[WhiteRayne2]

Hello I am WhiteRayne2 and I am new here, hoping someone can help me. Yesterday I was away from my comp for a few minutes and when I came back 2 Internet Explorer windows (i never use IE, i use firefox) were open and i remember one had Chido.exe in address bar. Didn't really gave it much attention and closed both windows. I was using comp and noticed it got really slow so i tried to open task manager and to my big surprise, it said taskmgr was disabled by my administrator. I looked in my taskbar icons and noticed Avast! and Spybot S&D were gone. When I tried to start them back on, they would get killed few seconds after. Tried rebooting in safe mode but it won't work because i land right on BSOD for reasons i do not know. When I boot normaly (with ethernet cable unplugged, as I believe my virus is doing a DDOS,) three instances of mIRC (never installed it) try to connect to a server. Ran all the suggested software, only Malwarebytes managed to get me back access to taskmgr, that gets killed after a few seconds, just like antivirus software. Now I'm preatty stuck, and internet doesnt even work on it anymore. Had to use thumbdrive to get anything in and out. Here are my logs and attached to the post are screenshots of the weird hacked mIRC client.


MBAM LOG:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

2010-06-23 11:39:10
mbam-log-2010-06-23 (11-39-10).txt

Scan type: Quick scan
Objects scanned: 141716
Time elapsed: 5 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 5
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\{38061edc-40bb-4618-a8da-e56353347e6d} (Adware.EZlife) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)






GMER LOG:







GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-23 15:10:34
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\uxldypow.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwAssignProcessToJobObject [0xF36A1610]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwClose [0xF338929D]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwCreateEvent [0xF33728FC]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwCreateEventPair [0xF3372954]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwCreateIoCompletion [0xF3372A6A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwCreateKey [0xF3388C51]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwCreateMutant [0xF3372852]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwCreateSection [0xF33729A4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwCreateSemaphore [0xF33728A6]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwCreateTimer [0xF3372A18]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDebugActiveProcess [0xF36A1C10]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwDeleteKey [0xF3389963]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwDeleteValueKey [0xF3389A6A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwDuplicateObject [0xF337319C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwEnumerateKey [0xF33897CE]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwEnumerateValueKey [0xF3389639]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwLoadDriver [0xF3370D0C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwOpenEvent [0xF337292C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwOpenEventPair [0xF337297C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwOpenIoCompletion [0xF3372A94]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwOpenKey [0xF3388FAD]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwOpenMutant [0xF337287E]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwOpenProcess [0xF3372FD4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwOpenSection [0xF33729E4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwOpenSemaphore [0xF33728D4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwOpenThread [0xF33730B8]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwOpenTimer [0xF3372A42]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwProtectVirtualMemory [0xF36A16D0]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwQueryKey [0xF33894B4]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwQueryObject [0xF3371832]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwQueryValueKey [0xF3389306]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwReplyWaitReceivePort [0xF3373310]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwReplyWaitReceivePortEx [0xF3372F0A]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwRestoreKey [0xF33882EC]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetContextThread [0xF36A1690]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetInformationThread [0xF36A1650]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetSecurityObject [0xF36A17D0]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwSetSystemInformation [0xF3370D66]
SSDT spqr.sys ZwSetValueKey [0xF72AD29C]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwShutdownSystem [0xF3370E76]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendProcess [0xF36A1510]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendThread [0xF36A1590]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/ALWIL Software) ZwSystemDebugControl [0xF3370E88]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateProcess [0xF36A14D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateThread [0xF36A15D0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwWriteVirtualMemory [0xF36A1750]

INT 0x63 ? 8B174BF8
INT 0x63 ? 8B174BF8
INT 0x63 ? 8B174BF8
INT 0x63 ? 8B174BF8
INT 0x63 ? 8AF89BF8
INT 0x63 ? 8B174BF8
INT 0x83 ? 8B174BF8
INT 0x83 ? 8B174BF8
INT 0x83 ? 8AF89BF8
INT 0x83 ? 8B174BF8
INT 0x84 ? 8AF89BF8
INT 0xA4 ? 8AF89BF8
INT 0xA4 ? 8AF89BF8
INT 0xA4 ? 8AF89BF8
INT 0xA4 ? 8AF89BF8
INT 0xB4 ? 8AF89BF8

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2FC4 80504860 12 Bytes [10, 15, 6A, F3, 90, 15, 6A, ...]
? spqr.sys Le fichier spÈcifiÈ est introuvable. !
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF5CFC380, 0x566445, 0xE8000020]
.text USBPORT.SYS!DllUnload F5CDC8AC 5 Bytes JMP 8AF891D8
.text a5h50kob.SYS F5C38386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text a5h50kob.SYS F5C383AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text a5h50kob.SYS F5C383C4 3 Bytes [00, 80, 02]
.text a5h50kob.SYS F5C383C9 1 Byte [30]
.text a5h50kob.SYS F5C383C9 11 Bytes [30, 00, 00, 00, 5E, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESI; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL}
.text ...
init C:\WINDOWS\system32\drivers\monfilt.sys entry point in "init" section [0xF37A3280]
.text C:\WINDOWS\system32\drivers\oreans32.sys section is writeable [0xF6A00280, 0x7B1C, 0xE8000020]
? C:\WINDOWS\system32\drivers\ikishq.sys Le fichier spÈcifiÈ est introuvable. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[1244] ntdll.dll!LdrLoadDll 7C9263C3 5 Bytes JMP 004013F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text C:\WINDOWS\system32\SearchIndexer.exe[1568] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
.text C:\Program Files\Pando Networks\Media Booster\PMB.exe[3180] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8B1731F8

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

Device \FileSystem\Fastfat \FatCdrom 8ABA2500
Device \Driver\usbuhci \Device\USBPDO-0 8AEB6500
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8B1EA1F8
Device \Driver\dmio \Device\DmControl\DmConfig 8B1EA1F8
Device \Driver\dmio \Device\DmControl\DmPnP 8B1EA1F8
Device \Driver\dmio \Device\DmControl\DmInfo 8B1EA1F8
Device \Driver\usbuhci \Device\USBPDO-1 8AEB6500
Device \Driver\usbuhci \Device\USBPDO-2 8AEB6500
Device \Driver\usbehci \Device\USBPDO-3 8AEA11F8
Device \Driver\sptd \Device\697315006 spqr.sys
Device \Driver\usbuhci \Device\USBPDO-4 8AEB6500

AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys (ESET Antivirus Network Redirector/ESET)

Device \Driver\usbuhci \Device\USBPDO-5 8AEB6500
Device \Driver\usbuhci \Device\USBPDO-6 8AEB6500
Device \Driver\Ftdisk \Device\HarddiskVolume1 8B1751F8

AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 snapman.sys (Acronis Snapshot API/Acronis)

Device \Driver\usbehci \Device\USBPDO-7 8AEA11F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 8B1751F8

AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 snapman.sys (Acronis Snapshot API/Acronis)

Device \Driver\Cdrom \Device\CdRom0 8AF551F8
Device \Driver\Cdrom \Device\CdRom1 8AF551F8
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-12 [F71E7B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F71E7B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F71E7B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [F71E7B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-7 [F71E7B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 [F71E7B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort4 [F71E7B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort5 [F71E7B40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\USBSTOR \Device\000000a5 8ABC8500
Device \Driver\USBSTOR \Device\000000a6 8ABC8500
Device \Driver\PCI_PNP5006 \Device\00000067 spqr.sys
Device \Driver\NetBT \Device\NetBt_Wins_Export 8ABC5500
Device \Driver\NetBT \Device\NetbiosSmb 8ABC5500
Device \Driver\usbuhci \Device\USBFDO-0 8AEB6500
Device \Driver\usbuhci \Device\USBFDO-1 8AEB6500
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8ABC3500
Device \Driver\usbuhci \Device\USBFDO-2 8AEB6500
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8ABC3500
Device \Driver\usbehci \Device\USBFDO-3 8AEA11F8
Device \Driver\usbuhci \Device\USBFDO-4 8AEB6500
Device \Driver\Ftdisk \Device\FtControl 8B1751F8
Device \Driver\usbuhci \Device\USBFDO-5 8AEB6500
Device \Driver\usbuhci \Device\USBFDO-6 8AEB6500
Device \Driver\usbehci \Device\USBFDO-7 8AEA11F8
Device \Driver\a5h50kob \Device\Scsi\a5h50kob1Port6Path0Target0Lun0 8AE7D1F8
Device \Driver\a5h50kob \Device\Scsi\a5h50kob1 8AE7D1F8
Device \FileSystem\Fastfat \Fat 8ABA2500

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

Device \FileSystem\Cdfs \Cdfs 8ABC6500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\[email protected] C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\[email protected] 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\[email protected] 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\[email protected] 0x35 0x5D 0x48 0xD1 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\0[email protected] 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\0[email protected] 0x15 0x0E 0x88 0xE5 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\[email protected] 0x13 0x4F 0x7B 0x1B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\[email protected] 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\[email protected] 0x35 0x5D 0x48 0xD1 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\0[email protected] 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\0[email protected] 0x15 0x0E 0x88 0xE5 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\[email protected] 0x13 0x4F 0x7B 0x1B ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\[email protected] C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\[email protected] 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\[email protected] 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\[email protected] 0x35 0x5D 0x48 0xD1 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\0[email protected] 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\0[email protected] 0x15 0x0E 0x88 0xE5 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\[email protected] 0x13 0x4F 0x7B 0x1B ...

---- EOF - GMER 1.0.15 ----









OTL LOG:








OTL logfile created on: 2010-06-23 16:50:24 - Run 1
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\Utilisateur\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 78,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 89,07 Gb Free Space | 38,25% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 698,64 Gb Total Space | 561,06 Gb Free Space | 80,31% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 3,77 Gb Total Space | 3,21 Gb Free Space | 85,07% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SYSTEME
Current User Name: Utilisateur
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010-06-23 10:34:26 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Utilisateur\Bureau\OTL.exe
PRC - [2010-04-27 13:43:48 | 000,611,840 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010-04-27 13:42:22 | 000,135,168 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010-04-05 08:23:13 | 000,979,928 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009-11-11 10:57:36 | 001,521,152 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009-10-27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009-10-07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009-08-31 11:25:16 | 000,701,784 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Fichiers communs\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2009-08-28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008-11-26 10:36:12 | 000,393,216 | -H-- | M] (DeviceVM) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2008-10-15 17:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\winvnc4.exe
PRC - [2008-07-23 12:54:10 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe
PRC - [2008-07-10 20:28:06 | 040,999,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
PRC - [2008-07-10 02:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008-04-13 22:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007-10-15 15:59:14 | 000,143,360 | ---- | M] () -- C:\Program Files\Razer\Lachesis\razertra.exe
PRC - [2007-09-12 11:52:18 | 000,245,760 | ---- | M] () -- C:\Program Files\Razer\Lachesis\razerhid.exe
PRC - [2007-08-16 17:05:16 | 000,274,432 | ---- | M] (razercfg MFC Application) -- C:\Program Files\Razer\Lachesis\OSD.exe
PRC - [2007-06-05 10:37:12 | 000,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\Lachesis\razerofa.exe
PRC - [2007-05-03 11:56:39 | 001,682,432 | -H-- | M] (mIRC Co. Ltd.) -- C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\Winupdate\Microsoft\Services.exe
PRC - [2005-10-25 23:48:30 | 000,172,032 | ---- | M] (Acronis) -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
PRC - [2005-03-09 20:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) -- C:\WINDOWS\system32\libusbd-nt.exe
PRC - [2004-01-19 13:36:54 | 000,114,688 | ---- | M] (Igor Nys) -- C:\Documents and Settings\Utilisateur\Bureau\DOSSIERS\TrayIt\trayit!.exe
PRC - [2003-06-20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE


========== Modules (SafeList) ==========

MOD - [2010-06-23 10:34:26 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Utilisateur\Bureau\OTL.exe
MOD - [2008-04-13 22:32:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004-01-19 12:55:22 | 000,028,672 | ---- | M] (Igor Nys) -- C:\Documents and Settings\Utilisateur\Bureau\DOSSIERS\TrayIt\trayit!.dll


========== Win32 Services (SafeList) ==========

SRV - [2010-05-06 16:59:25 | 000,119,200 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2010-04-27 13:43:48 | 000,611,840 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010-03-29 17:12:18 | 000,810,120 | ---- | M] (ESET) [Disabled | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009-10-07 20:11:00 | 003,323,920 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009-10-07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009-09-15 16:29:04 | 000,057,640 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2009-09-15 16:04:58 | 000,331,824 | ---- | M] (AnchorFree Inc.) [Disabled | Stopped] -- C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2009-08-28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008-11-26 10:36:12 | 000,393,216 | -H-- | M] (DeviceVM) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2008-10-15 17:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)
SRV - [2008-07-23 12:54:10 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2008-07-10 20:28:06 | 040,999,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2008-07-10 20:28:06 | 000,369,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server Agent (SQLEXPRESS)
SRV - [2008-07-10 20:28:04 | 000,047,128 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE -- (MSSQLServerADHelper100)
SRV - [2008-07-10 02:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008-07-10 02:49:34 | 000,258,072 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2005-10-25 23:48:30 | 000,172,032 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2005-04-04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005-03-09 20:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) [Auto | Running] -- C:\WINDOWS\system32\libusbd-nt.exe -- (libusbd)
SRV - [2004-09-23 13:58:02 | 000,450,560 | ---- | M] (Lexmark International, Inc.) [On_Demand | Stopped] -- C:\WINDOWS\System32\lxbucoms.exe -- (lxbu_device)
SRV - [2003-07-28 21:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003-06-20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Running] -- -- (asc3360pr)
DRV - [2010-05-06 16:41:12 | 000,307,280 | ---- | M] (ALWIL Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2010-05-06 16:33:59 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010-05-06 16:33:29 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010-04-17 15:15:01 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)
DRV - [2010-04-03 18:55:31 | 010,232,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2010-03-29 17:13:44 | 000,095,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010-03-29 17:12:00 | 000,114,984 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010-03-29 17:07:30 | 000,140,216 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010-03-19 16:10:13 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aswNdis.sys -- (aswNdis)
DRV - [2010-02-26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010-02-26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010-02-26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010-02-26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009-11-10 19:50:55 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009-11-08 23:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009-10-20 19:00:10 | 000,089,680 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TotRec8.sys -- (TotRec8)
DRV - [2009-10-20 19:00:04 | 000,130,640 | ---- | M] (High Criteria inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TotRec7.sys -- (TotRec7)
DRV - [2009-10-07 04:49:50 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009-10-07 04:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam Pro 9000(UVC)
DRV - [2009-10-07 04:47:54 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009-10-07 02:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009-09-15 16:04:58 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2009-08-07 02:42:36 | 001,053,056 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CAMTHWDM.sys -- (CAMTHWDM)
DRV - [2009-02-20 12:20:16 | 000,249,152 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009-02-20 12:20:16 | 000,030,688 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009-02-20 12:20:15 | 000,096,320 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2008-09-07 23:05:10 | 000,874,240 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008-07-10 02:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2008-04-13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2008-04-13 12:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008-02-14 02:12:00 | 001,389,056 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\monfilt.sys -- (monfilt)
DRV - [2008-02-02 19:54:00 | 000,036,864 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008-01-14 06:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2008-01-03 10:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007-08-08 11:04:16 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Lachesis.sys -- (LachesisFltr)
DRV - [2005-03-09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\libusb0.sys -- (libusb0)
DRV - [2004-08-13 14:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2002-06-03 22:38:38 | 000,311,684 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\P1001Vid.sys -- (P1001VID) Creative WebCam (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.co...en&source=iglk"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.11.6
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: [email protected]:1.3.0
FF - prefs.js..extensions.enabledItems: {077a24e9-0db5-435f-9010-5261c53e5925}:2008.1.9
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.26
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..network.proxy.backup.ftp: "142.150.238.12 "
FF - prefs.js..network.proxy.backup.ftp_port: 3127
FF - prefs.js..network.proxy.backup.gopher: "142.150.238.12 "
FF - prefs.js..network.proxy.backup.gopher_port: 3127
FF - prefs.js..network.proxy.backup.socks: "142.150.238.12 "
FF - prefs.js..network.proxy.backup.socks_port: 3127
FF - prefs.js..network.proxy.backup.ssl: "142.150.238.12 "
FF - prefs.js..network.proxy.backup.ssl_port: 3127
FF - prefs.js..network.proxy.ftp: "142.150.238.12 "
FF - prefs.js..network.proxy.ftp_port: 3127
FF - prefs.js..network.proxy.gopher: "142.150.238.12 "
FF - prefs.js..network.proxy.gopher_port: 3127
FF - prefs.js..network.proxy.http: "142.150.238.12 "
FF - prefs.js..network.proxy.http_port: 3127
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "142.150.238.12 "
FF - prefs.js..network.proxy.socks_port: 3127
FF - prefs.js..network.proxy.ssl: "142.150.238.12 "
FF - prefs.js..network.proxy.ssl_port: 3127

FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010-06-06 15:22:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-06-18 22:57:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-06-18 22:57:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010-06-06 15:22:59 | 000,000,000 | ---D | M]

[2009-08-30 21:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Extensions
[2009-08-30 21:57:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Extensions\[email protected]
[2010-06-22 13:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\b55kn7hd.default\extensions
[2010-04-17 00:14:11 | 000,000,000 | ---D | M] (Mabinogi Avatar Renderer) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\b55kn7hd.default\extensions\{077a24e9-0db5-435f-9010-5261c53e5925}
[2009-11-09 19:04:50 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\b55kn7hd.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2010-05-01 21:32:36 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\b55kn7hd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010-06-18 22:05:38 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\b55kn7hd.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010-03-16 22:08:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\b55kn7hd.default\extensions\[email protected]
[2010-01-07 20:26:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Mozilla\Firefox\Profiles\b55kn7hd.default\extensions\[email protected]
[2010-06-23 11:26:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009-07-17 04:40:12 | 000,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
[2010-03-30 12:57:04 | 000,098,304 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2010-03-11 22:15:01 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010-03-11 22:15:01 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010-03-11 22:15:01 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2009-08-05 08:40:36 | 000,000,748 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml
[2010-03-11 22:15:01 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010-03-24 19:15:22 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010-06-14 17:30:59 | 000,404,448 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13984 more lines...
O2 - BHO: (Aide pour le lien d'Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\hssie\HssIE.dll (AnchorFree Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Fichiers communs\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe ()
O4 - HKLM..\Run: [LXBUCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.DLL ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [Service] C:\WINDOWS\System32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\Winupdate\Microsoft\Hiderun.exe (None)
O4 - HKLM..\Run: [WinSrv] C:\WINDOWS\System32\softwaredistribution\setup\servicestartup\wups.dll\winupdate\microsoft\hiderun.exe Services.exe File not found
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunServices: [LoadPowerProfiles] C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\Winupdate\Microsoft\run.bat ()
O4 - Startup: C:\Documents and Settings\Utilisateur\Menu Démarrer\Programmes\Démarrage\TrayIt!.lnk = C:\Documents and Settings\Utilisateur\Bureau\DOSSIERS\TrayIt\trayit!.exe (Igor Nys)
F3 - HKCU WinNT: Run - (c:\windows\system32\softwaredistribution\setup\servicestartup\wups.dll\winupdate\microsoft\services.exe) - C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\Winupdate\Microsoft\Services.exe (mIRC Co. Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1272933551312 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1272933501265 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab (Minesweeper Flags Class)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Fichiers communs\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-02-20 10:37:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007-08-02 08:00:00 | 000,000,281 | RHS- | M] () - G:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{0d1a30c9-474b-11df-9505-00235479c9f4}\Shell\AutoRun\command - "" = H:\OpenMe.exe -- File not found
O33 - MountPoints2\{0d1a30c9-474b-11df-9505-00235479c9f4}\Shell\readme\command - "" = notepad ReadMe.txt
O33 - MountPoints2\{0d1a30c9-474b-11df-9505-00235479c9f4}\Shell\verb\command - "" = H:\OpenMe.exe -- File not found
O33 - MountPoints2\{3ae49b6c-9950-11de-93e0-00235479c9f4}\Shell\aUTOPlaY\command - "" = G:\ocybaq.pif -- [2010-06-23 09:20:40 | 000,222,207 | RHS- | M] (Microsoft Corporation)
O33 - MountPoints2\{3ae49b6c-9950-11de-93e0-00235479c9f4}\Shell\AutoRun\command - "" = G:\ocybaq.pif -- [2010-06-23 09:20:40 | 000,222,207 | RHS- | M] (Microsoft Corporation)
O33 - MountPoints2\{3ae49b6c-9950-11de-93e0-00235479c9f4}\Shell\exPLORE\CoMmaND - "" = G:\ocybaq.pif -- [2010-06-23 09:20:40 | 000,222,207 | RHS- | M] (Microsoft Corporation)
O33 - MountPoints2\{3ae49b6c-9950-11de-93e0-00235479c9f4}\Shell\open\COmmANd - "" = G:\ocybaq.pif -- [2010-06-23 09:20:40 | 000,222,207 | RHS- | M] (Microsoft Corporation)
O33 - MountPoints2\{40415abe-82f8-11de-93b8-00235479c9f4}\Shell\AutoRun\command - "" = F:\wd_windows_tools\WDEULA.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2009-02-20 05:22:18 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: aux - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux4 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: aux5 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi4 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midi5 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\WINDOWS\System32\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\WINDOWS\System32\DrvTrNTm.dll (High Criteria inc.)
Drivers32: mixer1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer4 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer5 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer6 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - C:\WINDOWS\System32\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\WINDOWS\System32\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msaudio1 - C:\WINDOWS\System32\msaud32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\WINDOWS\System32\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msg723 - C:\WINDOWS\System32\msg723.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\WINDOWS\System32\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.IYUV - C:\WINDOWS\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.M261 - C:\WINDOWS\System32\msh261.drv (Microsoft Corporation)
Drivers32: vidc.M263 - C:\WINDOWS\System32\msh263.drv (Microsoft Corporation)
Drivers32: vidc.mrle - C:\WINDOWS\System32\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\WINDOWS\System32\msvidc32.dll (Microsoft Corporation)
Drivers32: VIDC.UYVY - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YUY2 - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVU9 - C:\WINDOWS\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32: VIDC.YVYU - C:\WINDOWS\System32\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\WINDOWS\System32\DrvTrNTm.dll (High Criteria inc.)
Drivers32: wave1 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave4 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave5 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wave6 - C:\WINDOWS\System32\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\WINDOWS\System32\msacm32.drv (Microsoft Corporation)

CREATERESTOREPOINT
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

========== Files/Folders - Created Within 90 Days ==========

[2010-06-23 16:49:08 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Utilisateur\Bureau\OTL.exe
[2010-06-23 16:00:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Bureau\anti rootkit
[2010-06-23 11:33:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Application Data\Malwarebytes
[2010-06-23 11:31:41 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-06-23 11:31:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010-06-23 11:31:37 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-06-23 11:31:37 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-06-23 11:30:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010-06-23 11:29:54 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010-06-22 19:16:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Bureau\francis_jambon
[2010-06-19 17:46:52 | 000,000,000 | ---D | C] -- C:\Program Files\Project64 1.6
[2010-06-19 17:24:32 | 002,080,797 | ---- | C] (Project64 ) -- C:\Documents and Settings\Utilisateur\Bureau\Project64_1.6.exe
[2010-06-19 16:35:58 | 000,000,000 | ---D | C] -- C:\ijji
[2010-06-18 22:57:56 | 000,713,312 | ---- | C] (NHN USA) -- C:\WINDOWS\System32\ijjiSetup.exe
[2010-06-18 22:57:56 | 000,427,008 | ---- | C] (True Games Interactive) -- C:\WINDOWS\System32\uc_wepic_launching.dll
[2010-06-18 22:57:56 | 000,208,384 | ---- | C] (<YNK Intractive>) -- C:\WINDOWS\System32\uc_rohan_launching.dll
[2010-06-18 22:57:56 | 000,147,456 | ---- | C] (TODO: <Company name>) -- C:\WINDOWS\System32\uc_neosteam_launching.dll
[2010-06-18 22:57:56 | 000,086,624 | ---- | C] (<NHN USA Inc>.) -- C:\WINDOWS\System32\ijjiChannelingPlugin.dll
[2010-06-18 22:57:56 | 000,075,264 | ---- | C] (<NHN USA Inc>.) -- C:\WINDOWS\System32\uc_holybeast_launching.dll
[2010-06-18 22:57:56 | 000,064,000 | ---- | C] (<NHN USA Inc>.) -- C:\WINDOWS\System32\uc_sfighters_launching.dll
[2010-06-18 22:57:56 | 000,062,048 | ---- | C] (NHN USA Inc.) -- C:\WINDOWS\System32\ijjiProcessRestarter.exe
[2010-06-18 22:57:56 | 000,061,440 | ---- | C] (<NHN USA Inc>.) -- C:\WINDOWS\System32\uc_atlantica_launching.dll
[2010-06-18 22:57:56 | 000,057,952 | ---- | C] (NHN USA Corp.) -- C:\WINDOWS\System32\ijjiPlugin2.dll
[2010-06-18 22:57:56 | 000,053,248 | ---- | C] (<NHN USA Inc>.) -- C:\WINDOWS\System32\uc_luminary_launching.dll
[2010-06-18 22:57:55 | 000,000,000 | ---D | C] -- C:\Program Files\ijji
[2010-06-14 20:54:34 | 000,000,000 | ---D | C] -- C:\Program Files\Soldier of Fortune II - Double Helix
[2010-06-14 20:36:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Bureau\map
[2010-06-14 18:05:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Bureau\adm
[2010-06-13 22:23:30 | 000,493,328 | ---- | C] (Infragistics, Inc.) -- C:\WINDOWS\System32\IGToolBars50.ocx
[2010-06-13 22:23:30 | 000,431,872 | ---- | C] (Infragistics, Inc.) -- C:\WINDOWS\System32\SSInput1.ocx
[2010-06-13 22:23:30 | 000,415,392 | ---- | C] (VideoSoft) -- C:\WINDOWS\System32\VSFLEX6.OCX
[2010-06-13 22:23:30 | 000,365,568 | ---- | C] (VideoSoft) -- C:\WINDOWS\System32\Vsflex6d.ocx
[2010-06-13 22:23:30 | 000,349,968 | ---- | C] (Infragistics, Inc.) -- C:\WINDOWS\System32\IGThreed40.ocx
[2010-06-13 22:23:30 | 000,299,008 | ---- | C] (Infragistics, Inc.) -- C:\WINDOWS\System32\IGTabs40.ocx
[2010-06-13 22:23:30 | 000,182,032 | ---- | C] (Infragistics, Inc.) -- C:\WINDOWS\System32\IGSplitter40.ocx
[2010-06-13 22:23:30 | 000,112,336 | ---- | C] (Infragistics Inc.) -- C:\WINDOWS\System32\PVMarq.ocx
[2010-06-13 22:23:30 | 000,110,592 | ---- | C] (Common Controls Replacement Project (CCRP)) -- C:\WINDOWS\System32\ccrpbds6.dll
[2010-06-13 22:23:29 | 000,291,328 | ---- | C] (Softuarium) -- C:\WINDOWS\System32\xzipper30.ocx
[2010-06-13 22:23:29 | 000,259,728 | ---- | C] (VideoSoft) -- C:\WINDOWS\System32\Vsocx6.ocx
[2010-06-13 22:23:29 | 000,242,176 | ---- | C] (Softuarium) -- C:\WINDOWS\System32\XUNZIP30.OCX
[2010-06-13 22:23:29 | 000,217,088 | ---- | C] (Softuarium) -- C:\WINDOWS\System32\SPICOPENER.OCX
[2010-06-13 22:23:29 | 000,112,344 | ---- | C] (Infragistics Inc.) -- C:\WINDOWS\System32\PVPrgbar.ocx
[2010-06-13 22:23:29 | 000,108,240 | ---- | C] (Infragistics Inc.) -- C:\WINDOWS\System32\PVPict.ocx
[2010-06-13 22:23:29 | 000,046,808 | ---- | C] (Infragistics, Inc.) -- C:\WINDOWS\System32\ssmask.dll
[2010-06-13 22:23:28 | 001,056,768 | ---- | C] (Blue Sky Software Corporation.) -- C:\WINDOWS\System32\ROBOEX32.DLL
[2010-06-13 22:23:28 | 000,000,000 | ---D | C] -- C:\Program Files\Custom Installs
[2010-06-13 21:16:22 | 000,307,280 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2010-06-13 21:16:06 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswNdis.sys
[2010-06-13 21:14:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Bureau\lic 1
[2010-06-13 21:05:54 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-06-13 21:05:54 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-06-13 21:05:53 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-06-13 21:05:45 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-06-13 21:05:45 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010-06-13 21:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010-06-11 21:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\Finale Reader
[2010-06-06 15:26:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Nokia
[2010-06-06 15:26:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Local Settings\Application Data\NokiaAccount
[2010-06-06 15:22:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
[2010-06-05 12:45:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Application Data\Research In Motion
[2010-06-05 12:44:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010-06-05 12:44:21 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Roxio Shared
[2010-06-05 12:44:07 | 000,000,000 | ---D | C] -- C:\Program Files\Research In Motion
[2010-06-05 12:44:07 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Research In Motion
[2010-06-04 22:31:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Mes documents\NOKIA BCKUP
[2010-06-03 23:18:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Application Data\Street-Ads
[2010-06-03 23:18:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Application Data\Sky-Banners
[2010-05-30 00:45:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010-05-29 13:34:39 | 000,018,816 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys
[2010-05-29 13:34:31 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010-05-29 13:33:59 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys
[2010-05-29 13:33:58 | 000,008,192 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys
[2010-05-29 13:33:57 | 000,022,528 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys
[2010-05-29 13:33:56 | 000,662,016 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcocls.dll
[2010-05-29 13:33:56 | 000,018,176 | ---- | C] (Nokia) -- C:\WINDOWS\System32\drivers\ccdcmb.sys
[2010-05-29 12:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Application Data\PC Suite
[2010-05-29 12:53:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Application Data\Nokia
[2010-05-29 12:53:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010-05-29 12:52:56 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\PCSuite
[2010-05-29 12:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Nokia
[2010-05-29 12:52:13 | 000,092,672 | ---- | C] (Nokia) -- C:\WINDOWS\System32\nmwcdcls.dll
[2010-05-29 12:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2010-05-29 12:44:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010-05-27 19:58:48 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Utilisateur\Recent
[2010-05-27 18:55:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Bureau\ÒüèÒüòÒéÅÒéèÒüªÒü»
[2010-05-19 21:42:56 | 000,000,000 | ---D | C] -- C:\Program Files\Red Eye Remover
[2010-05-17 23:29:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Application Data\Screenshot Sender
[2010-05-17 23:16:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Mes documents\My Webcam Recordings
[2010-05-17 23:16:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Application Data\MessengerDiscovery 2
[2010-05-17 23:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\MessengerDiscovery 2
[2010-05-17 23:15:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MessengerDiscovery 2
[2010-05-16 17:08:19 | 000,000,000 | ---D | C] -- C:\.yanillescapeclientv3_file_store_32
[2010-05-04 21:40:36 | 000,000,000 | ---D | C] -- C:\Program Files\cwRsync
[2010-05-03 21:07:03 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010-05-03 20:59:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010-05-03 19:06:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Local Settings\Application Data\ESET
[2010-05-03 18:47:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
[2010-05-03 18:44:59 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010-05-03 18:44:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010-04-29 22:14:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Mes documents\Rainmeter
[2010-04-29 22:14:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Application Data\Rainmeter
[2010-04-29 22:12:49 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter
[2010-04-21 20:09:17 | 000,249,856 | ---- | C] (Razer Inc.) -- C:\WINDOWS\System32\Lachesis.cpl
[2010-04-21 20:09:17 | 000,014,592 | ---- | C] (Motorola) -- C:\WINDOWS\System32\drivers\Usbicp.sys
[2010-04-21 20:09:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Razer
[2010-04-21 20:09:14 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010-04-21 20:09:05 | 000,012,032 | ---- | C] (Razer (Asia-Pacific) Pte Ltd) -- C:\WINDOWS\System32\drivers\Lachesis.sys
[2010-04-21 20:08:54 | 000,000,000 | ---D | C] -- C:\Program Files\Razer
[2010-04-18 10:52:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010-04-18 10:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\Fraps
[2010-04-18 10:48:11 | 000,000,000 | ---D | C] -- C:\Downloads
[2010-04-17 17:40:52 | 000,000,000 | ---D | C] -- C:\Program Files\PowerISO
[2010-04-17 17:36:44 | 000,000,000 | ---D | C] -- C:\Program Files\danny_kay1710
[2010-04-17 15:15:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Mes documents\³Ø½¼ Ç÷¯±×
[2010-04-17 00:24:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Local Settings\Application Data\PMB Files
[2010-04-17 00:24:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010-04-13 21:56:33 | 000,000,000 | -H-D | C] -- C:\dvmexp
[2010-04-13 21:56:19 | 000,000,000 | -H-D | C] -- C:\ASUS.000
[2010-04-13 21:56:09 | 000,000,000 | -H-D | C] -- C:\ASUS.SYS
[2010-04-13 21:55:20 | 000,000,000 | ---D | C] -- C:\Program Files\Downloaded Installations
[2010-04-13 18:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\Express Gate
[2010-04-13 18:19:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Application Data\Download Manager
[2010-03-31 02:00:46 | 000,086,016 | ---- | C] (Beepa P/L) -- C:\WINDOWS\System32\frapsvid.dll
[2010-03-29 18:19:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Utilisateur\Mes documents\BG
[2010-03-29 17:13:44 | 000,095,872 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2010-03-29 17:12:00 | 000,114,984 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys
[2010-03-29 17:07:30 | 000,140,216 | ---- | C] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys

========== Files - Modified Within 90 Days ==========

[2010-06-23 15:55:38 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010-06-23 15:55:36 | 000,276,296 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010-06-23 15:55:23 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010-06-23 15:55:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010-06-23 15:55:18 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2010-06-23 15:55:16 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2010-06-23 15:28:47 | 011,534,336 | -H-- | M] () -- C:\Documents and Settings\Utilisateur\NTUSER.DAT
[2010-06-23 11:31:43 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010-06-23 11:29:55 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\NTREGOPT.lnk
[2010-06-23 11:29:55 | 000,000,599 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\ERUNT.lnk
[2010-06-23 10:34:26 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Utilisateur\Bureau\OTL.exe
[2010-06-23 09:27:48 | 019,549,374 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\Sans titre3.bmp
[2010-06-23 09:27:31 | 019,549,374 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\Sans titre2.bmp
[2010-06-23 09:27:16 | 019,549,374 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\Sans titre.bmp
[2010-06-22 22:04:49 | 000,000,265 | ---- | M] () -- C:\WINDOWS\system.ini
[2010-06-22 19:32:19 | 000,001,526 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277235119674.jpg
[2010-06-22 19:32:13 | 000,001,526 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277235226835.jpg
[2010-06-22 19:32:12 | 000,001,526 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277235477138.jpg
[2010-06-22 19:32:06 | 000,001,526 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277235720050.jpg
[2010-06-22 19:32:03 | 000,001,526 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277235896208.jpg
[2010-06-22 19:32:02 | 000,001,526 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277236009597.gif
[2010-06-22 19:31:54 | 000,001,526 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277236224752.jpg
[2010-06-22 19:31:51 | 000,001,526 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277236224428.jpg
[2010-06-22 19:31:47 | 000,001,526 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277236350997.jpg
[2010-06-22 19:31:44 | 000,001,526 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277236401940.jpg
[2010-06-22 19:31:41 | 000,001,526 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277236529872.jpg
[2010-06-22 19:31:38 | 000,001,526 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277236768059.jpg
[2010-06-22 19:31:32 | 000,001,526 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277237269477.gif
[2010-06-22 19:31:32 | 000,001,526 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277233660417.jpg
[2010-06-22 19:31:22 | 000,001,526 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277236613308.jpg
[2010-06-22 19:21:50 | 277,154,314 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\francis_jambonn.zip
[2010-06-22 16:08:15 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010-06-20 09:57:43 | 000,074,439 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\Mario & Yoshi (E) [!].zip
[2010-06-20 09:57:16 | 000,256,032 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\Mario 7-in-1 (Mapper 04) [p1][!].zip
[2010-06-20 09:56:19 | 000,323,742 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\1200-in-1 [p1].zip
[2010-06-19 18:06:25 | 000,026,856 | ---- | M] () -- C:\WINDOWS\System32\wbers.dat.dmp
[2010-06-19 18:06:25 | 000,003,600 | ---- | M] () -- C:\WINDOWS\System32\wbers.dat
[2010-06-19 17:50:48 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\A.V.A.lnk
[2010-06-19 17:46:53 | 000,001,797 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\Project64 1.6.lnk
[2010-06-19 15:11:59 | 000,128,194 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\36669_1494763007605_1189972855_31459398_3486308_n.jpg
[2010-06-19 15:11:16 | 000,093,431 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\36669_1494756647446_1189972855_31459390_4791180_n.jpg
[2010-06-19 13:17:33 | 000,291,826 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\djminifix.exe
[2010-06-19 05:26:42 | 002,097,741 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\Oli.jpg
[2010-06-18 22:57:57 | 000,001,687 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk
[2010-06-18 22:57:57 | 000,001,669 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ijji REACTOR.lnk
[2010-06-17 01:31:46 | 002,033,188 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\Hotmail.zip
[2010-06-16 22:31:38 | 000,709,378 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude8.jpg
[2010-06-16 22:31:38 | 000,665,854 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude9.jpg
[2010-06-16 22:31:38 | 000,657,584 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude10.jpg
[2010-06-16 22:30:24 | 000,674,383 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude7.jpg
[2010-06-16 22:30:24 | 000,662,090 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude5.jpg
[2010-06-16 22:30:24 | 000,640,587 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude1.jpg
[2010-06-16 22:30:24 | 000,621,432 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude3.jpg
[2010-06-16 22:30:24 | 000,616,473 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude4.jpg
[2010-06-16 22:30:24 | 000,606,162 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude2.jpg
[2010-06-16 22:30:24 | 000,581,945 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude6.jpg
[2010-06-16 18:53:57 | 000,041,984 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-06-15 21:58:46 | 000,064,714 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\36225_1459052671674_1094109077_1340434_3212_n.jpg
[2010-06-14 20:56:09 | 000,000,881 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\SOF II Single Player.lnk
[2010-06-14 20:56:09 | 000,000,807 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\SOF II Multiplayer.lnk
[2010-06-14 20:56:09 | 000,000,770 | ---- | M] () -- C:\WINDOWS\Sof2.INI
[2010-06-14 18:49:02 | 000,012,057 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\sof2mp.cfg
[2010-06-14 17:30:59 | 000,404,448 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010-06-14 08:42:36 | 001,094,021 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\dvdshrink32setup1.zip
[2010-06-13 22:58:55 | 002,111,336 | -H-- | M] () -- C:\Documents and Settings\Utilisateur\Local Settings\Application Data\IconCache.db
[2010-06-13 22:23:28 | 000,001,597 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\SOF2 Runner.lnk
[2010-06-13 21:34:40 | 000,062,686 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\The_Legend_of_Zelda_-_Ocarina_of_Time_-_Zelda%27s_Lullaby.pdf
[2010-06-13 21:16:07 | 000,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010-06-13 21:15:45 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\avast! Internet Security.lnk
[2010-06-13 21:04:53 | 051,731,232 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\setup_av_free.exe
[2010-06-13 20:17:52 | 000,000,971 | ---- | M] () -- C:\WINDOWS\win.ini
[2010-06-13 20:17:52 | 000,000,238 | RHS- | M] () -- C:\boot.ini
[2010-06-13 18:56:33 | 124,736,743 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\DinksMOD_client.pk3
[2010-06-13 18:49:21 | 000,000,284 | -HS- | M] () -- C:\Documents and Settings\Utilisateur\ntuser.ini
[2010-06-13 18:29:34 | 000,535,482 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\memtest86-3.5.iso.zip
[2010-06-13 18:17:48 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-06-13 08:46:18 | 000,001,806 | -H-- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\Default.rdp
[2010-06-12 17:47:46 | 001,953,792 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\Penguin Storm 12.exe
[2010-06-12 08:45:42 | 000,078,024 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010-06-12 08:45:28 | 000,287,704 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010-06-11 21:18:36 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Finale Reader.lnk
[2010-06-11 21:18:36 | 000,000,749 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Finale Reader.lnk
[2010-06-10 17:57:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010-06-08 20:36:59 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2010-06-08 20:21:39 | 000,403,749 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100614-173059.backup
[2010-06-08 18:39:31 | 024,359,803 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\2010_04_04_AOJQ_Arlesienne_Prelude.wmv
[2010-06-08 18:30:00 | 038,803,559 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\2010_04_04_AOJQ_Hansel.wmv
[2010-06-07 21:29:49 | 098,734,058 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\SHERBONNE 2010.rar
[2010-06-06 15:24:10 | 000,001,795 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Nokia Ovi Suite.lnk
[2010-06-05 12:58:16 | 000,000,256 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\pool.bin
[2010-06-05 12:54:19 | 000,743,821 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\Backup-(2010-06-05).ipd
[2010-06-05 12:44:25 | 000,001,736 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Desktop Manager.lnk
[2010-06-05 00:28:27 | 000,403,749 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100608-202139.backup
[2010-06-04 22:42:14 | 000,000,385 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010-06-04 22:42:12 | 000,038,482 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Application Data\Microsoft Excel.ADR
[2010-06-04 09:46:44 | 000,000,163 | ---- | M] () -- C:\WINDOWS\spychat.dat
[2010-06-02 22:59:41 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010-06-02 22:59:41 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010-06-02 20:43:16 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010-05-30 18:57:56 | 000,001,428 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\ Mabinogi .lnk
[2010-05-29 13:33:05 | 000,001,862 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Nokia Software Updater.lnk
[2010-05-29 12:56:48 | 001,345,218 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010-05-29 12:56:48 | 000,601,204 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010-05-29 12:56:48 | 000,509,718 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010-05-29 12:56:48 | 000,118,804 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010-05-29 12:56:48 | 000,096,454 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010-05-29 12:55:51 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
[2010-05-29 12:55:47 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010-05-29 12:55:47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00.Wdf
[2010-05-29 12:54:50 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
[2010-05-29 12:54:49 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010-05-29 12:52:57 | 000,001,770 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Nokia PC Suite.lnk
[2010-05-28 00:54:54 | 001,451,818 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1275001180575.jpg
[2010-05-28 00:54:51 | 000,284,589 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1275000978904.jpg
[2010-05-28 00:54:48 | 000,144,589 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1275000343532.jpg
[2010-05-28 00:54:45 | 000,391,950 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999771552.jpg
[2010-05-28 00:54:41 | 000,372,138 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999591316.png
[2010-05-28 00:54:38 | 000,192,516 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999586995.jpg
[2010-05-28 00:54:34 | 000,956,340 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999553103.jpg
[2010-05-28 00:54:30 | 000,054,567 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999534507.jpg
[2010-05-28 00:54:28 | 000,149,585 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999502437.gif
[2010-05-28 00:54:25 | 000,237,070 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999429538.jpg
[2010-05-28 00:54:22 | 000,703,383 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999168686.jpg
[2010-05-28 00:54:19 | 000,993,425 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999124562.jpg
[2010-05-28 00:54:16 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998950677.png
[2010-05-28 00:54:13 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998877449.jpg
[2010-05-28 00:54:10 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998811022.png
[2010-05-28 00:54:07 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998672079.gif
[2010-05-28 00:54:05 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998629875.png
[2010-05-28 00:54:01 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998387405.jpg
[2010-05-28 00:53:58 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998269147.png
[2010-05-28 00:52:53 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274995990911.jpg
[2010-05-28 00:52:50 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996073048.jpg
[2010-05-28 00:52:47 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996236342.jpg
[2010-05-28 00:52:44 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996561624.jpg
[2010-05-28 00:52:42 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996692882.jpg
[2010-05-28 00:52:39 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996721726.jpg
[2010-05-28 00:52:36 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996752943.jpg
[2010-05-28 00:52:34 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996783831.jpg
[2010-05-28 00:52:31 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996817368.jpg
[2010-05-28 00:52:29 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996924134.jpg
[2010-05-28 00:52:26 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996965136.jpg
[2010-05-28 00:52:23 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996988362.jpg
[2010-05-28 00:52:20 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274997038968.jpg
[2010-05-28 00:52:18 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274997230128.gif
[2010-05-28 00:52:15 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274997669472.png
[2010-05-28 00:52:12 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998158382.jpg
[2010-05-28 00:52:09 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998242250.jpg
[2010-05-28 00:52:05 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274995766848.png
[2010-05-28 00:52:00 | 000,001,528 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274995587921.jpg
[2010-05-28 00:51:52 | 000,057,101 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\30132_452707149545_716059545_5952920_1105882_n.jpg
[2010-05-28 00:51:37 | 000,039,424 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\Copie de Xl0000000.xls
[2010-05-28 00:25:30 | 000,057,856 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\CHALEUR.doc
[2010-05-27 22:35:33 | 000,010,254 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\En conclusion.docx
[2010-05-27 22:23:35 | 000,012,144 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\analyse.docx
[2010-05-27 22:08:13 | 000,011,474 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\tableau.xlsx
[2010-05-26 19:22:39 | 004,570,608 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Bureau\Spirit.exe
[2010-05-16 22:05:53 | 000,034,135 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\30632_447755419545_716059545_5833757_7270722_n.jpg
[2010-05-12 23:36:17 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Application Data\winscp.rnd
[2010-05-12 18:50:57 | 000,088,813 | ---- | M] () -- C:\wubildr
[2010-05-12 18:50:57 | 000,008,192 | ---- | M] () -- C:\wubildr.mbr
[2010-05-10 18:26:13 | 000,000,032 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2010-05-06 16:59:57 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010-05-06 16:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010-05-06 16:41:12 | 000,307,280 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2010-05-06 16:33:59 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010-05-06 16:33:55 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010-05-06 16:33:29 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010-05-05 19:34:21 | 000,380,717 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100605-002827.backup
[2010-04-29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010-04-29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010-04-27 08:56:42 | 000,621,056 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\Doc1.doc
[2010-04-26 22:47:19 | 000,326,005 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\George Winston - Carol Of The Bells.pdf
[2010-04-19 17:41:48 | 003,595,512 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\great-moments-in-manga-4[1].swf
[2010-04-17 15:15:01 | 000,033,824 | ---- | M] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2010-04-17 13:02:21 | 000,053,760 | ---- | M] () -- C:\WINDOWS\System32\gac.dll
[2010-04-17 13:02:21 | 000,003,584 | ---- | M] () -- C:\WINDOWS\System32\klipxm32.dll
[2010-04-15 21:36:27 | 000,009,052 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\125726350755.gif
[2010-04-13 21:56:20 | 000,000,057 | ---- | M] () -- C:\splash.idx
[2010-04-13 21:55:09 | 000,001,746 | ---- | M] () -- C:\WINDOWS\Language_trs.ini
[2010-04-08 13:59:25 | 029,456,592 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\682 219 531 2010-04-08 13.19.tvs
[2010-04-08 12:57:05 | 045,995,847 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\682 219 531 2010-04-08 12.10.tvs
[2010-04-03 19:22:32 | 000,066,714 | ---- | M] () -- C:\WINDOWS\System32\NvwsApps.xml
[2010-04-03 18:55:31 | 002,183,470 | ---- | M] () -- C:\WINDOWS\System32\nvdata.bin
[2010-04-03 18:55:31 | 000,061,440 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2010-04-03 18:55:31 | 000,009,046 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[2010-03-31 02:00:46 | 000,086,016 | ---- | M] (Beepa P/L) -- C:\WINDOWS\System32\frapsvid.dll
[2010-03-30 09:30:50 | 000,082,028 | ---- | M] () -- C:\Canevas-Sec4.MUS
[2010-03-29 17:13:44 | 000,095,872 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\epfwtdir.sys
[2010-03-29 17:12:00 | 000,114,984 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\ehdrv.sys
[2010-03-29 17:07:30 | 000,140,216 | ---- | M] (ESET) -- C:\WINDOWS\System32\drivers\eamon.sys
[2010-03-27 22:16:09 | 000,066,734 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\26282_376141729196_546889196_3384930_1083152_n.jpg
[2010-03-27 22:16:03 | 000,077,313 | ---- | M] () -- C:\Documents and Settings\Utilisateur\Mes documents\26282_376141719196_546889196_3384928_7833320_n.jpg

========== Files Created - No Company Name ==========

[2010-06-23 11:31:43 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes' Anti-Malware.lnk
[2010-06-23 11:29:55 | 000,000,618 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\NTREGOPT.lnk
[2010-06-23 11:29:55 | 000,000,599 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\ERUNT.lnk
[2010-06-23 09:27:47 | 019,549,374 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\Sans titre3.bmp
[2010-06-23 09:27:29 | 019,549,374 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\Sans titre2.bmp
[2010-06-23 09:27:14 | 019,549,374 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\Sans titre.bmp
[2010-06-22 19:32:18 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277235119674.jpg
[2010-06-22 19:32:12 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277235226835.jpg
[2010-06-22 19:32:08 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277235477138.jpg
[2010-06-22 19:32:06 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277235720050.jpg
[2010-06-22 19:32:03 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277235896208.jpg
[2010-06-22 19:31:58 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277236009597.gif
[2010-06-22 19:31:53 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277236224752.jpg
[2010-06-22 19:31:50 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277236224428.jpg
[2010-06-22 19:31:47 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277236350997.jpg
[2010-06-22 19:31:43 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277236401940.jpg
[2010-06-22 19:31:40 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277236529872.jpg
[2010-06-22 19:31:37 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277236768059.jpg
[2010-06-22 19:31:25 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277237269477.gif
[2010-06-22 19:31:21 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277236613308.jpg
[2010-06-22 19:31:17 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1277233660417.jpg
[2010-06-22 19:22:21 | 277,154,314 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\francis_jambonn.zip
[2010-06-20 20:24:04 | 002,097,741 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\Oli.jpg
[2010-06-20 09:57:43 | 000,074,439 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\Mario & Yoshi (E) [!].zip
[2010-06-20 09:57:16 | 000,256,032 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\Mario 7-in-1 (Mapper 04) [p1][!].zip
[2010-06-20 09:56:18 | 000,323,742 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\1200-in-1 [p1].zip
[2010-06-19 18:06:25 | 000,003,600 | ---- | C] () -- C:\WINDOWS\System32\wbers.dat
[2010-06-19 18:06:23 | 000,026,856 | ---- | C] () -- C:\WINDOWS\System32\wbers.dat.dmp
[2010-06-19 17:50:48 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\A.V.A.lnk
[2010-06-19 17:46:53 | 000,001,797 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\Project64 1.6.lnk
[2010-06-19 15:11:59 | 000,128,194 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\36669_1494763007605_1189972855_31459398_3486308_n.jpg
[2010-06-19 15:11:15 | 000,093,431 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\36669_1494756647446_1189972855_31459390_4791180_n.jpg
[2010-06-19 13:17:33 | 000,291,826 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\djminifix.exe
[2010-06-18 22:57:57 | 000,001,687 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk
[2010-06-18 22:57:57 | 000,001,669 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ijji REACTOR.lnk
[2010-06-18 22:57:56 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\uc_karos_launching.dll
[2010-06-18 22:08:26 | 1804,553,488 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\U_AVA_Setup.exe
[2010-06-17 01:31:57 | 000,709,378 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude8.jpg
[2010-06-17 01:31:57 | 000,665,854 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude9.jpg
[2010-06-17 01:31:57 | 000,657,584 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude10.jpg
[2010-06-17 01:31:46 | 002,033,188 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\Hotmail.zip
[2010-06-17 01:30:49 | 000,674,383 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude7.jpg
[2010-06-17 01:30:49 | 000,662,090 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude5.jpg
[2010-06-17 01:30:49 | 000,640,587 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude1.jpg
[2010-06-17 01:30:49 | 000,621,432 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude3.jpg
[2010-06-17 01:30:49 | 000,616,473 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude4.jpg
[2010-06-17 01:30:49 | 000,606,162 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude2.jpg
[2010-06-17 01:30:49 | 000,581,945 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\histoire-+®tude6.jpg
[2010-06-16 21:00:12 | 000,082,028 | ---- | C] () -- C:\Canevas-Sec4.MUS
[2010-06-15 21:58:45 | 000,064,714 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\36225_1459052671674_1094109077_1340434_3212_n.jpg
[2010-06-14 20:56:09 | 000,000,881 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\SOF II Single Player.lnk
[2010-06-14 20:56:09 | 000,000,807 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\SOF II Multiplayer.lnk
[2010-06-14 18:37:21 | 000,012,057 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\sof2mp.cfg
[2010-06-14 08:42:34 | 001,094,021 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\dvdshrink32setup1.zip
[2010-06-13 22:23:30 | 000,169,688 | ---- | C] () -- C:\WINDOWS\System32\PVNum.ocx
[2010-06-13 22:23:30 | 000,100,048 | ---- | C] () -- C:\WINDOWS\System32\PVText.ocx
[2010-06-13 22:23:30 | 000,087,760 | ---- | C] () -- C:\WINDOWS\System32\PVLine.ocx
[2010-06-13 22:23:28 | 000,001,597 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\SOF2 Runner.lnk
[2010-06-13 21:34:40 | 000,062,686 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\The_Legend_of_Zelda_-_Ocarina_of_Time_-_Zelda%27s_Lullaby.pdf
[2010-06-13 21:15:45 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\avast! Internet Security.lnk
[2010-06-13 21:13:57 | 000,297,142 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\ROCmod-2.0b-client.pk3
[2010-06-13 21:13:57 | 000,291,035 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\ROCmod-2.0a-client.pk3
[2010-06-13 21:04:01 | 051,731,232 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\setup_av_free.exe
[2010-06-13 18:56:19 | 124,736,743 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\DinksMOD_client.pk3
[2010-06-13 18:46:07 | 001,138,688 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\Memtest86_3.5.iso
[2010-06-13 18:29:33 | 000,535,482 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\memtest86-3.5.iso.zip
[2010-06-13 18:25:22 | 000,000,770 | ---- | C] () -- C:\WINDOWS\Sof2.INI
[2010-06-13 18:17:48 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010-06-12 23:46:43 | 001,953,792 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\Penguin Storm 12.exe
[2010-06-11 21:18:36 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Application Data\Microsoft\Internet Explorer\Quick Launch\Finale Reader.lnk
[2010-06-11 21:18:36 | 000,000,749 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Finale Reader.lnk
[2010-06-08 18:38:40 | 024,359,803 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\2010_04_04_AOJQ_Arlesienne_Prelude.wmv
[2010-06-08 18:29:13 | 038,803,559 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\2010_04_04_AOJQ_Hansel.wmv
[2010-06-07 21:29:13 | 098,734,058 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\SHERBONNE 2010.rar
[2010-06-06 15:24:10 | 000,001,795 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Nokia Ovi Suite.lnk
[2010-06-05 12:54:18 | 000,743,821 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\Backup-(2010-06-05).ipd
[2010-06-05 12:54:18 | 000,000,256 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\pool.bin
[2010-06-05 12:45:53 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2010-06-05 12:44:25 | 000,001,736 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Desktop Manager.lnk
[2010-06-04 22:42:12 | 000,038,482 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Application Data\Microsoft Excel.ADR
[2010-06-02 22:59:41 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010-06-02 22:59:41 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010-06-02 20:43:16 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010-05-29 13:33:05 | 000,001,862 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Nokia Software Updater.lnk
[2010-05-29 12:55:51 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
[2010-05-29 12:55:47 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00.Wdf
[2010-05-29 12:54:50 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
[2010-05-29 12:54:49 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010-05-29 12:54:47 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010-05-29 12:52:57 | 000,001,770 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Nokia PC Suite.lnk
[2010-05-28 00:54:54 | 001,451,818 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1275001180575.jpg
[2010-05-28 00:54:51 | 000,284,589 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1275000978904.jpg
[2010-05-28 00:54:48 | 000,144,589 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1275000343532.jpg
[2010-05-28 00:54:45 | 000,391,950 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999771552.jpg
[2010-05-28 00:54:41 | 000,372,138 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999591316.png
[2010-05-28 00:54:38 | 000,192,516 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999586995.jpg
[2010-05-28 00:54:33 | 000,956,340 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999553103.jpg
[2010-05-28 00:54:30 | 000,054,567 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999534507.jpg
[2010-05-28 00:54:28 | 000,149,585 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999502437.gif
[2010-05-28 00:54:25 | 000,237,070 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999429538.jpg
[2010-05-28 00:54:22 | 000,703,383 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999168686.jpg
[2010-05-28 00:54:19 | 000,993,425 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274999124562.jpg
[2010-05-28 00:54:15 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998950677.png
[2010-05-28 00:54:12 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998877449.jpg
[2010-05-28 00:54:09 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998811022.png
[2010-05-28 00:54:07 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998672079.gif
[2010-05-28 00:54:04 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998629875.png
[2010-05-28 00:54:01 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998387405.jpg
[2010-05-28 00:52:58 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998269147.png
[2010-05-28 00:52:52 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274995990911.jpg
[2010-05-28 00:52:49 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996073048.jpg
[2010-05-28 00:52:46 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996236342.jpg
[2010-05-28 00:52:44 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996561624.jpg
[2010-05-28 00:52:41 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996692882.jpg
[2010-05-28 00:52:38 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996721726.jpg
[2010-05-28 00:52:35 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996752943.jpg
[2010-05-28 00:52:33 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996783831.jpg
[2010-05-28 00:52:30 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996817368.jpg
[2010-05-28 00:52:28 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996924134.jpg
[2010-05-28 00:52:25 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996965136.jpg
[2010-05-28 00:52:22 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274996988362.jpg
[2010-05-28 00:52:19 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274997038968.jpg
[2010-05-28 00:52:17 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274997230128.gif
[2010-05-28 00:52:15 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274997669472.png
[2010-05-28 00:52:12 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998158382.jpg
[2010-05-28 00:52:09 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274998242250.jpg
[2010-05-28 00:52:05 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274995766848.png
[2010-05-28 00:51:59 | 000,001,528 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\1274995587921.jpg
[2010-05-28 00:51:52 | 000,057,101 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\30132_452707149545_716059545_5952920_1105882_n.jpg
[2010-05-28 00:51:37 | 000,039,424 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\Copie de Xl0000000.xls
[2010-05-28 00:25:29 | 000,057,856 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\CHALEUR.doc
[2010-05-27 22:35:27 | 000,010,254 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\En conclusion.docx
[2010-05-27 22:23:29 | 000,012,144 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\analyse.docx
[2010-05-27 22:08:07 | 000,011,474 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\tableau.xlsx
[2010-05-26 19:22:27 | 004,570,608 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Bureau\Spirit.exe
[2010-05-16 22:05:53 | 000,034,135 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\30632_447755419545_716059545_5833757_7270722_n.jpg
[2010-05-12 23:36:17 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Application Data\winscp.rnd
[2010-05-12 18:50:57 | 000,088,813 | ---- | C] () -- C:\wubildr
[2010-05-12 18:50:57 | 000,008,192 | ---- | C] () -- C:\wubildr.mbr
[2010-05-10 23:31:41 | 000,030,680 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\John Lennon - Imagine.tif
[2010-05-10 18:26:13 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2010-04-26 23:03:22 | 000,621,056 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\Doc1.doc
[2010-04-26 22:47:19 | 000,326,005 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\George Winston - Carol Of The Bells.pdf
[2010-04-19 17:41:47 | 003,595,512 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\great-moments-in-manga-4[1].swf
[2010-04-17 15:15:01 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2010-04-17 13:02:21 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\gac.dll
[2010-04-17 13:02:21 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\klipxm32.dll
[2010-04-15 21:36:27 | 000,009,052 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\125726350755.gif
[2010-04-13 21:55:09 | 000,001,746 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2010-04-08 13:59:28 | 029,456,592 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\682 219 531 2010-04-08 13.19.tvs
[2010-04-08 12:57:12 | 045,995,847 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\682 219 531 2010-04-08 12.10.tvs
[2010-04-03 19:22:32 | 000,276,296 | ---- | C] () -- C:\WINDOWS\System32\NvApps.xml
[2010-04-03 19:22:32 | 000,066,714 | ---- | C] () -- C:\WINDOWS\System32\NvwsApps.xml
[2010-03-27 22:16:09 | 000,066,734 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\26282_376141729196_546889196_3384930_1083152_n.jpg
[2010-03-27 22:16:03 | 000,077,313 | ---- | C] () -- C:\Documents and Settings\Utilisateur\Mes documents\26282_376141719196_546889196_3384928_7833320_n.jpg
[2010-03-06 16:17:33 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010-01-24 01:10:54 | 000,000,766 | ---- | C] () -- C:\WINDOWS\CoD.INI
[2010-01-17 15:44:28 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010-01-17 15:44:28 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010-01-17 15:44:28 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009-12-25 11:59:13 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009-12-04 01:00:45 | 000,000,223 | ---- | C] () -- C:\WINDOWS\System32\P1001Twn.ini
[2009-11-22 23:39:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ar.INI
[2009-11-22 17:19:52 | 001,053,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\CAMTHWDM.sys
[2009-11-10 19:50:54 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009-10-07 02:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009-10-07 02:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009-09-22 19:47:32 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL
[2009-09-22 19:47:31 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL
[2009-09-22 19:42:03 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\lxbuinsr.dll
[2009-09-22 19:42:03 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbuvs.dll
[2009-09-22 19:42:01 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\lxbucur.dll
[2009-09-22 19:41:59 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\lxbujswr.dll
[2009-09-17 21:33:58 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2009-08-29 21:17:35 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009-08-13 17:59:30 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009-08-11 09:07:27 | 000,033,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\libusb0.sys
[2009-07-30 20:33:28 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009-02-20 11:10:01 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009-02-20 10:43:01 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009-02-20 10:42:49 | 000,027,926 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009-02-20 10:42:48 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008-05-26 23:23:32 | 000,016,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008-05-26 23:23:30 | 000,021,596 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008-05-26 23:23:28 | 000,016,036 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2006-04-30 01:34:04 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\WbxRMenu.dll
[2006-04-14 00:18:24 | 000,196,608 | ---- | C] () -- C:\WINDOWS\System32\atonres.dll
[2006-04-14 00:18:24 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\WbxMSAI.dll
[2006-04-14 00:18:24 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\atonecli.dll
[2003-04-01 11:58:02 | 000,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2009-02-20 12:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Acronis
[2010-06-13 21:05:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009-11-10 19:50:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2010-05-03 18:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
[2010-01-09 22:42:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GNU
[2010-05-29 13:31:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010-05-17 23:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2010-05-17 23:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MessengerDiscovery 2
[2009-11-28 15:19:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2010-04-17 15:15:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonUS
[2010-05-30 00:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010-06-06 15:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
[2010-05-29 12:55:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010-04-17 11:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2010-04-21 20:09:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Razer
[2010-06-05 12:44:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2010-04-27 22:21:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009-11-22 17:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WebcamMax
[2009-09-09 18:48:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009-10-13 21:24:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009-12-05 13:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\acccore
[2009-12-05 13:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\AIM
[2009-12-05 13:41:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\AIMPro
[2009-12-27 09:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\AnvSoft
[2009-09-22 22:31:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Any Audio Converter
[2009-09-22 22:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Any Video Converter
[2009-11-10 20:03:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\DAEMON Tools Lite
[2009-12-06 00:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\FreeCall
[2010-02-12 19:38:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\GenieSoft
[2009-12-25 11:59:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Leadertech
[2010-06-22 19:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\LimeWire
[2010-03-14 19:24:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\ManyCam
[2010-05-17 23:16:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\MessengerDiscovery 2
[2009-10-09 15:22:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\NeopleLauncherDFO
[2009-10-26 13:03:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Nexon
[2010-06-06 15:28:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Nokia
[2009-12-04 18:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Notepad++
[2010-05-29 12:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\PC Suite
[2009-09-06 15:04:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Progeny
[2010-04-30 17:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Rainmeter
[2010-06-05 12:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Research In Motion
[2010-05-17 23:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Screenshot Sender
[2010-06-03 23:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Sky-Banners
[2010-06-05 00:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Street-Ads
[2009-12-05 00:37:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\TeamViewer
[2009-11-22 23:46:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\TotalRecorder
[2009-12-04 23:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\uTorrent
[2009-11-22 17:21:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\WebcamMax
[2009-02-20 11:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Windows Desktop Search
[2009-10-10 00:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Utilisateur\Application Data\Windows Search

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009-02-20 10:37:19 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010-06-13 20:17:52 | 000,000,238 | RHS- | M] () -- C:\boot.ini
[2007-08-02 08:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2010-03-30 09:30:50 | 000,082,028 | ---- | M] () -- C:\Canevas-Sec4.MUS
[2009-02-20 10:37:19 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2010-06-13 08:10:55 | 000,000,000 | ---- | M] () -- C:\CreateMarkers.log
[2009-02-20 10:37:19 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010-05-12 20:48:01 | 000,000,142 | ---- | M] () -- C:\lxbu.log
[2010-05-12 20:51:10 | 000,002,283 | ---- | M] () -- C:\lxbuscan.log
[2009-02-20 10:37:19 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2007-08-02 08:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009-02-20 11:13:10 | 000,252,240 | RHS- | M] () -- C:\ntldr
[2010-06-23 15:55:59 | 000,576,632 | ---- | M] () -- C:\ntservicelogOutlook.txt
[2010-06-23 15:55:05 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2009-11-22 23:37:54 | 000,152,512 | ---- | M] () -- C:\Recorded.mp3
[2009-11-22 23:39:10 | 000,223,983 | ---- | M] () -- C:\Recorded_1.mp3
[2009-11-22 23:39:33 | 000,076,025 | ---- | M] () -- C:\Recorded_2.mp3
[2010-04-13 21:56:20 | 000,000,057 | ---- | M] () -- C:\splash.idx
[2009-01-16 22:43:40 | 000,005,552 | -H-- | M] () -- C:\version
[2010-05-12 18:50:57 | 000,088,813 | ---- | M] () -- C:\wubildr
[2010-05-12 18:50:57 | 000,008,192 | ---- | M] () -- C:\wubildr.mbr
[2009-10-17 17:41:47 | 000,000,162 | -H-- | M] () -- C:\~$stifier son opinion.docx
[2009-12-05 13:06:33 | 000,000,162 | -H-- | M] () -- C:\~$éation - Sec 4.docx

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008-07-06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2004-09-14 09:42:04 | 000,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxbuPP5C.DLL
[2003-06-19 02:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009-10-20 19:00:00 | 000,061,520 | ---- | M] (High Criteria inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\DrvTrNTm.dll
[2008-04-13 22:33:30 | 000,072,192 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msacm32.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009-02-20 05:26:13 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2009-02-20 05:26:13 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2009-02-20 05:26:13 | 000,458,752 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\user32.dll /md5 >
[2008-04-13 22:33:48 | 000,579,584 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008-04-13 22:33:49 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=FB836F9E62D82904C983AD21296A5D9C -- C:\WINDOWS\system32\ws2_32.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

========== Files - Unicode (All) ==========
[2009-08-04 13:29:55 | 000,000,000 | ---D | M](C:\Documents and Settings\Utilisateur\Mes documents\????) -- C:\Documents and Settings\Utilisateur\Mes documents\마비노기
[2009-08-04 13:29:55 | 000,000,000 | ---D | C](C:\Documents and Settings\Utilisateur\Mes documents\????) -- C:\Documents and Settings\Utilisateur\Mes documents\마비노기

========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
< End of report >








OTL EXTRA:




OTL Extras logfile created on: 2010-06-23 16:50:24 - Run 1
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Documents and Settings\Utilisateur\Bureau
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 78,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 89,07 Gb Free Space | 38,25% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 698,64 Gb Total Space | 561,06 Gb Free Space | 80,31% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
Drive G: | 3,77 Gb Total Space | 3,21 Gb Free Space | 85,07% Space Free | Partition Type: FAT32
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SYSTEME
Current User Name: Utilisateur
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"57809:TCP" = 57809:TCP:*:Enabled:Pando Media Booster
"57809:UDP" = 57809:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"57391:TCP" = 57391:TCP:*:Enabled:Pando Media Booster
"57391:UDP" = 57391:UDP:*:Enabled:Pando Media Booster
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"17036:TCP" = 17036:TCP:*:Enabled:BitComet 17036 TCP
"17036:UDP" = 17036:UDP:*:Enabled:BitComet 17036 UDP
"49153:TCP" = 49153:TCP:*:Enabled:BitComet 49153 TCP
"49153:UDP" = 49153:UDP:*:Enabled:BitComet 49153 UDP
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"6112:TCP" = 6112:TCP:*:Enabled:6112
"4000:TCP" = 4000:TCP:*:Enabled:4000
"57809:TCP" = 57809:TCP:*:Enabled:Pando Media Booster
"57809:UDP" = 57809:UDP:*:Enabled:Pando Media Booster

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\WINDOWS\system32\lxbucoms.exe" = C:\WINDOWS\system32\lxbucoms.exe:*:Disabled:6200 Series Server -- (Lexmark International, Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- (www.BitComet.com)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" = C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe:*:Enabled:FreeCall -- File not found
"C:\Program Files\Diablo II\Diablo II.exe" = C:\Program Files\Diablo II\Diablo II.exe:*:Enabled:Diablo II - Lord of Destruction -- (Blizzard North)
"C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe" = C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe:*:Enabled:Assistance à distance - Windows Messenger et voix -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:ipsec -- ()
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- (Nexon)
"C:\Nexon\Combat Arms\NMService.exe" = C:\Nexon\Combat Arms\NMService.exe:*:Enabled:Nexon Messenger Core -- (Nexon Corp.)
"E:\GAMES\CSS\CSS\CSS\33930422440267890653.exe" = E:\GAMES\CSS\CSS\CSS\33930422440267890653.exe:*:Enabled:GAC-AntiCheat Temp Launcher -- File not found
"C:\WINDOWS\Explorer.EXE" = C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec -- (Microsoft Corporation)
"G:\TFC.exe" = G:\TFC.exe:*:Enabled:ipsec -- (OldTimer Tools)
"C:\ASUS.SYS\config\DVMExportService.exe" = C:\ASUS.SYS\config\DVMExportService.exe:*:Enabled:ipsec -- (DeviceVM)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ipsec -- (Mozilla Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{09C468CA-2940-466A-AAE8-DCC0C6E9323C}" = Nokia Software Updater
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{13333239-0A15-4855-BEEB-0232DAA5B7EA}" = BlackBerry Desktop Software 5.0.1
"{14E94112-5F6B-4049-B177-4C7E69D3C3A0}_is1" = Dragonica Online
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{30E1022C-17EB-482A-8C82-16B79B98C4E4}" = Express Gate Updater
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{42AF51C0-4028-46CF-B616-FB1F75286457}" = A.V.A
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{49C00770-D6FC-4D26-ADD1-93DBF90E69F4}" = SOF2 Runner
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{4FFD1AB4-54F0-4069-88D9-3A55B38F874B}" = Nokia Ovi Suite Software Updater
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{60DED9C2-22BF-47A3-B6C8-6B141BA31DFD}" = Ovi Desktop Sync Engine
"{6483A952-74EA-4C05-8C27-E4A54DBB1991}" = Timeline Maker Professional 2.1
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{71970D44-060F-4279-A34B-1A77A663781A}" = Timeline Maker Professional 2.1
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{764C0C8F-B1B1-49BF-AEDC-4E48E857A667}" = Lexmark Fax Solutions
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = ijji REACTOR
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9CE80D58-2E74-4FF4-A2D2-5E714E470F36}" = ASUS nVidia Driver
"{9D6D76A6-4328-49E8-97A7-531A74841DA5}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1036-7B44-A80000000002}" = Adobe Reader 8 - Français
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint Plus
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C19AB6C4-BBD0-49EF-927D-9C7CB80BC0B0}" = MapleStory
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CA83357B-931E-44DC-AD43-9996FEEB8116}" = Acronis True Image
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}" = Razer Lachesis
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3A04D2F-28C4-4D9C-8487-DAB75992AE09}" = AIM Pro
"{D47087E7-AA15-4D1D-8C0A-60F7E446D597}" = PSP ISO Compressor
"{D8087907-E255-3A41-A46D-D0F798709C71}" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
"{D9D937B0-E842-4130-9588-B948E876904A}" = Microsoft SQL Server 2008 Native Client
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DCD22647-6D31-479D-8F97-16D0AA934D9E}" = PC Connectivity Solution
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}" = Nokia Ovi Suite
"{E56D39F8-2A9F-44B4-B068-A72E45A073E6}" = Safari
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F40CA00E-B365-448A-B146-BC061F1230A0}" = Brownie
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = Utilitaire de configuration iPhone
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Package de pilotes Windows - Nokia Modem (10/05/2009 4.2)
"0D91165CEEB2095316E8A04A59CDF0AE4B957C61" = Windows Driver Package - MOTOROLA (uisp) USB (09/08/2006 1.2.0.0)
"504244733D18C8F63FF584AEB290E3904E791693" = Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Package de pilotes Windows - Nokia Modem (06/01/2009 7.01.0.4)
"AC Tool" = AC Tool
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All Recorder_is1" = All Recorder 3.3.6
"Any Audio Converter_is1" = Any Audio Converter 2.0.4
"Any Video Converter_is1" = Any Video Converter 3.0.1
"BitComet" = BitComet 1.15
"BlackBerry_{13333239-0A15-4855-BEEB-0232DAA5B7EA}" = BlackBerry Desktop Software 5.0.1
"Call of Duty" = Call of Duty
"CamStudio" = CamStudio
"CCleaner" = CCleaner
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"Combat Arms" = Combat Arms
"Creative WebCam" = Creative WebCam Driver (1.02.08.0807)
"cwRsync" = cwRsync (remove only)
"D44822B3621EFD220D3A7DDA72DE5A4B6476748F" = Windows Driver Package - Razer (HidUsb) HIDClass (05/10/2007 1.00)
"DFO" = DFOLauncher
"Diablo II" = Diablo II
"DVD Decrypter" = DVD Decrypter (Remove Only)
"ERUNT_is1" = ERUNT 1.1j
"Finale 2008" = Finale 2008
"Finale Reader" = Finale Reader 2010
"Fraps" = Fraps (remove only)
"Garritan Instruments for Finale" = Garritan Instruments for Finale
"Gmask 1.70 English" = Gmask 1.70 English
"GoldWave v5.54" = GoldWave v5.54
"HijackThis" = HijackThis 2.0.2
"HotspotShield" = Hotspot Shield 1.30
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Le gestionnaire du dispositif de plate-forme
"InstallShield_{764C0C8F-B1B1-49BF-AEDC-4E48E857A667}" = Solutions de télécopie Lexmark
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty® - World at War™ 1.1 Patch
"Lexmark 6200 Series" = Lexmark 6200 Series
"Lexmark Skin: PotatoSkin" = Lexmark Skin: PotatoSkin
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"LimeWire" = LimeWire 5.2.13
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Mabinogi" = Mabinogi
"Magic DVD Ripper_is1" = Magic DVD Ripper V5.4.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"MessengerDiscovery 2.1_is1" = MessengerDiscovery 2.1.79
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual C++ 2008 Express Edition with SP1 - ENU" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
"mIRC" = mIRC
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PDF-XChange 3_is1" = PDF-XChange 3.5
"PFPortChecker" = PFPortChecker 1.0.32
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"Rainmeter" = Rainmeter (remove only)
"RealVNC_is1" = VNC Free Edition 4.1.3
"Red Eye Remover_is1" = Red Eye Remover 2.0
"Soldier of Fortune II - Double Helix" = Soldier of Fortune II - Double Helix
"Spynet Chat 6.5" = Spynet Chat 6.5
"TeamViewer 5" = TeamViewer 5
"TotalRecorder" = Total Recorder 8.0
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.1
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WebcamMax" = WebcamMax
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = Archiveur WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wubi" = Ubuntu
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CodeBlocks" = CodeBlocks
"Wurm Online 2.6.7b v2" = Wurm Online 2.6.7b v2
"Wurm Online 2.7.1d" = Wurm Online 2.7.1d

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2010-06-23 13:13:41 | Computer Name = SYSTEME | Source = Userenv | ID = 1007
Description = Windows ne peut pas déterminer le site associé à cet ordinateur. (Le
serveur RPC est trop occupé pour terminer cette opération. ). Le traitement de
la stratégie de groupe est interrompu.

Error - 2010-06-23 13:22:41 | Computer Name = SYSTEME | Source = Userenv | ID = 1007
Description = Windows ne peut pas déterminer le site associé à cet ordinateur. (Le
serveur RPC est trop occupé pour terminer cette opération. ). Le traitement de
la stratégie de groupe est interrompu.

Error - 2010-06-23 15:06:21 | Computer Name = SYSTEME | Source = Userenv | ID = 1007
Description = Windows ne peut pas déterminer le site associé à cet ordinateur. (Le
serveur RPC est trop occupé pour terminer cette opération. ). Le traitement de
la stratégie de groupe est interrompu.

Error - 2010-06-23 15:13:42 | Computer Name = SYSTEME | Source = Userenv | ID = 1007
Description = Windows ne peut pas déterminer le site associé à cet ordinateur. (Le
serveur RPC est trop occupé pour terminer cette opération. ). Le traitement de
la stratégie de groupe est interrompu.

Error - 2010-06-23 15:55:39 | Computer Name = SYSTEME | Source = MSSQL$SQLEXPRESS | ID = 17207
Description = FCB::RemoveAlternateStreamsByHandle(BackupSeek): Operating system
error 6(failed to retrieve text for this error. Reason: 1815) occurred while creating
or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\master.mdf'.
Diagnose and correct the operating system error, and retry the operation.

Error - 2010-06-23 15:55:52 | Computer Name = SYSTEME | Source = Application Error | ID = 1000
Description = Application défaillante msnmsgr.exe, version 14.0.8089.726, module
défaillant , version 0.0.0.0, adresse de défaillance 0x00000000.

Error - 2010-06-23 15:56:05 | Computer Name = SYSTEME | Source = MSSQL$SQLEXPRESS | ID = 17207
Description = FCB::RemoveAlternateStreamsByHandle(BackupSeek): Operating system
error (null) occurred while creating or opening file 'C:\Program Files\Microsoft
SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\model.mdf'. Diagnose and correct the operating
system error, and retry the operation.

Error - 2010-06-23 15:56:07 | Computer Name = SYSTEME | Source = MSSQL$SQLEXPRESS | ID = 17207
Description = FCB::RemoveAlternateStreamsByHandle(BackupSeek): Operating system
error (null) occurred while creating or opening file 'C:\Program Files\Microsoft
SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\MSDBData.mdf'. Diagnose and correct the
operating system error, and retry the operation.

Error - 2010-06-23 15:56:13 | Computer Name = SYSTEME | Source = MSSQL$SQLEXPRESS | ID = 17207
Description = FCB::RemoveAlternateStreamsByHandle(BackupSeek): Operating system
error (null) occurred while creating or opening file 'C:\Program Files\Microsoft
SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\tempdb.mdf'. Diagnose and correct the
operating system error, and retry the operation.

Error - 2010-06-23 15:56:14 | Computer Name = SYSTEME | Source = MSSQL$SQLEXPRESS | ID = 17207
Description = FCB::RemoveAlternateStreamsByHandle(BackupSeek): Operating system
error (null) occurred while creating or opening file 'C:\Program Files\Microsoft
SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\tempdb.mdf'. Diagnose and correct the
operating system error, and retry the operation.

[ Application Events ]
Error - 2010-06-23 13:13:41 | Computer Name = SYSTEME | Source = Userenv | ID = 1007
Description = Windows ne peut pas déterminer le site associé à cet ordinateur. (Le
serveur RPC est trop occupé pour terminer cette opération. ). Le traitement de
la stratégie de groupe est interrompu.

Error - 2010-06-23 13:22:41 | Computer Name = SYSTEME | Source = Userenv | ID = 1007
Description = Windows ne peut pas déterminer le site associé à cet ordinateur. (Le
serveur RPC est trop occupé pour terminer cette opération. ). Le traitement de
la stratégie de groupe est interrompu.

Error - 2010-06-23 15:06:21 | Computer Name = SYSTEME | Source = Userenv | ID = 1007
Description = Windows ne peut pas déterminer le site associé à cet ordinateur. (Le
serveur RPC est trop occupé pour terminer cette opération. ). Le traitement de
la stratégie de groupe est interrompu.

Error - 2010-06-23 15:13:42 | Computer Name = SYSTEME | Source = Userenv | ID = 1007
Description = Windows ne peut pas déterminer le site associé à cet ordinateur. (Le
serveur RPC est trop occupé pour terminer cette opération. ). Le traitement de
la stratégie de groupe est interrompu.

Error - 2010-06-23 15:55:39 | Computer Name = SYSTEME | Source = MSSQL$SQLEXPRESS | ID = 17207
Description = FCB::RemoveAlternateStreamsByHandle(BackupSeek): Operating system
error 6(failed to retrieve text for this error. Reason: 1815) occurred while creating
or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\master.mdf'.
Diagnose and correct the operating system error, and retry the operation.

Error - 2010-06-23 15:55:52 | Computer Name = SYSTEME | Source = Application Error | ID = 1000
Description = Application défaillante msnmsgr.exe, version 14.0.8089.726, module
défaillant , version 0.0.0.0, adresse de défaillance 0x00000000.

Error - 2010-06-23 15:56:05 | Computer Name = SYSTEME | Source = MSSQL$SQLEXPRESS | ID = 17207
Description = FCB::RemoveAlternateStreamsByHandle(BackupSeek): Operating system
error (null) occurred while creating or opening file 'C:\Program Files\Microsoft
SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\model.mdf'. Diagnose and correct the operating
system error, and retry the operation.

Error - 2010-06-23 15:56:07 | Computer Name = SYSTEME | Source = MSSQL$SQLEXPRESS | ID = 17207
Description = FCB::RemoveAlternateStreamsByHandle(BackupSeek): Operating system
error (null) occurred while creating or opening file 'C:\Program Files\Microsoft
SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\MSDBData.mdf'. Diagnose and correct the
operating system error, and retry the operation.

Error - 2010-06-23 15:56:13 | Computer Name = SYSTEME | Source = MSSQL$SQLEXPRESS | ID = 17207
Description = FCB::RemoveAlternateStreamsByHandle(BackupSeek): Operating system
error (null) occurred while creating or opening file 'C:\Program Files\Microsoft
SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\tempdb.mdf'. Diagnose and correct the
operating system error, and retry the operation.

Error - 2010-06-23 15:56:14 | Computer Name = SYSTEME | Source = MSSQL$SQLEXPRESS | ID = 17207
Description = FCB::RemoveAlternateStreamsByHandle(BackupSeek): Operating system
error (null) occurred while creating or opening file 'C:\Program Files\Microsoft
SQL Server\MSSQL10.SQLEXPRESS\MSSQL\DATA\tempdb.mdf'. Diagnose and correct the
operating system error, and retry the operation.

[ System Events ]
Error - 2010-06-23 11:16:11 | Computer Name = SYSTEME | Source = Service Control Manager | ID = 7034
Description = Le service NVIDIA Display Driver Service s'est terminé de façon inattendue
pour la 1ème fois.

Error - 2010-06-23 11:16:11 | Computer Name = SYSTEME | Source = Service Control Manager | ID = 7034
Description = Le service DeviceVM Meta Data Export Service s'est terminé de façon
inattendue pour la 1ème fois.

Error - 2010-06-23 11:25:28 | Computer Name = SYSTEME | Source = Service Control Manager | ID = 7000
Description = Le service aswFsBlk n'a pas pu démarrer en raison de l'erreur : %%2

Error - 2010-06-23 11:25:47 | Computer Name = SYSTEME | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : aswFW aswNdis2 aswSP aswTdi mv61xx

Error - 2010-06-23 11:56:52 | Computer Name = SYSTEME | Source = DCOM | ID = 10010
Description = Le serveur {781B925F-0BF8-4C7B-A2A8-A8B11B488A07} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.

Error - 2010-06-23 13:02:56 | Computer Name = SYSTEME | Source = Service Control Manager | ID = 7034
Description = Le service DeviceVM Meta Data Export Service s'est terminé de façon
inattendue pour la 1ème fois.

Error - 2010-06-23 15:55:36 | Computer Name = SYSTEME | Source = Service Control Manager | ID = 7000
Description = Le service aswFsBlk n'a pas pu démarrer en raison de l'erreur : %%2

Error - 2010-06-23 15:56:10 | Computer Name = SYSTEME | Source = Service Control Manager | ID = 7026
Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
charger : aswFW aswNdis2 aswSP aswTdi mv61xx

Error - 2010-06-23 16:50:43 | Computer Name = SYSTEME | Source = SRService | ID = 104
Description = Le processus d'initialisation de la restauration du système a échoué.

Error - 2010-06-23 16:50:43 | Computer Name = SYSTEME | Source = Service Control Manager | ID = 7023
Description = Le service Service de restauration système s'est arrêté avec l'erreur :
%%2


< End of report >

Attached Thumbnails

• 
• 

Edited by WhiteRayne2, 23 June 2010 - 03:54 PM.