[code] OTS logfile created on: 22/03/2011 16:02:02 - Run 2 OTS by OldTimer - Version 3.1.40.1 Folder = C:\Documents and Settings\NEO\Mes documents\Downloads\Programs Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 239,00 Mb Total Physical Memory | 127,00 Mb Available Physical Memory | 53,00% Memory free 586,00 Mb Paging File | 421,00 Mb Available in Paging File | 72,00% Paging File free Paging file location(s): C:\pagefile.sys 360 720 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 68,36 Gb Total Space | 8,46 Gb Free Space | 12,37% Space Free | Partition Type: NTFS Drive D: | 78,13 Gb Total Space | 6,15 Gb Free Space | 7,87% Space Free | Partition Type: NTFS Drive E: | 2,55 Gb Total Space | 2,52 Gb Free Space | 98,85% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: NEO-F6EF5F0CD84 Current User Name: NEO Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Documents and Settings\NEO\Mes documents\Downloads\Programs\OTS.exe -> [2010/11/25 20:42:02 | 000,642,048 | ---- | M] (OldTimer Tools) forcefield.exe -> C:\Program Files\CheckPoint\ZAForceField\ForceField.exe -> [2010/05/26 14:35:14 | 000,730,600 | ---- | M] (Check Point Software Technologies) jusched.exe -> C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe -> [2010/05/14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) avgnt.exe -> C:\Program Files\Avira\AntiVir Desktop\avgnt.exe -> [2010/03/02 11:30:04 | 000,282,792 | ---- | M] (Avira GmbH) sched.exe -> C:\Program Files\Avira\AntiVir Desktop\sched.exe -> [2010/02/24 10:29:26 | 000,135,336 | ---- | M] (Avira GmbH) idman.exe -> C:\Program Files\Internet Download Manager\IDMan.exe -> [2009/09/09 20:06:54 | 003,118,512 | ---- | M] (Tonec Inc.) explorer.exe -> C:\WINDOWS\explorer.exe -> [2004/08/04 05:54:50 | 001,036,288 | ---- | M] (Microsoft Corporation) [Modules - Safe List] ots.exe -> C:\Documents and Settings\NEO\Mes documents\Downloads\Programs\OTS.exe -> [2010/11/25 20:42:02 | 000,642,048 | ---- | M] (OldTimer Tools) comctl32.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll -> [2004/08/04 05:52:46 | 001,050,624 | R--- | M] (Microsoft Corporation) syncor11.dll -> C:\WINDOWS\system32\Syncor11.dll -> [2000/04/17 19:02:20 | 000,040,828 | ---- | M] (Staccato Systems) [Win32 Services - Safe List] (HidServ) Accès du périphérique d'interface utilisateur [Disabled | Stopped] -> C:\WINDOWS\System32\hidserv.dll -> File not found (IswSvc) ZoneAlarm Toolbar IswSvc [Disabled | Stopped] -> C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -> [2010/05/26 14:35:18 | 000,493,032 | ---- | M] (Check Point Software Technologies) (vsmon) TrueVector Internet Monitor [Auto | Stopped] -> C:\WINDOWS\System32\ZoneLabs\vsmon.exe -> [2010/05/26 13:05:04 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) (AntiVirWebService) Avira AntiVir WebGuard [Auto | Stopped] -> C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -> [2010/04/01 13:41:48 | 000,405,672 | ---- | M] (Avira GmbH) (AntiVirMailService) Avira AntiVir MailGuard [Auto | Stopped] -> C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -> [2010/03/30 12:40:18 | 000,337,064 | ---- | M] (Avira GmbH) (AntiVirSchedulerService) Avira AntiVir Scheduler [Auto | Running] -> C:\Program Files\Avira\AntiVir Desktop\sched.exe -> [2010/02/24 10:29:26 | 000,135,336 | ---- | M] (Avira GmbH) (odserv) Microsoft Office Diagnostics Service [On_Demand | Stopped] -> C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2006/10/26 19:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) (ose) Office Source Engine [On_Demand | Stopped] -> C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [Driver Services - All] (WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found (ultra) ultra [Kernel | Disabled | Stopped] -> -> File not found (TosIde) TosIde [Kernel | Disabled | Stopped] -> -> File not found (tavgjvtf) tavgjvtf [Kernel | Unknown | Stopped] -> -> File not found (symc8xx) symc8xx [Kernel | Disabled | Stopped] -> -> File not found (symc810) symc810 [Kernel | Disabled | Stopped] -> -> File not found (sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> -> File not found (sym_hi) sym_hi [Kernel | Disabled | Stopped] -> -> File not found (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> -> File not found (Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found (ql1280) ql1280 [Kernel | Disabled | Stopped] -> -> File not found (ql1240) ql1240 [Kernel | Disabled | Stopped] -> -> File not found (ql12160) ql12160 [Kernel | Disabled | Stopped] -> -> File not found (Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] -> -> File not found (ql1080) ql1080 [Kernel | Disabled | Stopped] -> -> File not found (perc2hib) perc2hib [Kernel | Disabled | Stopped] -> -> File not found (perc2) perc2 [Kernel | Disabled | Stopped] -> -> File not found (PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found (PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found (PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found (PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found (PCIIde) PCIIde [Kernel | Disabled | Stopped] -> -> File not found (PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> -> File not found (lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found (IntelIde) IntelIde [Kernel | Disabled | Stopped] -> -> File not found (ini910u) ini910u [Kernel | Disabled | Stopped] -> -> File not found (i2omp) i2omp [Kernel | Disabled | Stopped] -> -> File not found (i2omgmt) i2omgmt [Kernel | System | Stopped] -> -> File not found (hpn) hpn [Kernel | Disabled | Stopped] -> -> File not found (dpti2o) dpti2o [Kernel | Disabled | Stopped] -> -> File not found (dac960nt) dac960nt [Kernel | Disabled | Stopped] -> -> File not found (Cpqarray) Cpqarray [Kernel | Disabled | Stopped] -> -> File not found (CmdIde) CmdIde [Kernel | Disabled | Stopped] -> -> File not found (Changer) Changer [Kernel | System | Stopped] -> -> File not found (cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] -> -> File not found (catchme) catchme [Kernel | On_Demand | Running] -> C:\DOCUME~1\NEO\LOCALS~1\Temp\catchme.sys -> File not found (Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found (asc3550) asc3550 [Kernel | Disabled | Stopped] -> -> File not found (asc3350p) asc3350p [Kernel | Disabled | Stopped] -> -> File not found (asc) asc [Kernel | Disabled | Stopped] -> -> File not found (amsint) amsint [Kernel | Disabled | Stopped] -> -> File not found (AliIde) AliIde [Kernel | Disabled | Stopped] -> -> File not found (aic78xx) aic78xx [Kernel | Disabled | Stopped] -> -> File not found (aic78u2) aic78u2 [Kernel | Disabled | Stopped] -> -> File not found (Aha154x) Aha154x [Kernel | Disabled | Stopped] -> -> File not found (adpu160m) adpu160m [Kernel | Disabled | Stopped] -> -> File not found (abp480n5) abp480n5 [Kernel | Disabled | Stopped] -> -> File not found (Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found (sptd) sptd [Kernel | Boot | Running] -> C:\WINDOWS\System32\Drivers\sptd.sys -> [2010/06/04 00:16:08 | 000,697,328 | ---- | M] () (ISWKL) ZoneAlarm Toolbar ISWKL [Kernel | Auto | Running] -> C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -> [2010/05/26 14:35:10 | 000,026,352 | ---- | M] (Check Point Software Technologies) (vsdatant) vsdatant [Kernel | System | Running] -> C:\WINDOWS\system32\vsdatant.sys -> [2010/05/13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) (avipbb) avipbb [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\avipbb.sys -> [2010/03/01 10:06:44 | 000,124,784 | ---- | M] (Avira GmbH) (avgio) avgio [Kernel | System | Running] -> C:\Program Files\Avira\AntiVir Desktop\avgio.sys -> [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) (ssmdrv) ssmdrv [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\ssmdrv.sys -> [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) (s816mdm) Sony Ericsson Device 816 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\s816mdm.sys -> [2007/06/19 09:51:20 | 000,107,304 | R--- | M] (MCCI Corporation) (s816mgmt) Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\s816mgmt.sys -> [2007/06/19 09:51:18 | 000,099,112 | R--- | M] (MCCI Corporation) (s816unic) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\s816unic.sys -> [2007/06/19 09:51:18 | 000,097,704 | R--- | M] (MCCI) (s816obex) Sony Ericsson Device 816 USB WMC OBEX Interface [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\s816obex.sys -> [2007/06/19 09:51:18 | 000,097,320 | R--- | M] (MCCI Corporation) (s816nd5) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\s816nd5.sys -> [2007/06/19 09:51:18 | 000,021,928 | R--- | M] (MCCI Corporation) (s816mdfl) Sony Ericsson Device 816 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\s816mdfl.sys -> [2007/06/19 09:51:18 | 000,013,864 | R--- | M] (MCCI Corporation) (s816bus) Sony Ericsson Device 816 driver (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\s816bus.sys -> [2007/06/19 08:51:16 | 000,081,832 | R--- | M] (MCCI Corporation) (WudfRd) Windows Driver Foundation - User-mode Driver Framework Reflector [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\WudfRd.sys -> [2006/09/28 19:00:34 | 000,082,944 | ---- | M] (Microsoft Corporation) (WudfPf) Windows Driver Foundation - User-mode Driver Framework Platform Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\WudfPf.sys -> [2006/09/28 18:55:50 | 000,077,568 | ---- | M] (Microsoft Corporation) (Parport) Pilote de port parallèle [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\parport.sys -> [2004/08/04 06:05:42 | 000,080,384 | ---- | M] (Microsoft Corporation) (AmdK7) Pilote de processeur AMD K7 [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\amdk7.sys -> [2004/08/04 06:05:42 | 000,041,600 | ---- | M] (Microsoft Corporation) (Modem) Modem [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\modem.sys -> [2004/08/04 06:05:42 | 000,030,336 | ---- | M] (Microsoft Corporation) (Mouclass) Pilote de la classe Souris [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\mouclass.sys -> [2004/08/04 06:05:42 | 000,023,680 | ---- | M] (Microsoft Corporation) (mssmbios) Pilote BIOS de gestion de systèmes Microsoft [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\mssmbios.sys -> [2004/08/04 06:05:42 | 000,015,488 | ---- | M] (Microsoft Corporation) (Ndisuio) NDIS mode utilisateur E/S Protocole [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ndisuio.sys -> [2004/08/04 06:05:42 | 000,012,928 | ---- | M] (Microsoft Corporation) (swenum) Pilote de bus logiciel [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\swenum.sys -> [2004/08/04 06:05:42 | 000,004,352 | ---- | M] (Microsoft Corporation) (RDPWD) RDPWD [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\drivers\rdpwd.sys -> [2004/08/04 05:55:14 | 000,139,400 | ---- | M] (Microsoft Corporation) (TDTCP) TDTCP [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\drivers\tdtcp.sys -> [2004/08/04 05:55:14 | 000,021,896 | ---- | M] (Microsoft Corporation) (TDPIPE) TDPIPE [Kernel | On_Demand | Stopped] -> C:\WINDOWS\System32\drivers\tdpipe.sys -> [2004/08/04 05:55:12 | 000,012,040 | ---- | M] (Microsoft Corporation) (sr) Pilote de filtre de restauration système [File_System | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\sr.sys -> [2004/08/04 05:49:46 | 000,073,600 | ---- | M] (Microsoft Corporation) (dmio) Pilote de Gestionnaire de disque logique [Kernel | Boot | Running] -> C:\WINDOWS\System32\drivers\dmio.sys -> [2004/08/04 05:46:20 | 000,154,496 | ---- | M] (Microsoft Corp., Veritas Software) (dmboot) dmboot [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\drivers\dmboot.sys -> [2004/08/04 05:46:08 | 000,800,256 | ---- | M] (Microsoft Corp., Veritas Software) (Kbdclass) Pilote de la classe Clavier [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\kbdclass.sys -> [2004/08/04 05:45:12 | 000,025,216 | ---- | M] (Microsoft Corporation) (VolSnap) VolSnap [Kernel | Boot | Running] -> C:\WINDOWS\System32\drivers\volsnap.sys -> [2004/08/04 05:44:16 | 000,053,376 | ---- | M] (Microsoft Corporation) (Serial) Serial [Kernel | Auto | Stopped] -> C:\WINDOWS\System32\drivers\serial.sys -> [2004/08/04 05:41:26 | 000,066,560 | ---- | M] (Microsoft Corporation) (i8042prt) Pilote pour clavier i8042 et souris sur port PS/2 [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\i8042prt.sys -> [2004/08/04 05:41:24 | 000,054,400 | ---- | M] (Microsoft Corporation) (Pcmcia) Pcmcia [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\pcmcia.sys -> [2004/08/04 05:37:12 | 000,120,320 | ---- | M] (Microsoft Corporation) (PCI) Pilote de bus PCI [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\pci.sys -> [2004/08/04 05:37:06 | 000,068,608 | ---- | M] (Microsoft Corporation) (ACPI) Pilote ACPI Microsoft [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ACPI.sys -> [2004/08/04 05:36:58 | 000,188,672 | ---- | M] (Microsoft Corporation) (Rdbss) Rdbss [File_System | System | Running] -> C:\WINDOWS\system32\drivers\rdbss.sys -> [2004/08/04 04:20:08 | 000,176,512 | ---- | M] (Microsoft Corporation) (Mup) Mup [File_System | Boot | Running] -> C:\WINDOWS\System32\drivers\mup.sys -> [2004/08/04 04:15:22 | 000,107,904 | ---- | M] (Microsoft Corporation) (MRxSmb) MRxSmb [File_System | System | Running] -> C:\WINDOWS\system32\drivers\mrxsmb.sys -> [2004/08/04 04:15:18 | 000,451,456 | ---- | M] (Microsoft Corporation) (Ntfs) Ntfs [File_System | Disabled | Running] -> C:\WINDOWS\System32\drivers\ntfs.sys -> [2004/08/04 04:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) (Srv) Srv [File_System | On_Demand | Running] -> C:\WINDOWS\system32\drivers\srv.sys -> [2004/08/04 04:14:46 | 000,336,256 | ---- | M] (Microsoft Corporation) (Tcpip) Pilote du protocole TCP/IP [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\tcpip.sys -> [2004/08/04 04:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) (NetBT) NetBIOS sur TCP/IP [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\netbt.sys -> [2004/08/04 04:14:38 | 000,162,816 | ---- | M] (Microsoft Corporation) (NdisWan) Pilote réseau étendu NDIS d'accès distant [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ndiswan.sys -> [2004/08/04 04:14:32 | 000,091,776 | ---- | M] (Microsoft Corporation) (NDIS) Pilote système NDIS [Kernel | Boot | Running] -> C:\WINDOWS\System32\drivers\ndis.sys -> [2004/08/04 04:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) (IPSec) Pilote IPSEC [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\ipsec.sys -> [2004/08/04 04:14:30 | 000,074,752 | ---- | M] (Microsoft Corporation) (PptpMiniport) Miniport réseau étendu (PPTP) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\raspptp.sys -> [2004/08/04 04:14:28 | 000,048,384 | ---- | M] (Microsoft Corporation) (Rasl2tp) Miniport réseau étendu (L2TP) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\rasl2tp.sys -> [2004/08/04 04:14:24 | 000,051,328 | ---- | M] (Microsoft Corporation) (Fastfat) Fastfat [File_System | Disabled | Running] -> C:\WINDOWS\System32\drivers\fastfat.sys -> [2004/08/04 04:14:18 | 000,143,360 | ---- | M] (Microsoft Corporation) (AFD) AFD [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\afd.sys -> [2004/08/04 04:14:16 | 000,138,496 | ---- | M] (Microsoft Corporation) (Cdfs) Cdfs [File_System | Disabled | Running] -> C:\WINDOWS\System32\drivers\cdfs.sys -> [2004/08/04 04:14:12 | 000,063,744 | ---- | M] (Microsoft Corporation) (usbhub) Concentrateur USB2 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\usbhub.sys -> [2004/08/04 04:08:44 | 000,057,600 | ---- | M] (Microsoft Corporation) (usbuhci) Pilote miniport de contrôleur hôte universel USB Microsoft [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\usbuhci.sys -> [2004/08/04 04:08:38 | 000,020,480 | ---- | M] (Microsoft Corporation) (VgaSave) VgaSave [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\vga.sys -> [2004/08/04 04:07:08 | 000,020,992 | ---- | M] (Microsoft Corporation) (RasPppoe) Pilote PPPOE d'accès à distance [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\raspppoe.sys -> [2004/08/04 04:05:08 | 000,041,472 | ---- | M] (Microsoft Corporation) (AsyncMac) Pilote de média asynchrone RAS [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\asyncmac.sys -> [2004/08/04 04:05:04 | 000,014,336 | ---- | M] (Microsoft Corporation) (Wanarp) Pilote ARP IP d'accès distant [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\wanarp.sys -> [2004/08/04 04:04:58 | 000,034,560 | ---- | M] (Microsoft Corporation) (IpNat) Traducteur d'adresses réseau IP [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ipnat.sys -> [2004/08/04 04:04:52 | 000,134,912 | ---- | M] (Microsoft Corporation) (IpInIp) Pilote de tunnelage IP dans IP [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ipinip.sys -> [2004/08/04 04:04:46 | 000,020,992 | ---- | M] (Microsoft Corporation) (PSched) Planificateur de paquets QoS [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\psched.sys -> [2004/08/04 04:04:20 | 000,069,120 | ---- | M] (Microsoft Corporation) (Gpc) Classificateur de paquets générique [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\msgpc.sys -> [2004/08/04 04:04:14 | 000,035,072 | ---- | M] (Microsoft Corporation) (NetBIOS) Interface NetBIOS [File_System | System | Running] -> C:\WINDOWS\system32\drivers\netbios.sys -> [2004/08/04 04:03:22 | 000,034,560 | ---- | M] (Microsoft Corporation) (FltMgr) FltMgr [File_System | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\fltMgr.sys -> [2004/08/04 04:01:20 | 000,124,800 | ---- | M] (Microsoft Corporation) (MRxDAV) Redirecteur client WebDav [File_System | On_Demand | Running] -> C:\WINDOWS\system32\drivers\mrxdav.sys -> [2004/08/04 04:00:58 | 000,181,248 | ---- | M] (Microsoft Corporation) (IRENUM) Service énumérateur IR [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\irenum.sys -> [2004/08/04 04:00:48 | 000,011,264 | ---- | M] (Microsoft Corporation) (Npfs) Npfs [File_System | System | Running] -> C:\WINDOWS\System32\drivers\npfs.sys -> [2004/08/04 04:00:44 | 000,030,848 | ---- | M] (Microsoft Corporation) (Msfs) Msfs [File_System | System | Running] -> C:\WINDOWS\System32\drivers\msfs.sys -> [2004/08/04 04:00:42 | 000,019,072 | ---- | M] (Microsoft Corporation) (Udfs) Udfs [File_System | Disabled | Stopped] -> C:\WINDOWS\System32\drivers\udfs.sys -> [2004/08/04 04:00:32 | 000,066,176 | ---- | M] (Microsoft Corporation) (Imapi) Pilote de filtre de gravure CD [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\imapi.sys -> [2004/08/04 04:00:16 | 000,041,856 | ---- | M] (Microsoft Corporation) (HTTP) HTTP [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\http.sys -> [2004/08/04 04:00:14 | 000,263,040 | ---- | M] (Microsoft Corporation) (Ip6Fw) Pilote du pare-feu Windows IPv6 [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ip6fw.sys -> [2004/08/04 04:00:08 | 000,029,056 | ---- | M] (Microsoft Corporation) (Disk) Pilote de disque [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\disk.sys -> [2004/08/04 03:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) (Sfloppy) Sfloppy [Kernel | System | Stopped] -> C:\WINDOWS\System32\drivers\sfloppy.sys -> [2004/08/04 03:59:56 | 000,011,392 | ---- | M] (Microsoft Corporation) (Cdrom) Pilote de CD-ROM [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\cdrom.sys -> [2004/08/04 03:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) (KSecDD) KSecDD [Kernel | Boot | Running] -> C:\WINDOWS\System32\drivers\ksecdd.sys -> [2004/08/04 03:59:48 | 000,092,032 | ---- | M] (Microsoft Corporation) (atapi) Contrôleur de disque dur IDE/ESDI standard [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\atapi.sys -> [2004/08/04 03:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) (ViaIde) ViaIde [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\viaide.sys -> [2004/08/04 03:59:44 | 000,005,376 | ---- | M] (Microsoft Corporation) (Fdc) Pilote de contrôleur de lecteur de disquettes [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\fdc.sys -> [2004/08/04 03:59:28 | 000,027,392 | ---- | M] (Microsoft Corporation) (Flpydisk) Pilote de lecteur de disquettes [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\flpydisk.sys -> [2004/08/04 03:59:28 | 000,020,480 | ---- | M] (Microsoft Corporation) (Update) Pilote de mise à jour microcode [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\update.sys -> [2004/08/04 03:58:34 | 000,209,408 | ---- | M] (Microsoft Corporation) (Atmarpc) Protocole client ATM ARP [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\atmarpc.sys -> [2004/08/04 03:58:32 | 000,059,904 | ---- | M] (Microsoft Corporation) (MountMgr) MountMgr [Kernel | Boot | Running] -> C:\WINDOWS\System32\drivers\mountmgr.sys -> [2004/08/04 03:58:32 | 000,042,240 | ---- | M] (Microsoft Corporation) (redbook) Pilote de filtre de lecture digitale de CD audio [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\redbook.sys -> [2004/08/04 01:39:44 | 000,058,496 | ---- | M] (Microsoft Corporation) (TermDD) Pilote de périphérique terminal [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\termdd.sys -> [2004/08/04 00:55:12 | 000,040,840 | ---- | M] (Microsoft Corporation) (sysaudio) Périphérique audio système du noyau Microsoft [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\sysaudio.sys -> [2004/08/04 00:15:56 | 000,060,800 | ---- | M] (Microsoft Corporation) (wdmaud) Pilote WINMM de compatibilité audio WDM Microsoft [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\wdmaud.sys -> [2004/08/04 00:15:06 | 000,082,944 | ---- | M] (Microsoft Corporation) (drmkaud) Filtre de décodeur DRM (Noyau Microsoft) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\drmkaud.sys -> [2004/08/04 00:07:58 | 000,002,944 | ---- | M] (Microsoft Corporation) (kmixer) Mélangeur audio Wave de noyau Microsoft [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\kmixer.sys -> [2004/08/04 00:07:50 | 000,171,776 | ---- | M] (Microsoft Corporation) (splitter) Splitter audio du noyau Microsoft [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\splitter.sys -> [2004/08/04 00:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) (viaagp) Filtre de bus AGP VIA [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\viaagp.sys -> [2004/08/04 00:07:44 | 000,042,240 | ---- | M] (Microsoft Corporation) (DMusic) Synthétiseur DLS du noyau Microsoft [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\DMusic.sys -> [2004/08/04 00:07:40 | 000,052,864 | ---- | M] (Microsoft Corporation) (CmBatt) Pilote pour Batterie à méthode de contrôle ACPI Microsoft [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\CmBatt.sys -> [2004/08/04 00:07:40 | 000,014,080 | ---- | M] (Microsoft Corporation) (MSKSSRV) Proxy de service de répartition Microsoft [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\MSKSSRV.sys -> [2004/08/03 23:58:42 | 000,007,552 | ---- | M] (Microsoft Corporation) (MSPQM) Proxy de gestion de qualité de répartition Microsoft [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\MSPQM.sys -> [2004/08/03 23:58:42 | 000,004,992 | ---- | M] (Microsoft Corporation) (MSPCLOCK) Proxy d'horloge de répartition Microsoft [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\MSPCLOCK.sys -> [2004/08/03 23:58:40 | 000,005,376 | ---- | M] (Microsoft Corporation) (HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFDPSP2.sys -> [2004/08/03 23:41:56 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) (mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\mdmxsdk.sys -> [2004/08/03 23:41:56 | 000,011,868 | ---- | M] (Conexant) (winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFCXTS2.sys -> [2004/08/03 23:41:50 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) (HSFHWBS2) HSFHWBS2 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFBS2S2.sys -> [2004/08/03 23:41:48 | 000,220,032 | ---- | M] (Conexant Systems, Inc.) (aec) Suppresseur d'écho acoustique (Noyau Microsoft) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\aec.sys -> [2004/08/03 23:39:38 | 000,142,464 | ---- | M] (Microsoft Corporation) (VIAudio) Contrôleur audio VIA AC'97 (WDM) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ac97via.sys -> [2004/08/03 23:32:32 | 000,084,480 | ---- | M] (VIA Technologies, Inc.) (rtl8139) Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C) [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\RTL8139.sys -> [2004/08/03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) (USBSTOR) Pilote de stockage de masse USB [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\USBSTOR.SYS -> [2004/08/03 23:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) (usbprint) Classe d'imprimantes USB Microsoft [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\usbprint.sys -> [2004/08/03 23:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) (rdpdr) Pilote de redirecteur de périphérique Terminal Server [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\rdpdr.sys -> [2004/08/03 23:01:16 | 000,196,864 | ---- | M] (Microsoft Corporation) (Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\secdrv.sys -> [2004/07/17 16:36:38 | 000,027,440 | ---- | M] () (Ftdisk) Pilote du Gestionnaire de volume [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ftdisk.sys -> [2002/09/07 01:00:00 | 000,126,080 | ---- | M] (Microsoft Corporation) (NDProxy) Proxy NDIS [Kernel | On_Demand | Running] -> C:\WINDOWS\System32\drivers\ndproxy.sys -> [2002/09/07 01:00:00 | 000,038,016 | ---- | M] (Microsoft Corporation) (isapnp) Pilote de bus Plug-and-Play ISA/EISA [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\isapnp.sys -> [2002/09/07 01:00:00 | 000,036,224 | ---- | M] (Microsoft Corporation) (Fips) Fips [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\fips.sys -> [2002/09/07 01:00:00 | 000,035,072 | ---- | M] (Microsoft Corporation) (IpFilterDriver) Pilote de filtre de trafic IP [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\ipfltdrv.sys -> [2002/09/07 01:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) (NwlnkFwd) Pilote de transfert de trafic IPX [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nwlnkfwd.sys -> [2002/09/07 01:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) (PartMgr) PartMgr [Kernel | Boot | Running] -> C:\WINDOWS\System32\drivers\partmgr.sys -> [2002/09/07 01:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) (Cdaudio) Cdaudio [Kernel | System | Stopped] -> C:\WINDOWS\System32\drivers\cdaudio.sys -> [2002/09/07 01:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) (Ptilink) Pilote de liaison parallèle directe [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ptilink.sys -> [2002/09/07 01:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) (Raspti) Parallèle direct [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\raspti.sys -> [2002/09/07 01:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) (cbidf2k) cbidf2k [Kernel | Disabled | Stopped] -> C:\WINDOWS\System32\drivers\cbidf2k.sys -> [2002/09/07 01:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) (NwlnkFlt) Pilote de filtre de trafic IPX [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nwlnkflt.sys -> [2002/09/07 01:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) (WS2IFSL) Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\ws2ifsl.sys -> [2002/09/07 01:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) (ACPIEC) Pilote de contrôleur intégré Microsoft [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\ACPIEC.sys -> [2002/09/07 01:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) (NdisTapi) Pilote TAPI NDIS d'accès distant [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\ndistapi.sys -> [2002/09/07 01:00:00 | 000,009,600 | ---- | M] (Microsoft Corporation) (RasAcd) Pilote de connexion automatique d'accès distant [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\rasacd.sys -> [2002/09/07 01:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) (ParVdm) ParVdm [Kernel | Auto | Running] -> C:\WINDOWS\System32\drivers\parvdm.sys -> [2002/09/07 01:00:00 | 000,006,912 | ---- | M] (Microsoft Corporation) (dmload) dmload [Kernel | Boot | Running] -> C:\WINDOWS\System32\drivers\dmload.sys -> [2002/09/07 01:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) (RDPCDD) RDPCDD [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\rdpcdd.sys -> [2002/09/07 01:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) (mnmdd) mnmdd [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\mnmdd.sys -> [2002/09/07 01:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) (Beep) Beep [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\beep.sys -> [2002/09/07 01:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) (Null) Null [Kernel | System | Running] -> C:\WINDOWS\System32\drivers\null.sys -> [2002/09/07 01:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) (S3Twistr) S3Twistr [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\s3gnbm.sys -> [2001/09/18 22:57:00 | 000,113,280 | ---- | M] (S3 Graphics, Inc.) (S3SavageNB) S3SavageNB [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\s3gnbm.sys -> [2001/09/18 22:57:00 | 000,113,280 | ---- | M] (S3 Graphics, Inc.) (smwdm) smwdm [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\smwdm.sys -> [2001/08/24 15:47:56 | 000,442,168 | ---- | M] (Analog Devices, Inc.) (mouhid) Pilote HID de souris [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mouhid.sys -> [2001/08/23 17:04:42 | 000,012,288 | ---- | M] (Microsoft Corporation) (swmidi) Synthétiseur de table de sons GC noyau Microsoft [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\swmidi.sys -> [2001/08/17 23:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) (audstub) Pilote audio Stub [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\audstub.sys -> [2001/08/17 22:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) (Compbatt) Pilote de batterie composite Microsoft [Kernel | Boot | Running] -> C:\WINDOWS\system32\DRIVERS\compbatt.sys -> [2001/08/17 22:58:00 | 000,009,344 | ---- | M] (Microsoft Corporation) (HidUsb) Pilote de classe HID Microsoft [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\hidusb.sys -> [2001/08/17 22:02:20 | 000,009,600 | ---- | M] (Microsoft Corporation) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.msn.com/ -> HKEY_CURRENT_USER\: SearchURL\\"provider" -> cand -> HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Documents and Settings\NEO\Application Data\Mozilla\FireFox\Profiles\ho3a8i5h.default\prefs.js -> browser.search.defaultenginename -> "Search the web (Babylon)" -> browser.search.defaulturl -> "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch" -> browser.search.order.1 -> "Search the web (Babylon)" -> browser.search.selectedEngine -> "Google" -> browser.search.update -> false -> browser.startup.homepage -> "http://www.google.com/firefox?client=firefox-a&rls=org.mozilla:fr:official" -> extensions.enabledItems -> {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.4 -> extensions.enabledItems -> mozilla_cc@internetdownloadmanager.com:7.2.7 -> extensions.enabledItems -> {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 -> extensions.enabledItems -> jqs@sun.com:1.0 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 -> extensions.enabledItems -> {66f2e20d-0da8-4c11-a9c8-dd8477b88acd}:2.6.0.15 -> extensions.enabledItems -> {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.227.0 -> extensions.enabledItems -> {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.77 -> extensions.enabledItems -> engine@conduit.com:3.3.2.1 -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\extensions -> -> HKLM\software\mozilla\Firefox\extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} -> C:\Program Files\CheckPoint\ZAForceField\Trustchecker [C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER] -> [2010/11/19 17:36:02 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010/12/15 12:23:13 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2011/03/02 22:22:11 | 000,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Documents and Settings\NEO\Application Data\Mozilla\Extensions -> [2010/03/06 10:44:37 | 000,000,000 | ---D | M] -> C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\ho3a8i5h.default\extensions -> [2011/03/22 13:38:18 | 000,000,000 | ---D | M] FlashGot -> C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\ho3a8i5h.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} -> [2011/03/22 13:36:53 | 000,000,000 | ---D | M] Softonic France Community Toolbar -> C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\ho3a8i5h.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f} -> [2011/03/22 13:37:05 | 000,000,000 | ---D | M] ZoneAlarm Toolbar -> C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\ho3a8i5h.default\extensions\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd} -> [2010/11/19 17:18:34 | 000,000,000 | ---D | M] NoScript -> C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\ho3a8i5h.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} -> [2011/03/22 13:37:08 | 000,000,000 | ---D | M] myBabylon English Toolbar -> C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\ho3a8i5h.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} -> [2010/10/13 19:19:20 | 000,000,000 | ---D | M] Download Statusbar -> C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\ho3a8i5h.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} -> [2011/03/22 13:36:52 | 000,000,000 | ---D | M] BitDefender QuickScan -> C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\ho3a8i5h.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} -> [2011/03/22 13:37:10 | 000,000,000 | ---D | M] Download Manager Tweak -> C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\ho3a8i5h.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB} -> [2011/01/04 20:57:46 | 000,000,000 | ---D | M] -> C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\ho3a8i5h.default\extensions\artur.dubovoy@gmail.com -> [2011/03/22 13:36:58 | 000,000,000 | ---D | M] -> C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\ho3a8i5h.default\extensions\engine@conduit.com -> [2011/03/22 13:37:11 | 000,000,000 | ---D | M] -> C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\ho3a8i5h.default\extensions\max@subfighter.com -> [2010/03/06 10:58:16 | 000,000,000 | ---D | M] -> C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\ho3a8i5h.default\extensions\mozilla_cc@internetdownloadmanager.com -> [2011/03/22 13:37:07 | 000,000,000 | ---D | M] < FireFox SearchPlugins [User Folders] > -> daemon-search.xml -> C:\Documents and Settings\NEO\Application Data\Mozilla\Firefox\Profiles\ho3a8i5h.default\searchplugins\daemon-search.xml -> [2010/03/23 10:25:05 | 000,002,055 | ---- | M] () < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2011/03/22 15:03:54 | 000,000,000 | ---D | M] Java Console -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} -> [2010/06/01 01:07:53 | 000,000,000 | ---D | M] Java Console -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} -> [2010/10/17 00:53:49 | 000,000,000 | ---D | M] < HOSTS File > ([2010/11/25 22:18:02 | 000,000,027 | ---- | M] - 1 lines) -> C:\WINDOWS\system32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {0055C089-8582-441B-A0BF-17B458C2A3A8} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}" [HKLM] -> C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [ZoneAlarm Security Engine] -> File not found < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found WebBrowser\\"{32099AAC-C132-4136-9E9A-4E364A424E17}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Adobe ARM" -> C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe ["C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"] -> [2010/09/20 23:07:44 | 000,932,288 | R--- | M] (Adobe Systems Incorporated) "avgnt" -> C:\Program Files\Avira\AntiVir Desktop\avgnt.exe ["C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min] -> [2010/03/02 11:30:04 | 000,282,792 | ---- | M] (Avira GmbH) "CAP3ON" -> C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP3ONN.EXE [C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP3ONN.EXE] -> [2002/07/30 09:00:00 | 000,022,528 | ---- | M] (CANON INC.) "conime" -> C:\WINDOWS\System32\conime.exe [conime.exe] -> [2004/08/04 05:54:50 | 000,027,648 | ---- | M] (Microsoft Corporation) "ISW" -> C:\Program Files\CheckPoint\ZAForceField\ForceField.exe ["C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"] -> [2010/05/26 14:35:14 | 000,730,600 | ---- | M] (Check Point Software Technologies) "NeroFilterCheck" -> C:\WINDOWS\system32\NeroCheck.exe [C:\WINDOWS\system32\NeroCheck.exe] -> [2001/07/09 10:50:42 | 000,155,648 | ---- | M] (Ahead Software Gmbh) "Sony Ericsson PC Suite" -> C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ["C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions] -> [2007/06/13 08:16:02 | 000,528,384 | R--- | M] () "SunJavaUpdateSched" -> C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe ["C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"] -> [2010/05/14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) "ZoneAlarm Client" -> C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe ["C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"] -> [2010/05/26 13:03:36 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "IDMan" -> C:\Program Files\Internet Download Manager\IDMan.exe [C:\Program Files\Internet Download Manager\IDMan.exe /onboot] -> [2009/09/09 20:06:54 | 003,118,512 | ---- | M] (Tonec Inc.) "uTorrent" -> C:\Program Files\uTorrent\uTorrent.exe ["C:\Program Files\uTorrent\uTorrent.exe"] -> [2010/12/15 11:34:11 | 000,395,640 | ---- | M] (BitTorrent, Inc.) < All Users Startup Folder > -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage -> C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Fenêtre d'état de Canon LASER SHOT LBP-1120.LNK -> C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP3LAK.EXE -> [2002/07/30 09:00:00 | 000,030,720 | ---- | M] (CANON INC.) < NEO Startup Folder > -> C:\Documents and Settings\NEO\Menu Démarrer\Programmes\Démarrage -> < Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> < Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveAutoRun" -> [67108863] -> File not found \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDriveTypeAutoRun" -> [323] -> File not found \\"NoDriveAutoRun" -> [67108863] -> File not found \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> < Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> Download with IDM -> C:\Program Files\Internet Download Manager\IEExt.htm [C:\Program Files\Internet Download Manager\IEExt.htm] -> [2004/12/02 17:31:09 | 000,000,277 | ---- | M] () Télécharger avec IDM -> C:\Program Files\Internet Download Manager\IEExt.htm [C:\Program Files\Internet Download Manager\IEExt.htm] -> [2004/12/02 17:31:09 | 000,000,277 | ---- | M] () Télécharger le contenu de video FLV avec IDM -> C:\Program Files\Internet Download Manager\IEGetVL.htm [C:\Program Files\Internet Download Manager\IEGetVL.htm] -> [2007/07/02 07:19:10 | 000,000,278 | ---- | M] () Télécharger tous les liens avec IDM -> C:\Program Files\Internet Download Manager\IEGetAll.htm [C:\Program Files\Internet Download Manager\IEGetAll.htm] -> [2003/10/20 11:13:13 | 000,000,283 | ---- | M] () < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Button: Skype Plug-In] -> File not found {898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Menu: Skype Plug-In] -> File not found < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{898EA8C8-E7FF-479B-8935-AEC46303B9E5}" [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype Browser Helper] -> File not found CmdMapping\\"{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}" [HKLM] -> [Reg Error: Key error.] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Bibliothèque de contrôles ActiveX Microsoft -> < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab [Java Plug-in 1.6.0_22] -> {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab [Java Plug-in 1.6.0_22] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab [Java Plug-in 1.6.0_22] -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\WINDOWS\explorer.exe -> [2004/08/04 05:54:50 | 001,036,288 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> "C:\WINDOWS\system32\igfxpt32.exe" -> C:\WINDOWS\System32\igfxpt32.exe [C:\WINDOWS\system32\igfxpt32.exe:*:Enabled:ILAN] -> File not found "C:\WINDOWS\system32\quickt86.exe" -> C:\WINDOWS\System32\quickt86.exe [C:\WINDOWS\system32\quickt86.exe:*:Enabled:QuickTime Player] -> File not found "C:\WINDOWS\system32\wmpcs3.exe" -> C:\WINDOWS\System32\wmpcs3.exe [C:\WINDOWS\system32\wmpcs3.exe:*:Enabled:WinMedia] -> File not found < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\Documents and Settings\NEO\Application Data\Thinstall\Vidal CD\4000002400003i\java.exe" -> C:\Documents and Settings\NEO\Application Data\Thinstall\Vidal CD\4000002400003i\java.exe [C:\Documents and Settings\NEO\Application Data\Thinstall\Vidal CD\4000002400003i\java.exe:*:Enabled:java] -> [2010/03/16 00:43:02 | 000,007,680 | ---- | M] () "C:\Program Files\Mozilla Firefox\firefox.exe" -> C:\Program Files\Mozilla Firefox\firefox.exe [C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox] -> [2010/12/13 23:10:58 | 000,912,344 | ---- | M] (Mozilla Corporation) "C:\Program Files\uTorrent\uTorrent.exe" -> C:\Program Files\uTorrent\uTorrent.exe [C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent] -> [2010/12/15 11:34:11 | 000,395,640 | ---- | M] (BitTorrent, Inc.) "C:\WINDOWS\system32\dpnsvr.exe" -> C:\WINDOWS\System32\dpnsvr.exe [C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server] -> [2004/08/04 05:54:50 | 000,018,432 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\dxdiag.exe" -> C:\WINDOWS\System32\dxdiag.exe [C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Outil de diagnostic Microsoft DirectX] -> [2004/08/04 05:54:50 | 001,298,432 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\ZoneLabs\vsmon.exe" -> C:\WINDOWS\System32\ZoneLabs\vsmon.exe [C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon] -> [2010/05/26 13:05:04 | 002,437,176 | ---- | M] (Check Point Software Technologies LTD) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> Pilote de CD-ROM -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2010/03/31 21:36:25 | 000,000,000 | ---- | M] () C:\AUTOEXEC.VIA [] -> C:\AUTOEXEC.VIA [ NTFS ] -> [2010/01/29 03:44:45 | 000,000,000 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = ComFile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> [Registry - Additional Scans - Safe List] < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .bat [@ = batfile] -> "%1" %* -> .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = ComFile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> .html [@ = FirefoxHTML] -> C:\Program Files\Mozilla Firefox\firefox.exe -> [2010/12/13 23:10:58 | 000,912,344 | ---- | M] (Mozilla Corporation) .pif [@ = piffile] -> "%1" %* -> .scr [@ = scrfile] -> "%1" /S -> < File Associations - Select to Repair > -> HKEY_CURRENT_USER\SOFTWARE\Classes\\ -> .html [@ = FirefoxHTML] -> C:\Program Files\Mozilla Firefox\firefox.exe -> [2010/12/13 23:10:58 | 000,912,344 | ---- | M] (Mozilla Corporation) < Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ -> text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2006/10/26 21:41:48 | 000,044,344 | ---- | M] (Microsoft Corporation) < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL[MSDAMON.BINDER] -> [2006/10/26 19:49:48 | 001,011,488 | ---- | M] (Microsoft Corporation) msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL[MSDAMON.BINDER] -> [2006/10/26 19:49:48 | 001,011,488 | ---- | M] (Microsoft Corporation) msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL[MSDAIPP.BINDER] -> [2006/10/26 19:49:48 | 001,011,488 | ---- | M] (Microsoft Corporation) ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll[HxProtocol Class] -> [2006/10/26 13:45:02 | 000,873,216 | ---- | M] (Microsoft Corporation) skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM] -> C:\Program Files\Fichiers communs\Skype\Skype4COM.dll[IEProtocolHandler Class] -> [2010/12/03 16:46:34 | 002,164,104 | R--- | M] (Skype Technologies) skype-ie-addon-data:{91774881-D725-4E58-B298-07617B9B86A8} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll[Skype IE add-on Pluggable Protocol] -> File not found < Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center \\"FirstRunDisabled" -> [1] -> File not found \\"UpdatesDisableNotify" -> [0] -> File not found \\"AntiVirusOverride" -> [1] -> File not found \\"FirewallOverride" -> [1] -> File not found \\"AntiVirusDisableNotify" -> [0] -> File not found \\"FirewallDisableNotify" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall \Monitoring\ZoneLabsFirewall\\"DisableMonitoring" -> [1] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc \Svc\\"AntiVirusOverride" -> [1] -> File not found \Svc\\"AntiVirusDisableNotify" -> [1] -> File not found \Svc\\"FirewallDisableNotify" -> [1] -> File not found \Svc\\"FirewallOverride" -> [1] -> File not found \Svc\\"UpdatesDisableNotify" -> [1] -> File not found \Svc\\"UacDisableNotify" -> [1] -> File not found < System Restore User Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore -> "DisableSR" -> 0 -> < System Restore File Filter Service > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr -> "Start" -> 0 -> < System Restore Service > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService -> "Start" -> 2 -> < Windows Firewall Group Policy Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\ -> -> < Windows DomainProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile \\"EnableFirewall" -> [1] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> < Windows StandardProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile \\"EnableFirewall" -> [1] -> File not found \\"DoNotAllowExceptions" -> [0] -> File not found \\"DisableNotifications" -> [0] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> < Windows StandardProfile GloballyOpenPorts Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List \\"139:TCP" -> [139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004] -> File not found \\"445:TCP" -> [445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005] -> File not found \\"137:UDP" -> [137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001] -> File not found \\"138:UDP" -> [138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002] -> File not found \\"48113:TCP" -> [48113:TCP:LocalSubNet:Enabled:maconfig_tcp] -> File not found \\"48113:UDP" -> [48113:UDP:LocalSubNet:Enabled:maconfig_udp] -> File not found < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> Protocol_Catalog9\Catalog_Entries\000000000001 -> C:\Program Files\Avira\AntiVir Desktop\avsda.dll -> [2010/02/24 15:58:01 | 000,280,232 | ---- | M] (Avira GmbH) Protocol_Catalog9\Catalog_Entries\000000000002 -> C:\Program Files\Avira\AntiVir Desktop\avsda.dll -> [2010/02/24 15:58:01 | 000,280,232 | ---- | M] (Avira GmbH) Protocol_Catalog9\Catalog_Entries\000000000020 -> C:\Program Files\Avira\AntiVir Desktop\avsda.dll -> [2010/02/24 15:58:01 | 000,280,232 | ---- | M] (Avira GmbH) < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {02E89EFC-7B07-4D5A-AA03-9EC0902914EE} -> VC 9.0 Runtime {1C75E8E0-29D5-4298-AE16-B8604FD9DDE4} -> Disc2Phone {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 {26A24AE4-039D-4CA4-87B4-2F83216020FF} -> Java(TM) 6 Update 22 {350C940c-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP {4A03706F-666A-4037-7777-5F2748764D10} -> Java Auto Updater {56C049BE-79E9-4502-BEA7-9754A3E60F9B} -> neroxml {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} -> Microsoft .NET Framework 2.0 {7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable {90120000-0010-040C-0000-0000000FF1CE} -> Microsoft Software Update for Web Folders (French) 12 {90120000-0011-0000-0000-0000000FF1CE} -> Microsoft Office Professional Plus 2007 {90120000-0015-040C-0000-0000000FF1CE} -> Microsoft Office Access MUI (French) 2007 {90120000-0016-040C-0000-0000000FF1CE} -> Microsoft Office Excel MUI (French) 2007 {90120000-0018-040C-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (French) 2007 {90120000-0019-040C-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (French) 2007 {90120000-001A-040C-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (French) 2007 {90120000-001B-040C-0000-0000000FF1CE} -> Microsoft Office Word MUI (French) 2007 {90120000-001F-0401-0000-0000000FF1CE} -> Microsoft Office Proof (Arabic) 2007 {90120000-001F-0407-0000-0000000FF1CE} -> Microsoft Office Proof (German) 2007 {90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007 {90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007 {90120000-001F-0413-0000-0000000FF1CE} -> Microsoft Office Proof (Dutch) 2007 {90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007 {90120000-002C-040C-0000-0000000FF1CE} -> Microsoft Office Proofing (French) 2007 {90120000-0044-040C-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (French) 2007 {90120000-006E-040C-0000-0000000FF1CE} -> Microsoft Office Shared MUI (French) 2007 {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} -> Google Update Helper {ABEB838C-A1A7-4C5D-B7E1-8B4314600820} -> MSN Messenger 7.0 {AC76BA86-7AD7-1036-7B44-A94000000001} -> Adobe Reader 9.4.2 - Français {C60BA916-9E44-4DA4-B11A-9E27B7624EF5} -> Sony Ericsson Drivers {C92E7DF1-624A-4D95-A4C4-18CB491B44A4} -> Sony Ericsson Device Data {CD95D125-2992-4858-B3EF-5F6FB52FBAD6} -> Skype Toolbars {D59AC9E9-FFAE-471B-B1FF-4B311D23417A} -> Sony Ericsson PC Suite {D6BF6477-8369-489F-8DE6-3731F4B88560} -> Sony Ericsson PC Suite {E633D396-5188-4E9D-8F6B-BFB8BF3467E8} -> Skype™ 5.0 {EA3CD554-A1E2-11D3-B4C5-006067326BA5} -> MDK2 Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin Avira AntiVir Desktop -> Avira AntiVir Premium AVS Update Manager_is1 -> AVS Update Manager 1.0 AVS4YOU Software Navigator_is1 -> AVS4YOU Software Navigator 1.3 AVS4YOU Video Converter 6_is1 -> AVS Video Converter 6 Canon LASER SHOT LBP-1120 -> Canon LASER SHOT LBP-1120 HijackThis -> HijackThis 2.0.2 Internet Download Manager -> Internet Download Manager KLiteCodecPack_is1 -> K-Lite Codec Pack 5.8.3 (Full) Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware MDK -> MDK Microsoft .NET Framework 2.0 -> Microsoft .NET Framework 2.0 Mozilla Firefox (3.6.13) -> Mozilla Firefox (3.6.13) MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP Nero - Burning Rom!UninstallKey -> Nero 6 Enterprise Edition PROPLUS -> Microsoft Office Professional Plus 2007 Red Alert 2 -> Command & Conquer Red Alert 2 S3Utilities -> S3 Graphics Utilities SoundMAXWDM -> SoundMAXWDM Twister -> Twister and Utilities uTorrent -> µTorrent Warzone2100 -> Warzone2100 Windows Media Format Runtime -> Windows Media Format 11 runtime Windows Media Player -> Windows Media Player 11 WinRAR archiver -> Archiveur WinRAR WMFDist11 -> Windows Media Format 11 runtime wmp11 -> Windows Media Player 11 Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0 ZoneAlarm -> ZoneAlarm ZoneAlarm Toolbar -> ZoneAlarm Toolbar < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 17/02/2011 16:42:45 Computer Name = NEO-F6EF5F0CD84 | Source = crypt32 | ID = 131080 -> Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : avec l'erreur : L'adresse ou le nom de serveur n'a pas pu être résolu Application [ Error ] 17/02/2011 16:42:50 Computer Name = NEO-F6EF5F0CD84 | Source = crypt32 | ID = 131080 -> Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : avec l'erreur : Cette connexion réseau n'existe pas. Application [ Error ] 17/02/2011 16:42:50 Computer Name = NEO-F6EF5F0CD84 | Source = crypt32 | ID = 131080 -> Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : avec l'erreur : Cette connexion réseau n'existe pas. Application [ Error ] 17/02/2011 16:42:50 Computer Name = NEO-F6EF5F0CD84 | Source = crypt32 | ID = 131080 -> Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : avec l'erreur : Cette connexion réseau n'existe pas. Application [ Error ] 17/02/2011 16:42:50 Computer Name = NEO-F6EF5F0CD84 | Source = crypt32 | ID = 131080 -> Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : avec l'erreur : Cette connexion réseau n'existe pas. Application [ Error ] 17/02/2011 16:42:51 Computer Name = NEO-F6EF5F0CD84 | Source = crypt32 | ID = 131080 -> Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : avec l'erreur : Cette connexion réseau n'existe pas. Application [ Error ] 17/02/2011 16:42:51 Computer Name = NEO-F6EF5F0CD84 | Source = crypt32 | ID = 131080 -> Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : avec l'erreur : Cette connexion réseau n'existe pas. Application [ Error ] 17/02/2011 16:42:51 Computer Name = NEO-F6EF5F0CD84 | Source = crypt32 | ID = 131080 -> Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : avec l'erreur : Cette connexion réseau n'existe pas. Application [ Error ] 17/02/2011 16:42:51 Computer Name = NEO-F6EF5F0CD84 | Source = crypt32 | ID = 131080 -> Description = Échec de la récupération de la mise à jour automatique du numéro de séquence de la liste racine tierce partie à partir de : avec l'erreur : Cette connexion réseau n'existe pas. Application [ Error ] 18/02/2011 05:57:33 Computer Name = NEO-F6EF5F0CD84 | Source = Application Error | ID = 1000 -> Description = Application défaillante svchost.exe, version 5.1.2600.2180, module défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00325053. System [ Error ] 22/03/2011 08:15:10 Computer Name = NEO-F6EF5F0CD84 | Source = Service Control Manager | ID = 7006 -> Description = L'appel ScRegSetValueExW a échoué pour Start avec l'erreur : %%5 System [ Error ] 22/03/2011 08:15:10 Computer Name = NEO-F6EF5F0CD84 | Source = Service Control Manager | ID = 7006 -> Description = L'appel ScRegSetValueExW a échoué pour DeleteFlag avec l'erreur : %%5 System [ Error ] 22/03/2011 08:47:31 Computer Name = NEO-F6EF5F0CD84 | Source = Print | ID = 23 -> Description = L'imprimante Easy PDF Creator n'a pas pu s'initialiser car aucun pilote Easy PDF Creator adéquat n'a été trouvé. System [ Error ] 22/03/2011 08:48:42 Computer Name = NEO-F6EF5F0CD84 | Source = Service Control Manager | ID = 7003 -> Description = Le service Avira AntiVir MailGuard dépend du service inexistant : AntiVirService. System [ Error ] 22/03/2011 08:48:42 Computer Name = NEO-F6EF5F0CD84 | Source = Service Control Manager | ID = 7003 -> Description = Le service Avira AntiVir WebGuard dépend du service inexistant : AntiVirService. System [ Error ] 22/03/2011 08:51:06 Computer Name = NEO-F6EF5F0CD84 | Source = Service Control Manager | ID = 7006 -> Description = L'appel ScRegSetValueExW a échoué pour Start avec l'erreur : %%5 System [ Error ] 22/03/2011 08:51:06 Computer Name = NEO-F6EF5F0CD84 | Source = Service Control Manager | ID = 7006 -> Description = L'appel ScRegSetValueExW a échoué pour DeleteFlag avec l'erreur : %%5 System [ Error ] 22/03/2011 09:54:11 Computer Name = NEO-F6EF5F0CD84 | Source = Print | ID = 23 -> Description = L'imprimante Easy PDF Creator n'a pas pu s'initialiser car aucun pilote Easy PDF Creator adéquat n'a été trouvé. System [ Error ] 22/03/2011 09:55:22 Computer Name = NEO-F6EF5F0CD84 | Source = Service Control Manager | ID = 7003 -> Description = Le service Avira AntiVir MailGuard dépend du service inexistant : AntiVirService. System [ Error ] 22/03/2011 09:55:22 Computer Name = NEO-F6EF5F0CD84 | Source = Service Control Manager | ID = 7003 -> Description = Le service Avira AntiVir WebGuard dépend du service inexistant : AntiVirService. [Files/Folders - Created Within 30 Days] Wireshark -> C:\Program Files\Wireshark -> [2011/03/01 13:30:34 | 000,000,000 | ---D | C] cwsandbox -> C:\cwsandbox -> [2011/03/01 13:30:32 | 000,000,000 | R--D | C] 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> [Files/Folders - Modified Within 30 Days] GoogleUpdateTaskMachineCore.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -> [2011/03/22 15:47:04 | 000,001,044 | ---- | M] () ComboFix.exe -> C:\Documents and Settings\NEO\Bureau\ComboFix.exe -> [2011/03/22 15:21:56 | 004,298,649 | R--- | M] () bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2011/03/22 14:53:48 | 000,002,048 | --S- | M] () GoogleUpdateTaskMachineUA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -> [2011/03/22 14:45:22 | 000,001,048 | ---- | M] () wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2011/03/22 13:11:47 | 000,002,206 | ---- | M] () NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2011/03/09 14:01:11 | 000,000,116 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\NEO\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2011/03/09 14:00:55 | 000,054,784 | ---- | M] () d3d9caps.dat -> C:\WINDOWS\System32\d3d9caps.dat -> [2011/03/05 23:24:11 | 000,000,664 | ---- | M] () Adobe Reader 9.lnk -> C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk -> [2011/03/02 22:22:17 | 000,001,729 | ---- | M] () 1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> [Files - No Company Name] ComboFix.exe -> C:\Documents and Settings\NEO\Bureau\ComboFix.exe -> [2011/03/22 15:15:06 | 004,298,649 | R--- | C] () Adobe Reader 9.lnk -> C:\Documents and Settings\All Users\Bureau\Adobe Reader 9.lnk -> [2011/03/02 22:22:16 | 000,001,729 | ---- | C] () mngui.INI -> C:\WINDOWS\mngui.INI -> [2010/12/29 01:44:24 | 000,000,000 | ---- | C] () housecall.guid.cache -> C:\Documents and Settings\NEO\Local Settings\Application Data\housecall.guid.cache -> [2010/11/20 20:41:26 | 000,000,036 | ---- | C] () wininit.ini -> C:\WINDOWS\wininit.ini -> [2010/05/09 23:35:22 | 000,000,032 | ---- | C] () sptd.sys -> C:\WINDOWS\System32\drivers\sptd.sys -> [2010/03/23 10:23:36 | 000,697,328 | ---- | C] () unrar.dll -> C:\WINDOWS\System32\unrar.dll -> [2010/03/17 00:14:19 | 000,165,376 | ---- | C] () avisplitter.ini -> C:\WINDOWS\avisplitter.ini -> [2010/03/17 00:14:17 | 000,000,038 | ---- | C] () xvidcore.dll -> C:\WINDOWS\System32\xvidcore.dll -> [2010/03/17 00:14:12 | 000,881,664 | ---- | C] () xvidvfw.dll -> C:\WINDOWS\System32\xvidvfw.dll -> [2010/03/17 00:14:12 | 000,205,824 | ---- | C] () ff_vfw.dll -> C:\WINDOWS\System32\ff_vfw.dll -> [2010/03/17 00:14:07 | 000,085,504 | ---- | C] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\NEO\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/03/06 12:48:54 | 000,054,784 | ---- | C] () BASSMOD.dll -> C:\WINDOWS\System32\BASSMOD.dll -> [2010/03/04 20:50:32 | 000,014,848 | ---- | C] () IDMan.INI -> C:\WINDOWS\IDMan.INI -> [2010/03/04 20:50:07 | 000,000,068 | ---- | C] () NeroDigital.ini -> C:\WINDOWS\NeroDigital.ini -> [2010/03/01 21:36:18 | 000,000,116 | ---- | C] () chnll.dll -> C:\WINDOWS\System32\chnll.dll -> [2010/02/12 15:36:36 | 000,000,040 | ---- | C] () Props16.dll -> C:\WINDOWS\System32\Props16.dll -> [2010/01/29 13:57:09 | 000,011,936 | ---- | C] () wdmioctl.dll -> C:\WINDOWS\System32\wdmioctl.dll -> [2010/01/29 13:57:08 | 000,029,184 | ---- | C] () SynthCore11System.dll -> C:\WINDOWS\System32\SynthCore11System.dll -> [2010/01/29 13:57:08 | 000,028,672 | ---- | C] () ODBCINST.INI -> C:\WINDOWS\ODBCINST.INI -> [2010/01/29 04:29:18 | 000,004,205 | ---- | C] () ieencode.dll -> C:\WINDOWS\System32\ieencode.dll -> [2004/08/04 05:54:28 | 000,081,920 | ---- | C] () secdrv.sys -> C:\WINDOWS\System32\drivers\secdrv.sys -> [2004/07/17 16:36:38 | 000,027,440 | ---- | C] () [Alternate Data Streams] @Alternate Data Stream - 519254 bytes -> C:\WINDOWS\Temp:temp < End of report > [/code]