fichier VIRepair introuvable • page 2

nana_du_35 · le 19 Fév 2010 00:48

voila les rapport : le 1ER OTL Extras logfile created on: 19/02/2010 00:20:16 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\coolmel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142,04 Gb Total Space | 87,74 Gb Free Space | 61,77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-COOLMEL
Current User Name: coolmel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Lesaccros2.com - Service Photo] -- "C:\Program Files\Lesaccros2-Service Photo\Lesaccros2.com - Service Photo\Lesaccros2.com - Service Photo.exe" "%1" File not found
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{28069243-C861-4CF2-B1EE-BEAF725C3DC5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{70F47522-BB7F-4C82-B1C2-8CF00C95C722}" = lport=139 | protocol=6 | dir=in | app=system |
"{88548681-805D-4C59-8A3D-4CED81154887}" = lport=445 | protocol=6 | dir=in | app=system |
"{A78E3DE1-CAAA-4D0B-98D9-F110DFE180E6}" = rport=445 | protocol=6 | dir=out | app=system |
"{C756DF5F-9752-4465-95F9-704F0BEBD363}" = lport=138 | protocol=17 | dir=in | app=system |
"{CA0C0C6D-D7FA-4D2B-BDAD-489B2CD3B18D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CD8139B4-D78B-49AB-A98A-325CBD05C825}" = lport=137 | protocol=17 | dir=in | app=system |
"{CDC58677-A002-45B9-A200-3ADB281E186C}" = rport=137 | protocol=17 | dir=out | app=system |
"{D98A94CE-A48E-43E8-8B90-FA6ED5B707AB}" = rport=139 | protocol=6 | dir=out | app=system |
"{DDB271EA-17CB-4657-9E89-930DB96655DE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E118E806-B17F-4C47-9EB8-32C44A21ED62}" = rport=138 | protocol=17 | dir=out | app=system |
"{FC653DC5-6529-4A0C-9E48-B4EE872619A0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D28EB14-2896-43B3-B8B8-7CD7C8855751}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2086FF3A-83F6-4EAB-9AD3-883810D3AC2F}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{2E368BAB-7668-4CDA-9C64-1E81238C4B6A}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{2E6658CF-B417-4584-AA3D-389E8F475527}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{4DABA60E-89BD-4EC4-9DB9-75F24DC583C0}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{59340F09-7A37-4446-B045-066C145BD94F}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{5E7F0C2A-ADF3-4507-8B0A-9877A122406D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{638DBBD7-ADF4-48E5-B52A-6B569EF836C4}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{68606CEC-D8DB-47B4-945E-96DD1B16B339}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{6AC91B38-4A89-4846-81F0-0707E1D9AEE3}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{778303B1-5F53-4B80-BE5F-AD0FC21BC1FE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7FBB3F20-D96C-45D7-BFDD-27981BDF528D}" = protocol=17 | dir=in | app=c:\program files\i-buddy manager\i-buddymanager.exe |
"{8631F21F-77F8-4731-965F-C4EBA9D6D0D9}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{90FB5F89-9CB5-49DF-89AA-1EB38A29AF9F}" = protocol=6 | dir=in | app=c:\program files\lecteur canalplay\canalplayer.exe |
"{937179B9-6D89-4AB5-A30A-3542F1287D1B}" = protocol=17 | dir=in | app=c:\program files\lecteur canalplay\canalplayer.exe |
"{96F860C2-F83D-4DD4-91E1-552B11650632}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{99322855-7560-4E4D-9E6C-338F21D28CD9}" = protocol=6 | dir=in | app=c:\program files\i-buddy manager\i-buddymanager.exe |
"{9BEFADB7-9C4A-4746-A739-58ED0D0F850F}" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{CCFB22E6-7584-4D47-831C-33CF28A7D73A}" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |
"{D796F215-B308-477E-9D10-CF641ABE819D}" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"{E27A2CED-C5DC-487B-9DA1-5A5E6769A81F}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{E75851BA-3C19-460E-B0A6-3EDCB58A8D9C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F2912977-4916-4CD3-9CF1-7A0A515C3519}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{FD1AE1CE-B342-40A5-8E2B-94F37F53BEB5}" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\logitechdesktopmessenger.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{07D5737F-B952-4D3D-8089-FEBA994BAAC2}_is1" = Ipulp 1.2
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F24E48F-7692-4E89-8784-68DD4D2712A0}" = Microsoft SQL Server Native Client
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 17
"{27A2ABE9-E4C4-45DD-B9A8-CEEEE380E7E1}" = VAIO Content Metadata Intelligent Analyzing Manager
"{2C38C251-DE7B-40DC-9D26-C54044348DE5}" = BBI USB WIRELESS CONTROLLER
"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3B659FAD-E772-44A3-B7E7-560FF084669F}" = VAIO Smart Network
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{480DBB60-F0B6-45F2-B26F-1A2E11197791}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = Outil de restauration de données VAIO
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" =
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{6444D9D9-CD6C-4464-B970-55C606C944DC}" = Logitech QuickCam
"{6860B340-530D-46B3-91F8-1AE1F70F7C33}" = OpenOffice.org 3.0
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{757CC5BA-BF08-46A5-8D10-64C6FDF659C6}" = VAIO Content Metadata Manager Setting
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0120-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{961CE74B-30C0-47D6-ACD9-0C887A5E23F5}" = BitDefender Internet Security 2009
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C71059E-6DDD-4958-9251-7A5F865B6BA0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A30179B7-997A-4D47-AA43-57AE59A9C78B}" = Microsoft SQL Server VSS Writer
"{A33E457B-5369-481F-8B53-71108AE2EB5B}" = Roxio Easy Media Creator 10 LJ
"{A4399CF4-7A3F-4E84-B763-AD352640203D}" = VAIO Content Metadata XML Interface Library
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{CC56A2CB-EC09-4175-B8BD-93E2440D410B}" = VAIO Content Metadata Manager Setting
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D06F5884-B439-440B-A58D-6C057C2FF8EB}" = Click to Disc
"{D0AE373E-C276-432B-9A95-F8DD356A8242}" = VAIO Movie Story
"{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver
"{D90507A2-6183-497D-9075-951DC80362DA}" = VAIO Media plus
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{DD54CF66-090B-43E7-97C1-110EF526474D}" = ArcSoft Multimedia Email
"{DEBA60A3-7CDE-48D7-993D-7C68663AEE68}" = VAIO Content Metadata Intelligent Analyzing Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{FACD3674-FC12-4B6C-A923-E1D687704E9B}" = VAIO Content Metadata XML Interface Library
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ad-Remover" = Ad-Remover By C_XX
"BFGC" = Big Fish Games Client
"Centre de Big Fish Games" = Centre de Big Fish Games
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"dt icon module" =
"Get Yahoo! Messenger" = Installer Yahoo! Messenger
"Google Desktop" = Google Desktop
"gtfirstboot Setting Request" =
"HandBrake" = HandBrake 0.9.3
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Lesaccros2.com - Service Photo" = Lesaccros2.com - Service Photo
"lvdrivers_11.70" = Coffret de pilotes Logitech QuickCam
"Mahjong Towers Eternity" = Mahjong Towers Eternity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MarketingTools" = Vaio Marketing Tools
"Messenger Plus! Live" = Messenger Plus! Live
"MFU Module" =
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"NAVIGON Fresh" = NAVIGON Fresh 1.6.1
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa2" = Picasa 2
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Seven Transformation Pack" = Seven Transformation Pack 9.0.1
"VAIO Help and Support" =
"VAIO_My Club VAIO" = My Club VAIO
"Vista Start Menu_is1" = Vista Start Menu 3.15
"VLC media player" = VLC media player 0.9.8a
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"EASYVIDEOSOFT" = VideoTheque
"Facebook Plug-In" = Facebook Plug-In
"Vidéothèque" = Vidéothèque

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/02/2010 05:59:02 | Computer Name = PC-de-coolmel | Source = WinMgmt | ID = 10
Description =

Error - 10/02/2010 06:29:07 | Computer Name = PC-de-coolmel | Source = Google Update | ID = 20
Description =

Error - 10/02/2010 15:38:03 | Computer Name = PC-de-coolmel | Source = VzCdbSvc | ID = 7
Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code
d'erreur = 0x80042019)

Error - 10/02/2010 15:39:20 | Computer Name = PC-de-coolmel | Source = ESENT | ID = 455
Description = Catalog Database (1716) Catalog Database: L'Erreur -1811 s'est produite
lors de l'ouverture du fichier journal C:\Windows\system32\CatRoot2\edb0017E.log.

Error - 10/02/2010 15:39:20 | Computer Name = PC-de-coolmel | Source = Microsoft-Windows-CAPI2 | ID = 131329
Description =

Error - 10/02/2010 15:39:21 | Computer Name = PC-de-coolmel | Source = WinMgmt | ID = 10
Description =

Error - 11/02/2010 05:17:25 | Computer Name = PC-de-coolmel | Source = VzCdbSvc | ID = 7
Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code
d'erreur = 0x80042019)

Error - 11/02/2010 05:18:04 | Computer Name = PC-de-coolmel | Source = WinMgmt | ID = 10
Description =

Error - 11/02/2010 07:41:40 | Computer Name = PC-de-coolmel | Source = Application Error | ID = 1000
Description = Application défaillante SearchProtocolHost.exe, version 7.0.6002.18005,
horodatage 0x49e0244d, module défaillant kernel32.dll, version 6.0.6002.18005,
horodatage 0x49e037dd, code d’exception 0xc06d007e, décalage d’erreur 0x0003fbae,
ID
du processus 0x810, heure de début de l’application 0x01caab0f25e11af1.

Error - 11/02/2010 07:41:50 | Computer Name = PC-de-coolmel | Source = Application Error | ID = 1000
Description = Application défaillante SearchProtocolHost.exe, version 7.0.6002.18005,
horodatage 0x49e0244d, module défaillant kernel32.dll, version 6.0.6002.18005,
horodatage 0x49e037dd, code d’exception 0xc06d007e, décalage d’erreur 0x0003fbae,
ID
du processus 0x16bc, heure de début de l’application 0x01caab0f327f44d1.

[ System Events ]
Error - 18/02/2010 14:20:47 | Computer Name = PC-de-coolmel | Source = cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 18/02/2010 15:09:13 | Computer Name = PC-de-coolmel | Source = Service Control Manager | ID = 7034
Description =

Error - 18/02/2010 15:13:29 | Computer Name = PC-de-coolmel | Source = Service Control Manager | ID = 7000
Description =

Error - 18/02/2010 15:13:42 | Computer Name = PC-de-coolmel | Source = Service Control Manager | ID = 7022
Description =

Error - 18/02/2010 15:23:36 | Computer Name = PC-de-coolmel | Source = Service Control Manager | ID = 7000
Description =

Error - 18/02/2010 17:33:30 | Computer Name = PC-de-coolmel | Source = Service Control Manager | ID = 7000
Description =

Error - 18/02/2010 17:33:43 | Computer Name = PC-de-coolmel | Source = Service Control Manager | ID = 7022
Description =

Error - 18/02/2010 17:39:46 | Computer Name = PC-de-coolmel | Source = Service Control Manager | ID = 7000
Description =

Error - 18/02/2010 17:40:17 | Computer Name = PC-de-coolmel | Source = Service Control Manager | ID = 7000
Description =

Error - 18/02/2010 17:43:58 | Computer Name = PC-de-coolmel | Source = DCOM | ID = 10010
Description =

< End of report>

nana_du_35 · le 19 Fév 2010 00:51

et voila le 2eme:OTL logfile created on: 19/02/2010 00:20:16 - Run 1
OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\coolmel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 142,04 Gb Total Space | 87,74 Gb Free Space | 61,77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-COOLMEL
Current User Name: coolmel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\coolmel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe ()
PRC - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe (BitDefender S. R. L.)
PRC - C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL)
PRC - C:\Program Files\Vista Start Menu\VistaStartMenu.exe (OrdinarySoft)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten)
PRC - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.)
PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony NSCE)
PRC - C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
PRC - C:\Program Files\Sony\Network Utility\NSUService.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\Apntex.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Apoint\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
PRC - C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
PRC - C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe (Logitech Inc.)
PRC - C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
PRC - C:\Windows\System32\igfxsrvc.exe (Intel Corporation)
PRC - C:\Windows\System32\igfxext.exe (Intel Corporation)
PRC - C:\Windows\System32\igfxpers.exe (Intel Corporation)
PRC - C:\Windows\System32\hkcmd.exe (Intel Corporation)
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\mobsync.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)

========== Modules (SafeList) ==========

MOD - C:\Users\coolmel\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\Temp\logishrd\LVPrcInj01.dll (Logitech Inc.)

========== Win32 Services (SafeList) ==========

SRV - (gupdate) Service Google Update (gupdate) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (GoogleDesktopManager-110309-193829) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe (BitDefender S. R. L.)
SRV - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender SRL)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (scan) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten)
SRV - (SQLWriter) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (Arrakis3) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe (BitDefender S.R.L. http://www.bitdefender.com)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (NSUService) -- C:\Program Files\Sony\Network Utility\NSUService.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)
SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (XAudioService) -- C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
SRV - (LVSrvLauncher) -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (LVPrcSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LVCOMSer) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe (Logitech Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (ehstart) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (Bdfndisf) -- C:\Windows\System32\drivers\bdfndisf.sys (BitDefender LLC)
DRV - (bdftdif) -- C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys (BitDefender LLC)
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (Trufos) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys (BitDefender S.R.L.)
DRV - (usbaudio) Pilote USB audio (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (BDSelfPr) -- C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender S.R.L.)
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (bdfsfltr) -- C:\Windows\System32\drivers\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (BDVEDISK) -- C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys (BitDefender S.R.L.)
DRV - (bdfm) -- C:\Windows\System32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (Profos) -- C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys ()
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\Windows\System32\drivers\lv302af.sys (Logitech Inc.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (mdmxsdk) -- C:\Windows\System32\drivers\mdmxsdk.sys (Conexant)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (LVcKap) -- C:\Windows\System32\drivers\Lvckap.sys (Logitech Inc.)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (StillCam) -- C:\Windows\System32\drivers\serscan.sys (Microsoft Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (NETw3v32) Pilote de carte Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (PxHelp20) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (NETw4v32) Pilote de carte Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (ti21sony) -- C:\Windows\System32\drivers\ti21sony.sys (Texas Instruments)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Live Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2032792&SearchSource=3&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"

FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2009\FFToolbar\ [2009/11/17 00:40:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/10 20:36:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/07 10:24:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2009\tbextension\ [2009/03/18 17:00:14 | 000,000,000 | ---D | M]

[2009/01/18 16:39:22 | 000,000,000 | ---D | M] -- C:\Users\coolmel\AppData\Roaming\mozilla\Extensions
[2010/02/18 00:33:14 | 000,000,000 | ---D | M] -- C:\Users\coolmel\AppData\Roaming\mozilla\Firefox\Profiles\52xhfrhq.default\extensions
[2009/06/30 14:06:52 | 000,000,000 | ---D | M] (iminent-en Toolbar) -- C:\Users\coolmel\AppData\Roaming\mozilla\Firefox\Profiles\52xhfrhq.default\extensions\{6a7400d6-6615-4a06-a4d1-48979fa6e868}
[2009/12/29 23:37:24 | 000,000,000 | ---D | M] -- C:\Users\coolmel\AppData\Roaming\mozilla\Firefox\Profiles\52xhfrhq.default\extensions\OberonGameHost@OberonGames.com
[2009/09/16 09:19:30 | 000,001,681 | ---- | M] () -- C:\Users\coolmel\AppData\Roaming\Mozilla\FireFox\Profiles\52xhfrhq.default\searchplugins\ask.uk.xml
[2009/01/25 12:37:42 | 000,000,882 | ---- | M] () -- C:\Users\coolmel\AppData\Roaming\Mozilla\FireFox\Profiles\52xhfrhq.default\searchplugins\conduit.xml
[2009/01/28 20:37:25 | 000,001,775 | ---- | M] () -- C:\Users\coolmel\AppData\Roaming\Mozilla\FireFox\Profiles\52xhfrhq.default\searchplugins\live-search.xml
[2009/05/25 22:13:56 | 000,003,705 | ---- | M] () -- C:\Users\coolmel\AppData\Roaming\Mozilla\FireFox\Profiles\52xhfrhq.default\searchplugins\YouGoo.xml
[2010/02/15 23:57:56 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/11/16 19:28:19 | 000,065,536 | ---- | M] () -- C:\Program Files\mozilla firefox\components\FFComm.dll
[2009/12/18 11:46:59 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2009/12/18 11:46:59 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2009/12/18 11:47:00 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2006/09/10 12:35:08 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2009/12/18 11:47:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2009/12/18 11:47:00 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (Your Company Name)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll (Bitdefender)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe (BitDefender)
O4 - HKLM..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE File not found
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony NSCE)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe File not found
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [VistaStartMenu] C:\Program Files\Vista Start Menu\VistaStartMenu.exe (OrdinarySoft)
O4 - HKCU..\Run: [viwc] C:\Windows\System32\viwc.exe ()
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - Startup: C:\Users\coolmel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resourc ... dfr-fr.cab (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\coolmel\Pictures\cold case\coldcase_cast_1024x768.jpg
O24 - Desktop BackupWallPaper: C:\Users\coolmel\Pictures\cold case\coldcase_cast_1024x768.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{01596278-0b78-11df-a2bb-001a80f51a8a}\Shell - "" = AutoRun
O33 - MountPoints2\{01596278-0b78-11df-a2bb-001a80f51a8a}\Shell\AutoRun\command - "" = H:\HPLauncher.exe -- File not found
O33 - MountPoints2\{030c43e3-3c7c-11de-8120-001a80f51a8a}\Shell\AutoRun\command - "" = WDSetup.exe
O33 - MountPoints2\{113a6ffc-5739-11de-8f82-001a80f51a8a}\Shell - "" = AutoRun
O33 - MountPoints2\{113a6ffc-5739-11de-8f82-001a80f51a8a}\Shell\AutoRun\command - "" = H:\DPFMate.exe -- File not found
O33 - MountPoints2\{75db5bf0-ebb4-11de-ae92-001a80f51a8a}\Shell - "" = AutoRun
O33 - MountPoints2\{75db5bf0-ebb4-11de-ae92-001a80f51a8a}\Shell\AutoRun\command - "" = H:\HPLauncher.exe -- File not found
O33 - MountPoints2\{f62d1d51-6c8f-11de-95d6-001a80f51a8a}\Shell - "" = AutoRun
O33 - MountPoints2\{f62d1d51-6c8f-11de-95d6-001a80f51a8a}\Shell\AutoRun\command - "" = G:\Memorybar.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/02/19 00:17:00 | 000,549,376 | ---- | C] (OldTimer Tools) -- C:\Users\coolmel\Desktop\OTL.exe
[2010/02/18 20:09:10 | 000,000,000 | ---D | C] -- C:\_OTM
[2010/02/17 15:57:01 | 000,000,000 | ---D | C] -- C:\Users\coolmel\Documents\PSP_GAME
[2010/02/15 23:49:01 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/02/15 23:48:03 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\coolmel\Desktop\HJTInstall.exe
[2010/02/15 23:22:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\VIRepair
[2010/02/15 23:20:14 | 000,000,000 | ---D | C] -- C:\Ad-Remover
[2010/02/15 23:19:23 | 001,263,511 | ---- | C] (C_XX) -- C:\Users\coolmel\Desktop\AD-R.exe
[2010/02/15 15:41:45 | 000,000,000 | ---D | C] -- C:\Users\coolmel\Documents\Super Mario 2010
[2010/02/15 11:45:30 | 000,000,000 | ---D | C] -- C:\Users\coolmel\AppData\Roaming\Malwarebytes
[2010/02/15 11:45:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/02/15 11:45:22 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/02/15 11:45:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/02/15 11:45:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/02/15 10:33:02 | 005,115,824 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\coolmel\Desktop\mbam-setup.exe
[2010/02/15 10:31:26 | 000,439,808 | ---- | C] (OldTimer Tools) -- C:\Users\coolmel\Desktop\TFC.exe
[2010/02/12 10:46:35 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2010/02/11 11:21:53 | 000,000,000 | ---D | C] -- C:\Users\coolmel\Desktop\Nouveau dossier
[2010/02/10 21:04:17 | 003,600,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/02/10 21:04:17 | 003,548,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/02/10 20:59:31 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/02/10 20:59:31 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/02/10 20:59:31 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/02/10 20:59:28 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/01/30 11:12:02 | 000,000,000 | ---D | C] -- C:\Users\coolmel\Documents\zzzz admin hackk
[2010/01/21 23:32:57 | 000,000,000 | ---D | C] -- C:\Users\coolmel\AppData\Roaming\Facebook
[2010/01/21 20:37:55 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/01/21 20:37:55 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/01/21 20:37:55 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/01/21 20:37:55 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/01/21 20:37:54 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/01/21 20:37:54 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/01/21 20:37:54 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/01/21 20:37:54 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/01/21 20:37:54 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/01/21 20:37:54 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/01/21 20:37:54 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/01/21 20:37:54 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/01/21 20:37:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/01/21 20:37:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

========== Files - Modified Within 30 Days ==========

[2010/02/19 00:26:45 | 003,407,872 | -HS- | M] () -- C:\Users\coolmel\ntuser.dat
[2010/02/19 00:17:04 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\coolmel\Desktop\OTL.exe
[2010/02/18 23:29:01 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/02/18 23:07:14 | 001,615,082 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/02/18 23:07:14 | 000,724,052 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/02/18 23:07:14 | 000,633,886 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/02/18 23:07:14 | 000,146,398 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/02/18 23:07:14 | 000,118,772 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/02/18 22:32:00 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/02/18 22:32:00 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/02/18 22:31:59 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/18 22:31:57 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/02/18 22:31:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/02/18 22:30:33 | 000,081,984 | ---- | M] () -- C:\Windows\System32\bdod.bin
[2010/02/18 22:30:03 | 000,524,288 | -HS- | M] () -- C:\Users\coolmel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/02/18 22:30:03 | 000,065,536 | -HS- | M] () -- C:\Users\coolmel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/02/18 22:03:58 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{578FD6DB-457E-4013-95C0-A868A4AA450B}.job
[2010/02/18 19:21:51 | 000,189,440 | ---- | M] () -- C:\Users\coolmel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/17 00:33:39 | 001,523,443 | -H-- | M] () -- C:\Users\coolmel\AppData\Local\IconCache.db
[2010/02/16 00:45:25 | 000,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/02/15 23:49:02 | 000,001,874 | ---- | M] () -- C:\Users\coolmel\Desktop\HijackThis.lnk
[2010/02/15 23:18:51 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\coolmel\Desktop\HJTInstall.exe
[2010/02/15 23:18:34 | 001,263,511 | ---- | M] (C_XX) -- C:\Users\coolmel\Desktop\AD-R.exe
[2010/02/15 11:45:27 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/02/15 10:33:03 | 005,115,824 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\coolmel\Desktop\mbam-setup.exe
[2010/02/15 10:31:28 | 000,439,808 | ---- | M] (OldTimer Tools) -- C:\Users\coolmel\Desktop\TFC.exe
[2010/02/13 21:08:35 | 1647,149,056 | ---- | M] () -- C:\Users\coolmel\Documents\Diabolik.iso
[2010/02/13 00:51:43 | 000,001,050 | ---- | M] () -- C:\Windows\System32\BDUpdateV1.xml
[2010/01/29 10:54:41 | 000,000,359 | ---- | M] () -- C:\Users\coolmel\Desktop\Téléchargement - Raccourci.lnk
[2010/01/26 20:27:04 | 000,000,016 | ---- | M] () -- C:\asdict.dat

========== Files Created - No Company Name ==========

[2010/02/18 11:01:05 | 1647,149,056 | ---- | C] () -- C:\Users\coolmel\Documents\Diabolik.iso
[2010/02/17 15:57:01 | 000,000,048 | ---- | C] () -- C:\Users\coolmel\Documents\UMD_DATA.BIN
[2010/02/16 00:45:25 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/02/15 23:49:02 | 000,001,874 | ---- | C] () -- C:\Users\coolmel\Desktop\HijackThis.lnk
[2010/02/15 11:45:27 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/29 10:54:41 | 000,000,359 | ---- | C] () -- C:\Users\coolmel\Desktop\Téléchargement - Raccourci.lnk
[2010/01/28 21:24:18 | 000,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/28 21:24:15 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/26 20:27:04 | 000,000,016 | ---- | C] () -- C:\asdict.dat
[2009/08/22 21:16:56 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2009/08/22 21:16:55 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2009/06/30 15:26:26 | 000,004,352 | ---- | C] () -- C:\Windows\System32\drivers\TF0801.sys
[2009/05/27 20:28:45 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/03/14 00:07:06 | 000,302,624 | ---- | C] () -- C:\Windows\System32\db2kr_en.dll
[2009/02/13 11:17:24 | 000,066,482 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009/01/24 15:29:36 | 000,189,440 | ---- | C] () -- C:\Users\coolmel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/23 22:47:12 | 000,000,021 | ---- | C] () -- C:\Windows\ME_setup.ini
[2009/01/17 17:53:37 | 000,001,356 | ---- | C] () -- C:\Users\coolmel\AppData\Local\d3d9caps.dat
[2009/01/17 17:53:35 | 000,028,190 | ---- | C] () -- C:\Users\coolmel\AppData\Roaming\nvModes.dat
[2009/01/17 17:53:35 | 000,028,190 | ---- | C] () -- C:\Users\coolmel\AppData\Roaming\nvModes.001
[2008/11/06 17:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/11/06 17:34:00 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/11/06 17:34:00 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/11/06 17:33:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/10/09 15:31:54 | 000,192,512 | ---- | C] () -- C:\Windows\System32\txmlutil.dll
[2008/04/19 04:12:48 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2008/02/05 18:20:08 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2008/02/05 01:09:01 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1295.dll
[2008/02/05 01:09:00 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2008/02/05 01:08:45 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/10/25 16:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007/01/31 13:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
[2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== Custom Scans ==========

< %SYSTEMDRIVE%\cdrom.sys /s /md5 >
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\drivers\cdrom.sys
[2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_c949a5b6\cdrom.sys
[2006/11/02 09:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
[2008/01/21 03:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/11 05:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys

< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2006/11/02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2009/04/11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys

< %SYSTEMDRIVE%\ACPI.sys /s /md5 >
[2009/04/11 07:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) MD5=82B296AE1892FE3DBEE00C9CF92F8AC7 -- C:\Windows\System32\drivers\acpi.sys
[2009/04/11 07:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) MD5=82B296AE1892FE3DBEE00C9CF92F8AC7 -- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_62085e44\acpi.sys
[2006/11/02 10:51:30 | 000,255,592 | ---- | M] (Microsoft Corporation) MD5=192BDBD1540645C4A2AA69F24CCE197F -- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_97916753\acpi.sys
[2008/01/21 03:23:00 | 000,266,808 | ---- | M] (Microsoft Corporation) MD5=FCB8C7210F0135E24C6580F7F649C73C -- C:\Windows\System32\DriverStore\FileRepository\acpi.inf_cae6072a\acpi.sys
[2008/01/21 03:23:00 | 000,266,808 | ---- | M] (Microsoft Corporation) MD5=FCB8C7210F0135E24C6580F7F649C73C -- C:\Windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6001.18000_none_2288c403ce07cf48\acpi.sys
[2009/04/11 07:32:46 | 000,265,688 | ---- | M] (Microsoft Corporation) MD5=82B296AE1892FE3DBEE00C9CF92F8AC7 -- C:\Windows\winsxs\x86_acpi.inf_31bf3856ad364e35_6.0.6002.18005_none_24743d0fcb299a94\acpi.sys

< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\iaStor.sys /s /md5 >
[2007/03/01 01:03:07 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\Drivers\INF\SATA Driver (Intel) (Non-RAID)\iastor.sys
[2007/03/01 01:03:07 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\drivers\iaStor.sys
[2007/03/01 01:03:07 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1cb29a96\iaStor.sys

< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
[2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >

< %SYSTEMDRIVE%\viasraid.sys /s /md5 >

< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2006/11/02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys

< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >

< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:FC8FFA4E
@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:1DEE6B65
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5D351BC6
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:7B52659E
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0295CBF7
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:F14D1F80
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:2E49FF93
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:CB16385F
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:C22674B6
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:27D1368B
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:E945C214
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:918B7566
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:3C282BEA
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:072F1F69
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:FDDD8917
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:43301D1D
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:848CC150
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:0AC32449
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:53DF59D1
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:51E1A4D8
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:55F44B88
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:9ACB70D7
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:7A0EFE63
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:5C6EBC69
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:260575F1
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:2BC498A4
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:4FE30352
< End of report >

jeanmimigab · le 19 Fév 2010 17:48

hello

* Fais un clic-droit sur l'icône d'OTL et choisie "Exécuter en tant qu'administrateur" pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Output" (en haut à droite) la case "minimal Output" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Custom scan/fixes"

:files
C:\Windows\System32\VIRepair
C:\Windows\System32\viwc.exe

:OTL
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKCU..\Run: [viwc] C:\Windows\System32\viwc.exe
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:FC8FFA4E
@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:1DEE6B65
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5D351BC6
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:7B52659E
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0295CBF7
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:F14D1F80
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:2E49FF93
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:CB16385F
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:C22674B6
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:27D1368B
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:E945C214
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:918B7566
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:3C282BEA
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:072F1F69
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:FDDD8917
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:43301D1D
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:848CC150
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:0AC32449
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:53DF59D1
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:51E1A4D8
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:55F44B88
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:9ACB70D7
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:7A0EFE63
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:5C6EBC69
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:260575F1
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:2BC498A4
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:4FE30352

:Commands
[emptytemp]

* /!\ Cette fois ci cliques sur l'icône "Run Fix"( au dessous de "Run Scan") .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et "Extras.Txt".
* Copie et colle le rapports OTL.txt dans ta réponse stp...(j'ai pas besoin du rapport Extras.Txt).
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés.

Redémarre ton pc et dit moi si le message d'erreur réapparait :wink:

@++

nana_du_35 · le 19 Fév 2010 19:24

voila le rapport :

All processes killed
========== FILES ==========
C:\Windows\System32\VIRepair folder moved successfully.
C:\Windows\System32\viwc.exe moved successfully.
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\viwc deleted successfully.
File C:\Windows\System32\viwc.exe not found.
ADS C:\ProgramData\TEMP:FC8FFA4E deleted successfully.
ADS C:\ProgramData\TEMP:1DEE6B65 deleted successfully.
ADS C:\ProgramData\TEMP:5D351BC6 deleted successfully.
ADS C:\ProgramData\TEMP:7B52659E deleted successfully.
ADS C:\ProgramData\TEMP:0295CBF7 deleted successfully.
ADS C:\ProgramData\TEMP:F14D1F80 deleted successfully.
ADS C:\ProgramData\TEMP:2E49FF93 deleted successfully.
ADS C:\ProgramData\TEMP:CB16385F deleted successfully.
ADS C:\ProgramData\TEMP:C22674B6 deleted successfully.
ADS C:\ProgramData\TEMP:27D1368B deleted successfully.
ADS C:\ProgramData\TEMP:E945C214 deleted successfully.
ADS C:\ProgramData\TEMP:918B7566 deleted successfully.
ADS C:\ProgramData\TEMP:3C282BEA deleted successfully.
ADS C:\ProgramData\TEMP:072F1F69 deleted successfully.
ADS C:\ProgramData\TEMP:FDDD8917 deleted successfully.
ADS C:\ProgramData\TEMP:43301D1D deleted successfully.
ADS C:\ProgramData\TEMP:848CC150 deleted successfully.
ADS C:\ProgramData\TEMP:0AC32449 deleted successfully.
ADS C:\ProgramData\TEMP:53DF59D1 deleted successfully.
ADS C:\ProgramData\TEMP:51E1A4D8 deleted successfully.
ADS C:\ProgramData\TEMP:55F44B88 deleted successfully.
ADS C:\ProgramData\TEMP:9ACB70D7 deleted successfully.
ADS C:\ProgramData\TEMP:7A0EFE63 deleted successfully.
ADS C:\ProgramData\TEMP:5C6EBC69 deleted successfully.
ADS C:\ProgramData\TEMP:260575F1 deleted successfully.
ADS C:\ProgramData\TEMP:2BC498A4 deleted successfully.
ADS C:\ProgramData\TEMP:4FE30352 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur

User: All Users

User: coolmel
->Temp folder emptied: 1010374 bytes
->Temporary Internet Files folder emptied: 9861790 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 70701586 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 161520 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 78,00 mb

OTL by OldTimer - Version 3.1.28.0 log created on 02192010_191432

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.

Registry entries deleted on Reboot...

jeanmimigab · le 19 Fév 2010 19:27

heelo,

c'est pas mal,

et le message d'erreur, qu'en est il ?

nana_du_35 · le 19 Fév 2010 19:36

bon, bah je retente une autre fois mais a priori la fenetre a pas l'air de s'aficher

youpiiiii

jeanmimigab · le 19 Fév 2010 20:16

Si c'est oK,

Relance OTL.exe (toujours avec le clic-droit "exécuter en tant d'administrateur")

et clique sur "CleanUp" , laisse travailler OTL et au bout de quelques secondes, une fenêtre t'invitera a redémarrer ton pc.
Cliques sur "yes".

une fois le pc redémarrer fait cela...

Il nous reste a désinstaller de manière automatique tous les outils utilisés pour la désinfection...

pour cela...

télécharge >>> ToolsCleaner <<< (de A.Rothstein & dj QUIOU)

fait un double-clique dessus pour lancer le programme

Clique sur Recherche et laisse le scan se terminer (il peut durer une dizaine de minutes au maximum).

une fois la recherche lancée, ne clique pas dans la fenêtre, cela provoquerait un léger bug du programme.

Si toutes fois la mention (ne réponds pas) apparaissait dans le titre de la fenêtre ToolsCleaner, ne t'en occupes pas et laisse quand même le programme terminer son travail

Poste moi le rapport qui apparait

Attends mon feu vert pour cliquer sur Suppression
:wink:

nana_du_35 · le 19 Fév 2010 20:51

c'est parti

je lance tools cleener

nana_du_35 · le 19 Fév 2010 21:18

voici le rapport :

[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

C:\Ad-remover: trouvé !
C:\Ad-Remover\BACKUP\Ad-R.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis\HijackThis.lnk: trouvé !
C:\Users\coolmel\AppData\Local\VirtualStore\Program Files\Trend Micro\HijackThis: trouvé !
C:\Users\coolmel\AppData\Local\VirtualStore\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Users\coolmel\Desktop\HijackThis.lnk: trouvé !
C:\Users\coolmel\Desktop\HJTInstall.exe: trouvé !
C:\Users\coolmel\Desktop\Ad-R.exe: trouvé !
C:\Users\coolmel\Downloads\OTM.exe: trouvé !
C:\Users\coolmel\Downloads\HJTInstall.exe: trouvé !
C:\Users\coolmel\Downloads\Ad-R.exe: trouvé !

jeanmimigab · le 19 Fév 2010 21:53

re,

tu t'es débrouillé comme une chef :wink:

c'est bon , tu peux cliquer sur Suppression

une fois cela terminé, supprimes manuellement les fichiers suivants:

- (emplacement de ton choix) \ ToolsCleaner.exe (le fichier que tu as télécharger)
- C:\TCleaner.txt

Il faut purger ta Restauration du système pour qu'elle soit exempte d'infections.
pour ce faire:

> Menu Démarrer > Tous les programmes > Accessoires > Exécuter > dans le fenêtre qui s'ouvre tape
SystemPropertiesProtection > puis clique sur OK.

Une fois la fenêtre Propriétés système ouverte:
> 1: Décoche la case correspondant au disque système (en général C:\).
> 2: Accepte l'avertissement en cliquant sur Désactiver la restauration du système.
> Clique sur Appliquer

Ne pas oublier de créer un point de restauration après cette manip.

Pour ce faire:

> Menu Démarrer > Tous les programmes > Accessoires > Exécuter > dans le fenêtre qui s'ouvre tape SystemPropertiesProtection > puis clique sur OK.

Une fois la fenêtre Propriétés système ouverte:
> 1: Coche la case correspondant au disque système (en général C:\)
> 2: Clique sur Appliquer.
> 3: Clique sur Créer
> 4: Dans la fenêtre qui s'ouvre tape par exemple pc propre et clique sur Créer > patiente le temps de la création et ferme la fenêtre.

=====================================================================================================

un peu de lecture sur la manière de protéger ton surf et ton ordi.

[*]un Compte Utilisateur limité]accroît la sécurité de l'ordinateur.

[*] Quelques mesures préventives pour surfer couvert.

[*]Comment éviter les imprudences d'installation.

[*]Reconnaitre et éviter les infections Msn.

bon weekend :wink:

nana_du_35 · le 19 Fév 2010 22:16

merci merci merci et encore merci.

heu tu va dire que j'abuse mais j'ai le pc e mon ami et tu crois qu'on peu le nettoyer de la meme manière? :oops:

celui ci est sous XP lol

jeanmimigab · le 19 Fév 2010 22:33

hello,

pas de souci pour le pc de ton amis, tu as des soucis particuliers avec..?
:wink:

nana_du_35 · le 19 Fév 2010 22:36

heu pas de souci particulier, il rame just un peu et de temps en temps ma fenetre mozilla se ferme sans raison et sans prévenir lol mais ca doit etre pa gd chose

jeanmimigab · le 19 Fév 2010 22:57

Ok, pour ne pas détourner ce topic de son sujet initial, je te propose de continuer >> ICI << :wink:

fichier VIRepair introuvable • page 2

Re: fichier VIRepair introuvable

Re: fichier VIRepair introuvable

Re: fichier VIRepair introuvable

Re: fichier VIRepair introuvable

Re: fichier VIRepair introuvable

Re: fichier VIRepair introuvable

Re: fichier VIRepair introuvable

Re: fichier VIRepair introuvable

Re: fichier VIRepair introuvable

Re: fichier VIRepair introuvable

Re: fichier VIRepair introuvable

Re: fichier VIRepair introuvable

Re: fichier VIRepair introuvable

Re: fichier VIRepair introuvable

Sujets similaires

Qui est en ligne