Bonjour à tous et toutes,
en ce moment j’ai que des problèmes avec Firefox quoi la galère :-@:
Voilà .Impossible de lire des vidéos sur Youtube et Dailymotion Je dois passer sur IE pour que sa marche.
Merci et bonne soirée.
Edité le 23/11/2009 à 21:08
Salut,merci pour ton aide ! Voilà le rapport :
24/11/2009 ---- 17:36:23,51
[X] Registre
[ ] Fichier (rapide)
[ ] Fichier (disque systeme)
[X] Fichier (complete)
[Registre]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{42042206-2D85-11D3-8CFF-005004838597}\Old Icon\FirefoxHTML]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{42042206-2D85-11D3-8CFF-005004838597}\Old Icon\FirefoxHTML\DefaultIcon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{42042206-2D85-11D3-8CFF-005004838597}\Old Icon\FirefoxHTML\DefaultIcon]
@=“C:\Program Files\Mozilla Firefox\firefox.exe,1”
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet]
@=“FIREFOX.EXE”
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Toolbar for Firefox]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\firefox.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared\HTML]
“KnownIDs”=“FirefoxHTML”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9678DCFC4BEC0C94981A31BE297E47D6\471FC3EAC2786C649B6F0C95F3B37C8B]
“File”=“FFirefoxPluginDll”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-759318378-497761762-3404630427-1000\Products\6BBFDF96D153C8B4988D68D79C0D2A4A\InstallProperties]
“DisplayName”=“Windows Media Player Firefox Plugin”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\firefoxdownload-now.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\firefoxdownload-now.com\www]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1]
“Inno Setup: Deselected Tasks”=“KeepP2p\yes,Firefox\no,opera\no,maxthon\no,Netscape\no”
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}]
“DisplayName”=“Windows Media Player Firefox Plugin”
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\3.5.2 (fr)]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\3.5.2 (fr)\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\3.5.2 (fr)\Uninstall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\3.5.2 (fr)\Uninstall]
“Description”=“Mozilla Firefox (3.5.2)”
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\3.5.3 (fr)]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\3.5.3 (fr)\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\3.5.3 (fr)\Uninstall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\3.5.3 (fr)\Uninstall]
“Description”=“Mozilla Firefox (3.5.3)”
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\3.6b1 (fr)]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\3.6b1 (fr)\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\3.6b1 (fr)\Uninstall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox\3.6b1 (fr)\Uninstall]
“Description”=“Mozilla Firefox (3.6b1)”
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.5.2]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.5.2\bin]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.5.2\extensions]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.5.3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.5.3\bin]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.5.3\extensions]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.6b1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.6b1\bin]
[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Mozilla Firefox 3.6b1\extensions]
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins@microsoft.com/OfficeLive,version=1.3]
“ProductName”=“Microsoft Office Live Plug-in for Firefox”
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins@microsoft.com/OfficeLive,version=1.4]
“ProductName”=“Microsoft Office Live Plug-in for Firefox”
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins@microsoft.com/SharePoint,version=14.0]
“Description”=“Microsoft SharePoint Plug-in for Firefox”
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins@microsoft.com/SharePoint,version=14.0]
“ProductName”=“Microsoft SharePoint Plug-in for Firefox”
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins@microsoft.com/SharePoint,version=14.0\MimeTypes\application/x-sharepoint]
“Description”=“Microsoft SharePoint Plug-in for Firefox”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“TCP Query User{865DF9ED-DCAB-4658-85B0-53DAB53E40D0}C:\program files\mozilla firefox\firefox.exe”=“v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\mozilla firefox\firefox.exe|Name=Firefox|Desc=Firefox|Edge=FALSE|”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“UDP Query User{1B85B1B6-E930-4F4B-87D4-24E7C30D7866}C:\program files\mozilla firefox\firefox.exe”=“v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\mozilla firefox\firefox.exe|Name=Firefox|Desc=Firefox|Edge=FALSE|”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“TCP Query User{85712156-4BBC-4D2C-BC82-AE50A88ED03E}C:\program files\mozilla firefox\firefox.exe”=“v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\mozilla firefox\firefox.exe|Name=Firefox|Desc=Firefox|Edge=FALSE|”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“UDP Query User{09CF1E4B-28B0-4320-84EF-C7FF11C4FD31}C:\program files\mozilla firefox\firefox.exe”=“v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\mozilla firefox\firefox.exe|Name=Firefox|Desc=Firefox|Edge=FALSE|”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“TCP Query User{865DF9ED-DCAB-4658-85B0-53DAB53E40D0}C:\program files\mozilla firefox\firefox.exe”=“v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\mozilla firefox\firefox.exe|Name=Firefox|Desc=Firefox|Edge=FALSE|”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“UDP Query User{1B85B1B6-E930-4F4B-87D4-24E7C30D7866}C:\program files\mozilla firefox\firefox.exe”=“v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\mozilla firefox\firefox.exe|Name=Firefox|Desc=Firefox|Edge=FALSE|”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“TCP Query User{85712156-4BBC-4D2C-BC82-AE50A88ED03E}C:\program files\mozilla firefox\firefox.exe”=“v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\mozilla firefox\firefox.exe|Name=Firefox|Desc=Firefox|Edge=FALSE|”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“UDP Query User{09CF1E4B-28B0-4320-84EF-C7FF11C4FD31}C:\program files\mozilla firefox\firefox.exe”=“v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\mozilla firefox\firefox.exe|Name=Firefox|Desc=Firefox|Edge=FALSE|”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\20]
“Filename”=“C:\Program Files\Mozilla Firefox\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\Firewall\Policy\20]
“DeviceName”=“C:\Program Files\Mozilla Firefox\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\11\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\11\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\12\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\12\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\13\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\14\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\14\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\142\Rules\1\Allowed\0]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\142\Rules\1\Allowed\0]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\142\Rules\1\Allowed\1]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\uninstall\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\142\Rules\1\Allowed\1]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\uninstall\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\143\Rules\1\Allowed\0]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\143\Rules\1\Allowed\0]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\143\Rules\1\Allowed\1]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\uninstall\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\143\Rules\1\Allowed\1]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\uninstall\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\144\Rules\1\Allowed\0]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\144\Rules\1\Allowed\0]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\144\Rules\1\Allowed\1]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\uninstall\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\144\Rules\1\Allowed\1]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\uninstall\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\145\Rules\1\Allowed\0]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\145\Rules\1\Allowed\0]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\145\Rules\1\Allowed\1]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\uninstall\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\145\Rules\1\Allowed\1]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\uninstall\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\15\Rules\1\Allowed\1]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\15\Rules\1\Allowed\1]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\15\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\15\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\16\Rules\1\Allowed\1]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\16\Rules\1\Allowed\1]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\16\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\16\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\17\Rules\1\Allowed\1]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\17\Rules\1\Allowed\1]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\17\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\17\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\18\Rules\1\Allowed\1]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\18\Rules\1\Allowed\1]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\18\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\18\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\19\Rules\1\Allowed\1]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\19\Rules\1\Allowed\1]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\19\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\19\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\20\Rules\1\Allowed\1]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\20\Rules\1\Allowed\1]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\20\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\20\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\21\Rules\1\Allowed\0]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\21\Rules\1\Allowed\0]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\21\Rules\1\Allowed\1]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\21\Rules\1\Allowed\1]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\21\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\21\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\22\Rules\1\Allowed\0]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\22\Rules\1\Allowed\0]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\22\Rules\1\Allowed\1]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\22\Rules\1\Allowed\1]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\22\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\22\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\23\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\23\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\24\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\24\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\25\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\25\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\25\Rules\14\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\25\Rules\14\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\26\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\26\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\26\Rules\14\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\26\Rules\14\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\27\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\27\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\27\Rules\14\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\27\Rules\14\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\28\Rules\13\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\28\Rules\13\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\28\Rules\14\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\28\Rules\14\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\29\Rules\14\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\29\Rules\14\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\30\Rules\14\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\30\Rules\14\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\31\Rules\14\Allowed\4]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\31\Rules\14\Allowed\4]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\51]
“Filename”=“C:\Program Files\Mozilla Firefox\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\51]
“DeviceName”=“C:\Program Files\Mozilla Firefox\firefox.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\92\Rules\0\Allowed\0]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\uninstaller.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\92\Rules\0\Allowed\0]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\uninstaller.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\93\Rules\0\Allowed\0]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\uninstaller.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\93\Rules\0\Allowed\0]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\uninstaller.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\94\Rules\0\Allowed\0]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\uninstaller.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\94\Rules\0\Allowed\0]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\uninstaller.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\95\Rules\0\Allowed\0]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\uninstaller.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\95\Rules\0\Allowed\0]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\uninstaller.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\96]
“Filename”=“C:\Program Files\Mozilla Firefox\uninstall\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\96]
“DeviceName”=“C:\Program Files\Mozilla Firefox\uninstall\helper.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\96\Rules\0\Allowed\0]
“Filename”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\uninstaller.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\Software\Comodo\Firewall Pro\Configurations\0\HIPS\Policy\96\Rules\0\Allowed\0]
“DeviceName”=“C:\PROGRAM FILES\MOZILLA FIREFOX\UNINSTALL\uninstaller.exe”
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“TCP Query User{865DF9ED-DCAB-4658-85B0-53DAB53E40D0}C:\program files\mozilla firefox\firefox.exe”=“v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\mozilla firefox\firefox.exe|Name=Firefox|Desc=Firefox|Edge=FALSE|”
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“UDP Query User{1B85B1B6-E930-4F4B-87D4-24E7C30D7866}C:\program files\mozilla firefox\firefox.exe”=“v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\mozilla firefox\firefox.exe|Name=Firefox|Desc=Firefox|Edge=FALSE|”
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“TCP Query User{85712156-4BBC-4D2C-BC82-AE50A88ED03E}C:\program files\mozilla firefox\firefox.exe”=“v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\mozilla firefox\firefox.exe|Name=Firefox|Desc=Firefox|Edge=FALSE|”
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“UDP Query User{09CF1E4B-28B0-4320-84EF-C7FF11C4FD31}C:\program files\mozilla firefox\firefox.exe”=“v2.0|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\mozilla firefox\firefox.exe|Name=Firefox|Desc=Firefox|Edge=FALSE|”
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\firefoxdownload-now.com]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\firefoxdownload-now.com\www]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\firefoxdownload-now.com]
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\firefoxdownload-now.com\www]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Clients\StartmenuInternet]
@=“FIREFOX.EXE”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\DownloadManager\IDMBI\firefox]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\DownloadManager\IDMBI\firefox]
“name”=“Mozilla Firefox”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\DownloadManager\IDMBI\firefox\0]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\DownloadManager\IDMBI\firefox\0]
“exe”=“C:\Program Files\Mozilla Firefox\firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Foxit Software\Foxit Reader\Updates List\Firefox Plugin]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Foxit Software\Foxit Reader\Updates List\Firefox Plugin]
“Name”=“Firefox Plugin”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Installer\Products\6BBFDF96D153C8B4988D68D79C0D2A4A]
“ProductName”=“Windows Media Player Firefox Plugin”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Installer\Products\6BBFDF96D153C8B4988D68D79C0D2A4A\SourceList\Media]
“DiskPrompt”=“Windows Media Player Firefox Plugin Installation”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\2bc36515_0]
@="{0.0.0.00000000}.{f623c16a-731c-4b57-8994-feda41dd7e76}|\Device\HarddiskVolume2\Program Files\Mozilla Firefox 3.1 Beta 3\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\54b32774_0]
@="{0.0.0.00000000}.{f623c16a-731c-4b57-8994-feda41dd7e76}|\Device\HarddiskVolume2\Program Files\Mozilla Firefox\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\bb89107a_0]
@="{0.0.0.00000000}.{f623c16a-731c-4b57-8994-feda41dd7e76}|\Device\HarddiskVolume2\Program Files\Mozilla Firefox rc 1\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\ce257227_0]
@="{0.0.0.00000000}.{f623c16a-731c-4b57-8994-feda41dd7e76}|\Device\HarddiskVolume3\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\d337311a_0]
@="{0.0.0.00000000}.{f623c16a-731c-4b57-8994-feda41dd7e76}|\Device\HarddiskVolume2\Program Files\Mozilla Firefox 3.5 Beta 4\firefox.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mozilla Firefox (3.0.10)]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mozilla Firefox (3.5)]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mozilla Firefox (3.5.1)]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mozilla Firefox (3.5.2)]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mozilla Firefox (3.5.3)]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mozilla Firefox (3.5.4)]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mozilla Firefox (3.6b1)]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.A\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.aspx\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.avi\OpenWithList]
“b”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.dll\OpenWithList]
“b”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.doc\OpenWithList]
“c”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.egisenc\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.flv\OpenWithList]
“b”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.gadget\OpenWithList]
“b”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.gif\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.gz\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.htm\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.htm\OpenWithProgids]
“FirefoxHTML”=hex(0):
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.html\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.html\OpenWithProgids]
“FirefoxHTML”=hex(0):
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.jpg\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.lnk\OpenWithList]
“b”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.MOV\OpenWithList]
“c”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.mp3\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.mp4\OpenWithList]
“b”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.msu\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.pdf\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.pdf_\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.png\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.ppt\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.rar\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.shtml\OpenWithProgids]
“FirefoxHTML”=hex(0):
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.tar\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.torrent\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.txt\OpenWithList]
“d”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.url\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.wmv\OpenWithList]
“b”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.wps\OpenWithList]
“c”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.xls\OpenWithList]
“c”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.xpi\OpenWithList]
“a”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts.zip\OpenWithList]
“b”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\DDECache\Firefox]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\DDECache\Firefox\WWW_OpenURL]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\DDECache\Firefox\WWW_OpenURL]
“ProcessName”=“firefox.exe”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\firefoxdownload-now.com]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\firefoxdownload-now.com\www]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\ftp\UserChoice]
“Progid”=“FirefoxURL”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http\UserChoice]
“Progid”=“FirefoxURL”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\https\UserChoice]
“Progid”=“FirefoxURL”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Mozilla\Firefox]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Mozilla\Firefox\Crash Reporter]
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Orange\DesktopSearch]
“InstallFirefoxToolbar”=dword:00000000
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
“C:\Program Files\Mozilla Firefox\firefox.exe”=“Firefox”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
“C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe”=“getPlus+®”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
“C:\Program Files\Mozilla Firefox\firefox.exe”=“Firefox”
[HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
“C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe”=“getPlus+®”
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\firefoxdownload-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\firefoxdownload-now.com\www]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\firefoxdownload-now.com]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\firefoxdownload-now.com\www]
[Fichier]
c:\Users\Brigitte\AppData\Local\Mozilla\Firefox
c:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox
c:\Users\Brigitte\AppData\Local\Mozilla\Firefox
c:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox
c:\Users\Brigitte\AppData\Roaming\Skype\Pictures\firefox.jpg
c:\Users\Brigitte\Pictures\Téléchargement Internet\firefox.jpg
c:\Windows\Prefetch\FIREFOX.EXE-A606B53C.pf
d:\A coller\FirefoxPortable\App\Firefox
d:\A coller\FirefoxPortable\App\Firefox
d:\A coller\FirefoxPortable\App\Firefox\firefox.exe
d:\A coller\FirefoxPortable\App\Firefox\defaults\pref\firefox.js
[Même date]
C:\Config.Msi
C:\pagefile.sys
C:\System
C:\Windows
C:\Windows.
C:\Windows…
C:\Windows\bootstat.dat
C:\Windows\Installer
C:\Windows\Minidump
C:\Windows\Prefetch
C:\Windows\Temp
C:\Windows\WindowsUpdate.log
C:\Windows\system32\msv1_0.dll
C:\Windows\system32\UIAnimation.dll
C:\Windows\system32\UIRibbon.dll
C:\Windows\system32\UIRibbonRes.dll
C:\Windows\system32\unregmp2.exe
C:\Windows\system32\wmp.dll
C:\Windows\system32\wmploc.DLL
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
C:\Windows\system32\drivers\mbam.sys
C:\Windows\system32\drivers\mbamswissarmy.sys
C:\Windows\system32\drivers\fidbox.dat
C:\Windows\system32\drivers\fidbox.idx
Merci
@++
c:\Users\Brigitte\AppData\Roaming\Skype\Pictures\firefox.jpg
c:\Users\Brigitte\Pictures\Téléchargement Internet\firefox.jpg
Comment sauvegarder mes marque page ?
je les pas cochers
All processes killed
========== FILES ==========
c:\Windows\Prefetch\FIREFOX.EXE-A606B53C.pf moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Google\Toolbar for Firefox\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mozilla Firefox (3.0.10)\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mozilla Firefox (3.5)\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mozilla Firefox (3.5.1)\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mozilla Firefox (3.5.2)\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mozilla Firefox (3.5.3)\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mozilla Firefox (3.5.4)\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-759318378-497761762-3404630427-1000\Software\Mozilla\ deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Brigitte
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 5243125 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 63793674 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: TEMP
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 16298 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 9206087 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 25493949 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 98,98 mb
OTM by OldTimer - Version 3.1.2.0 log created on 11242009_201614
Mais vidéo marche mais bug sur Youtube ! Sauf Dailymotion !
Merci !
Merci je te dis sa demain
C’est un manque de débit.
Oh non ! Mais problème recommence, voilà maintenant mais problème sont :
Impossible de lire des vidéos sur Youtube et Dailymotion Je dois passer sur IE pour que sa marche.
Lorsque que je ferme firefox il reste dans la mémoire est travail comme un fou ! Si je le relance il ne s’ouvre pas donc je suis obliger de terminer les 2 processus pour qu’il se lance.
Help ! Help !
Merci
@++:peur::bounce::grrr::o(:-(::fou::grrr::grrr::grrr::grrr::grrr::grrr::grrr::grrr::grrr::grrr::grrr::grrr::grrr::na::grrr::grrr::grrr::grrr::grrr::grrr::grrr:
Salut
Pour l Ami Jeanmimigab :hello:
fais ceci qu il regarde
==>Random’s System Information Tool (RSIT)
Important (Sous Vista)
tu dois exécuter RSIT avec les droits d’administrateur, pour cela Clic droit sur RSIT et “Lances en tant qu’administrateur”
==> Double-clique sur RSIT.exe afin de lancer RSIT.
==> Clique sur Continue à l’écran Disclaimer.
==> Si l’outil HijackThis (version à jour) n’est pas présent ou non détecté sur l’ordinateur, RSIT le téléchargera et tu devras accepter la licence.
==>Lorsque l’analyse sera terminée, deux fichiers texte s’ouvriront.
==> Poste le contenu des deux rapports ==> log.txt (<==qui sera affiché) ainsi que de info.txt (<==qui sera réduit dans la Barre des Tâches).
Note : Les deux rapports sont également sauvegardés %systemroot%\rsit
Merci cricri58,je fais tous sa demain,ce soir je suis trop occuper
Le problème se manifeste pas tous le temps ( problème de fermeture ) Voici le rapport :
Logfile of random’s system information tool 1.06 (written by random/random)
Run by Brigitte at 2009-11-26 13:10:05
Microsoft® Windows Vista Édition Familiale Premium Service Pack 2
System drive C: has 21 GB (30%) free of 71 GB
Total RAM: 2037 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:10:44, on 26/11/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\orange\MailNotifier\MailNotifier.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Brigitte\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Users\Brigitte\Desktop\RSIT.exe
C:\Windows\system32\msfeedssync.exe
C:\Program Files\trend micro\Brigitte.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = fr.yahoo.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM…\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM…\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM…\Run: [Malwarebytes’ Anti-Malware] “C:\Program Files\Malwarebytes’ Anti-Malware\mbamgui.exe” /starttray
O4 - HKLM…\Run: [MSSE] “C:\Program Files\Microsoft Security Essentials\msseces.exe” -hide
O4 - HKLM…\Run: [COMODO Internet Security] “C:\Program Files\COMODO\COMODO Internet Security\cfp.exe” -h
O4 - HKLM…\Run: [BCSSync] “C:\Program Files\Microsoft Office\Office14\BCSSync.exe” /DelayServices
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM…\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKCU…\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU…\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU…\Run: [MailNotifier] C:\Program Files\orange\MailNotifier\MailNotifier.exe
O4 - HKCU…\Run: [Messenger (Yahoo!)] “C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe” -quiet
O4 - HKCU…\Run: [uTorrent] “C:\Program Files\uTorrent\uTorrent.exe”
O4 - HKCU…\Run: [msnmsgr] “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKUS\S-1-5-18…\RunOnce: [KeyScrambler] C:\Program Files\KeyScrambler\getting_started.html (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\RunOnce: [KeyScrambler] C:\Program Files\KeyScrambler\getting_started.html (User ‘Default user’)
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - C:\Program… Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Envoyer à OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll…
O8 - Extra context menu item: &Grab video by Orbit - C:\Program… Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program… Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - C:\Program… Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE…
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra ‘Tools’ menuitem: &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O15 - Trusted Zone: logicielsgratuits.orange.fr…
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - messenger.zone.msn.com…
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - dlm.tools.akamai.com…
O16 - DPF: {4DD20514-9520-40A7-9CD6-66883643A20B} (UviLaunch Control) - www.boaki.com…
O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} (OrangeInstaller_ModuleIE Control) - logicielsgratuits.orange.fr…
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - messenger.zone.msn.com…
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - messenger.zone.msn.com…
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} (FTMediaPlayer Class) - webtv.guidetv.orange.fr…
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - messenger.zone.msn.com…
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - messenger.zone.msn.com…
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - platformdl.adobe.com…
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - download.mcafee.com…
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - messenger.zone.msn.com…
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Service de liPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes’ Anti-Malware\mbamservice.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
–
End of file - 11598 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{55AF2E8A-EBC9-4A50-8828-434D9E33BE57}.job
C:\Windows\tasks\User_Feed_Synchronization-{9E24F08E-1327-49FE-856E-F5C2AE8D8770}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2009-10-14 179472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-20 1172280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{2B9F5787-88A5-4945-90E7-C4B18563BC5E}]
KeyScramblerBHO Class - C:\Program Files\KeyScrambler\KeyScramblerIE.dll [2009-10-08 796400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2009-10-29 4150160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d’aide de l’Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2009-11-03 556432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}]
WOT Helper - C:\Program Files\WOT\WOT.dll [2009-04-15 1262240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2009-09-20 158008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files\WOT\WOT.dll [2009-04-15 1262240]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Program Files\Orbitdownloader\GrabPro.dll [2009-10-14 662720]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-20 1172280]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“RtHDVCpl”=C:\Windows\RtHDVCpl.exe [2007-07-06 4669440]
“PLFSetL”=C:\Windows\PLFSetL.exe [2007-07-05 94208]
“Malwarebytes’ Anti-Malware”=C:\Program Files\Malwarebytes’ Anti-Malware\mbamgui.exe [2009-09-10 420176]
“MSSE”=C:\Program Files\Microsoft Security Essentials\msseces.exe [2009-09-13 1048392]
“COMODO Internet Security”=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2009-11-17 1800464]
“BCSSync”=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2009-09-26 83312]
“QuickTime Task”=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
“iTunesHelper”=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Sidebar”=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
“ehTray.exe”=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
“MailNotifier”=C:\Program Files\orange\MailNotifier\MailNotifier.exe [2009-10-12 692224]
“Messenger (Yahoo!)”=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-11-10 5244216]
“uTorrent”=C:\Program Files\uTorrent\uTorrent.exe [2009-11-02 289072]
“msnmsgr”=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-11-21 3883856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Freeraser]
C:\Program Files\Codyssey\Freeraser\Freeraser.exe [2009-04-15 1903104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2009-11-10 5244216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender User Interface]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2008-03-25 214360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logiciel Kodak EasyShare.lnk]
C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2009-07-10 323584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Orbit.lnk]
C:\PROGRA~1\ORBITD~1\orbitdm.exe [2009-10-14 1719568]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Brigitte^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d’écran et lancement.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Brigitte^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WkCalRem.LNK]
C:\PROGRA~1\COMMON~1\MICROS~1\WORKSS~1\WkCalRem.exe [2005-08-19 21504]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Orbit.lnk - C:\Program Files\Orbitdownloader\orbitdm.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
“AppInit_DLLS”=" C:\Windows\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
“{AEB6717E-7E19-11d0-97EE-00C04FD91972}”= []
“{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}”= []
“{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2009-10-29 4150160]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“FilterAdministratorToken”=1
“EnableUIADesktopToggle”=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=145
“NoDrives”=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=
“NoDrives”=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe”=“C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe::enabled:CSS"
“C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe”="C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe::Enabled:eDSfsu”
“C:\Acer\Empowering Technology\eDataSecurity\encryption.exe”=“C:\Acer\Empowering Technology\eDataSecurity\encryption.exe::Enabled:encryption"
“C:\Acer\Empowering Technology\eDataSecurity\decryption.exe”="C:\Acer\Empowering Technology\eDataSecurity\decryption.exe::Enabled:decryption”
“C:\Program Files\Orbitdownloader\orbitdm.exe”=“C:\Program Files\Orbitdownloader\orbitdm.exe::Enabled:Orbit"
“C:\Program Files\Orbitdownloader\orbitnet.exe”="C:\Program Files\Orbitdownloader\orbitnet.exe::Enabled:Orbit”
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{d7f9a224-8014-11dd-9e64-aa49c949cd35}]
shell\Auto\command - cmd /C launch.bat
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.txt - open - “C:\Program Files\Notepad++\notepad++.exe” “%1”
======List of files/folders created in the last 1 months======
2009-11-26 13:10:05 ----D---- C:\rsit
2009-11-25 19:42:22 ----A---- C:\Windows\system32\tzres.dll
2009-11-25 16:00:32 ----D---- C:\Program Files\iPod
2009-11-25 16:00:25 ----D---- C:\Program Files\iTunes
2009-11-25 15:58:30 ----D---- C:\Program Files\Bonjour
2009-11-25 15:56:27 ----D---- C:\Program Files\Apple Software Update
2009-11-25 15:52:56 ----D---- C:\Program Files\Common Files\Apple
2009-11-25 15:22:20 ----D---- C:\Program Files\FileHippo.com
2009-11-25 15:22:03 ----D---- C:\ProgramData\MessengerDiscovery 2
2009-11-25 15:22:02 ----D---- C:\Program Files\MessengerDiscovery 2
2009-11-25 14:53:26 ----A---- C:\Windows\system32\GEARAspi.dll
2009-11-25 14:51:24 ----D---- C:\ProgramData{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-11-25 12:52:31 ----A---- C:\Windows\system32\msxml6.dll
2009-11-25 12:52:29 ----A---- C:\Windows\system32\msxml3.dll
2009-11-24 20:16:14 ----D---- C:_OTM
2009-11-24 17:36:23 ----A---- C:\resultat.txt
2009-11-23 18:05:56 ----D---- C:\Program Files\7-Zip
2009-11-22 14:03:26 ----D---- C:\Program Files\ImgBurn
2009-11-20 20:22:29 ----D---- C:\Program Files\Recuva
2009-11-20 16:53:58 ----D---- C:\Program Files\Sun
2009-11-19 19:15:34 ----D---- C:\Program Files\Microsoft Synchronization Services
2009-11-19 19:10:26 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-11-19 19:05:32 ----D---- C:\Program Files\Microsoft Analysis Services
2009-11-19 19:03:20 ----RHD---- C:\MSOCache
2009-11-18 20:27:37 ----D---- C:\Users\Brigitte\AppData\Roaming\Download Manager
2009-11-18 20:05:16 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-11-18 20:03:59 ----D---- C:\Program Files\Windows Live
2009-11-18 16:28:10 ----D---- C:\Program Files\Gibcom
2009-11-17 20:18:22 ----D---- C:\Program Files\Ubisoft
2009-11-17 17:11:33 ----D---- C:\Program Files\Kptic Neonumeric
2009-11-17 12:52:24 ----D---- C:\ProgramData\F-Secure
2009-11-16 21:31:23 ----D---- C:\Users\Brigitte\AppData\Roaming\Kptic
2009-11-16 18:53:25 ----D---- C:\Program Files\Microsoft Security Essentials
2009-11-16 18:53:22 ----D---- C:\ProgramData\Comodo
2009-11-16 18:53:19 ----A---- C:\Windows\system32\guard32.dll
2009-11-15 15:17:05 ----D---- C:\Program Files\Defraggler
2009-11-15 14:27:29 ----D---- C:\ProgramData\Yahoo! Companion
2009-11-15 13:26:28 ----D---- C:\Program Files\Orbitdownloader
2009-11-13 20:32:44 ----D---- C:\Program Files\RogueRemover FREE
2009-11-13 16:29:10 ----SHD---- C:\ProgramData{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2009-11-12 22:13:15 ----D---- C:\Program Files\QuickTime
2009-11-12 13:19:20 ----D---- C:\Users\Brigitte\AppData\Roaming\Auslogics
2009-11-11 11:17:46 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-11 11:00:51 ----D---- C:\Program Files\Microsoft Baseline Security Analyzer 2
2009-11-11 10:52:05 ----D---- C:\Users\Brigitte\AppData\Roaming\HouseCall 6.6
2009-11-10 14:54:02 ----A---- C:\Windows\system32\VBoxNetFltNotify.dll
2009-11-08 14:31:53 ----D---- C:\ProgramData\TechSmith
2009-11-08 14:31:28 ----D---- C:\Program Files\Common Files\TechSmith Shared
2009-11-08 14:31:24 ----D---- C:\Program Files\TechSmith
2009-11-08 11:45:25 ----A---- C:\Windows\system32\javaws.exe
2009-11-08 11:45:25 ----A---- C:\Windows\system32\javaw.exe
2009-11-08 11:45:25 ----A---- C:\Windows\system32\java.exe
2009-11-08 10:37:22 ----A---- C:\Windows\system32\WMAFile.dll
2009-11-08 10:37:22 ----A---- C:\Windows\system32\SSubTmr6.dll
2009-11-08 10:37:22 ----A---- C:\Windows\system32\inetfr.DLL
2009-11-08 10:37:22 ----A---- C:\Windows\system32\AudioInfos.dll
2009-11-08 10:37:22 ----A---- C:\Windows\system32\AudFile.dll
2009-11-07 20:47:54 ----D---- C:\Program Files\SRWare Iron
2009-11-07 10:27:03 ----D---- C:\Program Files\Lavalys
2009-11-06 22:32:12 ----D---- C:\Users\Brigitte\AppData\Roaming\OpenOffice.org
2009-11-06 22:22:25 ----D---- C:\Program Files\JRE
2009-11-06 22:22:09 ----D---- C:\Program Files\OpenOffice.org 3
2009-11-06 21:48:06 ----D---- C:\Program Files\PhotoFiltre
2009-11-06 18:38:21 ----D---- C:\Users\Brigitte\AppData\Roaming\ImgBurn
2009-11-06 18:12:45 ----D---- C:\ProgramData\LightScribe
2009-11-06 18:10:55 ----D---- C:\Users\Brigitte\AppData\Roaming\Nero
2009-11-06 18:05:59 ----D---- C:\ProgramData\Nero
2009-11-06 18:05:57 ----D---- C:\Program Files\Common Files\Nero
2009-11-04 12:54:22 ----A---- C:\Windows\system32\mshtml.dll
2009-11-03 19:27:38 ----D---- C:\Program Files\VS Revo Group
2009-11-02 20:08:33 ----D---- C:\Program Files\uTorrent
2009-11-02 16:19:23 ----D---- C:\Users\Brigitte\AppData\Roaming\vlc
2009-11-01 16:03:15 ----D---- C:\Program Files\Mozilla Firefox
2009-11-01 14:32:37 ----D---- C:\Users\Brigitte\AppData\Roaming\IDM
2009-10-28 16:53:19 ----D---- C:\Program Files\Windows Portable Devices
2009-10-28 16:50:50 ----A---- C:\Windows\system32\UIAnimation.dll
2009-10-28 16:50:47 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-10-28 16:50:46 ----A---- C:\Windows\system32\UIRibbon.dll
2009-10-28 16:49:29 ----A---- C:\Windows\system32\WMPhoto.dll
2009-10-28 16:49:26 ----A---- C:\Windows\system32\cdd.dll
2009-10-28 16:49:23 ----A---- C:\Windows\system32\d3d10warp.dll
2009-10-28 16:49:22 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-10-28 16:49:22 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-10-28 16:49:22 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-10-28 16:49:21 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-10-28 16:49:21 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-10-28 16:49:21 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-10-28 16:49:21 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-10-28 16:49:21 ----A---- C:\Windows\system32\dxdiagn.dll
2009-10-28 16:49:21 ----A---- C:\Windows\system32\dxdiag.exe
2009-10-28 16:49:21 ----A---- C:\Windows\system32\d2d1.dll
2009-10-28 16:49:20 ----A---- C:\Windows\system32\xpsservices.dll
2009-10-28 16:49:20 ----A---- C:\Windows\system32\XpsPrint.dll
2009-10-28 16:49:20 ----A---- C:\Windows\system32\OpcServices.dll
2009-10-28 16:49:20 ----A---- C:\Windows\system32\FntCache.dll
2009-10-28 16:49:20 ----A---- C:\Windows\system32\DWrite.dll
2009-10-28 16:49:20 ----A---- C:\Windows\system32\d3d10level9.dll
2009-10-28 16:49:20 ----A---- C:\Windows\system32\d3d10core.dll
2009-10-28 16:49:19 ----A---- C:\Windows\system32\dxgi.dll
2009-10-28 16:49:19 ----A---- C:\Windows\system32\d3d11.dll
2009-10-28 16:49:19 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-10-28 16:49:19 ----A---- C:\Windows\system32\d3d10_1.dll
2009-10-28 16:49:19 ----A---- C:\Windows\system32\d3d10.dll
2009-10-28 16:48:06 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-10-28 16:48:06 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-10-28 16:48:05 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-10-28 16:47:52 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-10-28 16:47:44 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-10-28 16:47:44 ----A---- C:\Windows\system32\WpdConns.dll
2009-10-28 16:47:43 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-10-28 16:47:43 ----A---- C:\Windows\system32\wpdshext.dll
2009-10-28 16:47:43 ----A---- C:\Windows\system32\WpdMtp.dll
2009-10-28 16:47:43 ----A---- C:\Windows\system32\wpd_ci.dll
2009-10-28 16:47:43 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-10-28 16:47:43 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-10-28 16:47:42 ----A---- C:\Windows\system32\WPDSp.dll
2009-10-28 16:47:42 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-10-28 16:47:42 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-10-28 16:44:21 ----A---- C:\Windows\system32\oleaccrc.dll
2009-10-28 16:44:19 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-10-28 16:44:19 ----A---- C:\Windows\system32\oleacc.dll
2009-10-28 07:38:45 ----A---- C:\Windows\system32\wmp.dll
2009-10-28 07:38:40 ----A---- C:\Windows\system32\unregmp2.exe
2009-10-28 07:38:36 ----A---- C:\Windows\system32\wmploc.DLL
======List of files/folders modified in the last 1 months======
2009-11-26 13:10:46 ----D---- C:\Users\Brigitte\AppData\Roaming\uTorrent
2009-11-26 13:10:44 ----D---- C:\Program Files\Trend Micro
2009-11-26 13:09:28 ----D---- C:\Windows\Temp
2009-11-26 13:06:04 ----D---- C:\Users\Brigitte\AppData\Roaming\Orbit
2009-11-26 12:50:37 ----D---- C:\Windows\rescache
2009-11-26 09:23:37 ----SHD---- C:\System Volume Information
2009-11-26 09:01:01 ----D---- C:\Windows\System32
2009-11-25 19:45:02 ----D---- C:\Windows\winsxs
2009-11-25 19:44:33 ----D---- C:\Windows\system32\fr-FR
2009-11-25 19:44:03 ----D---- C:\Windows\system32\catroot2
2009-11-25 19:44:03 ----D---- C:\Windows\system32\catroot
2009-11-25 19:42:03 ----D---- C:\Windows
2009-11-25 19:41:49 ----SHD---- C:\Windows\Installer
2009-11-25 19:41:49 ----D---- C:\Config.Msi
2009-11-25 19:14:49 ----D---- C:\Users\Brigitte\AppData\Roaming\Skype
2009-11-25 18:06:47 ----D---- C:\Users\Brigitte\AppData\Roaming\Apple Computer
2009-11-25 16:00:32 ----RD---- C:\Program Files
2009-11-25 16:00:25 ----D---- C:\ProgramData\Apple Computer
2009-11-25 15:56:34 ----D---- C:\Windows\system32\Tasks
2009-11-25 15:56:09 ----D---- C:\Windows\inf
2009-11-25 15:52:56 ----D---- C:\Program Files\Common Files
2009-11-25 15:22:03 ----D---- C:\ProgramData
2009-11-25 14:54:08 ----D---- C:\Windows\Prefetch
2009-11-25 14:53:27 ----D---- C:\Windows\system32\drivers
2009-11-25 14:52:45 ----DC---- C:\Windows\system32\DRVSTORE
2009-11-24 17:12:17 ----D---- C:\Windows\Minidump
2009-11-23 19:52:37 ----D---- C:\Program Files\Opera
2009-11-23 19:41:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-23 18:12:54 ----D---- C:\ProgramData\NOS
2009-11-23 18:10:42 ----D---- C:\Program Files\AIMP2
2009-11-22 18:35:02 ----D---- C:\ProgramData\Microsoft Help
2009-11-22 17:33:46 ----D---- C:\Users\Brigitte\AppData\Roaming\AIMP
2009-11-21 19:13:54 ----D---- C:\Windows\Microsoft.NET
2009-11-21 19:13:24 ----RSD---- C:\Windows\assembly
2009-11-19 20:38:18 ----SD---- C:\Users\Brigitte\AppData\Roaming\Microsoft
2009-11-19 19:17:29 ----RSD---- C:\Windows\Fonts
2009-11-19 19:16:44 ----D---- C:\Program Files\MSBuild
2009-11-19 19:15:44 ----D---- C:\Windows\system32\wbem
2009-11-19 19:15:34 ----D---- C:\Windows\ShellNew
2009-11-19 19:15:26 ----D---- C:\Program Files\Common Files\microsoft shared
2009-11-19 19:15:26 ----D---- C:\Program Files\Common Files\DESIGNER
2009-11-19 19:14:07 ----D---- C:\Program Files\Microsoft Office
2009-11-19 19:14:00 ----SD---- C:\ProgramData\Microsoft
2009-11-19 19:08:16 ----A---- C:\Windows\win.ini
2009-11-19 19:08:11 ----D---- C:\Program Files\Common Files\System
2009-11-19 18:39:51 ----D---- C:\Program Files\Microsoft Works
2009-11-19 12:58:43 ----D---- C:\Program Files\Messenger Plus! Live
2009-11-19 12:54:35 ----SD---- C:\Windows\Downloaded Program Files
2009-11-17 20:40:05 ----D---- C:\ProgramData\Media Center Programs
2009-11-17 17:32:30 ----D---- C:\Windows\system32\WDI
2009-11-15 14:29:04 ----D---- C:\Users\Brigitte\AppData\Roaming\Yahoo!
2009-11-15 14:27:36 ----D---- C:\ProgramData\Yahoo!
2009-11-15 14:27:36 ----D---- C:\Program Files\Yahoo!
2009-11-14 19:48:33 ----D---- C:\Windows\system32\migwiz
2009-11-14 10:41:11 ----D---- C:\PerfLogs
2009-11-13 20:19:01 ----D---- C:\Users\Brigitte\AppData\Roaming\skypePM
2009-11-13 17:34:02 ----D---- C:\ProgramData\TuneUp Software
2009-11-11 13:05:37 ----D---- C:\Windows\Debug
2009-11-11 11:29:21 ----D---- C:\Program Files\Windows Mail
2009-11-11 11:07:59 ----RD---- C:\Users
2009-11-10 20:48:28 ----D---- C:\Users\Brigitte\AppData\Roaming\MessengerDiscovery 2
2009-11-08 11:45:21 ----D---- C:\Program Files\Java
2009-11-07 14:30:49 ----D---- C:\Users\Brigitte\AppData\Roaming\dvdcss
2009-11-07 09:09:22 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-06 18:01:44 ----D---- C:\MyWorks
2009-11-06 18:00:22 ----D---- C:\Program Files\Common Files\NewTech Infosystems
2009-11-05 18:36:21 ----A---- C:\Windows\system32\mrt.exe
2009-11-02 20:42:06 ----N---- C:\Windows\system32\MpSigStub.exe
2009-11-02 20:22:29 ----D---- C:\Windows\Tasks
2009-11-01 16:03:51 ----D---- C:\Users\Brigitte\AppData\Roaming\Mozilla
2009-11-01 14:50:36 ----D---- C:\Users\Brigitte\AppData\Roaming\DMCache
2009-10-28 16:53:13 ----D---- C:\Windows\system32\uk-UA
2009-10-28 16:53:13 ----D---- C:\Windows\system32\sl-SI
2009-10-28 16:53:13 ----D---- C:\Windows\system32\pt-PT
2009-10-28 16:53:13 ----D---- C:\Windows\system32\pt-BR
2009-10-28 16:53:13 ----D---- C:\Windows\system32\pl-PL
2009-10-28 16:53:13 ----D---- C:\Windows\system32\ko-KR
2009-10-28 16:53:13 ----D---- C:\Windows\system32\it-IT
2009-10-28 16:53:13 ----D---- C:\Windows\system32\hu-HU
2009-10-28 16:53:13 ----D---- C:\Windows\system32\hr-HR
2009-10-28 16:53:13 ----D---- C:\Windows\system32\he-IL
2009-10-28 16:53:13 ----D---- C:\Windows\system32\bg-BG
2009-10-28 16:53:12 ----D---- C:\Windows\system32\zh-HK
2009-10-28 16:53:12 ----D---- C:\Windows\system32\tr-TR
2009-10-28 16:53:12 ----D---- C:\Windows\system32\th-TH
2009-10-28 16:53:12 ----D---- C:\Windows\system32\sv-SE
2009-10-28 16:53:12 ----D---- C:\Windows\system32\sr-Latn-CS
2009-10-28 16:53:12 ----D---- C:\Windows\system32\nl-NL
2009-10-28 16:53:12 ----D---- C:\Windows\system32\lv-LV
2009-10-28 16:53:12 ----D---- C:\Windows\system32\lt-LT
2009-10-28 16:53:12 ----D---- C:\Windows\system32\fi-FI
2009-10-28 16:53:12 ----D---- C:\Windows\system32\es-ES
2009-10-28 16:53:12 ----D---- C:\Windows\system32\el-GR
2009-10-28 16:53:11 ----D---- C:\Windows\system32\zh-TW
2009-10-28 16:53:11 ----D---- C:\Windows\system32\zh-CN
2009-10-28 16:53:11 ----D---- C:\Windows\system32\sk-SK
2009-10-28 16:53:11 ----D---- C:\Windows\system32\ru-RU
2009-10-28 16:53:11 ----D---- C:\Windows\system32\ro-RO
2009-10-28 16:53:11 ----D---- C:\Windows\system32\ja-JP
2009-10-28 16:53:11 ----D---- C:\Windows\system32\et-EE
2009-10-28 16:53:11 ----D---- C:\Windows\system32\de-DE
2009-10-28 16:53:11 ----D---- C:\Windows\system32\cs-CZ
2009-10-28 16:53:11 ----D---- C:\Windows\system32\ar-SA
2009-10-28 16:53:10 ----D---- C:\Windows\system32\nb-NO
2009-10-28 16:53:10 ----D---- C:\Windows\system32\en-US
2009-10-28 16:53:10 ----D---- C:\Windows\system32\da-DK
2009-10-28 15:48:19 ----D---- C:\Program Files\Windows Media Player
2009-10-28 15:48:19 ----D---- C:\Program Files\Internet Explorer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2009-11-25 128376]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2009-11-17 29520]
R1 DritekPortIO;Dritek General Port I/O; ??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2009-11-17 74328]
R1 is-4IPDQdrv;is-4IPDQdrv; C:\Windows\system32\DRIVERS\00025636.sys [2008-07-08 148496]
R1 is-CCLJUdrv;is-CCLJUdrv; C:\Windows\system32\DRIVERS\75501302.sys [2008-07-08 148496]
R1 is-Q6NBGdrv;is-Q6NBGdrv; C:\Windows\system32\DRIVERS\46406149.sys [2008-07-08 148496]
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-06-15 128016]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
R1 SbFw;SbFw; C:\Windows\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2009-11-10 116560]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2009-11-10 41424]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; ??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-05-02 61424]
R2 Aspi32;Aspi32; C:\Windows\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 int15;int15; ??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-01-30 8704]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-14 154624]
R3 BCM43XX;Pilote pour carte réseau Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-06-21 691192]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]
R3 GearAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-04-26 984064]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-04-26 208384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-07-10 1792792]
R3 KeyScrambler;KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [2009-10-04 115312]
R3 MBAMProtector;MBAMProtector; ??\C:\Windows\system32\drivers\mbam.sys [2009-09-10 19160]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2009-06-18 42480]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-08-10 6144]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\Windows\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-08-02 1749376]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2009-11-10 95568]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2009-11-10 104016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-04-26 660480]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S1 is-BKINHdrv;is-BKINHdrv; C:\Windows\system32\DRIVERS\30698435.sys [2008-07-08 148496]
S1 neokdss;neokdss; C:\Windows\system32\Drivers\neokdss.sys []
S1 SASDIFSV;SASDIFSV; ??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; ??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
S1 TSP;TSP; ??\C:\Windows\system32\drivers\klif.sys []
S1 ute5nti4;AVZ Kernel Driver; ??\C:\Windows\system32\Drivers\ute5nti4.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-06-05 179712]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\Windows\System32\Drivers\btwusb.sys [2007-03-23 67960]
S3 catchme;catchme; ??\C:\Users\Brigitte\AppData\Local\Temp\catchme.sys []
S3 Dot4;Pilote MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Pilote de classe Imprimante pour IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d’horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Pilote de carte Intel® PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 NETw4v32;Pilote de carte Intel® Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-04-29 2219520]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCAMp50.sys [2006-11-28 28224]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp50.sys [2006-11-28 27072]
S3 SASENUM;SASENUM; ??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2009-11-17 723632]
R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-04-25 457512]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-03-14 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-05-22 135168]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-02-13 53248]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-05-10 24576]
R2 FTRTSVC;France Telecom Routing Table Service; C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [2006-12-12 57344]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-03-21 355096]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
R2 MsMpSvc;@C:\Program Files\Microsoft Security Essentials\MpAsDesc.dll,-241; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-07-02 17904]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-23 266343]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-06-13 167936]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-01-30 386560]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 iPod Service;Service de liPod; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes’ Anti-Malware\mbamservice.exe [2009-09-10 269648]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2008-09-23 109056]
S3 aspnet_state;Service d’état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2009-10-29 30603640]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2009-09-26 149336]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-26 4639136]
-----------------EOF-----------------
Je fais sa .
Rapport 1 :
All processes killed
========== SERVICES/DRIVERS ==========
Unable to stop service is-4IPDQdrv!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-4IPDQdrv deleted successfully.
Unable to stop service is-CCLJUdrv!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-CCLJUdrv deleted successfully.
Unable to stop service is-Q6NBGdrv!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\is-Q6NBGdrv deleted successfully.
Service is-BKINHdrv stopped successfully!
Service is-BKINHdrv deleted successfully!
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\“AppInit_DLLS”|"" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\ not found.
========== FILES ==========
DllUnregisterServer procedure not found in C:\Windows\system32\guard32.dll
C:\Windows\system32\guard32.dll moved successfully.
C:\Windows\system32\DRIVERS\00025636.sys moved successfully.
C:\Windows\system32\DRIVERS\75501302.sys moved successfully.
C:\Windows\system32\DRIVERS\46406149.sys moved successfully.
C:\Windows\system32\DRIVERS\30698435.sys moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Brigitte
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 5586024 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 41738397 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: TEMP
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 10084 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 45,17 mb
OTM by OldTimer - Version 3.1.2.0 log created on 11272009_125000
Je crois que j’ai fais une bêtise sur OTL j’ai mit clean up .:neutre::frown:
OTL logfile created on: 27/11/2009 16:10:33 - Run 1
OTL by OldTimer - Version 3.1.11.0 Folder = C:\Users\Brigitte\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1,99 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,66% Memory free
4,00 Gb Paging File | 2,95 Gb Available in Paging File | 73,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,77 Gb Total Space | 20,99 Gb Free Space | 30,09% Space Free | Partition Type: NTFS
Drive D: | 69,52 Gb Total Space | 44,18 Gb Free Space | 63,55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC-DE-BRIGITTE
Current User Name: Brigitte
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Users\Brigitte\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Users\Brigitte\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe (Matt Holwood)
PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
PRC - C:\Program Files\orange\MailNotifier\MailNotifier.exe ()
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
PRC - C:\Windows\System32\msfeedssync.exe (Microsoft Corporation)
PRC - C:\Program Files\Orbitdownloader\orbitnet.exe (Orbitdownloader.com)
PRC - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
PRC - C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
PRC - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
PRC - C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
PRC - C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
PRC - C:\Acer\Mobility Center\MobilityService.exe ()
========== Modules (SafeList) ==========
MOD - C:\Users\Brigitte\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (gupdate) Google Update Service (gupdate) – File not found
SRV - (0267471241168295mcinstcleanup) – File not found
SRV - (cmdAgent) – C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (Microsoft SharePoint Workspace Audit Service) – C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (osppsvc) – C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) – C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (FontCache) – C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (MBAMService) – C:\Program Files\Malwarebytes’ Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MsMpSvc) – C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV - (SeaPort) – C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (wlidsvc) – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (YahooAUService) – C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (ACDaemon) – C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (Pml Driver HPZ12) – C:\Windows\System32\HPZipm12.dll (Hewlett-Packard)
SRV - (Net Driver HPZ12) – C:\Windows\System32\HPZinw12.dll (Hewlett-Packard)
SRV - (hpqddsvc) – C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.)
SRV - (hpqcxs08) – C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - (WinDefend) – C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) – C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (ehRecvr) – C:\Windows\ehome\ehrecvr.exe (Microsoft Corporation)
SRV - (WMIService) – C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
SRV - (eNet Service) – C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
SRV - (eSettingsService) – C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (eDataSecurity Service) – C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)
SRV - (IAANTMON) Intel® – C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
SRV - (eLockService) – C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
SRV - (eRecoveryService) – C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (XAudioService) – C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
SRV - (RichVideo) Cyberlink RichVideo Service(CRVS) – C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()
SRV - (LightScribeService) – C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (FTRTSVC) – C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
SRV - (MobilityService) – C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (ehSched) – C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart) – C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (cmdGuard) – C:\Windows\System32\drivers\cmdguard.sys (COMODO)
DRV - (inspect) – C:\Windows\System32\drivers\inspect.sys (COMODO)
DRV - (cmdHlp) – C:\Windows\System32\drivers\cmdhlp.sys (COMODO)
DRV - (VBoxNetAdp) – C:\Windows\System32\drivers\VBoxNetAdp.sys (Sun Microsystems, Inc.)
DRV - (VBoxDrv) – C:\Windows\System32\drivers\VBoxDrv.sys (Sun Microsystems, Inc.)
DRV - (VBoxNetFlt) – C:\Windows\System32\drivers\VBoxNetFlt.sys (Sun Microsystems, Inc.)
DRV - (VBoxUSBMon) – C:\Windows\System32\drivers\VBoxUSBMon.sys (Sun Microsystems, Inc.)
DRV - (KeyScrambler) – C:\Windows\System32\drivers\keyscrambler.sys (QFX Software Corporation)
DRV - (MBAMProtector) – C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (MpFilter) – C:\Windows\System32\drivers\MpFilter.sys (Microsoft Corporation)
DRV - (MpNWMon) – C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (kl1) – C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
DRV - (GearAspiWDM) – C:\Windows\System32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (SbFw) – C:\Windows\System32\drivers\SbFw.sys (Sunbelt Software, Inc.)
DRV - (KMWDFILTER) – C:\Windows\System32\drivers\KMWDFILTER.sys (Windows ® Codename Longhorn DDK provider)
DRV - (SBFWIMCL) – C:\Windows\System32\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) – C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl (Cyberlink Corp.)
DRV - (igfx) – C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (NTIDrvr) – C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) – C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) – C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (BCM43XX) – C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (ApfiltrService) – C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (b57nd60x) – C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (NETw4v32) Pilote de carte Intel® – C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (HSF_DPV) – C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) – C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) – C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (PSDNServ) – C:\Windows\system32\drivers\PSDNServ.sys (HiTRUST)
DRV - (psdvdisk) – C:\Windows\system32\drivers\psdvdisk.sys (HiTRUST)
DRV - (PSDFilter) – C:\Windows\system32\DRIVERS\psdfilter.sys (HiTRUST)
DRV - (BTWUSB) – C:\Windows\System32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (rismxdp) – C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (iaStor) – C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (enecir) – C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (rimmptsk) – C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (XAudio) – C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (rimsptsk) – C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (int15) – C:\Acer\Empowering Technology\eRecovery\int15.sys ()
DRV - (PCAMp50) – C:\Windows\System32\drivers\PCAMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (PCASp50) – C:\Windows\System32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (DKbFltr) – C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (DritekPortIO) – C:\PROGRA~1\LAUNCH~1\DPortIO.sys (Dritek System Inc.)
DRV - (ql2300) – C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) – C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) – C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) – C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) – C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) – C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) – C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) – C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) – C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) – C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) – C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) – C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) – C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) – C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) – C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) – C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) – C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) – C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) – C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) – C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) – C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) – C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) – C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) – C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) – C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) – C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) – C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) – C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) – C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) – C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) – C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) – C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) – C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) – C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) – C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) – C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) – C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) – C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) – C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) – C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) – C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (HSFHWAZL) – C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) – C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NETw3v32) Pilote de carte Intel® – C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (E1G60) Intel® – C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (secdrv) – C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (mdmxsdk) – C:\Windows\System32\drivers\mdmxsdk.sys (Conexant)
DRV - (Aspi32) – C:\Windows\System32\drivers\aspi32.sys (Adaptec)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.msn.com…
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = search.yahoo.com…
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = fr.yahoo.com…
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = fr.msn.com…
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9D 29 4D 03 9A F1 C9 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
========== FireFox ==========
FF - prefs.js…browser.search.defaultenginename: “Google”
FF - prefs.js…browser.search.defaulturl: “http://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=”
FF - prefs.js…browser.search.openintab: true
FF - prefs.js…browser.search.param.yahoo-fr: “moz2-ytff-”
FF - prefs.js…browser.search.param.yahoo-fr-cjkt: “moz2-ytff-”
FF - prefs.js…browser.search.useDBForOrder: true
FF - prefs.js…browser.startup.homepage: “http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official”
FF - prefs.js…extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js…extensions.enabledItems: 6
FF - prefs.js…extensions.enabledItems: 2
FF - prefs.js…extensions.enabledItems: 48
FF - prefs.js…extensions.enabledItems: {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}:0.76
FF - prefs.js…extensions.enabledItems: {FC5BAC7D-D696-4ba6-B913-CF8F000C33DF}:2.1.4
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\Components: C:\Program Files\Mozilla Firefox\components [2009/11/26 13:32:45 | 00,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/26 13:32:45 | 00,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\Components: C:\Program Files\Mozilla Thunderbird\components [2009/11/26 13:32:45 | 00,000,000 | —D | M]
[2009/11/01 16:03:51 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Extensions
[2009/11/01 15:36:49 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Extensions-BackupByFirefoxPortable
[2009/11/01 15:36:49 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Extensions-BackupByFirefoxPortable{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/26 13:31:19 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions
[2009/11/09 19:15:26 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2009/11/01 16:21:22 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2009/11/21 15:55:30 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2009/11/15 19:00:40 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/11/18 12:53:45 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/11/08 15:58:16 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2009/11/06 07:28:58 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/11/01 16:19:46 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/11/07 18:45:06 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2009/11/01 16:51:22 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2009/11/06 07:28:57 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\cipherfox@mkfly
[2009/11/09 19:15:24 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\firegpg@firegpg.team
[2009/11/01 16:18:03 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\illimitux@illimitux.net
[2009/11/01 16:27:42 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\keyscrambler@qfx.software.corporation
[2009/11/01 16:31:51 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\lazarus@interclue.com
[2009/11/01 16:05:10 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\martin@hoerandl.com
[2009/11/02 17:08:24 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\openmedspel@e-medtools.com
[2009/11/01 18:09:33 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\secureLogin@blueimp.net
[2009/11/01 15:43:40 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions
[2009/11/01 15:35:21 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/01 15:43:40 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions{35379F86-8CCB-4724-AE33-4278DE266C70}
[2009/11/01 15:35:38 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/11/01 15:35:41 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2009/11/01 15:35:21 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions\staged-xpis
[2009/11/25 13:12:38 | 00,000,000 | —D | M] – C:\Program Files\mozilla firefox\extensions
[2009/11/03 02:56:19 | 00,001,516 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/11/03 02:56:19 | 00,001,822 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/11/03 02:56:19 | 00,000,757 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/11/03 02:56:19 | 00,001,426 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/11/03 02:56:19 | 00,000,652 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: (317268 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 10562 more lines…
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Programme d’aide de l’Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM…\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM…\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKLM…\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU…\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU…\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU…\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O4 - HKLM…\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM…\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM…\Run: [Malwarebytes’ Anti-Malware] C:\Program Files\Malwarebytes’ Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM…\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM…\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)
O4 - HKLM…\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU…\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU…\Run: [MailNotifier] C:\Program Files\orange\MailNotifier\MailNotifier.exe ()
O4 - HKCU…\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU…\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU…\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU…\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O15 - HKCU…Trusted Domains: orange.fr ([logicielsgratuits] http in Sites de confiance)
O15 - HKCU…Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} messenger.zone.msn.com… (Checkers Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} dlm.tools.akamai.com… (DLM Control)
O16 - DPF: {4DD20514-9520-40A7-9CD6-66883643A20B} www.boaki.com… (UviLaunch Control)
O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} logicielsgratuits.orange.fr… (OrangeInstaller_ModuleIE Control)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} messenger.zone.msn.com… (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} messenger.zone.msn.com… (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com… (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} fpdownload.macromedia.com… (Reg Error: Key error.)
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} webtv.guidetv.orange.fr… (FTMediaPlayer Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} messenger.zone.msn.com… (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} messenger.zone.msn.com… (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} java.sun.com… (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} java.sun.com… (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com… (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} platformdl.adobe.com… (Reg Error: Key error.)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} download.mcafee.com… (McFreeScan Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} messenger.zone.msn.com… (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/x-mrml {C51721BE-858B-4A66-A8BF-D2882FF49820} - C:\Program Files\Common Files\A&W\MidRadio.ocx (YAMAHA CORPORATION)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat – [ NTFS ]
O33 - MountPoints2{d7f9a224-8014-11dd-9e64-aa49c949cd35}\Shell\Auto\command - “” = C:\Windows\System32\cmd.exe – [2008/01/19 08:33:04 | 00,318,976 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: () - File not found
O35 - comfile [open] – “%1” % File not found
O35 - exefile [open] – “%1” %* File not found
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/07/31 10:33:00 | 00,000,000 | —D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
========== Files/Folders - Created Within 30 Days ==========
[2009/11/27 16:06:28 | 00,532,992 | ---- | C] (OldTimer Tools) – C:\Users\Brigitte\Desktop\OTL.exe
[2009/11/27 13:17:39 | 00,171,552 | ---- | C] (COMODO) – C:\Windows\System32\guard32.dll
[2009/11/27 13:17:04 | 00,000,000 | —D | C] – C:\UsbFix
[2009/11/26 21:47:57 | 00,000,000 | —D | C] – C:\ProgramData\MessengerDiscovery 2
[2009/11/26 21:47:56 | 00,000,000 | —D | C] – C:\Program Files\MessengerDiscovery 2
[2009/11/25 19:42:22 | 00,002,048 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\tzres.dll
[2009/11/25 16:01:50 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Local\Apple Computer
[2009/11/25 15:56:33 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Local\Apple
[2009/11/25 15:24:01 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Mes enregistrements de webcam
[2009/11/25 15:22:20 | 00,000,000 | —D | C] – C:\Program Files\FileHippo.com
[2009/11/25 14:53:26 | 00,107,368 | ---- | C] (GEAR Software Inc.) – C:\Windows\System32\GEARAspi.dll
[2009/11/25 14:53:20 | 00,026,600 | ---- | C] (GEAR Software Inc.) – C:\Windows\System32\drivers\GEARAspiWDM.sys
[2009/11/25 14:51:24 | 00,000,000 | —D | C] – C:\ProgramData{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/11/25 12:52:24 | 00,714,240 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\timedate.cpl
[2009/11/23 18:05:56 | 00,000,000 | —D | C] – C:\Program Files\7-Zip
[2009/11/22 14:03:26 | 00,000,000 | —D | C] – C:\Program Files\ImgBurn
[2009/11/20 20:22:29 | 00,000,000 | —D | C] – C:\Program Files\Recuva
[2009/11/20 16:58:33 | 00,000,000 | —D | C] – C:\Users\Brigitte.VirtualBox
[2009/11/20 16:54:56 | 00,116,560 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxDrv.sys
[2009/11/20 16:54:25 | 00,041,424 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxUSBMon.sys
[2009/11/20 16:53:58 | 00,000,000 | —D | C] – C:\Program Files\Sun
[2009/11/19 19:15:34 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Synchronization Services
[2009/11/19 19:10:26 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Visual Studio 8
[2009/11/19 19:05:32 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Analysis Services
[2009/11/19 19:03:20 | 00,000,000 | RH-D | C] – C:\MSOCache
[2009/11/18 20:27:37 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\Download Manager
[2009/11/18 20:05:16 | 00,000,000 | —D | C] – C:\Program Files\Microsoft SQL Server Compact Edition
[2009/11/18 20:03:59 | 00,000,000 | —D | C] – C:\Program Files\Windows Live
[2009/11/18 16:28:10 | 00,000,000 | —D | C] – C:\Program Files\Gibcom
[2009/11/17 20:18:22 | 00,000,000 | —D | C] – C:\Program Files\Ubisoft
[2009/11/17 17:11:33 | 00,000,000 | —D | C] – C:\Program Files\Kptic Neonumeric
[2009/11/17 12:52:24 | 00,000,000 | —D | C] – C:\ProgramData\F-Secure
[2009/11/16 21:31:23 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\Kptic
[2009/11/16 18:53:25 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Security Essentials
[2009/11/16 18:53:22 | 00,000,000 | —D | C] – C:\ProgramData\Comodo
[2009/11/16 18:53:19 | 00,128,376 | ---- | C] (COMODO) – C:\Windows\System32\drivers\cmdguard.sys
[2009/11/16 18:53:19 | 00,074,328 | ---- | C] (COMODO) – C:\Windows\System32\drivers\inspect.sys
[2009/11/16 18:53:19 | 00,029,520 | ---- | C] (COMODO) – C:\Windows\System32\drivers\cmdhlp.sys
[2009/11/15 15:17:05 | 00,000,000 | —D | C] – C:\Program Files\Defraggler
[2009/11/15 14:27:29 | 00,000,000 | —D | C] – C:\ProgramData\Yahoo! Companion
[2009/11/15 13:26:28 | 00,000,000 | —D | C] – C:\Program Files\Orbitdownloader
[2009/11/15 11:31:38 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Emoticon Web
[2009/11/15 11:25:26 | 00,000,000 | R–D | C] – C:\Users\Brigitte\Documents\Exercices Brigitte
[2009/11/14 22:09:34 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Divers
[2009/11/14 22:09:12 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Aides Personnes Théo
[2009/11/14 22:07:26 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Charges Maison 2009
[2009/11/14 22:05:46 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Travail Brigitte
[2009/11/14 22:02:04 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Image Web
[2009/11/13 20:32:44 | 00,000,000 | —D | C] – C:\Program Files\RogueRemover FREE
[2009/11/13 16:29:10 | 00,000,000 | -HSD | C] – C:\ProgramData{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2009/11/12 22:13:15 | 00,000,000 | —D | C] – C:\Program Files\QuickTime
[2009/11/12 13:19:20 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\Auslogics
[2009/11/11 11:17:55 | 02,036,736 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\win32k.sys
[2009/11/11 11:17:46 | 00,355,328 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WSDApi.dll
[2009/11/11 11:00:51 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Baseline Security Analyzer 2
[2009/11/11 10:52:05 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\HouseCall 6.6
[2009/11/10 14:54:18 | 00,095,568 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxNetAdp.sys
[2009/11/10 14:54:02 | 00,133,648 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\VBoxNetFltNotify.dll
[2009/11/10 14:53:54 | 00,104,016 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxNetFlt.sys
[2009/11/08 17:53:37 | 00,000,000 | -H-D | C] – C:\Users\Brigitte\784E6B0F00EC495095A2BBA64F44EC48.TMP
[2009/11/08 15:00:00 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Camtasia Studio
[2009/11/08 14:32:50 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Local\TechSmith
[2009/11/08 14:32:37 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Custom Production Presets 5.0
[2009/11/08 14:31:53 | 00,000,000 | —D | C] – C:\ProgramData\TechSmith
[2009/11/08 14:31:28 | 00,000,000 | —D | C] – C:\Program Files\Common Files\TechSmith Shared
[2009/11/08 14:31:24 | 00,000,000 | —D | C] – C:\Program Files\TechSmith
[2009/11/08 11:45:25 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\javaws.exe
[2009/11/08 11:45:25 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\javaw.exe
[2009/11/08 11:45:25 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\java.exe
[2009/11/08 10:37:22 | 01,986,560 | ---- | C] (NCT Company Ltd.) – C:\Windows\System32\AudFile.dll
[2009/11/08 10:37:22 | 01,212,416 | ---- | C] (NCT Company Ltd.) – C:\Windows\System32\AudioInfos.dll
[2009/11/08 10:37:22 | 00,348,160 | ---- | C] (NCT Company Ltd.) – C:\Windows\System32\WMAFile.dll
[2009/11/08 10:37:22 | 00,115,920 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\msinet.OCX
[2009/11/08 10:37:22 | 00,040,960 | ---- | C] (vbAccelerator) – C:\Windows\System32\SSubTmr6.dll
[2009/11/08 10:37:22 | 00,015,360 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\inetfr.DLL
[2009/11/07 20:47:54 | 00,000,000 | —D | C] – C:\Program Files\SRWare Iron
[2009/11/07 10:27:03 | 00,000,000 | —D | C] – C:\Program Files\Lavalys
[2009/11/06 22:32:12 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\OpenOffice.org
[2009/11/06 22:22:25 | 00,000,000 | —D | C] – C:\Program Files\JRE
[2009/11/06 22:22:09 | 00,000,000 | —D | C] – C:\Program Files\OpenOffice.org 3
[2009/11/06 21:48:06 | 00,000,000 | —D | C] – C:\Program Files\PhotoFiltre
[2009/11/06 18:38:21 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\ImgBurn
[2009/11/06 18:12:45 | 00,000,000 | —D | C] – C:\ProgramData\LightScribe
[2009/11/06 18:10:55 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\Nero
[2009/11/06 18:05:59 | 00,000,000 | —D | C] – C:\ProgramData\Nero
[2009/11/06 18:05:57 | 00,000,000 | —D | C] – C:\Program Files\Common Files\Nero
[2009/11/04 12:54:21 | 01,638,912 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\mshtml.tlb
[2009/11/03 19:27:38 | 00,000,000 | —D | C] – C:\Program Files\VS Revo Group
[2009/11/02 20:08:33 | 00,000,000 | —D | C] – C:\Program Files\uTorrent
[2009/11/02 16:19:23 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\vlc
[2009/11/01 16:03:15 | 00,000,000 | —D | C] – C:\Program Files\Mozilla Firefox
[2009/11/01 14:32:37 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\IDM
[2009/10/28 16:53:19 | 00,000,000 | —D | C] – C:\Program Files\Windows Portable Devices
[2009/10/28 16:50:50 | 00,092,672 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\UIAnimation.dll
[2009/10/28 16:50:47 | 01,164,800 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\UIRibbonRes.dll
[2009/10/28 16:50:46 | 03,023,360 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\UIRibbon.dll
[2009/10/28 16:49:29 | 00,369,664 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WMPhoto.dll
[2009/10/28 16:49:26 | 00,037,888 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\cdd.dll
[2009/10/28 16:49:23 | 00,829,440 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\d3d10warp.dll
[2009/10/28 16:49:22 | 00,280,064 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\XpsGdiConverter.dll
[2009/10/28 16:49:22 | 00,135,680 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\XpsRasterService.dll
[2009/10/28 16:49:22 | 00,026,112 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\printfilterpipelineprxy.dll
[2009/10/28 16:49:21 | 00,974,848 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WindowsCodecs.dll
[2009/10/28 16:49:21 | 00,828,928 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\d2d1.dll
[2009/10/28 16:49:21 | 00,667,648 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\printfilterpipelinesvc.exe
[2009/10/28 16:49:21 | 00,321,024 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\PhotoMetadataHandler.dll
[2009/10/28 16:49:21 | 00,252,928 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\dxdiag.exe
[2009/10/28 16:49:21 | 00,195,584 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\dxdiagn.dll
[2009/10/28 16:49:21 | 00,189,440 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WindowsCodecsExt.dll
[2009/10/28 16:49:20 | 01,554,432 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\xpsservices.dll
[2009/10/28 16:49:20 | 01,064,448 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\DWrite.dll
[2009/10/28 16:49:20 | 00,847,360 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\OpcServices.dll
[2009/10/28 16:49:20 | 00,793,088 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\FntCache.dll
[2009/10/28 16:49:20 | 00,486,912 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\d3d10level9.dll
[2009/10/28 16:49:20 | 00,351,232 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\XpsPrint.dll
[2009/10/28 16:49:20 | 00,190,464 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\d3d10core.dll
[2009/10/28 16:49:19 | 01,030,144 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\d3d10.dll
[2009/10/28 16:49:19 | 00,519,680 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\d3d11.dll
[2009/10/28 16:49:19 | 00,481,792 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\dxgi.dll
[2009/10/28 16:49:19 | 00,218,112 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\d3d10_1core.dll
[2009/10/28 16:49:19 | 00,161,280 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\d3d10_1.dll
[2009/10/28 16:48:06 | 00,031,232 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\BthMtpContextHandler.dll
[2009/10/28 16:48:06 | 00,030,208 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WPDShextAutoplay.exe
[2009/10/28 16:47:52 | 00,060,928 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\PortableDeviceConnectApi.dll
[2009/10/28 16:47:44 | 00,061,952 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WpdMtpUS.dll
[2009/10/28 16:47:44 | 00,033,280 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WpdConns.dll
[2009/10/28 16:47:43 | 00,546,816 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\wpd_ci.dll
[2009/10/28 16:47:43 | 00,334,848 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\PortableDeviceApi.dll
[2009/10/28 16:47:43 | 00,226,816 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WpdMtp.dll
[2009/10/28 16:47:43 | 00,160,256 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\PortableDeviceTypes.dll
[2009/10/28 16:47:42 | 00,350,208 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WPDSp.dll
[2009/10/28 16:47:42 | 00,196,608 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\PortableDeviceWMDRM.dll
[2009/10/28 16:47:42 | 00,100,864 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\PortableDeviceClassExtension.dll
[2009/10/28 16:44:21 | 00,004,096 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\oleaccrc.dll
[2009/10/28 16:44:19 | 00,555,520 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\UIAutomationCore.dll
[2008/07/30 10:02:53 | 00,172,032 | ---- | C] ( ) – C:\Windows\System32\rsnp2uvc.dll
[2008/07/30 10:02:53 | 00,053,248 | ---- | C] ( ) – C:\Windows\System32\csnp2uvc.dll
[2007/08/10 15:40:58 | 00,045,056 | ---- | C] ( ) – C:\Windows\PLFSet.dll
[2007/08/10 08:29:05 | 00,053,248 | ---- | C] ( ) – C:\Windows\System32\Interop.Shell32.dll
[1 C:\Users\Brigitte*.tmp files -> C:\Users\Brigitte*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2009/11/27 16:15:00 | 00,000,434 | -H-- | M] () – C:\Windows\tasks\User_Feed_Synchronization-{55AF2E8A-EBC9-4A50-8828-434D9E33BE57}.job
[2009/11/27 16:13:59 | 07,340,032 | -H-- | M] () – C:\Users\Brigitte\ntuser.dat
[2009/11/27 16:13:56 | 00,000,408 | -H-- | M] () – C:\Windows\tasks\User_Feed_Synchronization-{9E24F08E-1327-49FE-856E-F5C2AE8D8770}.job
[2009/11/27 16:00:05 | 00,001,054 | ---- | M] () – C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/11/27 15:59:56 | 00,003,168 | ---- | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/11/27 15:59:56 | 00,003,168 | ---- | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/11/27 15:59:52 | 00,000,006 | -H-- | M] () – C:\Windows\tasks\SA.DAT
[2009/11/27 15:59:47 | 00,067,584 | --S- | M] () – C:\Windows\bootstat.dat
[2009/11/27 13:21:36 | 00,524,288 | -HS- | M] () – C:\Users\Brigitte\ntuser.dat{3061b2c5-a9dd-11de-ac40-f2bdef8fe8a1}.TMContainer00000000000000000001.regtrans-ms
[2009/11/27 13:21:36 | 00,065,536 | -HS- | M] () – C:\Users\Brigitte\ntuser.dat{3061b2c5-a9dd-11de-ac40-f2bdef8fe8a1}.TM.blf
[2009/11/27 13:21:31 | 04,757,217 | -H-- | M] () – C:\Users\Brigitte\AppData\Local\IconCache.db
[2009/11/27 13:17:39 | 00,171,552 | ---- | M] (COMODO) – C:\Windows\System32\guard32.dll
[2009/11/27 12:50:37 | 15,370,988 | ---- | M] () – C:\Windows\System32\drivers\fidbox.idx
[2009/11/27 12:50:36 | 11,474,82144 | ---- | M] () – C:\Windows\System32\drivers\fidbox.dat
[2009/11/27 09:33:00 | 00,001,058 | ---- | M] () – C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/11/27 03:05:57 | 01,364,348 | ---- | M] () – C:\Users\Brigitte\Desktop\UsbFix.exe
[2009/11/26 21:44:10 | 00,001,912 | ---- | M] () – C:\Users\Brigitte\Desktop\Windows Live Messenger .lnk
[2009/11/26 15:50:45 | 00,532,992 | ---- | M] (OldTimer Tools) – C:\Users\Brigitte\Desktop\OTL.exe
[2009/11/25 17:29:01 | 00,000,635 | ---- | M] () – C:\Users\Brigitte\Documents\CDT ORPM2009-5.pdf - Raccourci.lnk
[2009/11/25 15:31:11 | 00,001,647 | ---- | M] () – C:\Users\Brigitte\Desktop\Recuva.lnk
[2009/11/25 14:20:49 | 00,002,377 | ---- | M] () – C:\Users\Public\Desktop\Skype.lnk
[2009/11/25 12:50:15 | 00,128,376 | ---- | M] (COMODO) – C:\Windows\System32\drivers\cmdguard.sys
[2009/11/25 12:41:26 | 00,001,695 | ---- | M] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk
[2009/11/24 20:24:49 | 00,001,737 | ---- | M] () – C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/11/24 19:00:58 | 15,524,589 | ---- | M] () – C:\Users\Brigitte\Documents\Firefox 3.5.5 (fr) - 2009-11-24.pcv
[2009/11/23 19:52:45 | 00,000,727 | ---- | M] () – C:\Users\Public\Desktop\Opera.lnk
[2009/11/23 19:41:56 | 01,514,930 | ---- | M] () – C:\Windows\System32\PerfStringBackup.INI
[2009/11/23 19:41:56 | 00,684,650 | ---- | M] () – C:\Windows\System32\perfh00C.dat
[2009/11/23 19:41:56 | 00,601,178 | ---- | M] () – C:\Windows\System32\perfh009.dat
[2009/11/23 19:41:56 | 00,130,846 | ---- | M] () – C:\Windows\System32\perfc00C.dat
[2009/11/23 19:41:56 | 00,107,704 | ---- | M] () – C:\Windows\System32\perfc009.dat
[2009/11/23 18:15:24 | 00,000,786 | ---- | M] () – C:\Users\Brigitte\Desktop\7-Zip.lnk
[2009/11/22 21:14:26 | 00,020,992 | ---- | M] () – C:\Users\Brigitte\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/22 18:31:31 | 00,002,673 | ---- | M] () – C:\Users\Brigitte\Desktop\Microsoft Word 2010 (Beta).lnk
[2009/11/22 14:03:50 | 00,001,663 | ---- | M] () – C:\Users\Public\Desktop\ImgBurn.lnk
[2009/11/21 17:42:41 | 00,002,627 | ---- | M] () – C:\Users\Brigitte\Desktop\Microsoft Excel 2010 (Beta).lnk
[2009/11/21 09:43:11 | 00,006,648 | ---- | M] () – C:\Users\Brigitte\AppData\Local\d3d9caps.dat
[2009/11/20 20:40:11 | 00,000,000 | -H-- | M] () – C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2009/11/20 17:12:58 | 02,952,692 | ---- | M] () – C:\Users\Brigitte\Documents\Jean Clé.png
[2009/11/20 16:55:01 | 00,000,929 | ---- | M] () – C:\Users\Public\Desktop\Sun VirtualBox.lnk
[2009/11/20 09:14:18 | 00,397,624 | ---- | M] () – C:\Windows\System32\FNTCACHE.DAT
[2009/11/19 20:34:48 | 00,106,904 | ---- | M] () – C:\Users\Brigitte\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/11/19 19:08:16 | 00,000,254 | ---- | M] () – C:\Windows\win.ini
[2009/11/18 16:14:37 | 00,043,558 | ---- | M] () – C:\Users\Brigitte\Documents\Capturer.JPG
[2009/11/17 20:41:40 | 00,000,136 | ---- | M] () – C:\Users\Brigitte\Desktop\Chessmaster Grandmaster.lnk
[2009/11/17 17:12:14 | 00,000,859 | ---- | M] () – C:\Users\Brigitte\Desktop\Kptic.lnk
[2009/11/17 13:11:34 | 00,074,328 | ---- | M] (COMODO) – C:\Windows\System32\drivers\inspect.sys
[2009/11/17 13:11:04 | 00,029,520 | ---- | M] (COMODO) – C:\Windows\System32\drivers\cmdhlp.sys
[2009/11/16 19:14:39 | 01,474,832 | ---- | M] () – C:\Windows\System32\drivers\sfi.dat
[2009/11/16 18:56:06 | 00,000,952 | ---- | M] () – C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2009/11/16 18:53:27 | 00,000,956 | ---- | M] () – C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2009/11/15 15:17:06 | 00,001,706 | ---- | M] () – C:\Users\Brigitte\Desktop\Defraggler.lnk
[2009/11/15 14:27:08 | 00,000,946 | ---- | M] () – C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2009/11/15 13:26:46 | 00,000,852 | ---- | M] () – C:\Users\Brigitte\Desktop\Orbit.lnk
[2009/11/15 11:30:22 | 00,003,420 | ---- | M] () – C:\Users\Brigitte\AppData\Roaming\wklnhst.dat
[2009/11/11 11:00:56 | 00,000,996 | ---- | M] () – C:\Users\Public\Desktop\Microsoft Baseline Security Analyzer 2.1.lnk
[2009/11/10 14:54:18 | 00,095,568 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxNetAdp.sys
[2009/11/10 14:54:12 | 00,116,560 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxDrv.sys
[2009/11/10 14:54:02 | 00,133,648 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\VBoxNetFltNotify.dll
[2009/11/10 14:53:54 | 00,104,016 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxNetFlt.sys
[2009/11/10 14:53:54 | 00,041,424 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxUSBMon.sys
[2009/11/08 14:55:42 | 00,001,037 | ---- | M] () – C:\Users\Public\Desktop\Camtasia Studio 6.lnk
[2009/11/07 20:48:26 | 00,000,787 | ---- | M] () – C:\Users\Public\Desktop\SRWare Iron.lnk
[2009/11/06 22:25:06 | 00,000,997 | ---- | M] () – C:\Users\Public\Desktop\OpenOffice.org 3.1.lnk
[2009/11/06 21:48:31 | 00,000,844 | ---- | M] () – C:\Users\Brigitte\Desktop\PhotoFiltre.lnk
[2009/11/03 19:27:39 | 00,001,061 | ---- | M] () – C:\Users\Brigitte\Desktop\Revo Uninstaller.lnk
[2009/11/02 20:42:06 | 00,195,456 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\MpSigStub.exe
[2009/11/02 16:18:53 | 00,000,863 | ---- | M] () – C:\Users\Public\Desktop\VLC media player.lnk
[2009/11/01 15:52:30 | 00,001,674 | ---- | M] () – C:\Users\Brigitte\Desktop\CCleaner.lnk
[2009/10/29 10:17:42 | 00,002,048 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\tzres.dll
[2009/10/28 16:52:14 | 00,000,000 | ---- | M] () – C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[1 C:\Users\Brigitte*.tmp files -> C:\Users\Brigitte*.tmp -> ]
========== Files Created - No Company Name ==========
[2009/11/27 13:16:54 | 01,364,348 | ---- | C] () – C:\Users\Brigitte\Desktop\UsbFix.exe
[2009/11/26 21:44:10 | 00,001,912 | ---- | C] () – C:\Users\Brigitte\Desktop\Windows Live Messenger .lnk
[2009/11/25 17:29:01 | 00,000,635 | ---- | C] () – C:\Users\Brigitte\Documents\CDT ORPM2009-5.pdf - Raccourci.lnk
[2009/11/24 20:24:49 | 00,001,737 | ---- | C] () – C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/11/24 19:00:49 | 15,524,589 | ---- | C] () – C:\Users\Brigitte\Documents\Firefox 3.5.5 (fr) - 2009-11-24.pcv
[2009/11/24 17:50:07 | 00,001,695 | ---- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk
[2009/11/23 19:52:45 | 00,000,727 | ---- | C] () – C:\Users\Public\Desktop\Opera.lnk
[2009/11/23 18:15:24 | 00,000,786 | ---- | C] () – C:\Users\Brigitte\Desktop\7-Zip.lnk
[2009/11/22 14:03:50 | 00,001,663 | ---- | C] () – C:\Users\Public\Desktop\ImgBurn.lnk
[2009/11/20 20:40:11 | 00,000,000 | -H-- | C] () – C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2009/11/20 20:22:30 | 00,001,647 | ---- | C] () – C:\Users\Brigitte\Desktop\Recuva.lnk
[2009/11/20 17:12:58 | 02,952,692 | ---- | C] () – C:\Users\Brigitte\Documents\Jean Clé.png
[2009/11/20 16:55:01 | 00,000,929 | ---- | C] () – C:\Users\Public\Desktop\Sun VirtualBox.lnk
[2009/11/19 20:27:54 | 00,002,627 | ---- | C] () – C:\Users\Brigitte\Desktop\Microsoft Excel 2010 (Beta).lnk
[2009/11/19 20:27:01 | 00,002,673 | ---- | C] () – C:\Users\Brigitte\Desktop\Microsoft Word 2010 (Beta).lnk
[2009/11/18 15:57:01 | 00,043,558 | ---- | C] () – C:\Users\Brigitte\Documents\Capturer.JPG
[2009/11/17 20:41:40 | 00,000,136 | ---- | C] () – C:\Users\Brigitte\Desktop\Chessmaster Grandmaster.lnk
[2009/11/17 17:12:14 | 00,000,859 | ---- | C] () – C:\Users\Brigitte\Desktop\Kptic.lnk
[2009/11/16 18:56:06 | 00,000,952 | ---- | C] () – C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2009/11/16 18:53:27 | 00,000,956 | ---- | C] () – C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2009/11/15 15:17:06 | 00,001,706 | ---- | C] () – C:\Users\Brigitte\Desktop\Defraggler.lnk
[2009/11/15 14:27:08 | 00,000,946 | ---- | C] () – C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2009/11/15 13:26:46 | 00,000,852 | ---- | C] () – C:\Users\Brigitte\Desktop\Orbit.lnk
[2009/11/11 11:00:56 | 00,000,996 | ---- | C] () – C:\Users\Public\Desktop\Microsoft Baseline Security Analyzer 2.1.lnk
[2009/11/08 14:55:42 | 00,001,037 | ---- | C] () – C:\Users\Public\Desktop\Camtasia Studio 6.lnk
[2009/11/08 10:37:22 | 00,116,296 | ---- | C] () – C:\Windows\System32\NCTWMAProfiles.prx
[2009/11/07 20:48:26 | 00,000,787 | ---- | C] () – C:\Users\Public\Desktop\SRWare Iron.lnk
[2009/11/06 22:39:24 | 00,378,718 | -H-- | C] () – C:\Users\Brigitte\intro.bmp
[2009/11/06 22:25:06 | 00,000,997 | ---- | C] () – C:\Users\Public\Desktop\OpenOffice.org 3.1.lnk
[2009/11/06 21:48:31 | 00,000,844 | ---- | C] () – C:\Users\Brigitte\Desktop\PhotoFiltre.lnk
[2009/11/03 19:27:39 | 00,001,061 | ---- | C] () – C:\Users\Brigitte\Desktop\Revo Uninstaller.lnk
[2009/11/02 20:22:29 | 00,001,058 | ---- | C] () – C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/11/02 20:22:20 | 00,001,054 | ---- | C] () – C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/11/02 16:18:53 | 00,000,863 | ---- | C] () – C:\Users\Public\Desktop\VLC media player.lnk
[2009/11/01 14:24:05 | 00,868,376 | ---- | C] () – C:\Users\Brigitte\Desktop\oiseau.jpg
[2009/10/28 16:52:14 | 00,000,000 | ---- | C] () – C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/10/01 17:07:33 | 00,000,154 | ---- | C] () – C:\Windows\cavscan.INI
[2009/09/20 18:49:01 | 00,007,900 | ---- | C] () – C:\Windows\MessengerPlus.ini
[2009/09/20 08:42:08 | 00,000,121 | ---- | C] () – C:\Windows\bdagent.INI
[2009/09/15 19:48:40 | 00,000,183 | ---- | C] () – C:\Windows\aimpr.ini
[2009/09/13 17:42:10 | 00,000,000 | ---- | C] () – C:\Windows\System32\setup_XP.ini
[2009/08/03 14:07:42 | 00,403,816 | ---- | C] () – C:\Windows\System32\OGACheckControl.dll
[2009/07/31 18:58:49 | 00,000,049 | ---- | C] () – C:\Users\Brigitte\AppData\Local\PathsToScan.txt
[2009/07/05 19:44:31 | 00,000,096 | ---- | C] () – C:\Users\Brigitte\AppData\Local\fusioncache.dat
[2009/06/27 19:28:40 | 00,000,036 | ---- | C] () – C:\Users\Brigitte\AppData\Local\housecall.guid.cache
[2009/06/03 17:52:33 | 00,000,022 | ---- | C] () – C:\Users\Brigitte\AppData\Local\kodakpcd.ini
[2009/06/01 18:36:24 | 00,524,288 | -HS- | C] () – C:\ProgramData\ntuser.dat{a548b7b0-4ea0-11de-9931-d724c43d8ee7}.TMContainer00000000000000000002.regtrans-ms
[2009/06/01 18:36:24 | 00,262,144 | ---- | C] () – C:\ProgramData\ntuser.dat
[2009/06/01 18:36:24 | 00,065,536 | -HS- | C] () – C:\ProgramData\ntuser.dat{a548b7b0-4ea0-11de-9931-d724c43d8ee7}.TM.blf
[2009/06/01 18:36:24 | 00,005,120 | -H-- | C] () – C:\ProgramData\ntuser.dat.LOG1
[2009/06/01 18:36:24 | 00,000,000 | -H-- | C] () – C:\ProgramData\ntuser.dat.LOG2
[2009/05/28 09:23:18 | 00,117,248 | ---- | C] () – C:\Windows\System32\EhStorAuthn.dll
[2009/04/05 18:57:00 | 00,000,290 | RHS- | C] () – C:\ProgramData\ntuser.pol
[2009/03/27 16:57:55 | 01,211,904 | ---- | C] () – C:\Windows\System32\Incinerator.dll
[2009/03/14 09:51:29 | 00,339,968 | ---- | C] () – C:\Windows\System32\pythoncom25.dll
[2009/03/14 09:51:29 | 00,114,688 | ---- | C] () – C:\Windows\System32\pywintypes25.dll
[2008/12/25 18:23:11 | 00,000,027 | ---- | C] () – C:\Windows\System32\VideoGenieSetup.ini
[2008/12/21 14:13:43 | 00,031,007 | ---- | C] () – C:\Users\Brigitte\AppData\Roaming\UserTile.png
[2008/08/21 12:17:22 | 00,020,992 | ---- | C] () – C:\Users\Brigitte\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/14 14:00:37 | 00,003,420 | ---- | C] () – C:\Users\Brigitte\AppData\Roaming\wklnhst.dat
[2008/08/12 12:40:51 | 00,006,648 | ---- | C] () – C:\Users\Brigitte\AppData\Local\d3d9caps.dat
[2008/07/30 19:53:08 | 00,000,030 | ---- | C] () – C:\Windows\SETPANEL.INI
[2008/07/30 19:52:53 | 00,000,092 | ---- | C] () – C:\Windows\CLEANUP.INI
[2008/07/30 13:27:05 | 00,011,570 | ---- | C] () – C:\ProgramData\hpzinstall.log
[2008/07/30 10:02:53 | 01,749,376 | ---- | C] () – C:\Windows\System32\snp2uvc.sys
[2008/07/30 10:02:53 | 00,028,032 | ---- | C] () – C:\Windows\System32\sncd
Je suis infecter par des virus … ?
Abon j’était infecter par quoi ? Grave ? Je reviens dans 30 min
Edité le 27/11/2009 à 17:17
OTL Extras logfile created on: 27/11/2009 16:10:33 - Run 1
OTL by OldTimer - Version 3.1.11.0 Folder = C:\Users\Brigitte\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1,99 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,66% Memory free
4,00 Gb Paging File | 2,95 Gb Available in Paging File | 73,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,77 Gb Total Space | 20,99 Gb Free Space | 30,09% Space Free | Partition Type: NTFS
Drive D: | 69,52 Gb Total Space | 44,18 Gb Free Space | 63,55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC-DE-BRIGITTE
Current User Name: Brigitte
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes<extension>]
.chm [@ = chm.file] – “%SystemRoot%\hh.exe” %1
.hlp [@ = hlpfile] – C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] – Reg Error: Key error. File not found
.txt [@ = Notepad++_file] – C:\Program Files\Notepad++\notepad++.exe (Don HO don.h@free.fr)
[HKEY_CURRENT_USER\SOFTWARE\Classes<extension>]
.html [@ = FirefoxHTML] – C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes<key>\shell[command]\command]
batfile [open] – “%1” %* File not found
chm.file [open] – “%SystemRoot%\hh.exe” %1 File not found
cmdfile [open] – “%1” %* File not found
comfile [open] – “%1” %* File not found
exefile [open] – “%1” %* File not found
helpfile [open] – Reg Error: Key error.
hlpfile [open] – %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] – Reg Error: Key error.
htmlfile [open] – “C:\Program Files\Internet Explorer\IEXPLORE.EXE” -nohome (Microsoft Corporation)
htmlfile [opennew] – “C:\Program Files\Internet Explorer\IEXPLORE.EXE” %1 (Microsoft Corporation)
htmlfile [print] – rundll32.exe %windir%\system32\mshtml.dll,PrintHTML “%1” File not found
http [open] – Reg Error: Key error.
https [open] – Reg Error: Key error.
piffile [open] – “%1” %* File not found
regfile [merge] – Reg Error: Key error.
scrfile [config] – “%1” File not found
scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] – “%1” /S File not found
txtfile [edit] – Reg Error: Key error.
Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] – “C:\Program Files\VideoLAN\VLC\vlc.exe” --started-from-file --playlist-enqueue “%1” ()
Directory [cmd] – cmd.exe /s /k pushd “%V” (Microsoft Corporation)
Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] – “C:\Program Files\VideoLAN\VLC\vlc.exe” --started-from-file --no-playlist-enqueue “%1” ()
Folder [open] – %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] – %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] – “C:\Program Files\Internet Explorer\iexplore.exe” %1 (Microsoft Corporation)
CLSID{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] – “C:\Program Files\Internet Explorer\iexplore.exe” (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“cval” = 1
“FirewallDisableNotify” = 0
“AntiVirusDisableNotify” = 0
“AntiSpyWareDisableNotify” = 0
“UacDisableNotify” = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
“DisableMonitoring” = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
“DisableMonitoring” = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
“DisableMonitoring” = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
“AntiVirusOverride” = 0
“AntiSpywareOverride” = 0
“FirewallOverride” = 0
“VistaSp1” = Reg Error: Unknown registry data type – File not found
“VistaSp2” = Reg Error: Unknown registry data type – File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-759318378-497761762-3404630427-1000]
“EnableNotificationsRef” = 12
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
“EnableFirewall” = 1
“DisableNotifications” = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
“EnableFirewall” = 1
“DisableNotifications” = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
“EnableFirewall” = 1
“DisableNotifications” = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
“C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe” = C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe::enabled:CSS – (France Telecom SA)
“C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe” = C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe::Enabled:eDSfsu – (Acer Inc.)
“C:\Acer\Empowering Technology\eDataSecurity\encryption.exe” = C:\Acer\Empowering Technology\eDataSecurity\encryption.exe::Enabled:encryption – (HiTRUST)
“C:\Acer\Empowering Technology\eDataSecurity\decryption.exe” = C:\Acer\Empowering Technology\eDataSecurity\decryption.exe::Enabled:decryption – (HiTRUST)
“C:\Program Files\Orbitdownloader\orbitdm.exe” = C:\Program Files\Orbitdownloader\orbitdm.exe::Enabled:Orbit – (Orbitdownloader.com)
“C:\Program Files\Orbitdownloader\orbitnet.exe” = C:\Program Files\Orbitdownloader\orbitnet.exe::Enabled:Orbit – (Orbitdownloader.com)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“{190D10C0-9A72-4407-BCFD-6FEA89320B54}” = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
“{1F4B91ED-C2D7-406C-8209-F1005717159B}” = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
“{2115B7B9-6F08-4556-A8B2-D2E3EA4DB42D}” = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
“{28047803-8DC0-4F0E-AB0E-A9361A65DE12}” = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
“{2DF49ED3-FBC9-4685-8D2E-5BD3CA81C7B8}” = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
“{3306B1FA-B483-47FE-B408-B350FC0D3D29}” = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
“{5CA42039-07B7-4546-9D87-12C204B6F3C3}” = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
“{62EAD78F-EFE0-42E8-B136-22ADBCCC26BC}” = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
“{97983FB5-3D54-42E0-A6A5-B2E896EE2233}” = lport=2869 | protocol=6 | dir=in | app=system |
“{A650E3D1-B38A-48D2-9D35-9C9A22A97904}” = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
“{B85E1223-20F0-4E4F-BC7E-3FCFE8CD1FCF}” = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
“{BB6CB25D-27E2-4150-B0A4-87EEFED17988}” = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
“{C1CD581A-F908-4818-AC0F-380E73C58916}” = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
“{C48C35BF-0454-4065-80DD-CB62B9669D7D}” = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
“{E34BC786-437D-4F39-882A-5551E215608C}” = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
“{02A2E5AB-1B52-4193-A985-E406339E9DCF}” = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
“{02FB8B26-6CCE-4E1B-825E-DD349CDCCFBD}” = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
“{07ABA7C5-2AF2-4A45-902E-1E42AF072331}” = protocol=17 | dir=in | app=c:\users\brigitte\appdata\local\temp\7zsf018.tmp\symnrt.exe |
“{10723CFB-1145-4ED6-94F9-7E6AB79701A6}” = protocol=17 | dir=in | app=c:\users\brigitte\appdata\local\temp\7zsce08.tmp\symnrt.exe |
“{15B6F785-CCF2-43E4-B4B3-C629F589CA91}” = dir=in | app=c:\program files\skype\phone\skype.exe |
“{17156E18-6A8F-49D7-8F99-9BBE5012B0BF}” = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
“{1990AEEC-A4AA-44C1-8AEB-6D5207F56AE2}” = protocol=17 | dir=in | app=c:\users\brigitte\appdata\local\temp\7zsb84.tmp\symnrt.exe |
“{253E4303-88D3-4380-9EEB-6C494AD18E28}” = protocol=6 | dir=in | app=c:\users\brigitte\appdata\local\temp\7zsb84.tmp\symnrt.exe |
“{28778EFA-1F69-440A-9920-7A17BF17CFAC}” = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
“{4480D983-A52E-4051-B22F-80E43810B6F8}” = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
“{44A34F41-92AD-410B-B30D-480D96471592}” = protocol=6 | dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
“{4E71F614-95F6-4C9F-9D5E-13B3072BB0CC}” = protocol=17 | dir=in | app=c:\users\brigitte\appdata\local\temp\7zs8f34.tmp\symnrt.exe |
“{538BBFE9-D7D4-4176-B1CE-BD6B7379047F}” = protocol=17 | dir=in | app=c:\users\brigitte\appdata\local\temp\7zse4c3.tmp\symnrt.exe |
“{586C0A13-BE93-4825-958E-1215991F16FE}” = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
“{587A4AE6-0A70-489A-8B2B-50B0C713DC2F}” = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
“{59979BEB-C720-489A-ABF2-B11E72845A87}” = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
“{61861A63-DD98-4F74-90B2-1977E0459163}” = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
“{68BCC9C7-C45F-409F-9B34-3027E23A9317}” = protocol=6 | dir=in | app=c:\users\brigitte\appdata\local\temp\7zsce08.tmp\symnrt.exe |
“{70F856B1-F250-484D-A3DB-52FA426D3371}” = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
“{81AE3CCF-6A7D-4D4E-9010-5B097283A045}” = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
“{83C7C892-732C-43A0-AD55-BEC2DA275A69}” = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
“{8849AA4E-F576-4B6A-AF96-F99CD7205EDB}” = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
“{8D31FB96-26FF-4A80-BDDE-EB0FB9A88746}” = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
“{996BC4AD-A1E1-429A-9AC4-4E3A73B2581F}” = protocol=6 | dir=in | app=c:\users\brigitte\appdata\local\temp\7zsf018.tmp\symnrt.exe |
“{9B7CA9A3-C03F-4513-BDBA-ED86F4780E90}” = protocol=6 | dir=in | app=c:\users\brigitte\appdata\local\temp\7zs8f34.tmp\symnrt.exe |
“{B6BD493F-F6B6-41EB-82F5-9809858B55F3}” = dir=in | app=c:\program files\skype\phone\skype.exe |
“{B9DE7C52-EB40-4A64-BC5C-5932CAC89AAC}” = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
“{BD08BEFF-89A0-442C-A3D3-4F5574F52FDC}” = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
“{BE64A317-8BE2-4EA9-93AE-77B789DBE85D}” = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
“{D097D8BA-516C-4814-9D09-3D57CE0887FE}” = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
“{D8EF235C-15A7-400F-99BF-CBF7DB134B44}” = protocol=6 | dir=in | app=c:\users\brigitte\appdata\local\temp\7zse4c3.tmp\symnrt.exe |
“{DECFA127-E568-45DE-8EA9-D6E16182C5FC}” = protocol=17 | dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
“{E04B56B1-32F5-41EA-BEDC-6CABA0375449}” = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
“{E04DC391-F4A5-4DB6-868D-57FA598EDB03}” = protocol=6 | dir=in | app=c:\users\brigitte\appdata\local\temp\7zsb27.tmp\symnrt.exe |
“{E681E946-FEA2-42F5-97AC-E7A33D0085F0}” = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
“{ECF89B5C-3940-4682-8FD1-DC3AF8B801AC}” = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
“{EEBA6201-8AF5-4E1E-8637-0FACEAC8384F}” = protocol=17 | dir=in | app=c:\users\brigitte\appdata\local\temp\7zsb27.tmp\symnrt.exe |
“{F66460DF-BA29-404B-BDA0-844425E9AF50}” = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
“{F7D25B14-5497-4D30-B03C-F70F230432F0}” = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
“{FEAEE1D0-6D1B-4EC9-ACF1-ACA546CB8F4C}” = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
“{FF8F54EB-3E2C-4BEC-A8F5-B23D489A8EBB}” = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
“{FFA86E6E-74C0-468D-BE0E-3FD7011CDCBB}” = dir=in | app=c:\program files\skype\phone\skype.exe |
“TCP Query User{08FBE829-4F96-4F3E-801D-3C1ED2BABFE1}C:\program files\internet explorer\iexplore.exe” = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
“TCP Query User{50A28B87-CC9B-48B9-A834-ED55987F3C38}C:\program files\orbitdownloader\orbitnet.exe” = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
“TCP Query User{62FAC075-4E73-436D-BEC5-A408CBFFA177}C:\program files\orbitdownloader\orbitnet.exe” = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
“TCP Query User{63137908-CB43-4C76-9ED9-9489A6C93BC4}C:\program files\yahoo!\messenger\yahoomessenger.exe” = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
“TCP Query User{85712156-4BBC-4D2C-BC82-AE50A88ED03E}C:\program files\mozilla firefox\firefox.exe” = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
“TCP Query User{865DF9ED-DCAB-4658-85B0-53DAB53E40D0}C:\program files\mozilla firefox\firefox.exe” = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
“TCP Query User{A96491C4-0068-4318-B3B0-EA3E4BA6F922}C:\program files\utorrent\utorrent.exe” = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
“TCP Query User{B90531B5-9484-4781-A7F6-2C19CFB7639F}C:\program files\orbitdownloader\orbitdm.exe” = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitdm.exe |
“TCP Query User{BB3F2585-885C-4FFD-B780-3AFB91F0BEF0}C:\program files\sun\virtualbox\virtualbox.exe” = protocol=6 | dir=in | app=c:\program files\sun\virtualbox\virtualbox.exe |
“TCP Query User{C3C57E68-3283-4713-81A8-932FC51A7BCA}C:\program files\internet explorer\iexplore.exe” = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
“TCP Query User{C8AE0DFA-6A3F-4BC9-82A5-0F38A69849AC}C:\program files\ubisoft\chessmaster grandmaster edition\game.exe” = protocol=6 | dir=in | app=c:\program files\ubisoft\chessmaster grandmaster edition\game.exe |
“TCP Query User{CF4EEF23-B9B3-4BDD-A9A9-42AB62D2BB86}C:\program files\utorrent\utorrent.exe” = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
“TCP Query User{D1B6BA4E-CE3A-4936-B543-0DE992E5E73F}C:\program files\common files\newtech infosystems\liveupdate\liveupdate.exe” = protocol=6 | dir=in | app=c:\program files\common files\newtech infosystems\liveupdate\liveupdate.exe |
“UDP Query User{09CF1E4B-28B0-4320-84EF-C7FF11C4FD31}C:\program files\mozilla firefox\firefox.exe” = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
“UDP Query User{14FB4A6B-DB00-43D4-9772-211BA5A2A6AD}C:\program files\orbitdownloader\orbitnet.exe” = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
“UDP Query User{1A7C61C9-1721-4950-82BD-569E6BFFA0B5}C:\program files\yahoo!\messenger\yahoomessenger.exe” = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
“UDP Query User{1B85B1B6-E930-4F4B-87D4-24E7C30D7866}C:\program files\mozilla firefox\firefox.exe” = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
“UDP Query User{4BD54538-3A9B-41D5-83BA-FC1D8918EE2A}C:\program files\common files\newtech infosystems\liveupdate\liveupdate.exe” = protocol=17 | dir=in | app=c:\program files\common files\newtech infosystems\liveupdate\liveupdate.exe |
“UDP Query User{4F7D800A-336E-4CFC-BA88-C5E5DBB3D62B}C:\program files\utorrent\utorrent.exe” = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
“UDP Query User{6961F87B-444B-41AF-8D13-B40CF97E139C}C:\program files\orbitdownloader\orbitnet.exe” = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
“UDP Query User{77F40EDD-7A2E-4B45-90C8-6A1E4BF9F1DA}C:\program files\orbitdownloader\orbitdm.exe” = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitdm.exe |
“UDP Query User{A67D949B-95EF-4EF6-B1DE-F60F5975345B}C:\program files\utorrent\utorrent.exe” = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
“UDP Query User{A9451DA5-CA11-4F35-9EA7-A31D5ED098FD}C:\program files\sun\virtualbox\virtualbox.exe” = protocol=17 | dir=in | app=c:\program files\sun\virtualbox\virtualbox.exe |
“UDP Query User{CED48A1C-F82A-45EB-A7E2-53A86365D8B2}C:\program files\internet explorer\iexplore.exe” = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
“UDP Query User{CF646DCF-0B7C-46AE-A1DD-1E34FCA353D7}C:\program files\internet explorer\iexplore.exe” = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
“UDP Query User{F718DB42-551A-45D6-A0B3-92E303CFE1B7}C:\program files\ubisoft\chessmaster grandmaster edition\game.exe” = protocol=17 | dir=in | app=c:\program files\ubisoft\chessmaster grandmaster edition\game.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
“{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}” = DocProc
“{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}” = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
“{007B37D9-0C45-4202-834B-DD5FAAE99D63}” = ArcSoft Print Creations - Slimline Card
“{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}” = Status
“{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}” = VC 9.0 Runtime
“{03EDED24-8375-407D-A721-4643D9768BE1}” = kgchlwn
“{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6}” = OpenOffice.org 3.1
“{11316260-6666-467B-AC34-183FCB5D4335}” = Acer Mobility Center Plug-In
“{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}” = Acer eLock Management
“{11F3F858-4131-4FFA-A560-3FE282933B6E}” = kgchday
“{121634B0-2F4B-11D3-ADA3-00C04F52DD52}” = Windows Installer Clean Up
“{13F00518-807A-4B3A-83B0-A7CD90F3A398}” = MarketResearch
“{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}” = ESSPCD
“{17342E3B-0818-4A6F-BFF8-99476605ADD6}” = livebox
“{1753255A-0AEB-4220-8C75-607B73F0C133}” = Copy
“{20140000-0011-0000-0000-0000000FF1CE}” = Microsoft Office Professional Plus 2010 (Beta)
“{20140000-0015-040C-0000-0000000FF1CE}” = Microsoft Office Access MUI (French) 2010 (Beta)
“{20140000-0016-040C-0000-0000000FF1CE}” = Microsoft Office Excel MUI (French) 2010 (Beta)
“{20140000-0018-040C-0000-0000000FF1CE}” = Microsoft Office PowerPoint MUI (French) 2010 (Beta)
“{20140000-0019-040C-0000-0000000FF1CE}” = Microsoft Office Publisher MUI (French) 2010 (Beta)
“{20140000-001A-040C-0000-0000000FF1CE}” = Microsoft Office Outlook MUI (French) 2010 (Beta)
“{20140000-001B-040C-0000-0000000FF1CE}” = Microsoft Office Word MUI (French) 2010 (Beta)
“{20140000-001F-0401-0000-0000000FF1CE}” = Microsoft Office Proof (Arabic) 2010 (Beta)
“{20140000-001F-0407-0000-0000000FF1CE}” = Microsoft Office Proof (German) 2010 (Beta)
“{20140000-001F-0409-0000-0000000FF1CE}” = Microsoft Office Proof (English) 2010 (Beta)
“{20140000-001F-040C-0000-0000000FF1CE}” = Microsoft Office Proof (French) 2010 (Beta)
“{20140000-001F-0413-0000-0000000FF1CE}” = Microsoft Office Proof (Dutch) 2010 (Beta)
“{20140000-001F-0C0A-0000-0000000FF1CE}” = Microsoft Office Proof (Spanish) 2010 (Beta)
“{20140000-002C-040C-0000-0000000FF1CE}” = Microsoft Office Proofing (French) 2010 (Beta)
“{20140000-0044-040C-0000-0000000FF1CE}” = Microsoft Office InfoPath MUI (French) 2010 (Beta)
“{20140000-006E-040C-0000-0000000FF1CE}” = Microsoft Office Shared MUI (French) 2010 (Beta)
“{20140000-00A1-040C-0000-0000000FF1CE}” = Microsoft Office OneNote MUI (French) 2010 (Beta)
“{20140000-00BA-040C-0000-0000000FF1CE}” = Microsoft Office Groove MUI (French) 2010 (Beta)
“{205C6BDD-7B73-42DE-8505-9A093F35A238}” = Outil de téléchargement Windows Live
“{2075CB0A-D26F-4DAA-B424-5079296B43BA}” = Windows Live FolderShare
“{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}” = MSVCRT
“{2614F54E-A828-49FA-93BA-45A3F756BFAA}” = 32 Bit HP CIO Components Installer
“{26A24AE4-039D-4CA4-87B4-2F83216016FF}” = Java™ 6 Update 17
“{27614800-84A9-484E-9CCB-43ED2F1205F5}” = Chessmaster Grandmaster Edition
“{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}” = WebReg
“{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}” = essvatgt
“{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}” = Scan
“{3248F0A8-6813-11D6-A77B-00B0D0150000}” = J2SE Runtime Environment 5.0
“{36FDBE6E-6684-462B-AE98-9A39A1B200CC}” = HP Product Assistant
“{399C37FB-08AF-493B-BFED-20FBD85EDF7F}” = Acer Crystal Eye Webcam Video Class Camera
“{3E31821C-7917-367E-938E-E65FC413EA31}” = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
“{4103778F-5EAF-476E-B3C1-2891EF9A4D8C}” = Kptic
“{42938595-0D83-404D-9F73-F8177FDD531A}” = ESScore
“{4537EA4B-F603-4181-89FB-2953FC695AB1}” = netbrdg
“{4634B21A-CC07-4396-890C-2B8168661FEA}” = Windows Live Writer
“{46ABBC54-1872-4AA3-95E2-F2C063A63F31}” = Installation Windows Live
“{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}” = HPSSupply
“{48B3FB4D-CE22-488C-8E9F-24EBB77EAC0F}” = Microsoft Security Essentials
“{4983AA07-81D0-4605-BF92-49A343056DC8}” = Conseiller de mise à niveau vers Windows 7
“{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}” = Microsoft Search Enhancement Pack
“{4CC04CB8-422A-4940-A5C9-90F233690509}is1" = SRWare Iron 3.0.197.0
“{5316DFC9-CE99-4458-9AB3-E8726EDE0210}” = skin0001
“{53B20C18-D8D4-4588-8737-9BBFE303C354}” = Windows Live Movie Maker
“{543E938C-BDC4-4933-A612-01293996845F}” = UnloadSupport
“{55D1BF8E-EA8F-4969-82B9-B577010CFBCD}” = Microsoft Baseline Security Analyzer 2.1
“{56589DFE-0C29-4DFE-8E42-887B771ECD23}” = ArcSoft Print Creations - Photo Book
“{56C049BE-79E9-4502-BEA7-9754A3E60F9B}” = neroxml
“{57265292-228A-41FA-9AEC-4620CBCC2739}” = Acer eAudio Management
“{58E5844B-7CE2-413D-83D1-99294BF6C74F}” = Acer ePower Management
“{5DD76286-9BE7-4894-A990-E905E91AC818}” = Windows Live Mail
“{605A4E39-613C-4A12-B56F-DEFBE6757237}” = SHASTA
“{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}” = fflink
“{643EAE81-920C-4931-9F0B-4B343B225CA6}” = ESSBrwr
“{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}” = Activation Assistant for the 2007 Microsoft Office suites
“{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}” = eSupportQFolder
“{681B698F-C997-42C3-B184-B489C6CA24C9}” = HPPhotoSmartDiscLabelContent1
“{693C08A7-9E76-43FF-B11E-9A58175474C4}” = kgckids
“{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}” = Windows Media Player Firefox Plugin
“{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}” = Microsoft Works
“{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}” = CustomerResearchQFolder
“{770657D0-A123-3C07-8E44-1C83EC895118}” = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
“{770F1BEC-2871-4E70-B837-FB8525FFA3B1}” = Windows Live Messenger
“{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}” = Acer ScreenSaver
“{818ABC3C-635C-4651-8183-D0E9640B7DD1}” = HP Update
“{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}” = Windows Live Call
“{837b34e3-7c30-493c-8f6a-2b0f04e2912c}” = Microsoft Visual C++ 2005 Redistributable
“{870832ED-43F3-4425-931C-137C18902664}” = Sun VirtualBox
“{87E2B986-07E8-477a-93DC-AF0B6758B192}” = DocProcQFolder
“{8943CE61-53BD-475E-90E1-A580869E98A2}” = staticcr
“{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}” = Microsoft Silverlight
“{8A502E38-29C9-49FA-BCFA-D727CA062589}” = ESSTOOLS
“{8A8664E1-84C8-4936-891C-BC1F07797549}” = kgcvday
“{8E92D746-CD9F-4B90-9668-42B74C14F765}” = ESSini
“{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}” = Intel® Matrix Storage Manager
“{91517631-A9F3-4B7C-B482-43E0068FD55A}” = ESSgui
“{95120000-00B9-0409-0000-0000000FF1CE}” = Microsoft Application Error Reporting
“{9591C049-5CAE-4E89-A8D9-191F1899628B}” = ArcSoft Print Creations - Funhouse
“{999D43F4-9709-4887-9B1A-83EBB15A8370}” = VPRINTOL
“{9A25302D-30C0-39D9-BD6F-21E6EC160475}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
“{9BD54685-1496-46A5-AB62-357CD140ED8B}” = kgcinvt
“{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}” = TrayApp
“{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}” = ALPS Touch Pad Driver
“{A036E231-5A03-4d63-94F6-7864CC77EC48}” = PS_AIO_ProductContext
“{A0A77CDC-2419-4D5C-AD2C-E09E5926B806}” = Microsoft Antimalware
“{A1588373-1D86-4D44-86C9-78ABD190F9CC}” = kgcmove
“{A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}” = Microsoft Antimalware Service FR-FR Language Pack
“{A589DA26-51BD-475D-8C32-E19E34145842}” = Camtasia Studio 6
“{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}” = Google Update Helper
“{AA047D7C-5E7C-4878-B75C-77589151B563}” = Acer Crystal Eye webcam
“{AB5D51AE-EBC3-438D-872C-705C7C2084B0}” = DeviceManagementQFolder
“{AB6097D9-D722-4987-BD9E-A076E2848EE2}” = Acer Empowering Technology
“{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}” = ESSCDBK
“{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}” = Microsoft Office Live Add-in 1.4
“{AEA07F97-9088-497c-8821-0F36BD5DC251}” = HPProductAssistant
“{AEEAE013-92F1-4515-B278-139F1A692A36}” = Acer eDataSecurity Management
“{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}” = AIO_Scan
“{B0D83FCD-9D42-43ED-8315-250326AADA02}” = ArcSoft Print Creations - Scrapbook
“{B131E59D-202C-43C6-84C9-68F0C37541F1}” = Galerie de photos Windows Live
“{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}” = OfotoXMI
“{B22C19AE-6A67-4f28-B541-5AE72FB17A25}” = HP Photosmart All-In-One Software 9.0
“{B2544A03-10D0-4E5E-BA69-0362FFC20D18}” = OGA Notifier 2.0.0048.0
“{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}” = CCScore
“{B7A0CE06-068E-11D6-97FD-0050BACBF861}” = PowerProducer 3.72
“{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}” = SolutionCenter
“{BF839132-BD43-4056-ACBF-4377F4A88E2A}” = Acer ePresentation Management
“{C06554A1-2C1E-4D20-B613-EE62C79927CC}” = Acer eNet Management
“{CA9ED5E4-1548-485B-A293-417840060158}” = ArcSoft Print Creations - Photo Calendar
“{CAE8A0F1-B498-4C23-95FA-55047E730C8F}” = ArcSoft Print Creations
“{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}” = Microsoft .NET Framework 1.1
“{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}” = Microsoft .NET Framework 3.5 SP1
“{CE386A4E-D0DA-4208-8235-BCE43275C694}” = LightScribe 1.4.142.1
“{CE65A9A0-9686-45C6-9098-3C9543A412F0}” = Acer eSettings Management
“{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}” = Destination Component
“{D103C4BA-F905-437A-8049-DB24763BBE36}” = Skype 4.1
“{D13FE823-C575-4451-AC37-E645A67AA581}1.0.0.0" = OrangeInstaller version 1.0.0.0
“{D32470A1-B10C-4059-BA53-CF0486F68EBC}” = Logiciel Kodak EasyShare
“{D719E8F1-6931-40b4-AC0B-5FE2C097F995}” = C4200_doccd
“{D79113E7-274C-470B-BD46-01B10219DF6A}” = HPPhotosmartEssential
“{DB02F716-6275-42E9-B8D2-83BA2BF5100B}” = SFR
“{DB6BD5D5-8482-45C0-99CF-745C5B924497}” = WOT pour Internet Explorer
“{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}” = Assistant de connexion Windows Live
“{E18B549C-5D15-45DA-8D8F-8FD2BD946344}” = kgcbaby
“{E2662C24-B31E-4349-A084-32EB76E8B760}” = BufferChm
“{E2DFE069-083E-4631-9B6C-43C48E991DE5}” = Junk Mail filter update
“{E39A3770-3DDE-404c-B91F-3522947874A3}” = PS_AIO_Software_min
“{E6B4117F-AC59-4B13-9274-EB136E8897EE}” = ArcSoft Print Creations - Album Page
“{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}” = Toolbox
“{EC25B803-4BDB-47F7-B877-FCE7D7966C0F}” = Visual C++ CRT 9.0 SP1
“{ED00D08A-3C5F-488D-93A0-A04F21F23956}” = Windows Live Communications Platform
“{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}” = DeviceDiscovery
“{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}” = Acer Arcade Deluxe
“{F04F9557-81A9-4293-BC49-2C216FA325A7}” = ArcSoft Print Creations - Greeting Card
“{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}” = Microsoft SQL Server 2005 Compact Edition [ENU]
“{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}” = Microsoft Choice Guard
“{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}” = Realtek High Definition Audio Driver
“{F333A33D-125C-32A2-8DCE-5C5D14231E27}” = Visual C++ 2008 x86 Runtime - (v9.0.30729)
“{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01” = Visual C++ 2008 x86 Runtime - v9.0.30729.01
“{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}” = SKINXSDK
“{F9593CFB-D836-49BC-BFF1-0E669A411D9F}” = WIRELESS
“{FA4FA322-5C90-4d2b-A019-9E588273DED5}” = PS_AIO_Software
“{FB8148DD-C575-4B0A-9F6C-0CFC46937930}” = Opera 10.10
“{FCDB1C92-03C6-4C76-8625-371224256091}” = ESSPDock
“{ORAHSS}.Bas_Debit_CustoUpdate” =
“{ORAHSS}.Browser” = Navigateur Orange
“{ORAHSS}.UninstallSuite” = Orange - Logiciels Internet
“7-Zip” = 7-Zip 4.65
“Activation Assistant for the 2007 Microsoft Office suites” = Activation Assistant for the 2007 Microsoft Office suites
“Adobe Flash Player ActiveX” = Adobe Flash Player 10 ActiveX
“Adobe Flash Player Plugin” = Adobe Flash Player 10 Plugin
“BackRex Internet Explorer Backup” = BackRex Internet Explorer Backup
“CCleaner” = CCleaner
“CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118” = HDAUDIO Soft Data Fax Modem with SmartCP
“COMODO Internet Security” = COMODO Internet Security
“Defraggler” = Defraggler
“EVEREST Home Edition_is1” = EVEREST Home Edition v2.20
“FileHippo.com” = FileHippo.com Update Checker
“Foxit Reader” = Foxit Reader
“Free Window Registry Repair” = Free Window Registry Repair
“Freeraser” = Freeraser
“GnuPG” = GNU Privacy Guard
“HDMI” = Intel® Graphics Media Accelerator Driver
“HijackThis” = HijackThis 2.0.2
“HP Imaging Device Functions” = HP Imaging Device Functions 9.0
“HP Photosmart Essential” = HP Photosmart Essential 3.5
“HP Solution Center & Imaging Support Tools” = HP Solution Center 9.0
“HPExtendedCapabilities” = HP Customer Participation Program 9.0
“HPOCR” = HP OCR Software 9.0
“ImgBurn” = ImgBurn
"InstallShield{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}” = NTI CD & DVD-Maker
"InstallShield{27614800-84A9-484E-9CCB-43ED2F1205F5}” = Chessmaster Grandmaster Edition
“KeyScrambler” = KeyScrambler
“MailNotifier” = Notification Mail
“Malwarebytes’ Anti-Malware_is1” = Malwarebytes’ Anti-Malware
“Messenger Plus! Live” = Messenger Plus! Live
“MessengerDiscovery 2.1_is1” = MessengerDiscovery 2.1.79
“Microsoft .NET Framework 1.1 (1033)” = Microsoft .NET Framework 1.1
“Microsoft .NET Framework 3.5 Language Pack SP1 - fra” = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
“Microsoft .NET Framework 3.5 SP1” = Microsoft .NET Framework 3.5 SP1
“Microsoft Security Essentials” = Microsoft Security Essentials
“MozBackup” = MozBackup 1.4.9
“Mozilla Firefox (3.5.5)” = Mozilla Firefox (3.5.5)
“Mozilla Thunderbird (2.0.0.23)” = Mozilla Thunderbird (2.0.0.23)
“Notepad++” = Notepad++
“Office14.PROPLUS” = Microsoft Office Professionnel Plus 2010
“Orbit_is1” = Orbit Downloader
“PhotoFiltre” = PhotoFiltre
“Recuva” = Recuva
“Revo Uninstaller” = Revo Uninstaller 1.83
“uTorrent” = µTorrent
“VirusTotalUploader” = VirusTotal Uploader
“VLC media player” = VLC media player 1.0.3
“WinLiveSuite_Wave3” = Installation Windows Live
“Yahoo! Companion” = Yahoo! Toolbar
“Yahoo! Messenger” = Yahoo! Messenger
“Yahoo! Software Update” = Yahoo! Software Update
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26/11/2009 13:52:57 | Computer Name = PC-de-Brigitte | Source = VSS | ID = 8194
Description =
Error - 26/11/2009 14:27:24 | Computer Name = PC-de-Brigitte | Source = Application Error | ID = 1000
Description = Application défaillante msnmsgr.exe, version 14.0.8089.726, horodatage
0x4a6ce533, module défaillant LiveTransport.dll, version 14.0.8089.726, horodatage
0x4a6ce51c, code dexception 0xc0000005, décalage derreur 0x0004c064, ID du processus
0x278, heure de début de lapplication 0x01ca6ebdd39b0801.
Error - 26/11/2009 15:28:41 | Computer Name = PC-de-Brigitte | Source = Application Error | ID = 1000
Description = Application défaillante taskeng.exe, version 6.0.6002.18005, horodatage
0x49e01bf2, module défaillant RPCRT4.dll, version 6.0.6002.18024, horodatage 0x49f05bcc,
code dexception 0xc0000005, décalage derreur 0x000b1e6c, ID du processus 0x2e4,
heure de début de lapplication 0x01ca6ece5229ce82.
Error - 26/11/2009 15:34:01 | Computer Name = PC-de-Brigitte | Source = VSS | ID = 8194
Description =
Error - 26/11/2009 15:49:23 | Computer Name = PC-de-Brigitte | Source = VBRuntime | ID = 1
Description = The VB Application identified by the event source logged this Application
MSICUU: Thread ID: 5356 ,Logged: Success: C:\Program Files\Windows Installer Clean
Up\msizap.exe TW! {10A44844-4465-456E-8C97-80BDD4F68845}
Error - 26/11/2009 15:50:00 | Computer Name = PC-de-Brigitte | Source = VBRuntime | ID = 1
Description = The VB Application identified by the event source logged this Application
MSICUU: Thread ID: 5356 ,Logged: Success: C:\Program Files\Windows Installer Clean
Up\msizap.exe TW! {2075CB0A-D26F-4DAA-B424-5079296B43BA}
Error - 26/11/2009 15:50:54 | Computer Name = PC-de-Brigitte | Source = VBRuntime | ID = 1
Description = The VB Application identified by the event source logged this Application
MSICUU: Thread ID: 5356 ,Logged: Success: C:\Program Files\Windows Installer Clean
Up\msizap.exe TW! {205C6BDD-7B73-42DE-8505-9A093F35A238}
Error - 26/11/2009 16:34:27 | Computer Name = PC-de-Brigitte | Source = VBRuntime | ID = 1
Description = The VB Application identified by the event source logged this Application
MSICUU: Thread ID: 3020 ,Logged: Success: C:\Program Files\Windows Installer Clean
Up\msizap.exe TW! {FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Error - 26/11/2009 16:42:03 | Computer Name = PC-de-Brigitte | Source = VSS | ID = 8194
Description =
Error - 26/11/2009 16:42:23 | Computer Name = PC-de-Brigitte | Source = System Restore | ID = 8193
Description =
[ System Events ]
Error - 27/11/2009 07:42:06 | Computer Name = PC-de-Brigitte | Source = Service Control Manager | ID = 7026
Description =
Error - 27/11/2009 07:50:01 | Computer Name = PC-de-Brigitte | Source = Service Control Manager | ID = 7034
Description =
Error - 27/11/2009 07:53:38 | Computer Name = PC-de-Brigitte | Source = Service Control Manager | ID = 7022
Description =
Error - 27/11/2009 07:53:39 | Computer Name = PC-de-Brigitte | Source = Service Control Manager | ID = 7026
Description =
Error - 27/11/2009 08:05:24 | Computer Name = PC-de-Brigitte | Source = Server | ID = 2505
Description = Le serveur n’a pas pu se lier au transport \Device\NetBT_Tcpip_{9138BFFD-FD48-4453-8C94-E096D847D72C}
car un autre ordinateur du réseau porte le même nom. Le serveur n’a pas pu démarrer.
Error - 27/11/2009 08:08:04 | Computer Name = PC-de-Brigitte | Source = Service Control Manager | ID = 7022
Description =
Error - 27/11/2009 08:09:28 | Computer Name = PC-de-Brigitte | Source = Service Control Manager | ID = 7022
Description =
Error - 27/11/2009 08:09:28 | Computer Name = PC-de-Brigitte | Source = Service Control Manager | ID = 7026
Description =
Error - 27/11/2009 11:01:36 | Computer Name = PC-de-Brigitte | Source = Service Control Manager | ID = 7022
Description =
Error - 27/11/2009 11:01:36 | Computer Name = PC-de-Brigitte | Source = Service Control Manager | ID = 7026
Description =
[ TuneUp Events ]
Error - 02/10/2009 10:01:06 | Computer Name = PC-de-Brigitte | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 02/10/2009 10:30:36 | Computer Name = PC-de-Brigitte | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 02/10/2009 10:34:07 | Computer Name = PC-de-Brigitte | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 02/10/2009 11:02:29 | Computer Name = PC-de-Brigitte | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 02/10/2009 11:02:39 | Computer Name = PC-de-Brigitte | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 02/10/2009 11:23:56 | Computer Name = PC-de-Brigitte | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 02/10/2009 11:35:22 | Computer Name = PC-de-Brigitte | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 02/10/2009 12:23:51 | Computer Name = PC-de-Brigitte | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 03/10/2009 02:39:55 | Computer Name = PC-de-Brigitte | Source = TuneUp Program Statistics | ID = 131840
Description =
Error - 03/10/2009 03:40:01 | Computer Name = PC-de-Brigitte | Source = TuneUp Program Statistics | ID = 131840
Description =
< End of report >
Ecoute je te le redonne :
OTL logfile created on: 27/11/2009 16:10:33 - Run 1
OTL by OldTimer - Version 3.1.11.0 Folder = C:\Users\Brigitte\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1,99 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,66% Memory free
4,00 Gb Paging File | 2,95 Gb Available in Paging File | 73,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,77 Gb Total Space | 20,99 Gb Free Space | 30,09% Space Free | Partition Type: NTFS
Drive D: | 69,52 Gb Total Space | 44,18 Gb Free Space | 63,55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC-DE-BRIGITTE
Current User Name: Brigitte
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Users\Brigitte\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Users\Brigitte\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe (Matt Holwood)
PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
PRC - C:\Program Files\orange\MailNotifier\MailNotifier.exe ()
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
PRC - C:\Windows\System32\msfeedssync.exe (Microsoft Corporation)
PRC - C:\Program Files\Orbitdownloader\orbitnet.exe (Orbitdownloader.com)
PRC - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
PRC - C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
PRC - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
PRC - C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
PRC - C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
PRC - C:\Acer\Mobility Center\MobilityService.exe ()
========== Modules (SafeList) ==========
MOD - C:\Users\Brigitte\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (gupdate) Google Update Service (gupdate) – File not found
SRV - (0267471241168295mcinstcleanup) – File not found
SRV - (cmdAgent) – C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (Microsoft SharePoint Workspace Audit Service) – C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (osppsvc) – C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) – C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (FontCache) – C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (MBAMService) – C:\Program Files\Malwarebytes’ Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MsMpSvc) – C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV - (SeaPort) – C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (wlidsvc) – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (YahooAUService) – C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (ACDaemon) – C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (Pml Driver HPZ12) – C:\Windows\System32\HPZipm12.dll (Hewlett-Packard)
SRV - (Net Driver HPZ12) – C:\Windows\System32\HPZinw12.dll (Hewlett-Packard)
SRV - (hpqddsvc) – C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.)
SRV - (hpqcxs08) – C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - (WinDefend) – C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) – C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (ehRecvr) – C:\Windows\ehome\ehrecvr.exe (Microsoft Corporation)
SRV - (WMIService) – C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
SRV - (eNet Service) – C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
SRV - (eSettingsService) – C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (eDataSecurity Service) – C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)
SRV - (IAANTMON) Intel® – C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
SRV - (eLockService) – C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
SRV - (eRecoveryService) – C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (XAudioService) – C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
SRV - (RichVideo) Cyberlink RichVideo Service(CRVS) – C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()
SRV - (LightScribeService) – C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (FTRTSVC) – C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
SRV - (MobilityService) – C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (ehSched) – C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart) – C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (cmdGuard) – C:\Windows\System32\drivers\cmdguard.sys (COMODO)
DRV - (inspect) – C:\Windows\System32\drivers\inspect.sys (COMODO)
DRV - (cmdHlp) – C:\Windows\System32\drivers\cmdhlp.sys (COMODO)
DRV - (VBoxNetAdp) – C:\Windows\System32\drivers\VBoxNetAdp.sys (Sun Microsystems, Inc.)
DRV - (VBoxDrv) – C:\Windows\System32\drivers\VBoxDrv.sys (Sun Microsystems, Inc.)
DRV - (VBoxNetFlt) – C:\Windows\System32\drivers\VBoxNetFlt.sys (Sun Microsystems, Inc.)
DRV - (VBoxUSBMon) – C:\Windows\System32\drivers\VBoxUSBMon.sys (Sun Microsystems, Inc.)
DRV - (KeyScrambler) – C:\Windows\System32\drivers\keyscrambler.sys (QFX Software Corporation)
DRV - (MBAMProtector) – C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (MpFilter) – C:\Windows\System32\drivers\MpFilter.sys (Microsoft Corporation)
DRV - (MpNWMon) – C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (kl1) – C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
DRV - (GearAspiWDM) – C:\Windows\System32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (SbFw) – C:\Windows\System32\drivers\SbFw.sys (Sunbelt Software, Inc.)
DRV - (KMWDFILTER) – C:\Windows\System32\drivers\KMWDFILTER.sys (Windows ® Codename Longhorn DDK provider)
DRV - (SBFWIMCL) – C:\Windows\System32\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) – C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl (Cyberlink Corp.)
DRV - (igfx) – C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (NTIDrvr) – C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) – C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) – C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (BCM43XX) – C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (ApfiltrService) – C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (b57nd60x) – C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (NETw4v32) Pilote de carte Intel® – C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (HSF_DPV) – C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) – C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) – C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (PSDNServ) – C:\Windows\system32\drivers\PSDNServ.sys (HiTRUST)
DRV - (psdvdisk) – C:\Windows\system32\drivers\psdvdisk.sys (HiTRUST)
DRV - (PSDFilter) – C:\Windows\system32\DRIVERS\psdfilter.sys (HiTRUST)
DRV - (BTWUSB) – C:\Windows\System32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (rismxdp) – C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (iaStor) – C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (enecir) – C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (rimmptsk) – C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (XAudio) – C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (rimsptsk) – C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (int15) – C:\Acer\Empowering Technology\eRecovery\int15.sys ()
DRV - (PCAMp50) – C:\Windows\System32\drivers\PCAMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (PCASp50) – C:\Windows\System32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (DKbFltr) – C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (DritekPortIO) – C:\PROGRA~1\LAUNCH~1\DPortIO.sys (Dritek System Inc.)
DRV - (ql2300) – C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) – C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) – C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) – C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) – C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) – C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) – C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) – C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) – C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) – C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) – C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) – C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) – C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) – C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) – C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) – C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) – C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) – C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) – C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) – C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) – C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) – C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) – C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) – C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) – C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) – C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) – C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) – C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) – C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) – C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) – C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) – C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) – C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) – C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) – C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) – C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) – C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) – C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) – C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) – C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) – C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (HSFHWAZL) – C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) – C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NETw3v32) Pilote de carte Intel® – C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (E1G60) Intel® – C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (secdrv) – C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (mdmxsdk) – C:\Windows\System32\drivers\mdmxsdk.sys (Conexant)
DRV - (Aspi32) – C:\Windows\System32\drivers\aspi32.sys (Adaptec)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.msn.com…
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = search.yahoo.com…
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = fr.yahoo.com…
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = fr.msn.com…
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9D 29 4D 03 9A F1 C9 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
========== FireFox ==========
FF - prefs.js…browser.search.defaultenginename: “Google”
FF - prefs.js…browser.search.defaulturl: “http://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=”
FF - prefs.js…browser.search.openintab: true
FF - prefs.js…browser.search.param.yahoo-fr: “moz2-ytff-”
FF - prefs.js…browser.search.param.yahoo-fr-cjkt: “moz2-ytff-”
FF - prefs.js…browser.search.useDBForOrder: true
FF - prefs.js…browser.startup.homepage: “http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official”
FF - prefs.js…extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js…extensions.enabledItems: 6
FF - prefs.js…extensions.enabledItems: 2
FF - prefs.js…extensions.enabledItems: 48
FF - prefs.js…extensions.enabledItems: {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}:0.76
FF - prefs.js…extensions.enabledItems: {FC5BAC7D-D696-4ba6-B913-CF8F000C33DF}:2.1.4
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\Components: C:\Program Files\Mozilla Firefox\components [2009/11/26 13:32:45 | 00,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/26 13:32:45 | 00,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\Components: C:\Program Files\Mozilla Thunderbird\components [2009/11/26 13:32:45 | 00,000,000 | —D | M]
[2009/11/01 16:03:51 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Extensions
[2009/11/01 15:36:49 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Extensions-BackupByFirefoxPortable
[2009/11/01 15:36:49 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Extensions-BackupByFirefoxPortable{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/26 13:31:19 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions
[2009/11/09 19:15:26 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2009/11/01 16:21:22 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2009/11/21 15:55:30 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2009/11/15 19:00:40 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/11/18 12:53:45 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/11/08 15:58:16 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2009/11/06 07:28:58 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/11/01 16:19:46 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/11/07 18:45:06 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2009/11/01 16:51:22 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2009/11/06 07:28:57 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\cipherfox@mkfly
[2009/11/09 19:15:24 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\firegpg@firegpg.team
[2009/11/01 16:18:03 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\illimitux@illimitux.net
[2009/11/01 16:27:42 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\keyscrambler@qfx.software.corporation
[2009/11/01 16:31:51 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\lazarus@interclue.com
[2009/11/01 16:05:10 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\martin@hoerandl.com
[2009/11/02 17:08:24 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\openmedspel@e-medtools.com
[2009/11/01 18:09:33 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\secureLogin@blueimp.net
[2009/11/01 15:43:40 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions
[2009/11/01 15:35:21 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/01 15:43:40 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions{35379F86-8CCB-4724-AE33-4278DE266C70}
[2009/11/01 15:35:38 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/11/01 15:35:41 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2009/11/01 15:35:21 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions\staged-xpis
[2009/11/25 13:12:38 | 00,000,000 | —D | M] – C:\Program Files\mozilla firefox\extensions
[2009/11/03 02:56:19 | 00,001,516 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/11/03 02:56:19 | 00,001,822 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/11/03 02:56:19 | 00,000,757 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/11/03 02:56:19 | 00,001,426 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/11/03 02:56:19 | 00,000,652 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: (317268 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 10562 more lines…
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Programme d’aide de l’Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM…\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM…\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKLM…\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU…\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU…\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU…\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O4 - HKLM…\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM…\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM…\Run: [Malwarebytes’ Anti-Malware] C:\Program Files\Malwarebytes’ Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM…\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM…\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)
O4 - HKLM…\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU…\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU…\Run: [MailNotifier] C:\Program Files\orange\MailNotifier\MailNotifier.exe ()
O4 - HKCU…\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU…\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU…\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU…\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O15 - HKCU…Trusted Domains: orange.fr ([logicielsgratuits] http in Sites de confiance)
O15 - HKCU…Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} messenger.zone.msn.com… (Checkers Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} dlm.tools.akamai.com… (DLM Control)
O16 - DPF: {4DD20514-9520-40A7-9CD6-66883643A20B} www.boaki.com… (UviLaunch Control)
O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} logicielsgratuits.orange.fr… (OrangeInstaller_ModuleIE Control)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} messenger.zone.msn.com… (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} messenger.zone.msn.com… (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com… (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} fpdownload.macromedia.com… (Reg Error: Key error.)
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} webtv.guidetv.orange.fr… (FTMediaPlayer Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} messenger.zone.msn.com… (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} messenger.zone.msn.com… (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} java.sun.com… (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} java.sun.com… (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com… (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} platformdl.adobe.com… (Reg Error: Key error.)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} download.mcafee.com… (McFreeScan Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} messenger.zone.msn.com… (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/x-mrml {C51721BE-858B-4A66-A8BF-D2882FF49820} - C:\Program Files\Common Files\A&W\MidRadio.ocx (YAMAHA CORPORATION)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat – [ NTFS ]
O33 - MountPoints2{d7f9a224-8014-11dd-9e64-aa49c949cd35}\Shell\Auto\command - “” = C:\Windows\System32\cmd.exe – [2008/01/19 08:33:04 | 00,318,976 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: () - File not found
O35 - comfile [open] – “%1” % File not found
O35 - exefile [open] – “%1” %* File not found
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/07/31 10:33:00 | 00,000,000 | —D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
========== Files/Folders - Created Within 30 Days ==========
[2009/11/27 16:06:28 | 00,532,992 | ---- | C] (OldTimer Tools) – C:\Users\Brigitte\Desktop\OTL.exe
[2009/11/27 13:17:39 | 00,171,552 | ---- | C] (COMODO) – C:\Windows\System32\guard32.dll
[2009/11/27 13:17:04 | 00,000,000 | —D | C] – C:\UsbFix
[2009/11/26 21:47:57 | 00,000,000 | —D | C] – C:\ProgramData\MessengerDiscovery 2
[2009/11/26 21:47:56 | 00,000,000 | —D | C] – C:\Program Files\MessengerDiscovery 2
[2009/11/25 19:42:22 | 00,002,048 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\tzres.dll
[2009/11/25 16:01:50 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Local\Apple Computer
[2009/11/25 15:56:33 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Local\Apple
[2009/11/25 15:24:01 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Mes enregistrements de webcam
[2009/11/25 15:22:20 | 00,000,000 | —D | C] – C:\Program Files\FileHippo.com
[2009/11/25 14:53:26 | 00,107,368 | ---- | C] (GEAR Software Inc.) – C:\Windows\System32\GEARAspi.dll
[2009/11/25 14:53:20 | 00,026,600 | ---- | C] (GEAR Software Inc.) – C:\Windows\System32\drivers\GEARAspiWDM.sys
[2009/11/25 14:51:24 | 00,000,000 | —D | C] – C:\ProgramData{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/11/25 12:52:24 | 00,714,240 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\timedate.cpl
[2009/11/23 18:05:56 | 00,000,000 | —D | C] – C:\Program Files\7-Zip
[2009/11/22 14:03:26 | 00,000,000 | —D | C] – C:\Program Files\ImgBurn
[2009/11/20 20:22:29 | 00,000,000 | —D | C] – C:\Program Files\Recuva
[2009/11/20 16:58:33 | 00,000,000 | —D | C] – C:\Users\Brigitte.VirtualBox
[2009/11/20 16:54:56 | 00,116,560 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxDrv.sys
[2009/11/20 16:54:25 | 00,041,424 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxUSBMon.sys
[2009/11/20 16:53:58 | 00,000,000 | —D | C] – C:\Program Files\Sun
[2009/11/19 19:15:34 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Synchronization Services
[2009/11/19 19:10:26 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Visual Studio 8
[2009/11/19 19:05:32 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Analysis Services
[2009/11/19 19:03:20 | 00,000,000 | RH-D | C] – C:\MSOCache
[2009/11/18 20:27:37 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\Download Manager
[2009/11/18 20:05:16 | 00,000,000 | —D | C] – C:\Program Files\Microsoft SQL Server Compact Edition
[2009/11/18 20:03:59 | 00,000,000 | —D | C] – C:\Program Files\Windows Live
[2009/11/18 16:28:10 | 00,000,000 | —D | C] – C:\Program Files\Gibcom
[2009/11/17 20:18:22 | 00,000,000 | —D | C] – C:\Program Files\Ubisoft
[2009/11/17 17:11:33 | 00,000,000 | —D | C] – C:\Program Files\Kptic Neonumeric
[2009/11/17 12:52:24 | 00,000,000 | —D | C] – C:\ProgramData\F-Secure
[2009/11/16 21:31:23 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\Kptic
[2009/11/16 18:53:25 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Security Essentials
[2009/11/16 18:53:22 | 00,000,000 | —D | C] – C:\ProgramData\Comodo
[2009/11/16 18:53:19 | 00,128,376 | ---- | C] (COMODO) – C:\Windows\System32\drivers\cmdguard.sys
[2009/11/16 18:53:19 | 00,074,328 | ---- | C] (COMODO) – C:\Windows\System32\drivers\inspect.sys
[2009/11/16 18:53:19 | 00,029,520 | ---- | C] (COMODO) – C:\Windows\System32\drivers\cmdhlp.sys
[2009/11/15 15:17:05 | 00,000,000 | —D | C] – C:\Program Files\Defraggler
[2009/11/15 14:27:29 | 00,000,000 | —D | C] – C:\ProgramData\Yahoo! Companion
[2009/11/15 13:26:28 | 00,000,000 | —D | C] – C:\Program Files\Orbitdownloader
[2009/11/15 11:31:38 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Emoticon Web
[2009/11/15 11:25:26 | 00,000,000 | R–D | C] – C:\Users\Brigitte\Documents\Exercices Brigitte
[2009/11/14 22:09:34 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Divers
[2009/11/14 22:09:12 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Aides Personnes Théo
[2009/11/14 22:07:26 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Charges Maison 2009
[2009/11/14 22:05:46 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Travail Brigitte
[2009/11/14 22:02:04 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Image Web
[2009/11/13 20:32:44 | 00,000,000 | —D | C] – C:\Program Files\RogueRemover FREE
[2009/11/13 16:29:10 | 00,000,000 | -HSD | C] – C:\ProgramData{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2009/11/12 22:13:15 | 00,000,000 | —D | C] – C:\Program Files\QuickTime
[2009/11/12 13:19:20 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\Auslogics
[2009/11/11 11:17:55 | 02,036,736 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\win32k.sys
[2009/11/11 11:17:46 | 00,355,328 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WSDApi.dll
[2009/11/11 11:00:51 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Baseline Security Analyzer 2
[2009/11/11 10:52:05 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\HouseCall 6.6
[2009/11/10 14:54:18 | 00,095,568 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxNetAdp.sys
[2009/11/10 14:54:02 | 00,133,648 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\VBoxNetFltNotify.dll
[2009/11/10 14:53:54 | 00,104,016 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxNetFlt.sys
[2009/11/08 17:53:37 | 00,000,000 | -H-D | C] – C:\Users\Brigitte\784E6B0F00EC495095A2BBA64F44EC48.TMP
[2009/11/08 15:00:00 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Camtasia Studio
[2009/11/08 14:32:50 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Local\TechSmith
[2009/11/08 14:32:37 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Custom Production Presets 5.0
[2009/11/08 14:31:53 | 00,000,000 | —D | C] – C:\ProgramData\TechSmith
[2009/11/08 14:31:28 | 00,000,000 | —D | C] – C:\Program Files\Common Files\TechSmith Shared
[2009/11/08 14:31:24 | 00,000,000 | —D | C] – C:\Program Files\TechSmith
[2009/11/08 11:45:25 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\javaws.exe
[2009/11/08 11:45:25 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\javaw.exe
[2009/11/08 11:45:25 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\java.exe
[2009/11/08 10:37:22 | 01,986,560 | ---- | C] (NCT Company Ltd.) – C:\Windows\System32\AudFile.dll
[2009/11/08 10:37:22 | 01,212,416 | ---- | C] (NCT Company Ltd.) – C:\Windows\System32\AudioInfos.dll
[2009/11/08 10:37:22 | 00,348,160 | ---- | C] (NCT Company Ltd.) – C:\Windows\System32\WMAFile.dll
[2009/11/08 10:37:22 | 00,115,920 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\msinet.OCX
[2009/11/08 10:37:22 | 00,040,960 | ---- | C] (vbAccelerator) – C:\Windows\System32\SSubTmr6.dll
[2009/11/08 10:37:22 | 00,015,360 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\inetfr.DLL
[2009/11/07 20:47:54 | 00,000,000 | —D | C] – C:\Program Files\SRWare Iron
[2009/11/07 10:27:03 | 00,000,000 | —D | C] – C:\Program Files\Lavalys
[2009/11/06 22:32:12 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\OpenOffice.org
[2009/11/06 22:22:25 | 00,000,000 | —D | C] – C:\Program Files\JRE
[2009/11/06 22:22:09 | 00,000,000 | —D | C] – C:\Program Files\OpenOffice.org 3
[2009/11/06 21:48:06 | 00,000,000 | —D | C] – C:\Program Files\PhotoFiltre
[2009/11/06 18:38:21 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\ImgBurn
[2009/11/06 18:12:45 | 00,000,000 | —D | C] – C:\ProgramData\LightScribe
[2009/11/06 18:10:55 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\Nero
[2009/11/06 18:05:59 | 00,000,000 | —D | C] – C:\ProgramData\Nero
[2009/11/06 18:05:57 | 00,000,000 | —D | C] – C:\Program Files\Common Files\Nero
[2009/11/04 12:54:21 | 01,638,912 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\mshtml.tlb
[2009/11/03 19:27:38 | 00,000,000 | —D | C] – C:\Program Files\VS Revo Group
[2009/11/02 20:08:33 | 00,000,000 | —D | C] – C:\Program Files\uTorrent
[2009/11/02 16:19:23 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\vlc
[2009/11/01 16:03:15 | 00,000,000 | —D | C] – C:\Program Files\Mozilla Firefox
[2009/11/01 14:32:37 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\IDM
[2009/10/28 16:53:19 | 00,000,000 | —D | C] – C:\Program Files\Windows Portable Devices
[2009/10/28 16:50:50 | 00,092,672 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\UIAnimation.dll
[2009/10/28 16:50:47 | 01,164,800 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\UIRibbonRes.dll
[2009/10/28 16:50:46 | 03,023,360 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\UIRibbon.dll
[2009/10/28 16:49:29 | 00,369,664 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WMPhoto.dll
[2009/10/28 16:49:26 | 00,037,888 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\cdd.dll
[2009/10/28 16:49:23 | 00,829,440 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\d3d10warp.dll
[2009/10/28 16:49:22 | 00,280,064 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\XpsGdiConverter.dll
[2009/10/28 16:49:22 | 00,135,680 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\XpsRasterService.dll
[2009/10/28 16:49:22 | 00,026,112 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\printfilterpipelineprxy.dll
[2009/10/28 16:49:21 | 00,974,848 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WindowsCodecs.dll
[2009/10/28 16:49:21 | 00,828,928 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\d2d1.dll
[2009/10/28 16:49:21 | 00,667,648 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\printfilterpipelinesvc.exe
[2009/10/28 16:49:21 | 00,321,024 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\PhotoMetadataHandler.dll
[2009/10/28 16:49:21 | 00,252,928 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\dxdiag.exe
[2009/10/28 16:49:21 | 00,195,584 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\dxdiagn.dll
[2009/10/28 16:49:21 | 00,189,440 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WindowsCodecsExt.dll
[2009/10/28 16:49:20 | 01,554,432 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\xpsservices.dll
[2009/10/28 16:49:20 | 01,064,448 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\DWrite.dll
[2009/10/28 16:49:20 | 00,847,360 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\OpcServices.dll
[2009/10/28 16:49:20 | 00,793,088 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\FntCache.dll
[2009/10/28 16:49:20 | 00,486,912 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\d3d10level9.dll
[2009/10/28 16:49:20 | 00,351,232 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\XpsPrint.dll
[2009/10/28 16:49:20 | 00,190,464 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\d3d10core.dll
[2009/10/28 16:49:19 | 01,030,144 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\d3d10.dll
[2009/10/28 16:49:19 | 00,519,680 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\d3d11.dll
[2009/10/28 16:49:19 | 00,481,792 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\dxgi.dll
[2009/10/28 16:49:19 | 00,218,112 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\d3d10_1core.dll
[2009/10/28 16:49:19 | 00,161,280 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\d3d10_1.dll
[2009/10/28 16:48:06 | 00,031,232 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\BthMtpContextHandler.dll
[2009/10/28 16:48:06 | 00,030,208 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WPDShextAutoplay.exe
[2009/10/28 16:47:52 | 00,060,928 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\PortableDeviceConnectApi.dll
[2009/10/28 16:47:44 | 00,061,952 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WpdMtpUS.dll
[2009/10/28 16:47:44 | 00,033,280 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WpdConns.dll
[2009/10/28 16:47:43 | 00,546,816 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\wpd_ci.dll
[2009/10/28 16:47:43 | 00,334,848 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\PortableDeviceApi.dll
[2009/10/28 16:47:43 | 00,226,816 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WpdMtp.dll
[2009/10/28 16:47:43 | 00,160,256 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\PortableDeviceTypes.dll
[2009/10/28 16:47:42 | 00,350,208 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WPDSp.dll
[2009/10/28 16:47:42 | 00,196,608 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\PortableDeviceWMDRM.dll
[2009/10/28 16:47:42 | 00,100,864 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\PortableDeviceClassExtension.dll
[2009/10/28 16:44:21 | 00,004,096 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\oleaccrc.dll
[2009/10/28 16:44:19 | 00,555,520 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\UIAutomationCore.dll
[2008/07/30 10:02:53 | 00,172,032 | ---- | C] ( ) – C:\Windows\System32\rsnp2uvc.dll
[2008/07/30 10:02:53 | 00,053,248 | ---- | C] ( ) – C:\Windows\System32\csnp2uvc.dll
[2007/08/10 15:40:58 | 00,045,056 | ---- | C] ( ) – C:\Windows\PLFSet.dll
[2007/08/10 08:29:05 | 00,053,248 | ---- | C] ( ) – C:\Windows\System32\Interop.Shell32.dll
[1 C:\Users\Brigitte*.tmp files -> C:\Users\Brigitte*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2009/11/27 16:15:00 | 00,000,434 | -H-- | M] () – C:\Windows\tasks\User_Feed_Synchronization-{55AF2E8A-EBC9-4A50-8828-434D9E33BE57}.job
[2009/11/27 16:13:59 | 07,340,032 | -H-- | M] () – C:\Users\Brigitte\ntuser.dat
[2009/11/27 16:13:56 | 00,000,408 | -H-- | M] () – C:\Windows\tasks\User_Feed_Synchronization-{9E24F08E-1327-49FE-856E-F5C2AE8D8770}.job
[2009/11/27 16:00:05 | 00,001,054 | ---- | M] () – C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/11/27 15:59:56 | 00,003,168 | ---- | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/11/27 15:59:56 | 00,003,168 | ---- | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/11/27 15:59:52 | 00,000,006 | -H-- | M] () – C:\Windows\tasks\SA.DAT
[2009/11/27 15:59:47 | 00,067,584 | --S- | M] () – C:\Windows\bootstat.dat
[2009/11/27 13:21:36 | 00,524,288 | -HS- | M] () – C:\Users\Brigitte\ntuser.dat{3061b2c5-a9dd-11de-ac40-f2bdef8fe8a1}.TMContainer00000000000000000001.regtrans-ms
[2009/11/27 13:21:36 | 00,065,536 | -HS- | M] () – C:\Users\Brigitte\ntuser.dat{3061b2c5-a9dd-11de-ac40-f2bdef8fe8a1}.TM.blf
[2009/11/27 13:21:31 | 04,757,217 | -H-- | M] () – C:\Users\Brigitte\AppData\Local\IconCache.db
[2009/11/27 13:17:39 | 00,171,552 | ---- | M] (COMODO) – C:\Windows\System32\guard32.dll
[2009/11/27 12:50:37 | 15,370,988 | ---- | M] () – C:\Windows\System32\drivers\fidbox.idx
[2009/11/27 12:50:36 | 11,474,82144 | ---- | M] () – C:\Windows\System32\drivers\fidbox.dat
[2009/11/27 09:33:00 | 00,001,058 | ---- | M] () – C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/11/27 03:05:57 | 01,364,348 | ---- | M] () – C:\Users\Brigitte\Desktop\UsbFix.exe
[2009/11/26 21:44:10 | 00,001,912 | ---- | M] () – C:\Users\Brigitte\Desktop\Windows Live Messenger .lnk
[2009/11/26 15:50:45 | 00,532,992 | ---- | M] (OldTimer Tools) – C:\Users\Brigitte\Desktop\OTL.exe
[2009/11/25 17:29:01 | 00,000,635 | ---- | M] () – C:\Users\Brigitte\Documents\CDT ORPM2009-5.pdf - Raccourci.lnk
[2009/11/25 15:31:11 | 00,001,647 | ---- | M] () – C:\Users\Brigitte\Desktop\Recuva.lnk
[2009/11/25 14:20:49 | 00,002,377 | ---- | M] () – C:\Users\Public\Desktop\Skype.lnk
[2009/11/25 12:50:15 | 00,128,376 | ---- | M] (COMODO) – C:\Windows\System32\drivers\cmdguard.sys
[2009/11/25 12:41:26 | 00,001,695 | ---- | M] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk
[2009/11/24 20:24:49 | 00,001,737 | ---- | M] () – C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/11/24 19:00:58 | 15,524,589 | ---- | M] () – C:\Users\Brigitte\Documents\Firefox 3.5.5 (fr) - 2009-11-24.pcv
[2009/11/23 19:52:45 | 00,000,727 | ---- | M] () – C:\Users\Public\Desktop\Opera.lnk
[2009/11/23 19:41:56 | 01,514,930 | ---- | M] () – C:\Windows\System32\PerfStringBackup.INI
[2009/11/23 19:41:56 | 00,684,650 | ---- | M] () – C:\Windows\System32\perfh00C.dat
[2009/11/23 19:41:56 | 00,601,178 | ---- | M] () – C:\Windows\System32\perfh009.dat
[2009/11/23 19:41:56 | 00,130,846 | ---- | M] () – C:\Windows\System32\perfc00C.dat
[2009/11/23 19:41:56 | 00,107,704 | ---- | M] () – C:\Windows\System32\perfc009.dat
[2009/11/23 18:15:24 | 00,000,786 | ---- | M] () – C:\Users\Brigitte\Desktop\7-Zip.lnk
[2009/11/22 21:14:26 | 00,020,992 | ---- | M] () – C:\Users\Brigitte\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/22 18:31:31 | 00,002,673 | ---- | M] () – C:\Users\Brigitte\Desktop\Microsoft Word 2010 (Beta).lnk
[2009/11/22 14:03:50 | 00,001,663 | ---- | M] () – C:\Users\Public\Desktop\ImgBurn.lnk
[2009/11/21 17:42:41 | 00,002,627 | ---- | M] () – C:\Users\Brigitte\Desktop\Microsoft Excel 2010 (Beta).lnk
[2009/11/21 09:43:11 | 00,006,648 | ---- | M] () – C:\Users\Brigitte\AppData\Local\d3d9caps.dat
[2009/11/20 20:40:11 | 00,000,000 | -H-- | M] () – C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2009/11/20 17:12:58 | 02,952,692 | ---- | M] () – C:\Users\Brigitte\Documents\Jean Clé.png
[2009/11/20 16:55:01 | 00,000,929 | ---- | M] () – C:\Users\Public\Desktop\Sun VirtualBox.lnk
[2009/11/20 09:14:18 | 00,397,624 | ---- | M] () – C:\Windows\System32\FNTCACHE.DAT
[2009/11/19 20:34:48 | 00,106,904 | ---- | M] () – C:\Users\Brigitte\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/11/19 19:08:16 | 00,000,254 | ---- | M] () – C:\Windows\win.ini
[2009/11/18 16:14:37 | 00,043,558 | ---- | M] () – C:\Users\Brigitte\Documents\Capturer.JPG
[2009/11/17 20:41:40 | 00,000,136 | ---- | M] () – C:\Users\Brigitte\Desktop\Chessmaster Grandmaster.lnk
[2009/11/17 17:12:14 | 00,000,859 | ---- | M] () – C:\Users\Brigitte\Desktop\Kptic.lnk
[2009/11/17 13:11:34 | 00,074,328 | ---- | M] (COMODO) – C:\Windows\System32\drivers\inspect.sys
[2009/11/17 13:11:04 | 00,029,520 | ---- | M] (COMODO) – C:\Windows\System32\drivers\cmdhlp.sys
[2009/11/16 19:14:39 | 01,474,832 | ---- | M] () – C:\Windows\System32\drivers\sfi.dat
[2009/11/16 18:56:06 | 00,000,952 | ---- | M] () – C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2009/11/16 18:53:27 | 00,000,956 | ---- | M] () – C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2009/11/15 15:17:06 | 00,001,706 | ---- | M] () – C:\Users\Brigitte\Desktop\Defraggler.lnk
[2009/11/15 14:27:08 | 00,000,946 | ---- | M] () – C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2009/11/15 13:26:46 | 00,000,852 | ---- | M] () – C:\Users\Brigitte\Desktop\Orbit.lnk
[2009/11/15 11:30:22 | 00,003,420 | ---- | M] () – C:\Users\Brigitte\AppData\Roaming\wklnhst.dat
[2009/11/11 11:00:56 | 00,000,996 | ---- | M] () – C:\Users\Public\Desktop\Microsoft Baseline Security Analyzer 2.1.lnk
[2009/11/10 14:54:18 | 00,095,568 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxNetAdp.sys
[2009/11/10 14:54:12 | 00,116,560 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxDrv.sys
[2009/11/10 14:54:02 | 00,133,648 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\VBoxNetFltNotify.dll
[2009/11/10 14:53:54 | 00,104,016 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxNetFlt.sys
[2009/11/10 14:53:54 | 00,041,424 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxUSBMon.sys
[2009/11/08 14:55:42 | 00,001,037 | ---- | M] () – C:\Users\Public\Desktop\Camtasia Studio 6.lnk
[2009/11/07 20:48:26 | 00,000,787 | ---- | M] () – C:\Users\Public\Desktop\SRWare Iron.lnk
[2009/11/06 22:25:06 | 00,000,997 | ---- | M] () – C:\Users\Public\Desktop\OpenOffice.org 3.1.lnk
[2009/11/06 21:48:31 | 00,000,844 | ---- | M] () – C:\Users\Brigitte\Desktop\PhotoFiltre.lnk
[2009/11/03 19:27:39 | 00,001,061 | ---- | M] () – C:\Users\Brigitte\Desktop\Revo Uninstaller.lnk
[2009/11/02 20:42:06 | 00,195,456 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\MpSigStub.exe
[2009/11/02 16:18:53 | 00,000,863 | ---- | M] () – C:\Users\Public\Desktop\VLC media player.lnk
[2009/11/01 15:52:30 | 00,001,674 | ---- | M] () – C:\Users\Brigitte\Desktop\CCleaner.lnk
[2009/10/29 10:17:42 | 00,002,048 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\tzres.dll
[2009/10/28 16:52:14 | 00,000,000 | ---- | M] () – C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[1 C:\Users\Brigitte*.tmp files -> C:\Users\Brigitte*.tmp -> ]
========== Files Created - No Company Name ==========
[2009/11/27 13:16:54 | 01,364,348 | ---- | C] () – C:\Users\Brigitte\Desktop\UsbFix.exe
[2009/11/26 21:44:10 | 00,001,912 | ---- | C] () – C:\Users\Brigitte\Desktop\Windows Live Messenger .lnk
[2009/11/25 17:29:01 | 00,000,635 | ---- | C] () – C:\Users\Brigitte\Documents\CDT ORPM2009-5.pdf - Raccourci.lnk
[2009/11/24 20:24:49 | 00,001,737 | ---- | C] () – C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/11/24 19:00:49 | 15,524,589 | ---- | C] () – C:\Users\Brigitte\Documents\Firefox 3.5.5 (fr) - 2009-11-24.pcv
[2009/11/24 17:50:07 | 00,001,695 | ---- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk
[2009/11/23 19:52:45 | 00,000,727 | ---- | C] () – C:\Users\Public\Desktop\Opera.lnk
[2009/11/23 18:15:24 | 00,000,786 | ---- | C] () – C:\Users\Brigitte\Desktop\7-Zip.lnk
[2009/11/22 14:03:50 | 00,001,663 | ---- | C] () – C:\Users\Public\Desktop\ImgBurn.lnk
[2009/11/20 20:40:11 | 00,000,000 | -H-- | C] () – C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2009/11/20 20:22:30 | 00,001,647 | ---- | C] () – C:\Users\Brigitte\Desktop\Recuva.lnk
[2009/11/20 17:12:58 | 02,952,692 | ---- | C] () – C:\Users\Brigitte\Documents\Jean Clé.png
[2009/11/20 16:55:01 | 00,000,929 | ---- | C] () – C:\Users\Public\Desktop\Sun VirtualBox.lnk
[2009/11/19 20:27:54 | 00,002,627 | ---- | C] () – C:\Users\Brigitte\Desktop\Microsoft Excel 2010 (Beta).lnk
[2009/11/19 20:27:01 | 00,002,673 | ---- | C] () – C:\Users\Brigitte\Desktop\Microsoft Word 2010 (Beta).lnk
[2009/11/18 15:57:01 | 00,043,558 | ---- | C] () – C:\Users\Brigitte\Documents\Capturer.JPG
[2009/11/17 20:41:40 | 00,000,136 | ---- | C] () – C:\Users\Brigitte\Desktop\Chessmaster Grandmaster.lnk
[2009/11/17 17:12:14 | 00,000,859 | ---- | C] () – C:\Users\Brigitte\Desktop\Kptic.lnk
[2009/11/16 18:56:06 | 00,000,952 | ---- | C] () – C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2009/11/16 18:53:27 | 00,000,956 | ---- | C] () – C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2009/11/15 15:17:06 | 00,001,706 | ---- | C] () – C:\Users\Brigitte\Desktop\Defraggler.lnk
[2009/11/15 14:27:08 | 00,000,946 | ---- | C] () – C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2009/11/15 13:26:46 | 00,000,852 | ---- | C] () – C:\Users\Brigitte\Desktop\Orbit.lnk
[2009/11/11 11:00:56 | 00,000,996 | ---- | C] () – C:\Users\Public\Desktop\Microsoft Baseline Security Analyzer 2.1.lnk
[2009/11/08 14:55:42 | 00,001,037 | ---- | C] () – C:\Users\Public\Desktop\Camtasia Studio 6.lnk
[2009/11/08 10:37:22 | 00,116,296 | ---- | C] () – C:\Windows\System32\NCTWMAProfiles.prx
[2009/11/07 20:48:26 | 00,000,787 | ---- | C] () – C:\Users\Public\Desktop\SRWare Iron.lnk
[2009/11/06 22:39:24 | 00,378,718 | -H-- | C] () – C:\Users\Brigitte\intro.bmp
[2009/11/06 22:25:06 | 00,000,997 | ---- | C] () – C:\Users\Public\Desktop\OpenOffice.org 3.1.lnk
[2009/11/06 21:48:31 | 00,000,844 | ---- | C] () – C:\Users\Brigitte\Desktop\PhotoFiltre.lnk
[2009/11/03 19:27:39 | 00,001,061 | ---- | C] () – C:\Users\Brigitte\Desktop\Revo Uninstaller.lnk
[2009/11/02 20:22:29 | 00,001,058 | ---- | C] () – C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/11/02 20:22:20 | 00,001,054 | ---- | C] () – C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/11/02 16:18:53 | 00,000,863 | ---- | C] () – C:\Users\Public\Desktop\VLC media player.lnk
[2009/11/01 14:24:05 | 00,868,376 | ---- | C] () – C:\Users\Brigitte\Desktop\oiseau.jpg
[2009/10/28 16:52:14 | 00,000,000 | ---- | C] () – C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2009/10/01 17:07:33 | 00,000,154 | ---- | C] () – C:\Windows\cavscan.INI
[2009/09/20 18:49:01 | 00,007,900 | ---- | C] () – C:\Windows\MessengerPlus.ini
[2009/09/20 08:42:08 | 00,000,121 | ---- | C] () – C:\Windows\bdagent.INI
[2009/09/15 19:48:40 | 00,000,183 | ---- | C] () – C:\Windows\aimpr.ini
[2009/09/13 17:42:10 | 00,000,000 | ---- | C] () – C:\Windows\System32\setup_XP.ini
[2009/08/03 14:07:42 | 00,403,816 | ---- | C] () – C:\Windows\System32\OGACheckControl.dll
[2009/07/31 18:58:49 | 00,000,049 | ---- | C] () – C:\Users\Brigitte\AppData\Local\PathsToScan.txt
[2009/07/05 19:44:31 | 00,000,096 | ---- | C] () – C:\Users\Brigitte\AppData\Local\fusioncache.dat
[2009/06/27 19:28:40 | 00,000,036 | ---- | C] () – C:\Users\Brigitte\AppData\Local\housecall.guid.cache
[2009/06/03 17:52:33 | 00,000,022 | ---- | C] () – C:\Users\Brigitte\AppData\Local\kodakpcd.ini
[2009/06/01 18:36:24 | 00,524,288 | -HS- | C] () – C:\ProgramData\ntuser.dat{a548b7b0-4ea0-11de-9931-d724c43d8ee7}.TMContainer00000000000000000002.regtrans-ms
[2009/06/01 18:36:24 | 00,262,144 | ---- | C] () – C:\ProgramData\ntuser.dat
[2009/06/01 18:36:24 | 00,065,536 | -HS- | C] () – C:\ProgramData\ntuser.dat{a548b7b0-4ea0-11de-9931-d724c43d8ee7}.TM.blf
[2009/06/01 18:36:24 | 00,005,120 | -H-- | C] () – C:\ProgramData\ntuser.dat.LOG1
[2009/06/01 18:36:24 | 00,000,000 | -H-- | C] () – C:\ProgramData\ntuser.dat.LOG2
[2009/05/28 09:23:18 | 00,117,248 | ---- | C] () – C:\Windows\System32\EhStorAuthn.dll
[2009/04/05 18:57:00 | 00,000,290 | RHS- | C] () – C:\ProgramData\ntuser.pol
[2009/03/27 16:57:55 | 01,211,904 | ---- | C] () – C:\Windows\System32\Incinerator.dll
[2009/03/14 09:51:29 | 00,339,968 | ---- | C] () – C:\Windows\System32\pythoncom25.dll
[2009/03/14 09:51:29 | 00,114,688 | ---- | C] () – C:\Windows\System32\pywintypes25.dll
[2008/12/25 18:23:11 | 00,000,027 | ---- | C] () – C:\Windows\System32\VideoGenieSetup.ini
[2008/12/21 14:13:43 | 00,031,007 | ---- | C] () – C:\Users\Brigitte\AppData\Roaming\UserTile.png
[2008/08/21 12:17:22 | 00,020,992 | ---- | C] () – C:\Users\Brigitte\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/14 14:00:37 | 00,003,420 | ---- | C] () – C:\Users\Brigitte\AppData\Roaming\wklnhst.dat
[2008/08/12 12:40:51 | 00,006,648 | ---- | C] () – C:\Users\Brigitte\AppData\Local\d3d9caps.dat
[2008/07/30 19:53:08 | 00,000,030 | ---- | C] () – C:\Windows\SETPANEL.INI
[2008/07/30 19:52:53 | 00,000,092 | ---- | C] () – C:\Windows\CLEANUP.INI
[2008/07/30 13:27:05 | 00,011,570 | ---- | C] () – C:\ProgramData\hpzinstall.log
[2008/07/30 10:02:53 | 01,749,376 | ---- | C] () – C:\Windows\System32\snp2uvc.sys
[2008/07/30 10:02:53 | 00,028,032 | ---- | C] ()
Voilà j’ai refais le scan :
OTL logfile created on: 27/11/2009 21:32:38 - Run 2
OTL by OldTimer - Version 3.1.11.0 Folder = C:\Users\Brigitte\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1,99 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 53,19% Memory free
4,00 Gb Paging File | 2,70 Gb Available in Paging File | 67,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69,77 Gb Total Space | 21,02 Gb Free Space | 30,13% Space Free | Partition Type: NTFS
Drive D: | 69,52 Gb Total Space | 44,18 Gb Free Space | 63,55% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC-DE-BRIGITTE
Current User Name: Brigitte
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Users\Brigitte\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Users\Brigitte\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe (Matt Holwood)
PRC - C:\Program Files\MessengerDiscovery 2\MessengerDiscovery 2.exe (Matt Holwood)
PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
PRC - C:\Program Files\orange\MailNotifier\MailNotifier.exe ()
PRC - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Orbitdownloader\orbitnet.exe (Orbitdownloader.com)
PRC - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\IELowutil.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
PRC - C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
PRC - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
PRC - C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
PRC - C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
PRC - C:\Acer\Mobility Center\MobilityService.exe ()
========== Modules (SafeList) ==========
MOD - C:\Users\Brigitte\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (gupdate) Google Update Service (gupdate) – File not found
SRV - (0267471241168295mcinstcleanup) – File not found
SRV - (cmdAgent) – C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (Microsoft SharePoint Workspace Audit Service) – C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (osppsvc) – C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) – C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (FontCache) – C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (MBAMService) – C:\Program Files\Malwarebytes’ Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MsMpSvc) – C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (Microsoft Corporation)
SRV - (SeaPort) – C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (wlidsvc) – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (YahooAUService) – C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (ACDaemon) – C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (Pml Driver HPZ12) – C:\Windows\System32\HPZipm12.dll (Hewlett-Packard)
SRV - (Net Driver HPZ12) – C:\Windows\System32\HPZinw12.dll (Hewlett-Packard)
SRV - (hpqddsvc) – C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.)
SRV - (hpqcxs08) – C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - (WinDefend) – C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) – C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (ehRecvr) – C:\Windows\ehome\ehrecvr.exe (Microsoft Corporation)
SRV - (WMIService) – C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
SRV - (eNet Service) – C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
SRV - (eSettingsService) – C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (eDataSecurity Service) – C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)
SRV - (IAANTMON) Intel® – C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
SRV - (eLockService) – C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
SRV - (eRecoveryService) – C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (XAudioService) – C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
SRV - (RichVideo) Cyberlink RichVideo Service(CRVS) – C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()
SRV - (LightScribeService) – C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (FTRTSVC) – C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (France Telecom SA)
SRV - (MobilityService) – C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (ehSched) – C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart) – C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (cmdGuard) – C:\Windows\System32\drivers\cmdguard.sys (COMODO)
DRV - (inspect) – C:\Windows\System32\drivers\inspect.sys (COMODO)
DRV - (cmdHlp) – C:\Windows\System32\drivers\cmdhlp.sys (COMODO)
DRV - (VBoxNetAdp) – C:\Windows\System32\drivers\VBoxNetAdp.sys (Sun Microsystems, Inc.)
DRV - (VBoxDrv) – C:\Windows\System32\drivers\VBoxDrv.sys (Sun Microsystems, Inc.)
DRV - (VBoxNetFlt) – C:\Windows\System32\drivers\VBoxNetFlt.sys (Sun Microsystems, Inc.)
DRV - (VBoxUSBMon) – C:\Windows\System32\drivers\VBoxUSBMon.sys (Sun Microsystems, Inc.)
DRV - (KeyScrambler) – C:\Windows\System32\drivers\keyscrambler.sys (QFX Software Corporation)
DRV - (MBAMProtector) – C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (MpFilter) – C:\Windows\System32\drivers\MpFilter.sys (Microsoft Corporation)
DRV - (MpNWMon) – C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (kl1) – C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
DRV - (GearAspiWDM) – C:\Windows\System32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (SbFw) – C:\Windows\System32\drivers\SbFw.sys (Sunbelt Software, Inc.)
DRV - (KMWDFILTER) – C:\Windows\System32\drivers\KMWDFILTER.sys (Windows ® Codename Longhorn DDK provider)
DRV - (SBFWIMCL) – C:\Windows\System32\drivers\SbFwIm.sys (Sunbelt Software, Inc.)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) – C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl (Cyberlink Corp.)
DRV - (igfx) – C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (NTIDrvr) – C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) – C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) – C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (BCM43XX) – C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (ApfiltrService) – C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (b57nd60x) – C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (NETw4v32) Pilote de carte Intel® – C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (HSF_DPV) – C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) – C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) – C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (PSDNServ) – C:\Windows\system32\drivers\PSDNServ.sys (HiTRUST)
DRV - (psdvdisk) – C:\Windows\system32\drivers\psdvdisk.sys (HiTRUST)
DRV - (PSDFilter) – C:\Windows\system32\DRIVERS\psdfilter.sys (HiTRUST)
DRV - (BTWUSB) – C:\Windows\System32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (rismxdp) – C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (iaStor) – C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (enecir) – C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (rimmptsk) – C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (XAudio) – C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (rimsptsk) – C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (int15) – C:\Acer\Empowering Technology\eRecovery\int15.sys ()
DRV - (PCAMp50) – C:\Windows\System32\drivers\PCAMp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (PCASp50) – C:\Windows\System32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (DKbFltr) – C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (DritekPortIO) – C:\PROGRA~1\LAUNCH~1\DPortIO.sys (Dritek System Inc.)
DRV - (ql2300) – C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) – C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) – C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) – C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) – C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) – C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) – C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) – C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) – C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) – C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) – C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) – C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) – C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) – C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) – C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) – C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) – C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) – C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) – C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) – C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) – C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) – C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) – C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) – C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) – C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) – C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) – C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) – C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) – C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) – C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) – C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) – C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) – C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) – C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) – C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) – C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) – C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) – C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) – C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) – C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) – C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (HSFHWAZL) – C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) – C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NETw3v32) Pilote de carte Intel® – C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (E1G60) Intel® – C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (secdrv) – C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (mdmxsdk) – C:\Windows\System32\drivers\mdmxsdk.sys (Conexant)
DRV - (Aspi32) – C:\Windows\System32\drivers\aspi32.sys (Adaptec)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.msn.com…
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = search.yahoo.com…
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = fr.yahoo.com…
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = fr.msn.com…
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9D 29 4D 03 9A F1 C9 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0
========== FireFox ==========
FF - prefs.js…browser.search.defaultenginename: “Google”
FF - prefs.js…browser.search.defaulturl: “http://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=”
FF - prefs.js…browser.search.openintab: true
FF - prefs.js…browser.search.param.yahoo-fr: “moz2-ytff-”
FF - prefs.js…browser.search.param.yahoo-fr-cjkt: “moz2-ytff-”
FF - prefs.js…browser.search.useDBForOrder: true
FF - prefs.js…browser.startup.homepage: “http://fr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official”
FF - prefs.js…extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js…extensions.enabledItems: 6
FF - prefs.js…extensions.enabledItems: 2
FF - prefs.js…extensions.enabledItems: 48
FF - prefs.js…extensions.enabledItems: {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}:0.76
FF - prefs.js…extensions.enabledItems: {FC5BAC7D-D696-4ba6-B913-CF8F000C33DF}:2.1.4
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\Components: C:\Program Files\Mozilla Firefox\components [2009/11/26 13:32:45 | 00,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/26 13:32:45 | 00,000,000 | —D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\Components: C:\Program Files\Mozilla Thunderbird\components [2009/11/26 13:32:45 | 00,000,000 | —D | M]
[2009/11/01 16:03:51 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Extensions
[2009/11/01 15:36:49 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Extensions-BackupByFirefoxPortable
[2009/11/01 15:36:49 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Extensions-BackupByFirefoxPortable{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/27 16:40:56 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions
[2009/11/09 19:15:26 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2009/11/01 16:21:22 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2009/11/21 15:55:30 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2009/11/15 19:00:40 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/11/18 12:53:45 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/11/08 15:58:16 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2009/11/06 07:28:58 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/11/01 16:19:46 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/11/07 18:45:06 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2009/11/01 16:51:22 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2009/11/06 07:28:57 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\cipherfox@mkfly
[2009/11/09 19:15:24 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\firegpg@firegpg.team
[2009/11/01 16:18:03 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\illimitux@illimitux.net
[2009/11/01 16:27:42 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\keyscrambler@qfx.software.corporation
[2009/11/01 16:31:51 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\lazarus@interclue.com
[2009/11/01 16:05:10 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\martin@hoerandl.com
[2009/11/02 17:08:24 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\openmedspel@e-medtools.com
[2009/11/01 18:09:33 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\5vuwsbyk.default\extensions\secureLogin@blueimp.net
[2009/11/01 15:43:40 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions
[2009/11/01 15:35:21 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/01 15:43:40 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions{35379F86-8CCB-4724-AE33-4278DE266C70}
[2009/11/01 15:35:38 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/11/01 15:35:41 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2009/11/01 15:35:21 | 00,000,000 | —D | M] – C:\Users\Brigitte\AppData\Roaming\mozilla\Firefox\Profiles\v542d37t.default\extensions\staged-xpis
[2009/11/25 13:12:38 | 00,000,000 | —D | M] – C:\Program Files\mozilla firefox\extensions
[2009/11/03 02:56:19 | 00,001,516 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/11/03 02:56:19 | 00,001,822 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/11/03 02:56:19 | 00,000,757 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2009/11/03 02:56:19 | 00,001,426 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/11/03 02:56:19 | 00,000,652 | ---- | M] () – C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: (317268 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 10562 more lines…
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Programme d’aide de l’Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM…\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM…\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKLM…\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU…\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU…\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU…\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O4 - HKLM…\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM…\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM…\Run: [Malwarebytes’ Anti-Malware] C:\Program Files\Malwarebytes’ Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM…\Run: [MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM…\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)
O4 - HKLM…\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU…\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU…\Run: [MailNotifier] C:\Program Files\orange\MailNotifier\MailNotifier.exe ()
O4 - HKCU…\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU…\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU…\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU…\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM…\RunOnce: [] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra ‘Tools’ menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O15 - HKCU…Trusted Domains: orange.fr ([logicielsgratuits] http in Sites de confiance)
O15 - HKCU…Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} messenger.zone.msn.com… (Checkers Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} dlm.tools.akamai.com… (DLM Control)
O16 - DPF: {4DD20514-9520-40A7-9CD6-66883643A20B} www.boaki.com… (UviLaunch Control)
O16 - DPF: {5A779DC0-837B-4590-AC42-C7C0847478C5} logicielsgratuits.orange.fr… (OrangeInstaller_ModuleIE Control)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} messenger.zone.msn.com… (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} messenger.zone.msn.com… (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com… (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} fpdownload.macromedia.com… (Reg Error: Key error.)
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} webtv.guidetv.orange.fr… (FTMediaPlayer Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} messenger.zone.msn.com… (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} messenger.zone.msn.com… (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} java.sun.com… (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} java.sun.com… (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com… (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} platformdl.adobe.com… (Reg Error: Key error.)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} download.mcafee.com… (McFreeScan Class)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} messenger.zone.msn.com… (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/x-mrml {C51721BE-858B-4A66-A8BF-D2882FF49820} - C:\Program Files\Common Files\A&W\MidRadio.ocx (YAMAHA CORPORATION)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat – [ NTFS ]
O33 - MountPoints2{d7f9a224-8014-11dd-9e64-aa49c949cd35}\Shell\Auto\command - “” = C:\Windows\System32\cmd.exe – [2008/01/19 08:33:04 | 00,318,976 | ---- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: () - File not found
O35 - comfile [open] – “%1” % File not found
O35 - exefile [open] – “%1” %* File not found
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/07/31 10:33:00 | 00,000,000 | —D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
========== Files/Folders - Created Within 30 Days ==========
[2009/11/27 16:06:28 | 00,532,992 | ---- | C] (OldTimer Tools) – C:\Users\Brigitte\Desktop\OTL.exe
[2009/11/27 13:17:39 | 00,171,552 | ---- | C] (COMODO) – C:\Windows\System32\guard32.dll
[2009/11/27 13:17:04 | 00,000,000 | —D | C] – C:\UsbFix
[2009/11/26 21:47:57 | 00,000,000 | —D | C] – C:\ProgramData\MessengerDiscovery 2
[2009/11/26 21:47:56 | 00,000,000 | —D | C] – C:\Program Files\MessengerDiscovery 2
[2009/11/25 19:42:22 | 00,002,048 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\tzres.dll
[2009/11/25 15:24:01 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Mes enregistrements de webcam
[2009/11/25 15:22:20 | 00,000,000 | —D | C] – C:\Program Files\FileHippo.com
[2009/11/25 14:53:26 | 00,107,368 | ---- | C] (GEAR Software Inc.) – C:\Windows\System32\GEARAspi.dll
[2009/11/25 14:53:20 | 00,026,600 | ---- | C] (GEAR Software Inc.) – C:\Windows\System32\drivers\GEARAspiWDM.sys
[2009/11/25 14:51:24 | 00,000,000 | —D | C] – C:\ProgramData{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/11/25 12:52:24 | 00,714,240 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\timedate.cpl
[2009/11/23 18:05:56 | 00,000,000 | —D | C] – C:\Program Files\7-Zip
[2009/11/22 14:03:26 | 00,000,000 | —D | C] – C:\Program Files\ImgBurn
[2009/11/20 20:22:29 | 00,000,000 | —D | C] – C:\Program Files\Recuva
[2009/11/20 16:58:33 | 00,000,000 | —D | C] – C:\Users\Brigitte.VirtualBox
[2009/11/20 16:54:56 | 00,116,560 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxDrv.sys
[2009/11/20 16:54:25 | 00,041,424 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxUSBMon.sys
[2009/11/20 16:53:58 | 00,000,000 | —D | C] – C:\Program Files\Sun
[2009/11/19 19:15:34 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Synchronization Services
[2009/11/19 19:10:26 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Visual Studio 8
[2009/11/19 19:05:32 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Analysis Services
[2009/11/19 19:03:20 | 00,000,000 | RH-D | C] – C:\MSOCache
[2009/11/18 20:27:37 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\Download Manager
[2009/11/18 20:05:16 | 00,000,000 | —D | C] – C:\Program Files\Microsoft SQL Server Compact Edition
[2009/11/18 20:03:59 | 00,000,000 | —D | C] – C:\Program Files\Windows Live
[2009/11/18 16:28:10 | 00,000,000 | —D | C] – C:\Program Files\Gibcom
[2009/11/17 20:18:22 | 00,000,000 | —D | C] – C:\Program Files\Ubisoft
[2009/11/17 17:11:33 | 00,000,000 | —D | C] – C:\Program Files\Kptic Neonumeric
[2009/11/17 12:52:24 | 00,000,000 | —D | C] – C:\ProgramData\F-Secure
[2009/11/16 21:31:23 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\Kptic
[2009/11/16 18:53:25 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Security Essentials
[2009/11/16 18:53:22 | 00,000,000 | —D | C] – C:\ProgramData\Comodo
[2009/11/16 18:53:19 | 00,128,376 | ---- | C] (COMODO) – C:\Windows\System32\drivers\cmdguard.sys
[2009/11/16 18:53:19 | 00,074,328 | ---- | C] (COMODO) – C:\Windows\System32\drivers\inspect.sys
[2009/11/16 18:53:19 | 00,029,520 | ---- | C] (COMODO) – C:\Windows\System32\drivers\cmdhlp.sys
[2009/11/15 15:17:05 | 00,000,000 | —D | C] – C:\Program Files\Defraggler
[2009/11/15 14:27:29 | 00,000,000 | —D | C] – C:\ProgramData\Yahoo! Companion
[2009/11/15 13:26:28 | 00,000,000 | —D | C] – C:\Program Files\Orbitdownloader
[2009/11/15 11:31:38 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Emoticon Web
[2009/11/15 11:25:26 | 00,000,000 | R–D | C] – C:\Users\Brigitte\Documents\Exercices Brigitte
[2009/11/14 22:09:34 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Divers
[2009/11/14 22:09:12 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Aides Personnes Théo
[2009/11/14 22:07:26 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Charges Maison 2009
[2009/11/14 22:05:46 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Travail Brigitte
[2009/11/14 22:02:04 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Image Web
[2009/11/13 20:32:44 | 00,000,000 | —D | C] – C:\Program Files\RogueRemover FREE
[2009/11/13 16:29:10 | 00,000,000 | -HSD | C] – C:\ProgramData{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2009/11/12 22:13:15 | 00,000,000 | —D | C] – C:\Program Files\QuickTime
[2009/11/12 13:19:20 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\Auslogics
[2009/11/11 11:17:55 | 02,036,736 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\win32k.sys
[2009/11/11 11:17:46 | 00,355,328 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\WSDApi.dll
[2009/11/11 11:00:51 | 00,000,000 | —D | C] – C:\Program Files\Microsoft Baseline Security Analyzer 2
[2009/11/11 10:52:05 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\HouseCall 6.6
[2009/11/10 14:54:18 | 00,095,568 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxNetAdp.sys
[2009/11/10 14:54:02 | 00,133,648 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\VBoxNetFltNotify.dll
[2009/11/10 14:53:54 | 00,104,016 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxNetFlt.sys
[2009/11/08 17:53:37 | 00,000,000 | -H-D | C] – C:\Users\Brigitte\784E6B0F00EC495095A2BBA64F44EC48.TMP
[2009/11/08 15:00:00 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Camtasia Studio
[2009/11/08 14:32:50 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Local\TechSmith
[2009/11/08 14:32:37 | 00,000,000 | —D | C] – C:\Users\Brigitte\Documents\Custom Production Presets 5.0
[2009/11/08 14:31:53 | 00,000,000 | —D | C] – C:\ProgramData\TechSmith
[2009/11/08 14:31:28 | 00,000,000 | —D | C] – C:\Program Files\Common Files\TechSmith Shared
[2009/11/08 14:31:24 | 00,000,000 | —D | C] – C:\Program Files\TechSmith
[2009/11/08 11:45:25 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\javaws.exe
[2009/11/08 11:45:25 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\javaw.exe
[2009/11/08 11:45:25 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) – C:\Windows\System32\java.exe
[2009/11/08 10:37:22 | 01,986,560 | ---- | C] (NCT Company Ltd.) – C:\Windows\System32\AudFile.dll
[2009/11/08 10:37:22 | 01,212,416 | ---- | C] (NCT Company Ltd.) – C:\Windows\System32\AudioInfos.dll
[2009/11/08 10:37:22 | 00,348,160 | ---- | C] (NCT Company Ltd.) – C:\Windows\System32\WMAFile.dll
[2009/11/08 10:37:22 | 00,115,920 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\msinet.OCX
[2009/11/08 10:37:22 | 00,040,960 | ---- | C] (vbAccelerator) – C:\Windows\System32\SSubTmr6.dll
[2009/11/08 10:37:22 | 00,015,360 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\inetfr.DLL
[2009/11/07 20:47:54 | 00,000,000 | —D | C] – C:\Program Files\SRWare Iron
[2009/11/07 10:27:03 | 00,000,000 | —D | C] – C:\Program Files\Lavalys
[2009/11/06 22:32:12 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\OpenOffice.org
[2009/11/06 22:22:25 | 00,000,000 | —D | C] – C:\Program Files\JRE
[2009/11/06 22:22:09 | 00,000,000 | —D | C] – C:\Program Files\OpenOffice.org 3
[2009/11/06 21:48:06 | 00,000,000 | —D | C] – C:\Program Files\PhotoFiltre
[2009/11/06 18:38:21 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\ImgBurn
[2009/11/06 18:12:45 | 00,000,000 | —D | C] – C:\ProgramData\LightScribe
[2009/11/06 18:10:55 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\Nero
[2009/11/06 18:05:59 | 00,000,000 | —D | C] – C:\ProgramData\Nero
[2009/11/06 18:05:57 | 00,000,000 | —D | C] – C:\Program Files\Common Files\Nero
[2009/11/04 12:54:21 | 01,638,912 | ---- | C] (Microsoft Corporation) – C:\Windows\System32\mshtml.tlb
[2009/11/03 19:27:38 | 00,000,000 | —D | C] – C:\Program Files\VS Revo Group
[2009/11/02 20:08:33 | 00,000,000 | —D | C] – C:\Program Files\uTorrent
[2009/11/02 16:19:23 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\vlc
[2009/11/01 16:03:15 | 00,000,000 | —D | C] – C:\Program Files\Mozilla Firefox
[2009/11/01 14:32:37 | 00,000,000 | —D | C] – C:\Users\Brigitte\AppData\Roaming\IDM
[2008/07/30 10:02:53 | 00,172,032 | ---- | C] ( ) – C:\Windows\System32\rsnp2uvc.dll
[2008/07/30 10:02:53 | 00,053,248 | ---- | C] ( ) – C:\Windows\System32\csnp2uvc.dll
[2007/08/10 15:40:58 | 00,045,056 | ---- | C] ( ) – C:\Windows\PLFSet.dll
[2007/08/10 08:29:05 | 00,053,248 | ---- | C] ( ) – C:\Windows\System32\Interop.Shell32.dll
[1 C:\Users\Brigitte*.tmp files -> C:\Users\Brigitte*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2009/11/27 21:36:12 | 07,340,032 | -H-- | M] () – C:\Users\Brigitte\ntuser.dat
[2009/11/27 21:35:53 | 00,000,434 | -H-- | M] () – C:\Windows\tasks\User_Feed_Synchronization-{55AF2E8A-EBC9-4A50-8828-434D9E33BE57}.job
[2009/11/27 21:33:56 | 00,000,408 | -H-- | M] () – C:\Windows\tasks\User_Feed_Synchronization-{9E24F08E-1327-49FE-856E-F5C2AE8D8770}.job
[2009/11/27 21:33:00 | 00,001,058 | ---- | M] () – C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/11/27 20:33:00 | 00,001,054 | ---- | M] () – C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/11/27 20:27:05 | 00,003,168 | ---- | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/11/27 20:27:05 | 00,003,168 | ---- | M] () – C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/11/27 18:27:07 | 00,000,006 | -H-- | M] () – C:\Windows\tasks\SA.DAT
[2009/11/27 18:27:02 | 00,067,584 | --S- | M] () – C:\Windows\bootstat.dat
[2009/11/27 18:26:02 | 00,524,288 | -HS- | M] () – C:\Users\Brigitte\ntuser.dat{3061b2c5-a9dd-11de-ac40-f2bdef8fe8a1}.TMContainer00000000000000000001.regtrans-ms
[2009/11/27 18:26:02 | 00,065,536 | -HS- | M] () – C:\Users\Brigitte\ntuser.dat{3061b2c5-a9dd-11de-ac40-f2bdef8fe8a1}.TM.blf
[2009/11/27 17:03:15 | 00,684,650 | ---- | M] () – C:\Windows\System32\perfh00C.dat
[2009/11/27 17:03:15 | 00,601,178 | ---- | M] () – C:\Windows\System32\perfh009.dat
[2009/11/27 17:03:15 | 00,130,846 | ---- | M] () – C:\Windows\System32\perfc00C.dat
[2009/11/27 17:03:15 | 00,107,704 | ---- | M] () – C:\Windows\System32\perfc009.dat
[2009/11/27 17:03:14 | 01,514,930 | ---- | M] () – C:\Windows\System32\PerfStringBackup.INI
[2009/11/27 13:17:39 | 00,171,552 | ---- | M] (COMODO) – C:\Windows\System32\guard32.dll
[2009/11/27 12:50:37 | 15,370,988 | ---- | M] () – C:\Windows\System32\drivers\fidbox.idx
[2009/11/27 12:50:36 | 11,474,82144 | ---- | M] () – C:\Windows\System32\drivers\fidbox.dat
[2009/11/27 03:05:57 | 01,364,348 | ---- | M] () – C:\Users\Brigitte\Desktop\UsbFix.exe
[2009/11/26 21:44:10 | 00,001,912 | ---- | M] () – C:\Users\Brigitte\Desktop\Windows Live Messenger .lnk
[2009/11/26 15:50:45 | 00,532,992 | ---- | M] (OldTimer Tools) – C:\Users\Brigitte\Desktop\OTL.exe
[2009/11/25 17:29:01 | 00,000,635 | ---- | M] () – C:\Users\Brigitte\Documents\CDT ORPM2009-5.pdf - Raccourci.lnk
[2009/11/25 15:31:11 | 00,001,647 | ---- | M] () – C:\Users\Brigitte\Desktop\Recuva.lnk
[2009/11/25 14:20:49 | 00,002,377 | ---- | M] () – C:\Users\Public\Desktop\Skype.lnk
[2009/11/25 12:50:15 | 00,128,376 | ---- | M] (COMODO) – C:\Windows\System32\drivers\cmdguard.sys
[2009/11/25 12:41:26 | 00,001,695 | ---- | M] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk
[2009/11/24 20:24:49 | 00,001,737 | ---- | M] () – C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/11/24 19:00:58 | 15,524,589 | ---- | M] () – C:\Users\Brigitte\Documents\Firefox 3.5.5 (fr) - 2009-11-24.pcv
[2009/11/23 19:52:45 | 00,000,727 | ---- | M] () – C:\Users\Public\Desktop\Opera.lnk
[2009/11/23 18:15:24 | 00,000,786 | ---- | M] () – C:\Users\Brigitte\Desktop\7-Zip.lnk
[2009/11/22 21:14:26 | 00,020,992 | ---- | M] () – C:\Users\Brigitte\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/22 18:31:31 | 00,002,673 | ---- | M] () – C:\Users\Brigitte\Desktop\Microsoft Word 2010 (Beta).lnk
[2009/11/22 14:03:50 | 00,001,663 | ---- | M] () – C:\Users\Public\Desktop\ImgBurn.lnk
[2009/11/21 17:42:41 | 00,002,627 | ---- | M] () – C:\Users\Brigitte\Desktop\Microsoft Excel 2010 (Beta).lnk
[2009/11/21 09:43:11 | 00,006,648 | ---- | M] () – C:\Users\Brigitte\AppData\Local\d3d9caps.dat
[2009/11/20 20:40:11 | 00,000,000 | -H-- | M] () – C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2009/11/20 17:12:58 | 02,952,692 | ---- | M] () – C:\Users\Brigitte\Documents\Jean Clé.png
[2009/11/20 16:55:01 | 00,000,929 | ---- | M] () – C:\Users\Public\Desktop\Sun VirtualBox.lnk
[2009/11/20 09:14:18 | 00,397,624 | ---- | M] () – C:\Windows\System32\FNTCACHE.DAT
[2009/11/19 20:34:48 | 00,106,904 | ---- | M] () – C:\Users\Brigitte\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/11/19 19:08:16 | 00,000,254 | ---- | M] () – C:\Windows\win.ini
[2009/11/18 16:14:37 | 00,043,558 | ---- | M] () – C:\Users\Brigitte\Documents\Capturer.JPG
[2009/11/17 20:41:40 | 00,000,136 | ---- | M] () – C:\Users\Brigitte\Desktop\Chessmaster Grandmaster.lnk
[2009/11/17 17:12:14 | 00,000,859 | ---- | M] () – C:\Users\Brigitte\Desktop\Kptic.lnk
[2009/11/17 13:11:34 | 00,074,328 | ---- | M] (COMODO) – C:\Windows\System32\drivers\inspect.sys
[2009/11/17 13:11:04 | 00,029,520 | ---- | M] (COMODO) – C:\Windows\System32\drivers\cmdhlp.sys
[2009/11/16 19:14:39 | 01,474,832 | ---- | M] () – C:\Windows\System32\drivers\sfi.dat
[2009/11/16 18:56:06 | 00,000,952 | ---- | M] () – C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2009/11/16 18:53:27 | 00,000,956 | ---- | M] () – C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2009/11/15 15:17:06 | 00,001,706 | ---- | M] () – C:\Users\Brigitte\Desktop\Defraggler.lnk
[2009/11/15 14:27:08 | 00,000,946 | ---- | M] () – C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2009/11/15 13:26:46 | 00,000,852 | ---- | M] () – C:\Users\Brigitte\Desktop\Orbit.lnk
[2009/11/15 11:30:22 | 00,003,420 | ---- | M] () – C:\Users\Brigitte\AppData\Roaming\wklnhst.dat
[2009/11/11 11:00:56 | 00,000,996 | ---- | M] () – C:\Users\Public\Desktop\Microsoft Baseline Security Analyzer 2.1.lnk
[2009/11/10 14:54:18 | 00,095,568 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxNetAdp.sys
[2009/11/10 14:54:12 | 00,116,560 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxDrv.sys
[2009/11/10 14:54:02 | 00,133,648 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\VBoxNetFltNotify.dll
[2009/11/10 14:53:54 | 00,104,016 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxNetFlt.sys
[2009/11/10 14:53:54 | 00,041,424 | ---- | M] (Sun Microsystems, Inc.) – C:\Windows\System32\drivers\VBoxUSBMon.sys
[2009/11/08 14:55:42 | 00,001,037 | ---- | M] () – C:\Users\Public\Desktop\Camtasia Studio 6.lnk
[2009/11/07 20:48:26 | 00,000,787 | ---- | M] () – C:\Users\Public\Desktop\SRWare Iron.lnk
[2009/11/06 22:25:06 | 00,000,997 | ---- | M] () – C:\Users\Public\Desktop\OpenOffice.org 3.1.lnk
[2009/11/06 21:48:31 | 00,000,844 | ---- | M] () – C:\Users\Brigitte\Desktop\PhotoFiltre.lnk
[2009/11/03 19:27:39 | 00,001,061 | ---- | M] () – C:\Users\Brigitte\Desktop\Revo Uninstaller.lnk
[2009/11/02 20:42:06 | 00,195,456 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\MpSigStub.exe
[2009/11/02 16:18:53 | 00,000,863 | ---- | M] () – C:\Users\Public\Desktop\VLC media player.lnk
[2009/11/01 15:52:30 | 00,001,674 | ---- | M] () – C:\Users\Brigitte\Desktop\CCleaner.lnk
[2009/10/29 10:17:42 | 00,002,048 | ---- | M] (Microsoft Corporation) – C:\Windows\System32\tzres.dll
[1 C:\Users\Brigitte*.tmp files -> C:\Users\Brigitte*.tmp -> ]
========== Files Created - No Company Name ==========
[2009/11/27 13:16:54 | 01,364,348 | ---- | C] () – C:\Users\Brigitte\Desktop\UsbFix.exe
[2009/11/26 21:44:10 | 00,001,912 | ---- | C] () – C:\Users\Brigitte\Desktop\Windows Live Messenger .lnk
[2009/11/25 17:29:01 | 00,000,635 | ---- | C] () – C:\Users\Brigitte\Documents\CDT ORPM2009-5.pdf - Raccourci.lnk
[2009/11/24 20:24:49 | 00,001,737 | ---- | C] () – C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2009/11/24 19:00:49 | 15,524,589 | ---- | C] () – C:\Users\Brigitte\Documents\Firefox 3.5.5 (fr) - 2009-11-24.pcv
[2009/11/24 17:50:07 | 00,001,695 | ---- | C] () – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk
[2009/11/23 19:52:45 | 00,000,727 | ---- | C] () – C:\Users\Public\Desktop\Opera.lnk
[2009/11/23 18:15:24 | 00,000,786 | ---- | C] () – C:\Users\Brigitte\Desktop\7-Zip.lnk
[2009/11/22 14:03:50 | 00,001,663 | ---- | C] () – C:\Users\Public\Desktop\ImgBurn.lnk
[2009/11/20 20:40:11 | 00,000,000 | -H-- | C] () – C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2009/11/20 20:22:30 | 00,001,647 | ---- | C] () – C:\Users\Brigitte\Desktop\Recuva.lnk
[2009/11/20 17:12:58 | 02,952,692 | ---- | C] () – C:\Users\Brigitte\Documents\Jean Clé.png
[2009/11/20 16:55:01 | 00,000,929 | ---- | C] () – C:\Users\Public\Desktop\Sun VirtualBox.lnk
[2009/11/19 20:27:54 | 00,002,627 | ---- | C] () – C:\Users\Brigitte\Desktop\Microsoft Excel 2010 (Beta).lnk
[2009/11/19 20:27:01 | 00,002,673 | ---- | C] () – C:\Users\Brigitte\Desktop\Microsoft Word 2010 (Beta).lnk
[2009/11/18 15:57:01 | 00,043,558 | ---- | C] () – C:\Users\Brigitte\Documents\Capturer.JPG
[2009/11/17 20:41:40 | 00,000,136 | ---- | C] () – C:\Users\Brigitte\Desktop\Chessmaster Grandmaster.lnk
[2009/11/17 17:12:14 | 00,000,859 | ---- | C] () – C:\Users\Brigitte\Desktop\Kptic.lnk
[2009/11/16 18:56:06 | 00,000,952 | ---- | C] () – C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2009/11/16 18:53:27 | 00,000,956 | ---- | C] () – C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2009/11/15 15:17:06 | 00,001,706 | ---- | C] () – C:\Users\Brigitte\Desktop\Defraggler.lnk
[2009/11/15 14:27:08 | 00,000,946 | ---- | C] () – C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2009/11/15 13:26:46 | 00,000,852 | ---- | C] () – C:\Users\Brigitte\Desktop\Orbit.lnk
[2009/11/11 11:00:56 | 00,000,996 | ---- | C] () – C:\Users\Public\Desktop\Microsoft Baseline Security Analyzer 2.1.lnk
[2009/11/08 14:55:42 | 00,001,037 | ---- | C] () – C:\Users\Public\Desktop\Camtasia Studio 6.lnk
[2009/11/08 10:37:22 | 00,116,296 | ---- | C] () – C:\Windows\System32\NCTWMAProfiles.prx
[2009/11/07 20:48:26 | 00,000,787 | ---- | C] () – C:\Users\Public\Desktop\SRWare Iron.lnk
[2009/11/06 22:39:24 | 00,378,718 | -H-- | C] () – C:\Users\Brigitte\intro.bmp
[2009/11/06 22:25:06 | 00,000,997 | ---- | C] () – C:\Users\Public\Desktop\OpenOffice.org 3.1.lnk
[2009/11/06 21:48:31 | 00,000,844 | ---- | C] () – C:\Users\Brigitte\Desktop\PhotoFiltre.lnk
[2009/11/03 19:27:39 | 00,001,061 | ---- | C] () – C:\Users\Brigitte\Desktop\Revo Uninstaller.lnk
[2009/11/02 20:22:29 | 00,001,058 | ---- | C] () – C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/11/02 20:22:20 | 00,001,054 | ---- | C] () – C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/11/02 16:18:53 | 00,000,863 | ---- | C] () – C:\Users\Public\Desktop\VLC media player.lnk
[2009/11/01 14:24:05 | 00,868,376 | ---- | C] () – C:\Users\Brigitte\Desktop\oiseau.jpg
[2009/10/01 17:07:33 | 00,000,154 | ---- | C] () – C:\Windows\cavscan.INI
[2009/09/20 18:49:01 | 00,007,900 | ---- | C] () – C:\Windows\MessengerPlus.ini
[2009/09/20 08:42:08 | 00,000,121 | ---- | C] () – C:\Windows\bdagent.INI
[2009/09/15 19:48:40 | 00,000,183 | ---- | C] () – C:\Windows\aimpr.ini
[2009/09/13 17:42:10 | 00,000,000 | ---- | C] () – C:\Windows\System32\setup_XP.ini
[2009/08/03 14:07:42 | 00,403,816 | ---- | C] () – C:\Windows\System32\OGACheckControl.dll
[2009/07/31 18:58:49 | 00,000,049 | ---- | C] () – C:\Users\Brigitte\AppData\Local\PathsToScan.txt
[2009/07/05 19:44:31 | 00,000,096 | ---- | C] () – C:\Users\Brigitte\AppData\Local\fusioncache.dat
[2009/06/27 19:28:40 | 00,000,036 | ---- | C] () – C:\Users\Brigitte\AppData\Local\housecall.guid.cache
[2009/06/03 17:52:33 | 00,000,022 | ---- | C] () – C:\Users\Brigitte\AppData\Local\kodakpcd.ini
[2009/06/01 18:36:24 | 00,524,288 | -HS- | C] () – C:\ProgramData\ntuser.dat{a548b7b0-4ea0-11de-9931-d724c43d8ee7}.TMContainer00000000000000000002.regtrans-ms
[2009/06/01 18:36:24 | 00,262,144 | ---- | C] () – C:\ProgramData\ntuser.dat
[2009/06/01 18:36:24 | 00,065,536 | -HS- | C] () – C:\ProgramData\ntuser.dat{a548b7b0-4ea0-11de-9931-d724c43d8ee7}.TM.blf
[2009/06/01 18:36:24 | 00,005,120 | -H-- | C] () – C:\ProgramData\ntuser.dat.LOG1
[2009/06/01 18:36:24 | 00,000,000 | -H-- | C] () – C:\ProgramData\ntuser.dat.LOG2
[2009/05/28 09:23:18 | 00,117,248 | ---- | C] () – C:\Windows\System32\EhStorAuthn.dll
[2009/04/05 18:57:00 | 00,000,290 | RHS- | C] () – C:\ProgramData\ntuser.pol
[2009/03/27 16:57:55 | 01,211,904 | ---- | C] () – C:\Windows\System32\Incinerator.dll
[2009/03/14 09:51:29 | 00,339,968 | ---- | C] () – C:\Windows\System32\pythoncom25.dll
[2009/03/14 09:51:29 | 00,114,688 | ---- | C] () – C:\Windows\System32\pywintypes25.dll
[2008/12/25 18:23:11 | 00,000,027 | ---- | C] () – C:\Windows\System32\VideoGenieSetup.ini
[2008/12/21 14:13:43 | 00,031,007 | ---- | C] () – C:\Users\Brigitte\AppData\Roaming\UserTile.png
[2008/08/21 12:17:22 | 00,020,992 | ---- | C] () – C:\Users\Brigitte\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/14 14:00:37 | 00,003,420 | ---- | C] () – C:\Users\Brigitte\AppData\Roaming\wklnhst.dat
[2008/08/12 12:40:51 | 00,006,648 | ---- | C] () – C:\Users\Brigitte\AppData\Local\d3d9caps.dat
[2008/07/30 19:53:08 | 00,000,030 | ---- | C] () – C:\Windows\SETPANEL.INI
[2008/07/30 19:52:53 | 00,000,092 | ---- | C] () – C:\Windows\CLEANUP.INI
[2008/07/30 13:27:05 | 00,011,570 | ---- | C] () – C:\ProgramData\hpzinstall.log
[2008/07/30 10:02:53 | 01,749,376 | ---- | C] () – C:\Windows\System32\snp2uvc.sys
[2008/07/30 10:02:53 | 00,028,032 | ---- | C] () – C:\Windows\System32\sncduvc.sys
[2008/07/30 10:02:53 | 00,000,131 | ---- | C] () – C:\Windows\System32\PidList.ini
[2008/07/30 10:02:53 | 00,000,131 | ---- | C] () – C:\Windows\PidList.ini
[2008/02/11 18:55:18 | 00,147,456 | ---- | C] () – C:\Windows\System32\igfxCoIn_v1437.dll
[2007/08/10 19:04:58 | 00,001,024 | ---- | C] () – C:\Windows\System32\NTIBUN4.dll
[2007/08/10 15:42:39 | 00,000,115 | ---- | C] () – C:\Windows\Alaunch.ini
[2007/08/10 15:41:15 | 00,910,720 | ---- | C] () – C:\Windows\System32\igmedkrn.dll
[2007/08/10 15:41:15 | 00,204,800 | ---- | C] () – C:\Windows\System32\igfxCoIn_v1280.dll
[2007/08/10 15:40:58 | 01,749,376 | ---- | C] () – C:\Windows\System32\drivers\snp2uvc.sys
[2007/08/10 15:40:58 | 00,028,032 | ---- | C] () – C:\Windows\System32\drivers\sncduvc.sys
[2007/08/10 08:39:09 | 00,065,536 | ---- | C] () – C:\Windows\System32\NATTraversal.dll
[2007/08/10 08:30:08 | 00,076,584 | ---- | C] () – C:\Windows\System32\drivers\int15.sys
[2007/08/10 08:30:08 | 00,015,656 | ---- | C] () – C:\Windows\System32\drivers\int15_64.sys
[2007/08/10 08:28:59 | 00,331,776 | ---- | C] () – C:\Windows\System32\ScrollBarLib.dll
[2007/08/10 07:37:31 | 00,016,480 | ---- | C] () – C:\Windows\System32\rixdicon.dll
[2007/04/25 15:33:22 | 00,266,240 | ---- | C] () – C:\Windows\System32\NotesExtmngr.dll
[2007/04/25 15:32:50 | 00,204,800 | ---- | C] () – C:\Windows\System32\NotesActnMenu.dll
[2007/04/25 15:32:46 | 00,086,016 | ---- | C] () – C:\Windows\System32\MSNSpook.dll
[2007/04/25 15:31:00 | 00,028,672 | ---- | C] () – C:\Windows\System32\BatchCrypto.dll
[2007/04/25 15:30:52 | 00,073,728 | ---- | C] () – C:\Windows\System32\APISlice.dll
[2007/04/25 15:30:44 | 00,063,488 | ---- | C] () – C:\Windows\System32\ShowErrMsg.dll
[2006/12/25 14:44:48 | 00,022,016 | ---- | C] () – C:\Windows\System32\MailFormat_U.dll
[2006/11/02 13:35:32 | 00,005,632 | ---- | C] () – C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 00,013,750 | ---- | C] () – C:\Windows\System32\pacerprf.ini
[2005/03/14 13:38:28 | 00,000,469 | ---- | C] () – C:\Windows\bdoscandellang.ini
[2001/12/26 14:12:30 | 00,065,536 | ---- | C] () – C:\Windows\System32\multiplex_vcd.dll
[2001/09/03 21:46:38 | 00,110,592 | ---- | C] () – C:\Windows\System32\Hmpg12.dll
[2001/07/30 14:33:56 | 00,118,784 | ---- | C] () – C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 20:04:36 | 00,118,784 | ---- | C] () – C:\Windows\System32\HMPV2_ENC_MMX.dll
========== Custom Scans ==========
< %SYSTEMDRIVE%*.exe >
[2005/08/16 08:49:12 | 00,040,960 | ---- | M] (Sysinternals - www.sysinternals.com) – C:\junction.exe
< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2009/04/11 07:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 – C:\Windows\ERDNT\cache\scecli.dll
[2009/04/11 07:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 – C:\Windows\System32\scecli.dll
[2008/01/19 08:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 – C:\Windows\winsxs\x86_microsoft-windows-s…urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 07:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 – C:\Windows\winsxs\x86_microsoft-windows-s…urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2009/04/11 07:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE – C:\Windows\ERDNT\cache\netlogon.dll
[2009/04/11 07:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE – C:\Windows\System32\netlogon.dll
[2008/01/19 08:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F – C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[2009/04/11 07:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE – C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
[2006/11/02 10:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D – C:\Windows\ERDNT\cache\cngaudit.dll
[2006/11/02 10:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D – C:\Windows\System32\cngaudit.dll
[2006/11/02 10:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D – C:\Windows\winsxs\x86_microsoft-windows-cngaud