ---- | M] () -- C:\Users\cyril\Desktop\DrWeb.csv

[2011/08/30 18:41:18 | 000,166,976 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\snapman.sys

[2011/08/30 18:41:16 | 000,001,181 | ---- | M] () -- C:\Users\Public\Desktop\Acronis Disk Director 11 Home.lnk

[2011/08/29 21:24:48 | 016,856,015 | ---- | M] () -- C:\Users\cyril\AppData\Roaming\SMRBackup210.dat

[2011/08/29 21:12:54 | 000,309,320 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\Trufos.sys

[2011/08/29 19:24:07 | 000,000,466 | RHS- | M] () -- C:\boot.ini

[2011/08/29 14:37:32 | 000,704,242 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2011/08/29 14:37:32 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/08/29 14:37:32 | 000,130,548 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2011/08/29 14:37:32 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/08/28 22:25:09 | 000,135,168 | -H-- | M] () -- C:\Users\cyril\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/08/24 23:26:39 | 000,001,802 | ---- | M] () -- C:\Users\cyril\Desktop\Ad-Remover.lnk

[2011/08/24 23:22:15 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/08/24 22:57:04 | 000,008,212 | ---- | M] () -- C:\Users\cyril\Documents\cc_20110824_225657.reg

[2011/08/24 16:27:44 | 000,000,126 | -HS- | M] () -- C:\ProgramData\.zreglib

[2011/08/24 13:55:16 | 000,155,544 | ---- | M] () -- C:\Users\cyril\Documents\cc_20110824_135508.reg

[2011/08/24 13:53:06 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011/08/24 11:42:13 | 000,001,306 | ---- | M] () -- C:\Users\cyril\Desktop\téléchargements.lnk

[2011/08/22 10:56:48 | 000,001,718 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011/08/21 00:06:32 | 000,001,865 | ---- | M] () -- C:\Users\cyril\Application Data\Microsoft\Internet Explorer\Quick Launch\e-Carte Bleue LCL.lnk

[2011/08/20 22:26:43 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/01 19:10:20 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/08/31 08:39:49 | 000,001,524 | ---- | C] () -- C:\Users\cyril\Desktop\DrWeb.csv

[2011/08/30 18:41:16 | 000,001,181 | ---- | C] () -- C:\Users\Public\Desktop\Acronis Disk Director 11 Home.lnk

[2011/08/29 21:21:46 | 016,856,015 | ---- | C] () -- C:\Users\cyril\AppData\Roaming\SMRBackup210.dat

[2011/08/29 19:24:06 | 000,263,488 | RHS- | C] () -- C:\cmldr

[2011/08/29 17:34:52 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2011/08/29 17:34:52 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2011/08/29 17:34:52 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2011/08/29 17:34:52 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2011/08/29 17:34:52 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2011/08/24 23:26:39 | 000,001,802 | ---- | C] () -- C:\Users\cyril\Desktop\Ad-Remover.lnk

[2011/08/24 23:20:25 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/08/24 22:56:59 | 000,008,212 | ---- | C] () -- C:\Users\cyril\Documents\cc_20110824_225657.reg

[2011/08/24 13:55:12 | 000,155,544 | ---- | C] () -- C:\Users\cyril\Documents\cc_20110824_135508.reg

[2011/08/24 13:53:06 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011/08/24 11:01:53 | 006,986,240 | ---- | C] () -- C:\Program Files\server.exe

[2011/08/22 10:56:48 | 000,001,718 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011/08/21 00:06:32 | 000,001,865 | ---- | C] () -- C:\Users\cyril\Application Data\Microsoft\Internet Explorer\Quick Launch\e-Carte Bleue LCL.lnk

[2011/04/19 22:10:32 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OVDecode.dll

[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

[2011/03/17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat

[2011/02/28 23:30:06 | 000,233,012 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

[2011/01/12 19:21:37 | 000,026,073 | ---- | C] () -- C:\Users\cyril\AppData\Roaming\UserTile.png

[2010/09/24 17:12:11 | 000,000,126 | -HS- | C] () -- C:\ProgramData\.zreglib

[2010/08/31 18:37:44 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2010/08/31 18:37:44 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2010/08/31 18:37:41 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2010/08/31 18:37:41 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2010/08/31 18:37:41 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2010/07/10 22:37:23 | 000,135,168 | -H-- | C] () -- C:\Users\cyril\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/02/25 10:49:20 | 000,000,760 | -H-- | C] () -- C:\Users\cyril\AppData\Roaming\setup_ldm.iss

[2010/01/12 18:09:32 | 000,044,544 | ---- | C] () -- C:\Windows\System32\Gif89.dll

[2009/11/17 11:35:59 | 001,669,120 | ---- | C] () -- C:\Windows\System32\BootMan.exe

[2009/11/17 11:35:59 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe

[2009/11/17 11:35:59 | 000,014,848 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll

[2009/11/17 11:35:59 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys

[2009/11/17 11:35:59 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys

[2009/11/17 10:36:29 | 000,007,605 | -H-- | C] () -- C:\Users\cyril\AppData\Local\resmon.resmoncfg

[2009/11/16 11:20:43 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2009/07/14 10:39:49 | 000,704,242 | ---- | C] () -- C:\Windows\System32\perfh00C.dat

[2009/07/14 10:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat

[2009/07/14 10:39:49 | 000,130,548 | ---- | C] () -- C:\Windows\System32\perfc00C.dat

[2009/07/14 10:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat

[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 06:33:53 | 000,402,768 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2009/07/14 04:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2009/07/14 04:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2007/02/03 09:59:04 | 000,050,127 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

[2004/08/13 10:56:20 | 000,005,810 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2011/08/24 23:43:37 | 000,008,161 | ---- | M] () -- C:\Ad-Report-SCAN[1].txt

[2008/12/18 22:51:40 | 000,027,822 | ---- | M] () -- C:\ASLog.txt

[2009/06/10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2010/03/11 10:45:56 | 000,078,559 | ---- | M] () -- C:\bookmarks.html

[2010/05/26 16:10:31 | 000,000,350 | ---- | M] () -- C:\Boot.bak

[2011/08/29 19:24:07 | 000,000,466 | RHS- | M] () -- C:\boot.ini

[2009/11/16 11:17:48 | 000,000,350 | RHS- | M] () -- C:\Boot.ini.saved

[2008/04/14 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin

[2010/11/20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr

[2009/11/16 11:17:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2004/08/03 23:00:08 | 000,263,488 | RHS- | M] () -- C:\cmldr

[2009/06/10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys

[2008/12/10 23:41:32 | 000,000,117 | ---- | M] () -- C:\finfos.txt

[2008/12/03 21:26:38 | 000,171,136 | RHS- | M] () -- C:\grldr

[2011/09/01 18:29:47 | 2415,173,632 | -HS- | M] () -- C:\hiberfil.sys

[2008/01/19 22:00:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2010/05/13 16:59:45 | 000,000,000 | ---- | M] () -- C:\itouch_config_crash_info.txt

[2010/05/12 19:38:49 | 000,000,000 | ---- | M] () -- C:\itouch_crash_info.txt

[2008/11/10 19:58:59 | 000,002,786 | ---- | M] () -- C:\LGSInst.Log

[2008/12/10 23:40:42 | 000,001,611 | ---- | M] () -- C:\mkv.txt

[2008/01/19 22:00:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2008/04/14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM

[2008/04/14 14:00:00 | 000,252,240 | RHS- | M] () -- C:\ntldr

[2011/09/01 18:29:49 | 3220,234,240 | -HS- | M] () -- C:\pagefile.sys

[2011/09/01 19:10:20 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2009/05/21 19:46:33 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm

[2009/07/22 11:26:53 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm

[2009/10/07 10:24:06 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm

[2009/11/16 11:12:55 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm

[2009/05/21 19:46:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm

[2009/07/22 11:26:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm

[2009/10/07 10:24:06 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm

[2009/11/16 11:12:55 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm

[2011/08/29 21:12:24 | 000,072,232 | ---- | M] () -- C:\TDSSKiller.2.5.17.0_29.08.2011_21.11.35_log.txt

[2003/03/12 13:50:11 | 000,000,052 | -H-- | M] () -- C:\WM800918.bin

[2010/03/31 15:31:21 | 000,000,000 | ---- | M] () -- C:\________

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

[2011/04/20 04:05:08 | 000,462,848 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll

[2011/05/01 19:09:24 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

[2009/07/14 03:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll

[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >

[2011/07/04 13:32:12 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswFsBlk.sys

[2011/07/04 13:32:20 | 000,054,104 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswMonFlt.sys

[2011/07/04 13:32:32 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswRdr.sys

[2011/07/04 13:36:43 | 000,441,176 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswSnx.sys

[2011/07/04 13:36:32 | 000,309,848 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswSP.sys

[2011/07/04 13:35:23 | 000,043,608 | ---- | M] (AVAST Software) -- C:\Windows\system32\drivers\aswTdi.sys

[2011/08/31 23:35:58 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\system32\drivers\LNonPnP.sys

[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbam.sys

[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbamswissarmy.sys

[2011/07/09 04:30:00 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\mrxsmb10.sys

[2011/08/30 18:41:18 | 000,166,976 | ---- | M] (Acronis) -- C:\Windows\system32\drivers\snapman.sys

[2011/06/21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\tcpip.sys

[2011/08/29 21:12:54 | 000,309,320 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\system32\drivers\Trufos.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-30 16:38:07

========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\Windows:4F3CA095B3EE28F3

< End of report >

et extra.txt

OTL Extras logfile created on: 01/09/2011 19:08:14 - Run 1

OTL by OldTimer - Version 3.2.27.0 Folder = Z:\

Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 63,61% Memory free

6,00 Gb Paging File | 4,38 Gb Available in Paging File | 73,09% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 139,73 Gb Total Space | 29,73 Gb Free Space | 21,28% Space Free | Partition Type: NTFS

Drive F: | 465,73 Gb Total Space | 22,64 Gb Free Space | 4,86% Space Free | Partition Type: NTFS

Drive W: | 48,83 Gb Total Space | 12,99 Gb Free Space | 26,60% Space Free | Partition Type: NTFS

Drive Z: | 547,33 Gb Total Space | 270,81 Gb Free Space | 49,48% Space Free | Partition Type: NTFS

Computer Name: CYRIL-PC | User Name: cyril | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card

"{06E34C00-0446-4176-81C8-A5DAFE53CA36}" = Acronis Disk Director 11 Home

"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club

"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding

"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare

"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 26

"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{33BC9D7E-E790-495E-A4EA-CFB160C17A91}" = Logitech Gaming Software 5.08

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager

"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3D6B54EF-65E4-4624-8709-03A3BBE2C240}" = e-Carte Bleue LCL

"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT

"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX

"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11

"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore

"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg

"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2

"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001

"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater

"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver

"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance

"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{589D0376-CF0C-3096-40E4-D2A15FE7987B}" = WMV9/VC-1 Video Playback

"{5E97F3BD-CDDC-4188-9D98-532E14FABB5D}" = IncrediMail

"{5F577CD8-A997-2E11-83BC-4445DD2D4542}" = Catalyst Control Center

"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger

"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA

"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr

"{658DE1DF-D156-DD5A-800E-20C693806F65}" = Catalyst Control Center InstallProxy

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6844F85B-1AEE-093A-5FC9-235035B3A127}" = Catalyst Control Center Graphics Previews Common

"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support

"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic

"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker

"{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{71790311-0C42-B5BC-AF01-97BFFEF2A30B}" = ATI Catalyst Install Manager

"{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari

"{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{77EC0035-AFBA-4A8C-814A-6A887224C1A1}" = DeskScapes

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed Hot Pursuit

"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher

"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS

"{8C3A3C74-0163-F062-08D6-C8AC7430669E}" = ccc-utility

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini

"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{93665FB0-2A3D-47E1-AB9A-1925130924BB}" = Ma-Config.com

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95140000-00AF-040C-0000-0000000FF1CE}" = Visionneuse Microsoft PowerPoint

"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse

"{98D451C4-4ACA-4273-BB47-57CFE46B048E}" = WD SmartWare

"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A81D3EB9-20E6-A6E3-2537-26964CE91417}" = AMD Drag and Drop Transcoding

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}" = Windows Live Remote Service Resources

"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.5 - Français

"{ADFBA869-0359-4C24-8CEF-DB0FBE90B987}" = Mega Manager

"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook

"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI

"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth

"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore

"{B7749EE2-5318-D255-F0EE-14D5845B0925}" = CCC Help English

"{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver

"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Les Sims™ 3

"{C06EFB22-B5DB-46C5-9215-BCB5C19C0858}" = LauncherMA

"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support

"{C4E1603B-E550-4A14-8F53-4E989849D1B4}" = Google SketchUp 8

"{C73CA646-73B3-4AEF-A136-C37505745174}" = iTunes

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery

"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar

"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack

"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour

"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game

"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Logiciel Kodak EasyShare

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR

"{DC754D8F-1D06-4016-BF57-8D21F97E1F0A}" = JunkFilterPlus

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DFCDD1CE-6D49-49B8-BFB7-93391D22776B}" = Keyboard Driver

"{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}" = Windows Live Remote Client Resources

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page

"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable

"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK

"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety

"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS

"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock

"{FCFBA290-CB48-4AF1-A241-2685AEDEDD66}" = Windows Live Family Safety

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"avast" = avast! Free Antivirus

"Bink and Smacker" = Bink and Smacker

"Black Mirror 3" = Black Mirror 3

"CCleaner" = CCleaner

"Cities XL" = Cities XL

"CloneCD" = CloneCD

"conduitEngine" = Conduit Engine

"DeskScapes" = DeskScapes

"Disk SpeedUp" = Disk SpeedUp 1.1.0.317

"Driver Cleaner Pro" = DH Driver Cleaner Professional Edition

"Duplicate Cleaner_is1" = Duplicate Cleaner 1.4.3

"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 4.1.1 Home Edition

"F.E.A.R. 3_is1" = F.E.A.R. 3

"Fraps" = Fraps

"Glary Utilities_is1" = Glary Utilities 2.35.0.1216

"IncrediMail" = IncrediMail 2.0

"IncrediMail_MediaBar_Francais_2 Toolbar" = IncrediMail MediaBar Francais 2 Toolbar

"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver

"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0

"InstallShield_{B910DD1A-49B1-4068-9C08-E3C3AEC0C30A}" = Keyboard & Mouse Driver

"InstallShield_{DFCDD1CE-6D49-49B8-BFB7-93391D22776B}" = Keyboard Driver

"JDownloader" = JDownloader

"JunkFilterPlus" = IncrediMail JunkFilter Plus

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.0

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800

"Marvell Miniport Driver" = Marvell Miniport Driver

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"NST" = Norton Safe Web Lite

"OpenAL" = OpenAL

"PhotoMail" = PhotoMail Maker

"Picasa 3" = Picasa 3

"RocketDock_is1" = RocketDock 1.3.5

"SFR_Kit" = SFR - Kit de connexion

"SP6" = Logitech SetPoint 6.30

"VLC media player" = VLC media player 1.1.10

"WinLiveSuite" = Windows Live

"WinRAR archiver" = Logiciel d'archivage WinRAR

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Ad-Remover" = Ad-Remover

"CopyTrans Suite" = CopyTrans Suite désinstallation uniquement

"Google Chrome" = Google Chrome

"XBMC" = XBMC

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]

Error - 12/01/2010 11:47:06 | Computer Name = cyril-PC | Source = avast! | ID = 33554522

Description =

Error - 03/06/2010 05:51:52 | Computer Name = cyril-PC | Source = avast! | ID = 33554522

Description =

[ Application Events ]

Error - 31/08/2011 05:07:46 | Computer Name = cyril-PC | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Program Files\Common

Files\Acronis\DiskDirector\WinPE\Files\systeminfo.exe ». Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 31/08/2011 05:08:17 | Computer Name = cyril-PC | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Program Files\Common

Files\Acronis\DiskDirector\WinPE\Files\RecoveryExpert.exe ». Assembly dépendant

Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 31/08/2011 05:08:26 | Computer Name = cyril-PC | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Program Files\Common

Files\Acronis\DiskDirector\WinPE\Files\ManagementConsole.exe ». Assembly dépendant

Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 31/08/2011 05:08:32 | Computer Name = cyril-PC | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Program Files\Common

Files\Acronis\DiskDirector\WinPE\Files\mmsBundle.dll ». Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 31/08/2011 05:50:33 | Computer Name = cyril-PC | Source = Microsoft-Windows-CAPI2 | ID = 513

Description = Les services de chiffrement ont échoué lors du traitement de l’appel

OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to

back up image of binary DrWeb Protection. System Error: Le fichier spécifié est introuvable.

.

Error - 31/08/2011 09:37:56 | Computer Name = cyril-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante iexplore.exe, version : 9.0.8112.16421,

horodatage : 0x4d76255d Nom du module défaillant : aswWebRepIE.dll, version : 6.0.1203.0,

horodatage : 0x4e11a754 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000151a3

ID

du processus défaillant : 0x1b80 Heure de début de l’application défaillante : 0x01cc67e330557cb1

Chemin

d’accès de l’application défaillante : C:\Program Files\Internet Explorer\iexplore.exe

Chemin

d’accès du module défaillant: C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

ID

de rapport : 6e992951-d3d6-11e0-8ef3-00221505f1a3

Error - 31/08/2011 09:38:07 | Computer Name = cyril-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante iexplore.exe, version : 9.0.8112.16421,

horodatage : 0x4d76255d Nom du module défaillant : aswWebRepIE.dll, version : 6.0.1203.0,

horodatage : 0x4e11a754 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000151a3

ID

du processus défaillant : 0xa24 Heure de début de l’application défaillante : 0x01cc67e336fa2d28

Chemin

d’accès de l’application défaillante : C:\Program Files\Internet Explorer\iexplore.exe

Chemin

d’accès du module défaillant: C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

ID

de rapport : 750d0511-d3d6-11e0-8ef3-00221505f1a3

Error - 31/08/2011 15:51:52 | Computer Name = cyril-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante Explorer.EXE, version : 6.1.7601.17567,

horodatage : 0x4d6727a7 Nom du module défaillant : madFlac.ax, version : 1.8.0.0,

horodatage : 0x2a425e19 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00001c19

ID

du processus défaillant : 0x1ab0 Heure de début de l’application défaillante : 0x01cc67e2e599135d

Chemin

d’accès de l’application défaillante : C:\Windows\Explorer.EXE Chemin d’accès du

module défaillant: C:\Program Files\K-Lite Codec Pack\Filters\madFlac.ax ID de rapport

: abaf0807-d40a-11e0-8ef3-00221505f1a3

Error - 31/08/2011 17:41:43 | Computer Name = cyril-PC | Source = Application Hang | ID = 1002

Description = Le programme MSetup.exe version 2.17.0.4 a cessé d’interagir avec

Windows et a été fermé. Pour déterminer si des informations supplémentaires sont

disponibles, consultez l’historique du problème dans le Centre de maintenance. ID

de processus : 1f1c Heure de début : 01cc6825d8b9734e Heure de fin : 3 Chemin d’accès

de l’application : C:\Users\fiber\AppData\Local\Temp\Logitech\SetPoint_1\MSetup.exe

ID

de rapport :

Error - 01/09/2011 12:34:41 | Computer Name = cyril-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante Explorer.EXE, version : 6.1.7601.17567,

horodatage : 0x4d6727a7 Nom du module défaillant : deskscape.dll, version : 3.2.5.0,

horodatage : 0x4cb9c613 Code d’exception : 0xc00000fd Décalage d’erreur : 0x0000ed1a

ID

du processus défaillant : 0xd10 Heure de début de l’application défaillante : 0x01cc68c5001dd5cc

Chemin

d’accès de l’application défaillante : C:\Windows\Explorer.EXE Chemin d’accès du

module défaillant: C:\Program Files\Stardock\Object Desktop\DeskScapes3\deskscape.dll

ID

de rapport : 49f20ea2-d4b8-11e0-8998-00221505f1a3

[ Media Center Events ]

Error - 12/02/2011 14:11:44 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0

Description = 19:11:43 - Erreur de connexion à Internet. 19:11:43 - Impossible

de contacter le service..

Error - 12/02/2011 15:11:49 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0

Description = 20:11:49 - Erreur de connexion à Internet. 20:11:49 - Impossible

de contacter le service..

Error - 12/02/2011 15:11:55 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0

Description = 20:11:55 - Erreur de connexion à Internet. 20:11:55 - Impossible

de contacter le service..

Error - 12/02/2011 17:38:19 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0

Description = 22:38:19 - Erreur de connexion à Internet. 22:38:19 - Impossible

de contacter le service..

Error - 12/02/2011 17:38:28 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0

Description = 22:38:24 - Erreur de connexion à Internet. 22:38:24 - Impossible

de contacter le service..

Error - 28/02/2011 16:05:06 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0

Description = 21:05:06 - Erreur de connexion à Internet. 21:05:06 - Impossible

de contacter le service..

Error - 28/02/2011 17:06:59 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0

Description = 22:06:59 - Erreur de connexion à Internet. 22:06:59 - Impossible

de contacter le service..

Error - 01/03/2011 17:15:20 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0

Description = 22:15:19 - Erreur de connexion à Internet. 22:15:19 - Impossible

de contacter le service..

Error - 01/03/2011 18:17:17 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0

Description = 23:17:17 - Erreur de connexion à Internet. 23:17:17 - Impossible

de contacter le service..

Error - 06/03/2011 04:49:13 | Computer Name = cyril-PC | Source = MCUpdate | ID = 0

Description = 09:49:13 - Erreur de connexion à Internet. 09:49:13 - Impossible

de contacter le service..

[ System Events ]

Error - 30/08/2011 16:42:48 | Computer Name = cyril-PC | Source = Service Control Manager | ID = 7001