Il y a actuellement 300 visiteurs
Jeudi 28 Mars 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

Aide, trojan que j'arrive pas à delete [Résolu]

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

Aide, trojan que j'arrive pas à delete [Résolu]

Message le 14 Sep 2010 20:00

Bonjour,

voilà en fait j'ai fait plusieur analyse anti malware mais je n'arrive pas à le supprimer avec les logiciel comme A-squared:

voilà le raport:

Code: Tout sélectionner
============
Version - a-squared Free 4.5
Dernière mise à jour : 10/04/2010 23:19:30

Paramètres des balayages :

Type de balayage : Scan Rapide
Objets : Mémoire, Traces, Cookies
Balayage dans les archives : Marche
Analyse heuristique : Arrêt
Balayage dans les ADS : Marche

Début du balayage : 14/09/2010 17:46:13

c:\users\dokfight\appdata\roaming\install Objets détectés : Trace.Directory.Antivir64 2.7!A2

Analysé

Fichiers : 664
Traces : 648509
Cookies : 12
Processus : 65

Objets trouvés

Fichiers : 0
Traces : 1
Cookies : 0
Processus : 0
Clés de Registre : 0

Fin du balayage : 14/09/2010 17:48:44
Temps du balayage : 0:02:31


En Quarantaine

Fichiers : 0
Traces : 1
Cookies : 0

==============


le problème c'est que j'ai voulu alors supprimé les truc dans: c:\users\dokfight\appdata\roaming\install mais il n'y a rien !

que faire ?? j'ai utilisé anti spybot aussi, et d'autre truc.

Merci d'avance.

EDIT Skynet : balises [code] ajoutées. Merci de lire les consignes en haut du sujet.
Dokfight
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 15
Inscription: 14 Sep 2010 19:57
 


Re: Aide, trojan que j'arrive pas à delete

Message le 15 Sep 2010 07:32

Salut et bienvenue sur PC infopratique :wink:

ça ressemble à une variante de "bifrose" ton histoire, ça va être galère....

Avant tout, sauvegarde tes documents important sur un DD externe ou sur un autre pc.
Il est probable qu'un proxi infectieux soit installé si c'est le cas...donc ne fait pas d'achat en ligne et ne consulte pas tes comptes en ligne pour l'instant avec ce PC.

ensuite....

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

c:\users\dokfight\appdata\roaming\install\.*log
c:\users\dokfight\appdata\roaming\install\*.dll
c:\users\dokfight\appdata\roaming\install\*.exe
%systemroot%\system32\drivers\*.sys /lockedfiles
/md5start
hiberfil.sys
explorer.exe
winlogon.exe
userinit.exe
wininit.exe
tcpip.sys
Sfloppy.sys
Changer.sys
cdrom.sys
disk.sys
ndis.sys
usbscan.sys
usbprint.sys
tdtcp.sys
tdpipe.sys
swmidi.sys
splitter.sys
rdpwd.sys
netlogon.dll
RASACD.SYS
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop


* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( réduit dans la barre des taches).
* Copie et colle les rapports dans ta réponse stp...en utilisans les balises "CODE" comme indiqué en haut de cette page
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Si le rapport OTL.txt est trop long pour être posté sur le forum upload le sur cijoint et communique moi le lien pour le consulter

@++
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: Aide, trojan que j'arrive pas à delete

Message le 15 Sep 2010 12:02

Merci de votre aide.

Analyse rapide:

Extras.txt:

Code: Tout sélectionner
OTL Extras logfile created on: 15/09/2010 12:39:30 - Run 1
OTL by OldTimer - Version 3.2.12.0     Folder = C:\Users\Brummel\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 698,64 Gb Total Space | 294,74 Gb Free Space | 42,19% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-DE-BRUMMEL
Current User Name: Brummel
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AB958B1-D171-4BC4-B911-80EC9138D1B6}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{3F2FFF1D-29CC-4329-94AD-5235DAA32552}" = lport=49160 | protocol=6 | dir=in | name=akamai netsession interface |
"{5926F0BA-5E53-4012-9D2D-1AB55D9D1CF9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{65328B76-B721-4A48-93E5-3C0106DCA8C3}" = lport=9350 | protocol=6 | dir=in | name=9350 |
"{65620BE4-BAD7-4DBD-9B94-BE53C7B220FE}" = lport=50256 | protocol=6 | dir=in | name=akamai netsession interface |
"{6968E582-D6BB-4D65-A9B5-A2CC6508F2E4}" = lport=9353 | protocol=6 | dir=in | name=9353 |
"{6C28F425-30C3-435D-9189-170480C26009}" = lport=9340 | protocol=6 | dir=in | name=9340 |
"{753B647E-0242-4B9C-909A-C3D870EE6B8A}" = lport=9352 | protocol=6 | dir=in | name=9352 |
"{91180830-A6F1-4EC1-90A2-7CF602ABDBFD}" = lport=9351 | protocol=6 | dir=in | name=9351 |
"{9B5B8FBC-D093-4A76-B824-07B740AC7CBF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A654F53A-1950-4246-A182-FCD4E4C2C885}" = lport=9390 | protocol=6 | dir=in | name=9390 |
"{B7520130-EBFC-4BAE-9DC2-543DD11595B0}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{EC62C2B5-ED5C-4BDE-9017-C0FC9DC1040E}" = lport=6970 | protocol=6 | dir=in | name=6970 |
"{ED5240E9-BB12-46A8-A847-0BA68BBBA670}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2B5110B5-2814-48D9-9F8A-6BCEB25E851A}" = protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite xi.sp1\rpcsandrasrv.exe |
"{2E81E674-C3BD-45BC-A5B5-50212261BD51}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{33BC53F1-5A6B-45FC-9A8B-ABAE5C672AC3}" = protocol=6 | dir=in | app=c:\gpotato.eu\allods online\bin\aogame.exe |
"{3A1CD000-CBE9-47B0-BB5D-4C4DBF4A5F37}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{3D813A52-47AA-45EA-85DE-636AB00257FB}" = protocol=6 | dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe |
"{3FD4B336-456A-4D81-ABDC-9DA9CF58AE79}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe |
"{44B7AD72-AE26-45A5-A073-C26BE1926613}" = protocol=17 | dir=in | app=c:\gpotato.eu\allods online\bin\aogame.exe |
"{47EDDB0E-A25B-41AB-875D-DFDDE948D423}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{4B3DE1F8-2489-4390-B7D5-2180744ED717}" = protocol=6 | dir=in | app=c:\gpotato.eu\allods online\bin\launcher2.exe |
"{529F1230-98B6-4F20-8257-6FDAB8E8E887}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{55A11A54-29AE-4843-BBCB-BBFF7C609BD2}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{682CBD11-A943-4C60-9795-FE563AD6BEDB}" = protocol=17 | dir=in | app=c:\gpotato.eu\allods online\bin\launcher2.exe |
"{6DA05F25-40A2-43AA-8235-ED9FB94A41B8}" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{73C85DEA-07C7-4F19-8191-4C9BF36FEC80}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7C2BB31A-00DD-4B64-B74A-DD31B75D8219}" = protocol=17 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite xi.sp1\rpcsandrasrv.exe |
"{7D65B8EE-BD32-4C47-9A23-76E12FF228BC}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{808F4598-7B44-4E99-ACF1-13E8D0F3F6D0}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{8AFED264-21DB-4FFC-9F0D-CF3143D689CA}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{8F6F5CB1-4A5F-4CA8-AD9E-D46921B8808A}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{9819884A-0DB9-479C-B08C-68F511F0317E}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{998C1590-9AF1-4553-AF10-B28674124FEC}" = protocol=6 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{9D5C732C-8C68-4CBD-A264-5111EC2A6016}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{A27509F7-54F2-4A32-8A35-D7BC55E2523E}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{AAFDA933-40DC-4CDC-92AE-49D4C2B8CFD3}" = protocol=17 | dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe |
"{AE1ED3DD-3B53-4401-88A7-0458276F7E70}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{B58E1C04-2E8C-481E-8255-DD5B1BCFFB08}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B95D9FD0-F744-4913-9A73-D7F6DA680006}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{C80CCD15-CC4B-4B1C-BB43-491C4CBD6BD7}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{CF7E0EFB-CB23-4E9D-AE9B-78EEA0633D8F}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{DA68D55C-A744-47D7-84E6-11FEE3E8D2D3}" = protocol=17 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite xi.sp1\win32\rpcdatasrv.exe |
"{DCD0C562-EC49-4C0B-913B-ED06FCE2E918}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{DDDF6659-1FCA-4448-BA56-A01A4907F8ED}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{E51D3EFD-06D6-4D17-8821-DAC01EE51719}" = protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite xi.sp1\win32\rpcdatasrv.exe |
"{EB8D3549-8B57-49DA-A703-95714F2B79B5}" = protocol=17 | dir=in | app=c:\program files\ivt corporation\bluesoleil\bluesoleil.exe |
"{EC841F1B-3985-468D-926D-41E8C0B0AD4E}" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe |
"{FEC4E3C2-9315-429B-95EF-2827BD783B36}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"TCP Query User{05C8174C-6B77-44EA-944D-198E09994D05}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{17B27A76-D0D8-4190-827C-B838BEE1813C}C:\program files\electronic arts\crytek\crysis\bin32\crysis.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe |
"TCP Query User{3FF25F96-0A58-4F5A-984C-92AEA02F0544}C:\program files\romusoft\romustrike\romustrike.exe" = protocol=6 | dir=in | app=c:\program files\romusoft\romustrike\romustrike.exe |
"TCP Query User{4A22D336-2104-49AD-9886-457A87D96490}C:\fromustrike\romustrike.exe" = protocol=6 | dir=in | app=c:\fromustrike\romustrike.exe |
"TCP Query User{910A09EE-7543-4F82-BB59-A76E47FE28A5}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{92CA6602-7FEC-4948-B848-CAC2FC73C039}D:\software\fr\kav\setup.exe" = protocol=6 | dir=in | app=d:\software\fr\kav\setup.exe |
"TCP Query User{AE213110-3EA8-4424-984B-873E4C5D7458}C:\windows\system32\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dpnsvr.exe |
"TCP Query User{B2DA49CD-61C9-4711-BF8B-758C23D25708}C:\program files\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"TCP Query User{BCED9560-A0BB-455D-9434-7C44882942E6}C:\gpotato.eu\allods online\bin\launcher.exe" = protocol=6 | dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe |
"UDP Query User{118B587E-539F-4A61-B16C-FE8FC7E7B2A9}C:\fromustrike\romustrike.exe" = protocol=17 | dir=in | app=c:\fromustrike\romustrike.exe |
"UDP Query User{48D5EF11-E94F-4A84-94CE-4CCE367A504E}C:\program files\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files\tvuplayer\tvuplayer.exe |
"UDP Query User{570FD99E-AB28-476C-869D-18F132885694}D:\software\fr\kav\setup.exe" = protocol=17 | dir=in | app=d:\software\fr\kav\setup.exe |
"UDP Query User{5771A446-A45D-4F63-8AF7-8E62BBA88478}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{804A204D-8CEE-4785-9A51-FDF1C415945A}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{9E6C73D4-EE69-4464-9EE1-EE532E1B5FA8}C:\gpotato.eu\allods online\bin\launcher.exe" = protocol=17 | dir=in | app=c:\gpotato.eu\allods online\bin\launcher.exe |
"UDP Query User{C3582971-5BA4-4E36-84FE-4B17AA9A1FD4}C:\program files\electronic arts\crytek\crysis\bin32\crysis.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\crytek\crysis\bin32\crysis.exe |
"UDP Query User{C9F597DD-B358-4650-9ED2-1CBB2A36E8DB}C:\program files\romusoft\romustrike\romustrike.exe" = protocol=17 | dir=in | app=c:\program files\romusoft\romustrike\romustrike.exe |
"UDP Query User{F4CF3C59-3BF9-4452-8EB7-AE5A2D1991F0}C:\windows\system32\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dpnsvr.exe |
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Assistant de connexion Windows Live ID
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0AEA6DF2-CD5A-4EAC-9C6B-44477994E2F1}" = Battlefield Bad Company 2 Command Center
"{0C973594-7DDF-4BD0-84ED-3517F7622037}" = PC Connectivity Solution
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series" = Canon MP620 series MP Drivers
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18754BA4-4F0C-4E6E-888B-9496AFA05F43}" = Ma-Config.com
"{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"{1E06D48E-5448-4BCC-9F87-9FB4EBD59898}" = SA30xx Media Converter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{38E1CA6C-2121-4B5C-A3A5-0B0003794EFF}" = Sony Media Manager 2.2
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3F425F12-3A1B-4511-97B2-E2BB4701B745}" = Crysis Wars(R)
"{438BB9B4-65FE-4626-91D9-A8F57B18001D}" = Bluesoleil2.6.0.8 Release 070517
"{43E506CC-6633-4F2A-8D8E-4A95D2384393}" = Crysis Wars(R) Patch
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{523B1E21-0B29-4402-9B8A-339086462028}_is1" = VirtualDub-MPEG2 v1.6.19 b24587 Fr
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver
"{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.3.4.106e
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8411FA28-D32D-4518-92F0-3FBD80A702BC}" = Sony Vegas 7.0
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91B323B5-A79C-4D23-BD6D-046C565F9BCF}" = MadOnion.com/3DMark2001 SE
"{926DEB4E-2B0A-4C5C-AE4A-BF6C06949702}" = Adobe Setup
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC54E544-3E42-443C-A91D-A00A6974C592}" = NVIDIA PhysX v8.10.13
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.4 - Français
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2096}_is1" = SiSoftware Sandra Lite XI.SP1 (Win64/32/CE)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C878CD69-85DB-426B-81A3-E71175AAEB91}" = Dealio Toolbar v4.0.2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E32B0931-C97B-48E1-A466-27D4088060EF}" = Install(Fr)
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F3BD8E81-C020-44F9-B014-1E0214D23556}" = SA30xx Media Converter
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF35F637-72B9-43BE-A281-06EB2854393A}" = 3DMark03
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Package de pilotes Windows - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.42
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_32e9033392a51340b32fdc6ad893ab7" = Adobe Photoshop CS3
"Applian FLV Player2.0.24" = Applian FLV Player
"Ashampoo Movie Shrink & Burn 3_is1" = Ashampoo Movie Shrink & Burn 3 3.03
"a-squared Free_is1" = a-squared Free 4.5
"AstrumNival Allods" = Allods Online 1.0.06.36
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CCleaner" = CCleaner
"Combat Arms EU" = Combat Arms EU
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"Crysis Wars(R)" = Crysis Wars(R)
"Crysis Wars(R) Patch" = Crysis Wars(R) Patch
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DVD Decrypter 3.5.4.0 Fr" = DVD Decrypter 3.5.4.0 Fr
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab HD Decrypter 4_is1" = DVDFab HD Decrypter 4.1.2.0
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Emsisoft Anti-Malware_is1" = Emsisoft Anti-Malware 5.0
"Enregistrement utilisateur de Canon MP620 series" = Enregistrement utilisateur de Canon MP620 series
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps (remove only)
"Free Easy Burner_is1" = Free Easy Burner V 1.2.42
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.9
"GeoGebra" = GeoGebra
"Google Updater" = Outil de mise à jour Google
"GTK 2.0" = Bibliothèques GTK+ 2.14.7 rev a (supprimer uniquement)
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Gestionnaire de périphériques de plate-forme
"InstallWIX_{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.9)" = Mozilla Firefox (3.6.9)
"Mozilla Thunderbird (2.0.0.0)" = Mozilla Thunderbird (2.0.0.0)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"Mumble" = Mumble and Murmur
"Neffy" = Neffy 1,3,29,0
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"PictureGear 4.1Lite" = PictureGear 4.1Lite
"Pidgin" = Pidgin
"PROPLUS" = Microsoft Office Professional Plus 2007
"PunkBusterSvc" = PunkBuster Services
"RocketDock_is1" = RocketDock 1.3.5
"Softonic_France Toolbar" = Softonic_France Toolbar
"SystemRequirementsLab" = System Requirements Lab
"TaalNet2 ver. 1.0_is1" = TaalNet2 ver. 1.0
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Trojan Remover_is1" = Trojan Remover 6.8.2
"VLC media player" = VLC media player 1.0.5
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"Xfire" = Xfire (remove only)
"YInstHelper" = Yahoo! Install Manager
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"iriverter" = iriverter
"PhotoFiltre Studio X" = PhotoFiltre Studio X
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 27/05/2010 16:54:43 | Computer Name = PC-de-Brummel | Source = Application Error | ID = 1000
Description = Application défaillante DllHost.exe, version 6.0.6000.16386, horodatage
 0x4549b14e, module défaillant frapsvid.dll_unloaded, version 0.0.0.0, horodatage
 0x4a990ec9, code d’exception 0xc0000096, décalage d’erreur 0x011d2a3b,  ID du processus
 0x85c, heure de début de l’application 0x01cafdded44f53be.
 
Error - 28/05/2010 3:48:04 | Computer Name = PC-de-Brummel | Source = System Restore | ID = 8193
Description =
 
Error - 28/05/2010 10:43:24 | Computer Name = PC-de-Brummel | Source = Application Error | ID = 1000
Description = Application défaillante DllHost.exe, version 6.0.6000.16386, horodatage
 0x4549b14e, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000096, décalage d’erreur 0x01322a3b,  ID du processus 0xd84,
 heure de début de l’application 0x01cafe741fe8fa34.
 
Error - 28/05/2010 15:33:29 | Computer Name = PC-de-Brummel | Source = Application Error | ID = 1000
Description = Application défaillante DllHost.exe, version 6.0.6000.16386, horodatage
 0x4549b14e, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000096, décalage d’erreur 0x01202a3b,  ID du processus 0x129c,
 heure de début de l’application 0x01cafe9ca622fe9c.
 
Error - 29/05/2010 4:08:29 | Computer Name = PC-de-Brummel | Source = Application Error | ID = 1000
Description = Application défaillante DllHost.exe, version 6.0.6000.16386, horodatage
 0x4549b14e, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000096, décalage d’erreur 0x015a2a3b,  ID du processus 0x9dc,
 heure de début de l’application 0x01caff061ea75dc3.
 
Error - 29/05/2010 10:51:21 | Computer Name = PC-de-Brummel | Source = Application Error | ID = 1000
Description = Application défaillante AvP_D3D11_Benchmark.exe, version 1.0.0.0,
horodatage 0x4bcc345f, module défaillant d3d11.dll, version 6.0.6000.16386, horodatage
 0x4549bdc9, code d’exception 0xc0000135, décalage d’erreur 0x00008fc7,  ID du processus
 0x17a0, heure de début de l’application 0x01caff3e64a8ed63.
 
Error - 29/05/2010 10:51:36 | Computer Name = PC-de-Brummel | Source = Application Error | ID = 1000
Description = Application défaillante AvP_D3D11_Benchmark.exe, version 1.0.0.0,
horodatage 0x4bcc345f, module défaillant d3d11.dll, version 6.0.6000.16386, horodatage
 0x4549bdc9, code d’exception 0xc0000135, décalage d’erreur 0x00008fc7,  ID du processus
 0x1678, heure de début de l’application 0x01caff3e6ea4167b.
 
Error - 29/05/2010 10:52:08 | Computer Name = PC-de-Brummel | Source = Application Error | ID = 1000
Description = Application défaillante AvP_D3D11_Benchmark.exe, version 1.0.0.0,
horodatage 0x4bcc345f, module défaillant d3d11.dll, version 6.0.6000.16386, horodatage
 0x4549bdc9, code d’exception 0xc0000135, décalage d’erreur 0x00008fc7,  ID du processus
 0x1590, heure de début de l’application 0x01caff3e7fcb431b.
 
Error - 29/05/2010 13:10:49 | Computer Name = PC-de-Brummel | Source = Application Error | ID = 1000
Description = Application défaillante DllHost.exe, version 6.0.6000.16386, horodatage
 0x4549b14e, module défaillant frapsvid.dll_unloaded, version 0.0.0.0, horodatage
 0x4a990ec9, code d’exception 0xc0000096, décalage d’erreur 0x00e62a3b,  ID du processus
 0x1328, heure de début de l’application 0x01caff51e21eed80.
 
Error - 29/05/2010 16:28:41 | Computer Name = PC-de-Brummel | Source = Application Error | ID = 1000
Description = Application défaillante DllHost.exe, version 6.0.6000.16386, horodatage
 0x4549b14e, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000,
code d’exception 0xc0000096, décalage d’erreur 0x00d82a3b,  ID du processus 0x10d0,
 heure de début de l’application 0x01caff6d8678b058.
 
[ OSession Events ]
Error - 18/07/2010 9:34:20 | Computer Name = PC-de-Brummel | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 5370
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 14/09/2010 3:03:06 | Computer Name = PC-de-Brummel | Source = Service Control Manager | ID = 7001
Description =
 
Error - 14/09/2010 7:09:28 | Computer Name = PC-de-Brummel | Source = Service Control Manager | ID = 7001
Description =
 
Error - 14/09/2010 7:32:11 | Computer Name = PC-de-Brummel | Source = DCOM | ID = 10010
Description =
 
Error - 14/09/2010 7:35:16 | Computer Name = PC-de-Brummel | Source = Service Control Manager | ID = 7001
Description =
 
Error - 14/09/2010 16:25:52 | Computer Name = PC-de-Brummel | Source = DCOM | ID = 10010
Description =
 
Error - 14/09/2010 16:29:04 | Computer Name = PC-de-Brummel | Source = Service Control Manager | ID = 7001
Description =
 
Error - 14/09/2010 17:05:12 | Computer Name = PC-de-Brummel | Source = DCOM | ID = 10010
Description =
 
Error - 15/09/2010 6:10:19 | Computer Name = PC-de-Brummel | Source = Service Control Manager | ID = 7001
Description =
 
Error - 15/09/2010 6:34:13 | Computer Name = PC-de-Brummel | Source = EventLog | ID = 6008
Description = L'arrêt système précédant à 12:32:38 le 15/09/2010 n'était pas prévu.
 
Error - 15/09/2010 6:35:47 | Computer Name = PC-de-Brummel | Source = Service Control Manager | ID = 7001
Description =
 
 
< End of report >


OTL.Txt:

Code: Tout sélectionner
OTL logfile created on: 15/09/2010 12:39:30 - Run 1
OTL by OldTimer - Version 3.2.12.0     Folder = C:\Users\Brummel\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 698,64 Gb Total Space | 294,74 Gb Free Space | 42,19% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-DE-BRUMMEL
Current User Name: Brummel
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Minimal
Quick Scan
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Brummel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtblfs.exe (Kaspersky Lab)
PRC - C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
PRC - C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
PRC - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
PRC - C:\Program Files\RocketDock\RocketDock.exe ()
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Brummel\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des File not found
SRV - (a2AntiMalware) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
SRV - (CSObjectsSrv) -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
SRV - (a2free) -- C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (SandraTheSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe (SiSoftware)
SRV - (SandraDataSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe (SiSoftware)
SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (a2acc) -- C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys (Emsi Software GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
DRV - (CSCrySec) -- C:\Windows\system32\DRIVERS\CSCrySec.sys (Infowatch)
DRV - (CSVirtualDiskDrv) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys (Infowatch)
DRV - (KLBG) -- C:\Windows\system32\DRIVERS\klbg.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology Corp.)
DRV - (BlueletAudio) -- C:\Windows\System32\drivers\blueletaudio.sys (IVT Corporation.)
DRV - (Btcsrusb) -- C:\Windows\System32\drivers\btcusb.sys (IVT Corporation.)
DRV - (BlueletSCOAudio) -- C:\Windows\System32\drivers\BlueletSCOAudio.sys (IVT Corporation.)
DRV - (BT) -- C:\Windows\System32\drivers\btnetdrv.sys (IVT Corporation.)
DRV - (BTHidMgr) -- C:\Windows\System32\Drivers\BTHidMgr.sys (IVT Corporation.)
DRV - (BTHidEnum) -- C:\Windows\System32\Drivers\vbtenum.sys (IVT Corporation.)
DRV - (VcommMgr) -- C:\Windows\System32\drivers\VCommMgr.sys (IVT Corporation.)
DRV - (VComm) -- C:\Windows\System32\drivers\VComm.sys (IVT Corporation.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (usbaudio) Pilote USB audio (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (RT61) -- C:\Windows\System32\drivers\rt61.sys (Ralink Technology Inc.)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,start page = http://www.yahoo.com
IE - HKLM\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,start page = http://eu.ask.com?o=101916&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://be.msn.com/defaultf.aspx?lang=fr-be&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-be
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 1A EA 0D 6C F9 C9 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic France Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1351374&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Wikipédia (fr)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.be/firefox"
FF - prefs.js..extensions.enabledItems: {b1d89840-39fe-11db-a98b-0800200c9a66}:0.51
FF - prefs.js..extensions.enabledItems: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:11.0.1
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.192
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: chromifox@altmusictv.com:3.6.5
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/14 13:38:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/14 20:27:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/06/29 15:46:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky PURE\THBExt [2010/06/29 15:45:38 | 000,000,000 | ---D | M]
 
[2009/03/22 12:22:59 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Extensions
[2010/09/14 21:13:55 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions
[2010/09/14 16:42:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}
[2010/07/22 22:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2010/08/17 22:55:33 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/07/22 22:36:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{5b175400-2368-11de-8c30-0800200c9a66}
[2010/02/23 17:42:06 | 000,000,000 | ---D | M] (Tamper Data) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
[2010/07/22 22:36:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2009/12/07 11:06:59 | 000,000,000 | ---D | M] (JeuxVideo.Fox) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{b1d89840-39fe-11db-a98b-0800200c9a66}
[2010/09/05 13:31:36 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/22 22:36:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2010/07/22 22:37:05 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\battlefieldheroespatcher@ea.com-trash
[2010/07/22 19:45:42 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\chromifox@altmusictv.com
[2010/07/22 22:36:25 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\nasanightlaunch@example.com
[2010/09/11 13:53:29 | 000,002,253 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\askcom.xml
[2010/06/04 10:18:20 | 000,000,933 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\conduit.xml
[2009/08/19 13:26:11 | 000,002,399 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\daemon-search.xml
[2009/03/21 20:50:41 | 000,001,659 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\live-search.xml
[2010/09/14 13:38:18 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010/06/29 15:46:40 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2009/02/21 08:24:52 | 000,660,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2009/04/08 04:06:28 | 000,122,880 | ---- | M] (AB) -- C:\Program Files\mozilla firefox\plugins\NPOP7PlugIn.dll
[2007/03/10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2010/08/25 02:40:16 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/08/25 02:40:16 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/08/25 02:40:16 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/08/25 02:40:16 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/08/25 02:40:16 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
 
Hosts file not found
O2 - BHO: (Softonic France Toolbar) - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Softonic France Toolbar) - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic France Toolbar) - {364D4E0C-543F-4B85-ABE3-19551139DA4F} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe File not found
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [HKCU] C:\Users\Brummel\AppData\Roaming\install\Firefox.exe File not found
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Mon Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} http://www.fiaa.eu/OPLauncher.cab (Perparer Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Users\Brummel\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Brummel\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ecab13ef-924c-11df-8bab-001167899dc3}\Shell\AutoRun\command - "" = F:\Launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color]
 
[2010/09/15 12:18:16 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Users\Brummel\Desktop\OTL.exe
[2010/09/14 20:26:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/09/14 17:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2010/09/14 17:13:10 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\Anti-Malware
[2010/09/14 16:57:44 | 000,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2010/09/14 14:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/09/11 17:51:06 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\Nero
[2010/09/11 17:44:20 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\Nero
[2010/09/11 17:25:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/09/11 17:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010/09/11 14:51:33 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\Nero_AG
[2010/09/11 14:19:24 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\Simply Super Software
[2010/09/11 14:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2010/09/11 14:19:15 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\Simply Super Software
[2010/09/11 14:19:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010/09/11 14:11:04 | 000,046,080 | ---- | C] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4vyqy8433VY.exe
[2010/09/11 14:05:58 | 000,046,080 | ---- | C] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4zxlm9800ZX.exe
[2010/09/11 14:04:39 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\NeroVision
[2010/09/11 14:04:33 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\Nero
[2010/09/11 13:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010/09/11 07:45:14 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Desktop\default.aspx_fichiers
[2010/09/04 11:45:05 | 000,000,000 | ---D | C] -- C:\TaalNet2
[2010/08/28 17:46:34 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\G4G.PL
[2010/08/26 11:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010/08/25 18:57:46 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Desktop\voiture
[2010/08/25 00:11:36 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\i3D_Software
[2010/08/24 23:56:56 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\BFBC2CC
[2010/08/24 23:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\BFBC2CC
[2010/08/16 16:42:18 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\TS3Client
[2010/08/16 16:42:03 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2010/08/02 09:20:03 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Desktop\renaut
[2010/07/22 20:53:33 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\Malwarebytes
[2010/07/22 20:53:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/07/22 20:53:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/07/22 20:53:24 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/07/22 20:53:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/22 19:17:12 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/07/22 19:14:44 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\Auslogics
[2010/07/22 19:14:40 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2010/07/22 18:59:15 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/07/18 14:04:52 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Office Genuine Advantage
[2010/07/18 12:41:38 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\PC Suite
[2010/07/18 12:41:31 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2010/07/18 12:41:28 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\Nokia
[2010/07/18 12:37:04 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/07/18 12:37:02 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2010/07/18 12:36:45 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010/07/18 12:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\Nokia
[2010/07/18 12:32:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2010/07/17 15:08:28 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\Battlefield Heroes
[2010/07/17 14:46:45 | 000,000,000 | ---D | C] -- C:\Program Files\EA Games
[2010/07/16 14:13:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/07/10 05:37:00 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/07/04 19:22:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai
[2010/07/04 00:55:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010/06/29 15:45:10 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010/06/29 15:45:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InfoWatch
[2010/06/29 15:44:58 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010/06/26 14:13:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2010/06/25 19:23:37 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\BFBC2
[2010/06/25 18:58:09 | 000,000,000 | ---D | C] -- C:\Program Files\Punkbuster
[2010/06/25 15:46:15 | 000,000,000 | ---D | C] -- C:\Swsetup
[2010/06/25 15:26:59 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010/06/25 15:26:56 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\SystemRequirementsLab
[2010/06/24 23:07:20 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2010/06/24 23:07:20 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010/06/24 23:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2010/06/24 13:07:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2009/04/02 22:52:40 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Brummel\AppData\Roaming\pcouffin.sys
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 90 Days ==========[/color]
 
[2010/09/15 12:41:59 | 005,505,024 | -HS- | M] () -- C:\Users\Brummel\NTUSER.DAT
[2010/09/15 12:40:17 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CA14B8DA-6BFA-4122-932B-BAA462944ADE}.job
[2010/09/15 12:38:51 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/09/15 12:34:35 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/09/15 12:34:34 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/09/15 12:34:22 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/15 12:34:17 | 000,003,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/15 12:34:17 | 000,003,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/15 12:34:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/15 12:34:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/15 12:34:10 | 3757,236,224 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/15 12:32:44 | 002,873,363 | -H-- | M] () -- C:\Users\Brummel\AppData\Local\IconCache.db
[2010/09/15 12:28:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/15 12:18:35 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Brummel\Desktop\OTL.exe
[2010/09/14 22:39:22 | 000,137,256 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/09/14 22:39:13 | 000,218,808 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/09/14 13:38:21 | 000,001,748 | ---- | M] () -- C:\Users\Brummel\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/13 19:05:35 | 000,038,912 | ---- | M] () -- C:\Users\Brummel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/12 18:15:59 | 000,005,344 | ---- | M] () -- C:\Users\Brummel\Desktop\GetAttachment.aspx.jpg
[2010/09/12 18:09:40 | 012,137,592 | ---- | M] () -- C:\Users\Brummel\Desktop\Hotmail.zip
[2010/09/12 09:29:22 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/09/11 16:56:25 | 000,061,737 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\SQLite3.dll
[2010/09/11 07:45:32 | 000,006,134 | ---- | M] () -- C:\Users\Brummel\Desktop\default.aspx.htm
[2010/09/10 21:51:54 | 000,611,328 | ---- | M] () -- C:\Users\Brummel\Desktop\Bonus_Malus_exemple[1].ppt
[2010/09/07 16:32:46 | 000,000,671 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\vso_ts_preview.xml
[2010/08/25 20:11:16 | 000,724,790 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/08/25 20:11:16 | 000,639,418 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/25 20:11:16 | 000,133,784 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/08/25 20:11:16 | 000,116,356 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/25 20:11:15 | 001,607,428 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/25 18:53:25 | 002,541,919 | ---- | M] () -- C:\Users\Brummel\Desktop\photos kia sorento.zip
[2010/08/24 22:36:26 | 000,138,056 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\PnkBstrK.sys
[2010/08/24 22:35:53 | 002,434,856 | ---- | M] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/08/17 19:12:24 | 000,000,721 | ---- | M] () -- C:\Users\Brummel\Desktop\Planreliefearth.kmz
[2010/08/05 11:39:44 | 000,015,209 | ---- | M] () -- C:\Users\Brummel\Desktop\Suite au conclusion.docx
[2010/08/05 11:02:22 | 000,012,798 | ---- | M] () -- C:\Users\Brummel\Documents\Suite au conclusion.docx
[2010/07/29 17:35:04 | 000,113,933 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010/07/29 17:35:04 | 000,097,549 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010/07/21 17:49:23 | 000,018,831 | ---- | M] () -- C:\Users\Brummel\Desktop\Returned mail see transcript for details.zip
[2010/07/21 16:39:23 | 000,000,032 | ---- | M] () -- C:\Windows\0
[2010/07/20 13:28:58 | 000,000,000 | ---- | M] () -- C:\Windows\System32\0
[2010/07/18 14:23:19 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/07/18 12:45:17 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
[2010/07/18 12:45:12 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010/07/17 15:07:41 | 002,427,248 | ---- | M] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010/07/15 10:21:43 | 019,495,102 | ---- | M] () -- C:\Users\Brummel\Documents\vlc-1.1.0-win32.exe
[2010/07/14 15:39:03 | 000,109,400 | ---- | M] () -- C:\Users\Brummel\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/07/14 15:36:37 | 001,740,736 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/07/10 05:37:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010/07/10 05:37:00 | 000,009,596 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2010/07/07 12:51:39 | 000,001,356 | ---- | M] () -- C:\Users\Brummel\AppData\Local\d3d9caps.dat
[2010/06/29 15:44:58 | 000,311,312 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010/06/25 19:54:44 | 000,794,408 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/09/14 13:38:21 | 000,001,748 | ---- | C] () -- C:\Users\Brummel\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/12 18:15:52 | 000,005,344 | ---- | C] () -- C:\Users\Brummel\Desktop\GetAttachment.aspx.jpg
[2010/09/12 18:09:08 | 012,137,592 | ---- | C] () -- C:\Users\Brummel\Desktop\Hotmail.zip
[2010/09/12 10:01:39 | 3757,236,224 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/11 16:56:25 | 000,061,737 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\SQLite3.dll
[2010/09/11 14:19:17 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010/09/11 14:19:17 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010/09/11 14:19:16 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2010/09/11 14:19:16 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2010/09/11 07:45:32 | 000,006,134 | ---- | C] () -- C:\Users\Brummel\Desktop\default.aspx.htm
[2010/09/10 21:51:54 | 000,611,328 | ---- | C] () -- C:\Users\Brummel\Desktop\Bonus_Malus_exemple[1].ppt
[2010/08/25 18:53:21 | 002,541,919 | ---- | C] () -- C:\Users\Brummel\Desktop\photos kia sorento.zip
[2010/08/24 22:35:53 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/08/17 19:12:23 | 000,000,721 | ---- | C] () -- C:\Users\Brummel\Desktop\Planreliefearth.kmz
[2010/08/05 11:10:15 | 000,015,209 | ---- | C] () -- C:\Users\Brummel\Desktop\Suite au conclusion.docx
[2010/08/05 10:47:40 | 000,012,798 | ---- | C] () -- C:\Users\Brummel\Documents\Suite au conclusion.docx
[2010/07/21 17:49:22 | 000,018,831 | ---- | C] () -- C:\Users\Brummel\Desktop\Returned mail see transcript for details.zip
[2010/07/20 13:28:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\0
[2010/07/18 12:45:17 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
[2010/07/18 12:45:12 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010/07/18 12:45:03 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
[2010/07/17 15:07:41 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010/06/29 15:46:30 | 000,113,933 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010/06/29 15:46:30 | 000,097,549 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010/06/28 23:00:25 | 019,495,102 | ---- | C] () -- C:\Users\Brummel\Documents\vlc-1.1.0-win32.exe
[2010/06/25 11:53:34 | 000,218,808 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/06/24 23:07:18 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/06/04 16:53:21 | 000,000,036 | ---- | C] () -- C:\Users\Brummel\AppData\Local\housecall.guid.cache
[2010/04/30 18:47:07 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/03/14 14:58:05 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/03/14 14:57:28 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/01/23 16:07:10 | 000,004,096 | -H-- | C] () -- C:\Users\Brummel\AppData\Local\keyfile3.drm
[2009/12/02 17:00:26 | 000,000,008 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\DofusAppId0_2
[2009/12/02 16:55:36 | 000,000,173 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\D2Info0
[2009/12/02 16:55:36 | 000,000,008 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\DofusAppId0_1
[2009/11/24 18:14:23 | 000,000,095 | ---- | C] () -- C:\Users\Brummel\AppData\Local\fusioncache.dat
[2009/10/28 14:29:40 | 000,000,940 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2009/09/11 02:01:44 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/05/23 21:10:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/04/14 17:24:28 | 000,001,356 | ---- | C] () -- C:\Users\Brummel\AppData\Local\d3d9caps.dat
[2009/04/02 22:53:56 | 000,000,671 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\vso_ts_preview.xml
[2009/04/02 22:53:14 | 000,000,034 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\pcouffin.log
[2009/04/02 22:52:40 | 000,087,608 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\inst.exe
[2009/04/02 22:52:40 | 000,007,887 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\pcouffin.cat
[2009/04/02 22:52:40 | 000,001,144 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\pcouffin.inf
[2009/04/02 12:32:40 | 000,138,056 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\PnkBstrK.sys
[2009/04/02 12:32:40 | 000,137,256 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/03/28 11:35:09 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009/03/26 21:47:41 | 000,011,822 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009/03/22 22:21:40 | 002,931,168 | ---- | C] () -- C:\Program Files\FLV PlayerFCSetup.exe
[2009/03/22 22:21:08 | 009,810,664 | ---- | C] () -- C:\Program Files\FLV PlayerRCATSetup.exe
[2009/03/22 22:19:49 | 021,126,776 | ---- | C] () -- C:\Program Files\FLV PlayerRCSetup.exe
[2009/03/22 20:26:56 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2009/03/21 19:50:02 | 000,038,912 | ---- | C] () -- C:\Users\Brummel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/21 11:40:50 | 000,024,206 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\UserTile.png
[2009/03/21 01:06:33 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2009/03/21 01:06:32 | 000,011,575 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009/03/21 01:06:25 | 000,012,536 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007/07/04 21:51:52 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys
[2006/12/06 00:56:38 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/02/11 00:19:56 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\.purple
[2009/12/02 16:55:39 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\app
[2010/07/22 19:14:44 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Auslogics
[2010/09/10 23:02:31 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\BFBC2CC
[2009/04/05 20:43:09 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Canneverbe_Limited
[2009/05/18 15:07:31 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Canon
[2010/03/10 15:38:27 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\CocoonSoftware
[2009/03/28 11:39:08 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DAEMON Tools
[2009/08/19 13:28:26 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DAEMON Tools Lite
[2009/03/28 11:39:08 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DAEMON Tools Pro
[2009/11/08 01:04:46 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DNA
[2009/12/02 18:19:03 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Dofus 2
[2009/12/02 17:00:26 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2009/12/02 16:55:36 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/05/26 17:11:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\ECE9E45009AF62BD28AAB7CE6CDFF483
[2010/01/20 16:01:00 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\FileZilla
[2010/04/30 18:47:11 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\FreeAudioPack
[2009/10/03 15:48:55 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\GetRightToGo
[2010/02/20 23:14:27 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\gtk-2.0
[2010/01/29 21:56:15 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\ijjigame
[2010/09/14 14:32:05 | 000,000,000 | RHSD | M] -- C:\Users\Brummel\AppData\Roaming\install
[2010/03/10 19:55:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\iriverter
[2010/09/14 22:49:05 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Mumble
[2010/07/18 12:42:58 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Nokia
[2010/07/18 12:41:38 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PC Suite
[2009/03/21 11:40:50 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PeerNetworking
[2010/01/24 20:12:16 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PhotoFiltre
[2010/02/04 23:01:12 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PhotoFiltre Studio X
[2010/01/23 14:20:46 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Publish Providers
[2010/09/14 16:45:32 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\QuickScan
[2009/12/02 16:55:39 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/09/11 14:19:15 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Simply Super Software
[2010/01/23 14:20:25 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Sony
[2010/06/25 15:27:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\SystemRequirementsLab
[2009/07/16 12:42:34 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\TeamViewer
[2009/03/21 20:42:50 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Thunderbird
[2010/08/17 21:13:52 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\TS3Client
[2009/12/04 21:50:32 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\uTorrent
[2010/09/07 16:32:47 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Vso
[2009/06/06 22:32:19 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Warsow
[2009/06/30 12:19:17 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Windows Live Writer
[2010/09/15 11:46:09 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/09/15 12:40:17 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CA14B8DA-6BFA-4122-932B-BAA462944ADE}.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< c:\users\Brummel\appdata\roaming\install\*log >[/color]
 
[color=#A23BEC]< c:\users\Brummel\appdata\roaming\install\*.dll >[/color]
 
[color=#A23BEC]< c:\users\Brummel\appdata\roaming\install\*.exe >[/color]
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[2009/08/19 13:23:35 | 000,721,904 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\System32\drivers\sptd.sys
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009/03/22 12:20:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys
[2009/03/22 12:20:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2009/03/22 12:20:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2009/03/22 12:20:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\drivers\cdrom.sys
[2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
 
[color=#A23BEC]< MD5 for: DISK.SYS  >[/color]
[2006/11/02 11:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\drivers\disk.sys
[2006/11/02 11:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2009/03/22 12:19:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\explorer.exe
[2009/03/22 12:19:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009/03/22 12:19:47 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009/03/22 12:19:47 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/03/22 12:35:44 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2009/03/22 12:35:44 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/03/22 12:19:47 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2009/09/13 19:54:27 | 000,004,608 | ---- | M] () MD5=F1F87C4F938BC890F04FA4C538C2D522 -- C:\Users\Brummel\AppData\Local\Xenocode\ApplianceCaches\GameCamV2.exe_v40266245\Native\STUBEXE\@WINDIR@\explorer.exe
[2006/11/02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
 
[color=#A23BEC]< MD5 for: HIBERFIL.SYS  >[/color]
[2010/09/15 12:34:10 | 3757,236,224 | -HS- | M] ()[b] Unable to obtain MD5[/b] -- C:\hiberfil.sys
 
[color=#A23BEC]< MD5 for: IASTORV.SYS  >[/color]
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2006/11/02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\System32\drivers\ndis.sys
[2006/11/02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2006/11/02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006/11/02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
 
[color=#A23BEC]< MD5 for: NVSTOR.SYS  >[/color]
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
 
[color=#A23BEC]< MD5 for: RASACD.SYS  >[/color]
[2006/11/02 10:58:13 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=BD7B30F55B3649506DD8B3D38F571D2A -- C:\Windows\System32\drivers\rasacd.sys
[2006/11/02 10:58:13 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=BD7B30F55B3649506DD8B3D38F571D2A -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6000.16386_none_0da33cba68680e8f\rasacd.sys
 
[color=#A23BEC]< MD5 for: RDPWD.SYS  >[/color]
[2006/11/02 11:02:15 | 000,160,256 | ---- | M] (Microsoft Corporation) MD5=8830E790A74A96605FABA74F9665BB3C -- C:\Windows\System32\drivers\rdpwd.sys
[2006/11/02 11:02:15 | 000,160,256 | ---- | M] (Microsoft Corporation) MD5=8830E790A74A96605FABA74F9665BB3C -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6000.16386_none_493ec64bd8177786\rdpwd.sys
 
[color=#A23BEC]< MD5 for: SFLOPPY.SYS  >[/color]
[2006/11/02 10:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\drivers\sfloppy.sys
[2006/11/02 10:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_7a4ca8e4\sfloppy.sys
 
[color=#A23BEC]< MD5 for: TCPIP.SYS  >[/color]
[2009/12/08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009/08/15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010/02/18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010/02/18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009/08/14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009/12/08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010/02/18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010/02/18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\System32\drivers\tcpip.sys
[2010/02/18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009/03/22 12:18:20 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009/12/08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2009/03/22 12:18:20 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2009/08/14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2009/12/08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009/08/14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010/02/18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2009/12/08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006/11/02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010/02/18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009/12/08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2009/08/14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
 
[color=#A23BEC]< MD5 for: TDPIPE.SYS  >[/color]
[2006/11/02 11:02:01 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=964248AEF49C31FA6A93201A73FFAF50 -- C:\Windows\System32\drivers\tdpipe.sys
[2006/11/02 11:02:01 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=964248AEF49C31FA6A93201A73FFAF50 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6000.16386_none_d975757047cc3203\tdpipe.sys
 
[color=#A23BEC]< MD5 for: TDTCP.SYS  >[/color]
[2006/11/02 11:02:01 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=7D2C1AE1648A60FCE4AA0F7982E419D3 -- C:\Windows\System32\drivers\tdtcp.sys
[2006/11/02 11:02:01 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=7D2C1AE1648A60FCE4AA0F7982E419D3 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6000.16386_none_d975757047cc3203\tdtcp.sys
 
[color=#A23BEC]< MD5 for: USBPRINT.SYS  >[/color]
[2006/11/02 11:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\drivers\usbprint.sys
[2006/11/02 11:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys
 
[color=#A23BEC]< MD5 for: USBSCAN.SYS  >[/color]
[2006/11/02 11:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\drivers\usbscan.sys
[2006/11/02 11:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2006/11/02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006/11/02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
 
[color=#A23BEC]< MD5 for: WININIT.EXE  >[/color]
[2006/11/02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\System32\wininit.exe
[2006/11/02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2006/11/02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006/11/02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2010/06/26 14:13:38 | 000,000,000 | ---D | M](C:\Users\Brummel\Documents\?? ???) -- C:\Users\Brummel\Documents\넥슨 플러그
[2010/06/26 14:13:38 | 000,000,000 | ---D | C](C:\Users\Brummel\Documents\?? ???) -- C:\Users\Brummel\Documents\넥슨 플러그
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >


Analyse normal:

Code: Tout sélectionner
OTL logfile created on: 15/09/2010 13:03:34 - Run 1
OTL by OldTimer - Version 3.2.12.0     Folder = C:\Users\Brummel\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 698,64 Gb Total Space | 294,74 Gb Free Space | 42,19% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-DE-BRUMMEL
Current User Name: Brummel
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Brummel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtblfs.exe (Kaspersky Lab)
PRC - C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
PRC - C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
PRC - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
PRC - C:\Program Files\RocketDock\RocketDock.exe ()
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Brummel\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des File not found
SRV - (a2AntiMalware) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
SRV - (CSObjectsSrv) -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
SRV - (a2free) -- C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (SandraTheSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe (SiSoftware)
SRV - (SandraDataSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe (SiSoftware)
SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (a2acc) -- C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys (Emsi Software GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
DRV - (CSCrySec) -- C:\Windows\system32\DRIVERS\CSCrySec.sys (Infowatch)
DRV - (CSVirtualDiskDrv) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys (Infowatch)
DRV - (KLBG) -- C:\Windows\system32\DRIVERS\klbg.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology Corp.)
DRV - (BlueletAudio) -- C:\Windows\System32\drivers\blueletaudio.sys (IVT Corporation.)
DRV - (Btcsrusb) -- C:\Windows\System32\drivers\btcusb.sys (IVT Corporation.)
DRV - (BlueletSCOAudio) -- C:\Windows\System32\drivers\BlueletSCOAudio.sys (IVT Corporation.)
DRV - (BT) -- C:\Windows\System32\drivers\btnetdrv.sys (IVT Corporation.)
DRV - (BTHidMgr) -- C:\Windows\System32\Drivers\BTHidMgr.sys (IVT Corporation.)
DRV - (BTHidEnum) -- C:\Windows\System32\Drivers\vbtenum.sys (IVT Corporation.)
DRV - (VcommMgr) -- C:\Windows\System32\drivers\VCommMgr.sys (IVT Corporation.)
DRV - (VComm) -- C:\Windows\System32\drivers\VComm.sys (IVT Corporation.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (usbaudio) Pilote USB audio (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (RT61) -- C:\Windows\System32\drivers\rt61.sys (Ralink Technology Inc.)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,start page = http://www.yahoo.com
IE - HKLM\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,start page = http://eu.ask.com?o=101916&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://be.msn.com/defaultf.aspx?lang=fr-be&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-be
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 1A EA 0D 6C F9 C9 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic France Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1351374&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Wikipédia (fr)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.be/firefox"
FF - prefs.js..extensions.enabledItems: {b1d89840-39fe-11db-a98b-0800200c9a66}:0.51
FF - prefs.js..extensions.enabledItems: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:11.0.1
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.192
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: chromifox@altmusictv.com:3.6.5
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/14 13:38:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/14 20:27:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/06/29 15:46:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky PURE\THBExt [2010/06/29 15:45:38 | 000,000,000 | ---D | M]
 
[2009/03/22 12:22:59 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Extensions
[2010/09/14 21:13:55 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions
[2010/09/14 16:42:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}
[2010/07/22 22:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2010/08/17 22:55:33 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/07/22 22:36:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{5b175400-2368-11de-8c30-0800200c9a66}
[2010/02/23 17:42:06 | 000,000,000 | ---D | M] (Tamper Data) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
[2010/07/22 22:36:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2009/12/07 11:06:59 | 000,000,000 | ---D | M] (JeuxVideo.Fox) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{b1d89840-39fe-11db-a98b-0800200c9a66}
[2010/09/05 13:31:36 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/22 22:36:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2010/07/22 22:37:05 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\battlefieldheroespatcher@ea.com-trash
[2010/07/22 19:45:42 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\chromifox@altmusictv.com
[2010/07/22 22:36:25 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\nasanightlaunch@example.com
[2010/09/11 13:53:29 | 000,002,253 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\askcom.xml
[2010/06/04 10:18:20 | 000,000,933 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\conduit.xml
[2009/08/19 13:26:11 | 000,002,399 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\daemon-search.xml
[2009/03/21 20:50:41 | 000,001,659 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\live-search.xml
[2010/09/14 13:38:18 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010/06/29 15:46:40 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2009/02/21 08:24:52 | 000,660,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2009/04/08 04:06:28 | 000,122,880 | ---- | M] (AB) -- C:\Program Files\mozilla firefox\plugins\NPOP7PlugIn.dll
[2007/03/10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2010/08/25 02:40:16 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/08/25 02:40:16 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/08/25 02:40:16 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/08/25 02:40:16 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/08/25 02:40:16 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
 
Hosts file not found
O2 - BHO: (Softonic France Toolbar) - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Softonic France Toolbar) - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic France Toolbar) - {364D4E0C-543F-4B85-ABE3-19551139DA4F} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe File not found
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [HKCU] C:\Users\Brummel\AppData\Roaming\install\Firefox.exe File not found
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Mon Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} http://www.fiaa.eu/OPLauncher.cab (Perparer Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Users\Brummel\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Brummel\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ecab13ef-924c-11df-8bab-001167899dc3}\Shell\AutoRun\command - "" = F:\Launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/09/15 12:18:16 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Users\Brummel\Desktop\OTL.exe
[2010/09/14 20:26:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/09/14 17:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2010/09/14 17:13:10 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\Anti-Malware
[2010/09/14 16:57:44 | 000,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2010/09/14 14:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/09/11 17:51:06 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\Nero
[2010/09/11 17:44:20 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\Nero
[2010/09/11 17:25:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/09/11 17:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010/09/11 14:51:33 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\Nero_AG
[2010/09/11 14:19:24 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\Simply Super Software
[2010/09/11 14:19:16 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll
[2010/09/11 14:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2010/09/11 14:19:15 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\Simply Super Software
[2010/09/11 14:19:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010/09/11 14:11:04 | 000,046,080 | ---- | C] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4vyqy8433VY.exe
[2010/09/11 14:05:58 | 000,046,080 | ---- | C] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4zxlm9800ZX.exe
[2010/09/11 14:04:39 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\NeroVision
[2010/09/11 14:04:33 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\Nero
[2010/09/11 13:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010/09/11 13:44:32 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2010/09/11 13:44:31 | 002,252,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
[2010/09/11 13:44:31 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2010/09/11 07:45:14 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Desktop\default.aspx_fichiers
[2010/09/04 11:45:05 | 000,000,000 | ---D | C] -- C:\TaalNet2
[2010/08/28 17:46:34 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\G4G.PL
[2010/08/26 11:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010/08/25 18:57:46 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Desktop\voiture
[2010/08/25 00:11:36 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\i3D_Software
[2010/08/24 23:56:56 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\BFBC2CC
[2010/08/24 23:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\BFBC2CC
[2010/08/16 16:42:18 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\TS3Client
[2010/08/16 16:42:03 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2009/04/02 22:52:40 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Brummel\AppData\Roaming\pcouffin.sys
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/09/15 13:05:01 | 005,505,024 | -HS- | M] () -- C:\Users\Brummel\NTUSER.DAT
[2010/09/15 12:55:58 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CA14B8DA-6BFA-4122-932B-BAA462944ADE}.job
[2010/09/15 12:38:51 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/09/15 12:34:35 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/09/15 12:34:34 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/09/15 12:34:22 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/15 12:34:17 | 000,003,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/15 12:34:17 | 000,003,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/15 12:34:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/15 12:34:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/15 12:34:10 | 3757,236,224 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/15 12:32:44 | 002,873,363 | -H-- | M] () -- C:\Users\Brummel\AppData\Local\IconCache.db
[2010/09/15 12:28:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/15 12:18:35 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Brummel\Desktop\OTL.exe
[2010/09/14 22:39:22 | 000,137,256 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/09/14 22:39:13 | 000,218,808 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/09/14 13:38:21 | 000,001,748 | ---- | M] () -- C:\Users\Brummel\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/13 19:05:35 | 000,038,912 | ---- | M] () -- C:\Users\Brummel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/12 18:15:59 | 000,005,344 | ---- | M] () -- C:\Users\Brummel\Desktop\GetAttachment.aspx.jpg
[2010/09/12 18:09:40 | 012,137,592 | ---- | M] () -- C:\Users\Brummel\Desktop\Hotmail.zip
[2010/09/12 09:29:22 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/09/11 16:56:25 | 000,061,737 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\SQLite3.dll
[2010/09/11 14:11:04 | 000,046,080 | ---- | M] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4vyqy8433VY.exe
[2010/09/11 14:05:58 | 000,046,080 | ---- | M] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4zxlm9800ZX.exe
[2010/09/11 07:45:32 | 000,006,134 | ---- | M] () -- C:\Users\Brummel\Desktop\default.aspx.htm
[2010/09/10 21:51:54 | 000,611,328 | ---- | M] () -- C:\Users\Brummel\Desktop\Bonus_Malus_exemple[1].ppt
[2010/09/07 16:32:46 | 000,000,671 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\vso_ts_preview.xml
[2010/08/25 20:11:16 | 000,724,790 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/08/25 20:11:16 | 000,639,418 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/25 20:11:16 | 000,133,784 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/08/25 20:11:16 | 000,116,356 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/25 20:11:15 | 001,607,428 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/25 18:53:25 | 002,541,919 | ---- | M] () -- C:\Users\Brummel\Desktop\photos kia sorento.zip
[2010/08/24 22:36:26 | 000,138,056 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\PnkBstrK.sys
[2010/08/24 22:35:53 | 002,434,856 | ---- | M] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/08/17 19:12:24 | 000,000,721 | ---- | M] () -- C:\Users\Brummel\Desktop\Planreliefearth.kmz
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/09/14 13:38:21 | 000,001,748 | ---- | C] () -- C:\Users\Brummel\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/12 18:15:52 | 000,005,344 | ---- | C] () -- C:\Users\Brummel\Desktop\GetAttachment.aspx.jpg
[2010/09/12 18:09:08 | 012,137,592 | ---- | C] () -- C:\Users\Brummel\Desktop\Hotmail.zip
[2010/09/12 10:01:39 | 3757,236,224 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/11 16:56:25 | 000,061,737 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\SQLite3.dll
[2010/09/11 14:19:17 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010/09/11 14:19:17 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010/09/11 14:19:16 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2010/09/11 14:19:16 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2010/09/11 07:45:32 | 000,006,134 | ---- | C] () -- C:\Users\Brummel\Desktop\default.aspx.htm
[2010/09/10 21:51:54 | 000,611,328 | ---- | C] () -- C:\Users\Brummel\Desktop\Bonus_Malus_exemple[1].ppt
[2010/08/25 18:53:21 | 002,541,919 | ---- | C] () -- C:\Users\Brummel\Desktop\photos kia sorento.zip
[2010/08/24 22:35:53 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/08/17 19:12:23 | 000,000,721 | ---- | C] () -- C:\Users\Brummel\Desktop\Planreliefearth.kmz
[2010/06/04 16:53:21 | 000,000,036 | ---- | C] () -- C:\Users\Brummel\AppData\Local\housecall.guid.cache
[2010/04/30 18:47:07 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/03/14 14:58:05 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/03/14 14:57:28 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/01/23 16:07:10 | 000,004,096 | -H-- | C] () -- C:\Users\Brummel\AppData\Local\keyfile3.drm
[2009/12/02 17:00:26 | 000,000,008 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\DofusAppId0_2
[2009/12/02 16:55:36 | 000,000,173 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\D2Info0
[2009/12/02 16:55:36 | 000,000,008 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\DofusAppId0_1
[2009/11/24 18:14:23 | 000,000,095 | ---- | C] () -- C:\Users\Brummel\AppData\Local\fusioncache.dat
[2009/10/28 14:29:40 | 000,000,940 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2009/09/11 02:01:44 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/05/23 21:10:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/04/14 17:24:28 | 000,001,356 | ---- | C] () -- C:\Users\Brummel\AppData\Local\d3d9caps.dat
[2009/04/02 22:53:56 | 000,000,671 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\vso_ts_preview.xml
[2009/04/02 22:53:14 | 000,000,034 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\pcouffin.log
[2009/04/02 22:52:40 | 000,087,608 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\inst.exe
[2009/04/02 22:52:40 | 000,007,887 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\pcouffin.cat
[2009/04/02 22:52:40 | 000,001,144 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\pcouffin.inf
[2009/04/02 12:32:40 | 000,138,056 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\PnkBstrK.sys
[2009/04/02 12:32:40 | 000,137,256 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/03/28 11:35:09 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009/03/26 21:47:41 | 000,011,822 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009/03/22 22:21:40 | 002,931,168 | ---- | C] () -- C:\Program Files\FLV PlayerFCSetup.exe
[2009/03/22 22:21:08 | 009,810,664 | ---- | C] () -- C:\Program Files\FLV PlayerRCATSetup.exe
[2009/03/22 22:19:49 | 021,126,776 | ---- | C] () -- C:\Program Files\FLV PlayerRCSetup.exe
[2009/03/22 20:26:56 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2009/03/21 19:50:02 | 000,038,912 | ---- | C] () -- C:\Users\Brummel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/21 11:40:50 | 000,024,206 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\UserTile.png
[2009/03/21 01:06:33 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2009/03/21 01:06:32 | 000,011,575 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009/03/21 01:06:25 | 000,012,536 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007/07/04 21:51:52 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys
[2006/12/06 00:56:38 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/02/11 00:19:56 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\.purple
[2009/12/02 16:55:39 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\app
[2010/07/22 19:14:44 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Auslogics
[2010/09/10 23:02:31 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\BFBC2CC
[2009/04/05 20:43:09 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Canneverbe_Limited
[2009/05/18 15:07:31 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Canon
[2010/03/10 15:38:27 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\CocoonSoftware
[2009/03/28 11:39:08 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DAEMON Tools
[2009/08/19 13:28:26 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DAEMON Tools Lite
[2009/03/28 11:39:08 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DAEMON Tools Pro
[2009/11/08 01:04:46 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DNA
[2009/12/02 18:19:03 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Dofus 2
[2009/12/02 17:00:26 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2009/12/02 16:55:36 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/05/26 17:11:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\ECE9E45009AF62BD28AAB7CE6CDFF483
[2010/01/20 16:01:00 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\FileZilla
[2010/04/30 18:47:11 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\FreeAudioPack
[2009/10/03 15:48:55 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\GetRightToGo
[2010/02/20 23:14:27 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\gtk-2.0
[2010/01/29 21:56:15 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\ijjigame
[2010/09/14 14:32:05 | 000,000,000 | RHSD | M] -- C:\Users\Brummel\AppData\Roaming\install
[2010/03/10 19:55:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\iriverter
[2010/09/14 22:49:05 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Mumble
[2010/07/18 12:42:58 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Nokia
[2010/07/18 12:41:38 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PC Suite
[2009/03/21 11:40:50 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PeerNetworking
[2010/01/24 20:12:16 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PhotoFiltre
[2010/02/04 23:01:12 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PhotoFiltre Studio X
[2010/01/23 14:20:46 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Publish Providers
[2010/09/14 16:45:32 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\QuickScan
[2009/12/02 16:55:39 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/09/11 14:19:15 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Simply Super Software
[2010/01/23 14:20:25 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Sony
[2010/06/25 15:27:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\SystemRequirementsLab
[2009/07/16 12:42:34 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\TeamViewer
[2009/03/21 20:42:50 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Thunderbird
[2010/08/17 21:13:52 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\TS3Client
[2009/12/04 21:50:32 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\uTorrent
[2010/09/07 16:32:47 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Vso
[2009/06/06 22:32:19 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Warsow
[2009/06/30 12:19:17 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Windows Live Writer
[2010/09/15 11:46:09 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/09/15 12:55:58 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CA14B8DA-6BFA-4122-932B-BAA462944ADE}.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< c:\users\Brummel\appdata\roaming\install\*log >[/color]
 
[color=#A23BEC]< c:\users\Brummel\appdata\roaming\install\*.dll >[/color]
 
[color=#A23BEC]< c:\users\Brummel\appdata\roaming\install\*.exe >[/color]
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[2009/08/19 13:23:35 | 000,721,904 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\System32\drivers\sptd.sys
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009/03/22 12:20:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys
[2009/03/22 12:20:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2009/03/22 12:20:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2009/03/22 12:20:39 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\drivers\cdrom.sys
[2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
 
[color=#A23BEC]< MD5 for: DISK.SYS  >[/color]
[2006/11/02 11:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\drivers\disk.sys
[2006/11/02 11:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2009/03/22 12:19:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\explorer.exe
[2009/03/22 12:19:48 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009/03/22 12:19:47 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009/03/22 12:19:47 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/03/22 12:35:44 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2009/03/22 12:35:44 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/03/22 12:19:47 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2009/09/13 19:54:27 | 000,004,608 | ---- | M] () MD5=F1F87C4F938BC890F04FA4C538C2D522 -- C:\Users\Brummel\AppData\Local\Xenocode\ApplianceCaches\GameCamV2.exe_v40266245\Native\STUBEXE\@WINDIR@\explorer.exe
[2006/11/02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
 
[color=#A23BEC]< MD5 for: HIBERFIL.SYS  >[/color]
[2010/09/15 12:34:10 | 3757,236,224 | -HS- | M] ()[b] Unable to obtain MD5[/b] -- C:\hiberfil.sys
 
[color=#A23BEC]< MD5 for: IASTORV.SYS  >[/color]
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2006/11/02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\System32\drivers\ndis.sys
[2006/11/02 11:51:42 | 000,500,840 | ---- | M] (Microsoft Corporation) MD5=227C11E1E7CF6EF8AFB2A238D209760C -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2006/11/02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006/11/02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
 
[color=#A23BEC]< MD5 for: NVSTOR.SYS  >[/color]
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
 
[color=#A23BEC]< MD5 for: RASACD.SYS  >[/color]
[2006/11/02 10:58:13 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=BD7B30F55B3649506DD8B3D38F571D2A -- C:\Windows\System32\drivers\rasacd.sys
[2006/11/02 10:58:13 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=BD7B30F55B3649506DD8B3D38F571D2A -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6000.16386_none_0da33cba68680e8f\rasacd.sys
 
[color=#A23BEC]< MD5 for: RDPWD.SYS  >[/color]
[2006/11/02 11:02:15 | 000,160,256 | ---- | M] (Microsoft Corporation) MD5=8830E790A74A96605FABA74F9665BB3C -- C:\Windows\System32\drivers\rdpwd.sys
[2006/11/02 11:02:15 | 000,160,256 | ---- | M] (Microsoft Corporation) MD5=8830E790A74A96605FABA74F9665BB3C -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6000.16386_none_493ec64bd8177786\rdpwd.sys
 
[color=#A23BEC]< MD5 for: SFLOPPY.SYS  >[/color]
[2006/11/02 10:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\drivers\sfloppy.sys
[2006/11/02 10:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_7a4ca8e4\sfloppy.sys
 
[color=#A23BEC]< MD5 for: TCPIP.SYS  >[/color]
[2009/12/08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009/08/15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010/02/18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010/02/18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009/08/14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009/12/08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010/02/18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010/02/18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\System32\drivers\tcpip.sys
[2010/02/18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009/03/22 12:18:20 | 000,806,400 | ---- | M] (Microsoft Corporation) MD5=52A8BD6294F7D1443C6184C67AE13AF4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[2009/12/08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2009/03/22 12:18:20 | 000,803,328 | ---- | M] (Microsoft Corporation) MD5=5DF77458AA92FDB36FCE79C60F74AB5D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[2009/08/14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2009/12/08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009/08/14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010/02/18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2009/12/08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2006/11/02 10:58:38 | 000,802,816 | ---- | M] (Microsoft Corporation) MD5=D944522B048A5FEB7700B5170D3D9423 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
[2010/02/18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009/12/08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2009/08/14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
 
[color=#A23BEC]< MD5 for: TDPIPE.SYS  >[/color]
[2006/11/02 11:02:01 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=964248AEF49C31FA6A93201A73FFAF50 -- C:\Windows\System32\drivers\tdpipe.sys
[2006/11/02 11:02:01 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=964248AEF49C31FA6A93201A73FFAF50 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6000.16386_none_d975757047cc3203\tdpipe.sys
 
[color=#A23BEC]< MD5 for: TDTCP.SYS  >[/color]
[2006/11/02 11:02:01 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=7D2C1AE1648A60FCE4AA0F7982E419D3 -- C:\Windows\System32\drivers\tdtcp.sys
[2006/11/02 11:02:01 | 000,028,672 | ---- | M] (Microsoft Corporation) MD5=7D2C1AE1648A60FCE4AA0F7982E419D3 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6000.16386_none_d975757047cc3203\tdtcp.sys
 
[color=#A23BEC]< MD5 for: USBPRINT.SYS  >[/color]
[2006/11/02 11:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\drivers\usbprint.sys
[2006/11/02 11:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys
 
[color=#A23BEC]< MD5 for: USBSCAN.SYS  >[/color]
[2006/11/02 11:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\drivers\usbscan.sys
[2006/11/02 11:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2006/11/02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006/11/02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
 
[color=#A23BEC]< MD5 for: WININIT.EXE  >[/color]
[2006/11/02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\System32\wininit.exe
[2006/11/02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2006/11/02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006/11/02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2010/06/26 14:13:38 | 000,000,000 | ---D | M](C:\Users\Brummel\Documents\?? ???) -- C:\Users\Brummel\Documents\넥슨 플러그
[2010/06/26 14:13:38 | 000,000,000 | ---D | C](C:\Users\Brummel\Documents\?? ???) -- C:\Users\Brummel\Documents\넥슨 플러그
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >
Dokfight
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 15
Inscription: 14 Sep 2010 19:57
 

Re: Aide, trojan que j'arrive pas à delete

Message le 15 Sep 2010 17:26

bonjour,

wohh, il y a du monde là dedans... :-?

pour dégrossir le a chose fais cela...

  • Télécharge ToolBar-S&D (D'Angeldark, Sham_Rock & XmichouX) sur ton bureau.
  • Double-clique sur l'icône Image afin de le lancer.
  • Choisie "F" pour la langue > presses la touche "entrée" pour valider.
  • Dans la fenêtre qui s'ouvre fais la choix N°2 (Suppression) > presses la touche "entrée" pour valider.
  • Patiente jusqu'à la fin de la recherche > sauvegarde le rapport qui s'ouvre à la fin du scan sur ton bureau et poste le dans ta prochaine réponse stp...

Ensuite, poste un nouveau rapport OTL "NORMAL" comme tu l'as fais la premier fois mais avec cette citation ci-dessous
(oublis le scan rapide et la grande citation) :wink:
c:\users\dokfight\appdata\roaming\install\*.log
c:\users\dokfight\appdata\roaming\install\*.dll
c:\users\dokfight\appdata\roaming\install\*.exe


@++
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: Aide, trojan que j'arrive pas à delete

Message le 15 Sep 2010 19:07

Bonjour,

mon antivirus me dis que toolbarSD est potentiellement dangereux, de plus ton machin de suppression là, çà supprime quoi exactement ? des fichiers sur mon pc ?

En tout cas, j'ai fait avec la nouvelle citation que tu m'as donné, et voilà ce que je viens d'obtenir:

OTL.Txt

Code: Tout sélectionner
OTL logfile created on: 15/09/2010 20:09:01 - Run 2
OTL by OldTimer - Version 3.2.12.0     Folder = C:\Users\Brummel\Desktop\Brummel\Brummel Dossier\Logiciel
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 698,64 Gb Total Space | 293,95 Gb Free Space | 42,08% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-DE-BRUMMEL
Current User Name: Brummel
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Brummel\Desktop\Brummel\Brummel Dossier\Logiciel\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtblfs.exe (Kaspersky Lab)
PRC - C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
PRC - C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
PRC - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
PRC - C:\Program Files\RocketDock\RocketDock.exe ()
PRC - C:\Windows\System32\WerFault.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Brummel\Desktop\Brummel\Brummel Dossier\Logiciel\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des File not found
SRV - (a2AntiMalware) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
SRV - (CSObjectsSrv) -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
SRV - (a2free) -- C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (SandraTheSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe (SiSoftware)
SRV - (SandraDataSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe (SiSoftware)
SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (a2acc) -- C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys (Emsi Software GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
DRV - (CSCrySec) -- C:\Windows\system32\DRIVERS\CSCrySec.sys (Infowatch)
DRV - (CSVirtualDiskDrv) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys (Infowatch)
DRV - (KLBG) -- C:\Windows\system32\DRIVERS\klbg.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology Corp.)
DRV - (BlueletAudio) -- C:\Windows\System32\drivers\blueletaudio.sys (IVT Corporation.)
DRV - (Btcsrusb) -- C:\Windows\System32\drivers\btcusb.sys (IVT Corporation.)
DRV - (BlueletSCOAudio) -- C:\Windows\System32\drivers\BlueletSCOAudio.sys (IVT Corporation.)
DRV - (BT) -- C:\Windows\System32\drivers\btnetdrv.sys (IVT Corporation.)
DRV - (BTHidMgr) -- C:\Windows\System32\Drivers\BTHidMgr.sys (IVT Corporation.)
DRV - (BTHidEnum) -- C:\Windows\System32\Drivers\vbtenum.sys (IVT Corporation.)
DRV - (VcommMgr) -- C:\Windows\System32\drivers\VCommMgr.sys (IVT Corporation.)
DRV - (VComm) -- C:\Windows\System32\drivers\VComm.sys (IVT Corporation.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (usbaudio) Pilote USB audio (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (RT61) -- C:\Windows\System32\drivers\rt61.sys (Ralink Technology Inc.)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,start page = http://www.msn.com/
IE - HKLM\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,start page = http://eu.ask.com?o=101916&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://be.msn.com/defaultf.aspx?lang=fr-be&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-be
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 1A EA 0D 6C F9 C9 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic France Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1351374&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Wikipédia (fr)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.be/firefox"
FF - prefs.js..extensions.enabledItems: {b1d89840-39fe-11db-a98b-0800200c9a66}:0.51
FF - prefs.js..extensions.enabledItems: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:11.0.1
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.192
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: chromifox@altmusictv.com:3.6.5
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/14 13:38:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/14 20:27:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/06/29 15:46:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky PURE\THBExt [2010/06/29 15:45:38 | 000,000,000 | ---D | M]
 
[2009/03/22 12:22:59 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Extensions
[2010/09/15 17:12:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions
[2010/09/14 16:42:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}
[2010/07/22 22:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2010/08/17 22:55:33 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/07/22 22:36:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{5b175400-2368-11de-8c30-0800200c9a66}
[2010/02/23 17:42:06 | 000,000,000 | ---D | M] (Tamper Data) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
[2010/07/22 22:36:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2009/12/07 11:06:59 | 000,000,000 | ---D | M] (JeuxVideo.Fox) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{b1d89840-39fe-11db-a98b-0800200c9a66}
[2010/09/05 13:31:36 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/22 22:36:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2010/07/22 22:37:05 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\battlefieldheroespatcher@ea.com-trash
[2010/07/22 19:45:42 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\chromifox@altmusictv.com
[2010/07/22 22:36:25 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\nasanightlaunch@example.com
[2010/09/11 13:53:29 | 000,002,253 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\askcom.xml
[2010/06/04 10:18:20 | 000,000,933 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\conduit.xml
[2009/08/19 13:26:11 | 000,002,399 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\daemon-search.xml
[2009/03/21 20:50:41 | 000,001,659 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\live-search.xml
[2010/09/15 20:01:29 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010/06/29 15:46:40 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2009/02/21 08:24:52 | 000,660,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2009/04/08 04:06:28 | 000,122,880 | ---- | M] (AB) -- C:\Program Files\mozilla firefox\plugins\NPOP7PlugIn.dll
[2007/03/10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2010/08/25 02:40:16 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/08/25 02:40:16 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/08/25 02:40:16 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/08/25 02:40:16 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/08/25 02:40:16 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
 
Hosts file not found
O2 - BHO: (Softonic France Toolbar) - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Softonic France Toolbar) - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic France Toolbar) - {364D4E0C-543F-4B85-ABE3-19551139DA4F} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe File not found
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [HKCU] C:\Users\Brummel\AppData\Roaming\install\Firefox.exe File not found
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Mon Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} http://www.fiaa.eu/OPLauncher.cab (Perparer Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Users\Brummel\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Brummel\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ecab13ef-924c-11df-8bab-001167899dc3}\Shell\AutoRun\command - "" = F:\Launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/09/15 19:59:56 | 000,000,000 | ---D | C] -- C:\ToolBar SD
[2010/09/15 13:49:53 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\vlc
[2010/09/14 20:26:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/09/14 17:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2010/09/14 17:13:10 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\Anti-Malware
[2010/09/14 16:57:44 | 000,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2010/09/14 14:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/09/11 17:51:06 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\Nero
[2010/09/11 17:44:20 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\Nero
[2010/09/11 17:25:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/09/11 17:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010/09/11 14:51:33 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\Nero_AG
[2010/09/11 14:19:24 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\Simply Super Software
[2010/09/11 14:19:16 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll
[2010/09/11 14:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2010/09/11 14:19:15 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\Simply Super Software
[2010/09/11 14:19:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010/09/11 14:11:04 | 000,046,080 | ---- | C] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4vyqy8433VY.exe
[2010/09/11 14:05:58 | 000,046,080 | ---- | C] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4zxlm9800ZX.exe
[2010/09/11 14:04:39 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\NeroVision
[2010/09/11 14:04:33 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\Nero
[2010/09/11 13:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010/09/11 13:44:32 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2010/09/11 13:44:31 | 002,252,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
[2010/09/11 13:44:31 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2010/09/11 07:45:14 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Desktop\default.aspx_fichiers
[2010/09/04 11:45:05 | 000,000,000 | ---D | C] -- C:\TaalNet2
[2010/08/28 17:46:34 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\G4G.PL
[2010/08/26 11:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010/08/25 18:57:46 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Desktop\voiture
[2010/08/25 00:11:36 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\i3D_Software
[2010/08/24 23:56:56 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\BFBC2CC
[2010/08/24 23:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\BFBC2CC
[2009/04/02 22:52:40 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Brummel\AppData\Roaming\pcouffin.sys
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/09/15 20:11:47 | 005,505,024 | -HS- | M] () -- C:\Users\Brummel\NTUSER.DAT
[2010/09/15 20:00:24 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CA14B8DA-6BFA-4122-932B-BAA462944ADE}.job
[2010/09/15 19:34:14 | 000,003,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/15 19:34:14 | 000,003,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/15 19:28:01 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/15 13:57:02 | 000,137,976 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/09/15 13:56:53 | 000,234,280 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/09/15 13:25:35 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/09/15 13:25:24 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/15 13:25:15 | 002,929,511 | -H-- | M] () -- C:\Users\Brummel\AppData\Local\IconCache.db
[2010/09/15 12:38:51 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/09/15 12:34:35 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/09/15 12:34:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/15 12:34:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/15 12:34:10 | 3757,236,224 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/14 13:38:21 | 000,001,748 | ---- | M] () -- C:\Users\Brummel\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/13 19:05:35 | 000,038,912 | ---- | M] () -- C:\Users\Brummel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/12 18:16:22 | 727,843,152 | ---- | M] () -- C:\Users\Brummel\Desktop\The expendables - unite speciale.avi
[2010/09/12 18:15:59 | 000,005,344 | ---- | M] () -- C:\Users\Brummel\Desktop\GetAttachment.aspx.jpg
[2010/09/12 18:09:40 | 012,137,592 | ---- | M] () -- C:\Users\Brummel\Desktop\Hotmail.zip
[2010/09/12 09:29:22 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/09/11 16:56:25 | 000,061,737 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\SQLite3.dll
[2010/09/11 14:11:04 | 000,046,080 | ---- | M] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4vyqy8433VY.exe
[2010/09/11 14:05:58 | 000,046,080 | ---- | M] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4zxlm9800ZX.exe
[2010/09/11 12:58:33 | 728,151,092 | ---- | M] () -- C:\Users\Brummel\Desktop\L'exorciste.avi
[2010/09/11 07:45:32 | 000,006,134 | ---- | M] () -- C:\Users\Brummel\Desktop\default.aspx.htm
[2010/09/10 21:51:54 | 000,611,328 | ---- | M] () -- C:\Users\Brummel\Desktop\Bonus_Malus_exemple[1].ppt
[2010/09/07 16:32:46 | 000,000,671 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\vso_ts_preview.xml
[2010/08/26 23:42:00 | 742,828,032 | ---- | M] () -- C:\Users\Brummel\Desktop\Full Metal Jacket.avi
[2010/08/25 20:11:16 | 000,724,790 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/08/25 20:11:16 | 000,639,418 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/25 20:11:16 | 000,133,784 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/08/25 20:11:16 | 000,116,356 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/25 20:11:15 | 001,607,428 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/25 18:53:25 | 002,541,919 | ---- | M] () -- C:\Users\Brummel\Desktop\photos kia sorento.zip
[2010/08/24 22:36:26 | 000,138,056 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\PnkBstrK.sys
[2010/08/24 22:35:53 | 002,434,856 | ---- | M] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/08/17 19:12:24 | 000,000,721 | ---- | M] () -- C:\Users\Brummel\Desktop\Planreliefearth.kmz
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/09/14 13:38:21 | 000,001,748 | ---- | C] () -- C:\Users\Brummel\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/12 18:15:52 | 000,005,344 | ---- | C] () -- C:\Users\Brummel\Desktop\GetAttachment.aspx.jpg
[2010/09/12 18:09:08 | 012,137,592 | ---- | C] () -- C:\Users\Brummel\Desktop\Hotmail.zip
[2010/09/12 17:07:09 | 727,843,152 | ---- | C] () -- C:\Users\Brummel\Desktop\The expendables - unite speciale.avi
[2010/09/12 10:01:39 | 3757,236,224 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/11 16:56:25 | 000,061,737 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\SQLite3.dll
[2010/09/11 14:19:17 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010/09/11 14:19:17 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010/09/11 14:19:16 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2010/09/11 14:19:16 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2010/09/11 12:48:14 | 728,151,092 | ---- | C] () -- C:\Users\Brummel\Desktop\L'exorciste.avi
[2010/09/11 07:45:32 | 000,006,134 | ---- | C] () -- C:\Users\Brummel\Desktop\default.aspx.htm
[2010/09/10 21:51:54 | 000,611,328 | ---- | C] () -- C:\Users\Brummel\Desktop\Bonus_Malus_exemple[1].ppt
[2010/08/26 23:27:06 | 742,828,032 | ---- | C] () -- C:\Users\Brummel\Desktop\Full Metal Jacket.avi
[2010/08/25 18:53:21 | 002,541,919 | ---- | C] () -- C:\Users\Brummel\Desktop\photos kia sorento.zip
[2010/08/24 22:35:53 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/08/17 19:12:23 | 000,000,721 | ---- | C] () -- C:\Users\Brummel\Desktop\Planreliefearth.kmz
[2010/06/04 16:53:21 | 000,000,036 | ---- | C] () -- C:\Users\Brummel\AppData\Local\housecall.guid.cache
[2010/04/30 18:47:07 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/03/14 14:58:05 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/03/14 14:57:28 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/01/23 16:07:10 | 000,004,096 | -H-- | C] () -- C:\Users\Brummel\AppData\Local\keyfile3.drm
[2009/12/02 17:00:26 | 000,000,008 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\DofusAppId0_2
[2009/12/02 16:55:36 | 000,000,173 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\D2Info0
[2009/12/02 16:55:36 | 000,000,008 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\DofusAppId0_1
[2009/11/24 18:14:23 | 000,000,095 | ---- | C] () -- C:\Users\Brummel\AppData\Local\fusioncache.dat
[2009/10/28 14:29:40 | 000,000,940 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2009/09/11 02:01:44 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/05/23 21:10:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/04/14 17:24:28 | 000,001,356 | ---- | C] () -- C:\Users\Brummel\AppData\Local\d3d9caps.dat
[2009/04/02 22:53:56 | 000,000,671 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\vso_ts_preview.xml
[2009/04/02 22:53:14 | 000,000,034 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\pcouffin.log
[2009/04/02 22:52:40 | 000,087,608 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\inst.exe
[2009/04/02 22:52:40 | 000,007,887 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\pcouffin.cat
[2009/04/02 22:52:40 | 000,001,144 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\pcouffin.inf
[2009/04/02 12:32:40 | 000,138,056 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\PnkBstrK.sys
[2009/04/02 12:32:40 | 000,137,976 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/03/28 11:35:09 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009/03/26 21:47:41 | 000,011,822 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009/03/22 22:21:40 | 002,931,168 | ---- | C] () -- C:\Program Files\FLV PlayerFCSetup.exe
[2009/03/22 22:21:08 | 009,810,664 | ---- | C] () -- C:\Program Files\FLV PlayerRCATSetup.exe
[2009/03/22 22:19:49 | 021,126,776 | ---- | C] () -- C:\Program Files\FLV PlayerRCSetup.exe
[2009/03/22 20:26:56 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2009/03/21 19:50:02 | 000,038,912 | ---- | C] () -- C:\Users\Brummel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/21 11:40:50 | 000,024,206 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\UserTile.png
[2009/03/21 01:06:33 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2009/03/21 01:06:32 | 000,011,575 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009/03/21 01:06:25 | 000,012,536 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007/07/04 21:51:52 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys
[2006/12/06 00:56:38 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/02/11 00:19:56 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\.purple
[2009/12/02 16:55:39 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\app
[2010/07/22 19:14:44 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Auslogics
[2010/09/10 23:02:31 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\BFBC2CC
[2009/04/05 20:43:09 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Canneverbe_Limited
[2009/05/18 15:07:31 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Canon
[2010/03/10 15:38:27 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\CocoonSoftware
[2009/03/28 11:39:08 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DAEMON Tools
[2009/08/19 13:28:26 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DAEMON Tools Lite
[2009/03/28 11:39:08 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DAEMON Tools Pro
[2009/11/08 01:04:46 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DNA
[2009/12/02 18:19:03 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Dofus 2
[2009/12/02 17:00:26 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2009/12/02 16:55:36 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/05/26 17:11:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\ECE9E45009AF62BD28AAB7CE6CDFF483
[2010/01/20 16:01:00 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\FileZilla
[2010/04/30 18:47:11 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\FreeAudioPack
[2009/10/03 15:48:55 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\GetRightToGo
[2010/02/20 23:14:27 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\gtk-2.0
[2010/01/29 21:56:15 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\ijjigame
[2010/09/14 14:32:05 | 000,000,000 | RHSD | M] -- C:\Users\Brummel\AppData\Roaming\install
[2010/03/10 19:55:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\iriverter
[2010/09/15 15:46:28 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Mumble
[2010/07/18 12:42:58 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Nokia
[2010/07/18 12:41:38 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PC Suite
[2009/03/21 11:40:50 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PeerNetworking
[2010/01/24 20:12:16 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PhotoFiltre
[2010/02/04 23:01:12 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PhotoFiltre Studio X
[2010/01/23 14:20:46 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Publish Providers
[2010/09/14 16:45:32 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\QuickScan
[2009/12/02 16:55:39 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/09/11 14:19:15 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Simply Super Software
[2010/01/23 14:20:25 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Sony
[2010/06/25 15:27:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\SystemRequirementsLab
[2009/07/16 12:42:34 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\TeamViewer
[2009/03/21 20:42:50 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Thunderbird
[2010/08/17 21:13:52 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\TS3Client
[2009/12/04 21:50:32 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\uTorrent
[2010/09/07 16:32:47 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Vso
[2009/06/06 22:32:19 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Warsow
[2009/06/30 12:19:17 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Windows Live Writer
[2010/09/15 11:46:09 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/09/15 20:00:24 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CA14B8DA-6BFA-4122-932B-BAA462944ADE}.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< c:\users\Brummel\appdata\roaming\install\*.log >[/color]
 
[color=#A23BEC]< c:\users\Brummel\appdata\roaming\install\*.dll >[/color]
 
[color=#A23BEC]< c:\users\Brummel\appdata\roaming\install\*.exe  >[/color]
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2010/08/27 20:22:08 | 732,254,208 | ---- | M] ()(C:\Users\Brummel\Desktop\Hors.de.Controle.DVDRIP.FRENCH-Da??????.avi) -- C:\Users\Brummel\Desktop\Hors.de.Controle.DVDRIP.FRENCH-Dαякηєѕѕ.avi
[2010/08/27 20:12:33 | 732,254,208 | ---- | C] ()(C:\Users\Brummel\Desktop\Hors.de.Controle.DVDRIP.FRENCH-Da??????.avi) -- C:\Users\Brummel\Desktop\Hors.de.Controle.DVDRIP.FRENCH-Dαякηєѕѕ.avi
[2010/06/26 14:13:38 | 000,000,000 | ---D | M](C:\Users\Brummel\Documents\?? ???) -- C:\Users\Brummel\Documents\넥슨 플러그
[2010/06/26 14:13:38 | 000,000,000 | ---D | C](C:\Users\Brummel\Documents\?? ???) -- C:\Users\Brummel\Documents\넥슨 플러그
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 64 bytes -> C:\Users\Brummel\Desktop\The expendables - unite speciale.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Brummel\Desktop\Fire ball.avi:TOC.WMV
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >
Dokfight
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 15
Inscription: 14 Sep 2010 19:57
 

Re: Aide, trojan que j'arrive pas à delete

Message le 15 Sep 2010 19:13

hello,

pour toolbardSD c'est un faut positif ( ton anti virus s'affole à cause de la compression UPX du fichier), donc désactive ton anti virus le temps que toolbarSD travail, si ton AV réagis au reboot du pc, ignores les alertes et laisse toolbarSD finir les suppressions
çà supprime quoi exactement ?


des toolbars infectieuses présentes sur ton PC :wink:
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: Aide, trojan que j'arrive pas à delete

Message le 15 Sep 2010 19:16

ok, car en fait j'ai rien mis sur un disque dur car j'en ai pas, donc çà va pas supprimé des truc important ?

voilà avec la nouvelle citation:

Code: Tout sélectionner
    OTL logfile created on: 15/09/2010 20:09:01 - Run 2
    OTL by OldTimer - Version 3.2.12.0     Folder = C:\Users\Brummel\Desktop\Brummel\Brummel Dossier\Logiciel
    Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18904)
    Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy

    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
    7,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 698,64 Gb Total Space | 293,95 Gb Free Space | 42,08% Space Free | Partition Type: NTFS
    D: Drive not present or media not loaded
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PC-DE-BRUMMEL
    Current User Name: Brummel
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal

    [color=#E56717]========== Processes (SafeList) ==========[/color]

    PRC - C:\Users\Brummel\Desktop\Brummel\Brummel Dossier\Logiciel\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
    PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
    PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
    PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
    PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
    PRC - C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
    PRC - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtblfs.exe (Kaspersky Lab)
    PRC - C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
    PRC - C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
    PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
    PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
    PRC - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
    PRC - C:\Program Files\RocketDock\RocketDock.exe ()
    PRC - C:\Windows\System32\WerFault.exe (Microsoft Corporation)
    PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
    PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
    PRC - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)


    [color=#E56717]========== Modules (SafeList) ==========[/color]

    MOD - C:\Users\Brummel\Desktop\Brummel\Brummel Dossier\Logiciel\OTL.exe (OldTimer Tools)
    MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)


    [color=#E56717]========== Win32 Services (SafeList) ==========[/color]

    SRV - (npggsvc) -- C:\Windows\System32\GameMon.des File not found
    SRV - (a2AntiMalware) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
    SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
    SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
    SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
    SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
    SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
    SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
    SRV - (CSObjectsSrv) -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
    SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
    SRV - (a2free) -- C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
    SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
    SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
    SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
    SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
    SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
    SRV - (SandraTheSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe (SiSoftware)
    SRV - (SandraDataSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe (SiSoftware)
    SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
    SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)


    [color=#E56717]========== Driver Services (SafeList) ==========[/color]

    DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
    DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
    DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
    DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
    DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
    DRV - (a2acc) -- C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys (Emsi Software GmbH)
    DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
    DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
    DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
    DRV - (CSCrySec) -- C:\Windows\system32\DRIVERS\CSCrySec.sys (Infowatch)
    DRV - (CSVirtualDiskDrv) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys (Infowatch)
    DRV - (KLBG) -- C:\Windows\system32\DRIVERS\klbg.sys (Kaspersky Lab)
    DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
    DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab)
    DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
    DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
    DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
    DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
    DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
    DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
    DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
    DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology Corp.)
    DRV - (BlueletAudio) -- C:\Windows\System32\drivers\blueletaudio.sys (IVT Corporation.)
    DRV - (Btcsrusb) -- C:\Windows\System32\drivers\btcusb.sys (IVT Corporation.)
    DRV - (BlueletSCOAudio) -- C:\Windows\System32\drivers\BlueletSCOAudio.sys (IVT Corporation.)
    DRV - (BT) -- C:\Windows\System32\drivers\btnetdrv.sys (IVT Corporation.)
    DRV - (BTHidMgr) -- C:\Windows\System32\Drivers\BTHidMgr.sys (IVT Corporation.)
    DRV - (BTHidEnum) -- C:\Windows\System32\Drivers\vbtenum.sys (IVT Corporation.)
    DRV - (VcommMgr) -- C:\Windows\System32\drivers\VCommMgr.sys (IVT Corporation.)
    DRV - (VComm) -- C:\Windows\System32\drivers\VComm.sys (IVT Corporation.)
    DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
    DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
    DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
    DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
    DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
    DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
    DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
    DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
    DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
    DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
    DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
    DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
    DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
    DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
    DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
    DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
    DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
    DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
    DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
    DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
    DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
    DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
    DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
    DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
    DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
    DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
    DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
    DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
    DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
    DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
    DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
    DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
    DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
    DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
    DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
    DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
    DRV - (usbaudio) Pilote USB audio (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
    DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
    DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
    DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
    DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
    DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
    DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
    DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
    DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
    DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
    DRV - (RT61) -- C:\Windows\System32\drivers\rt61.sys (Ralink Technology Inc.)


    [color=#E56717]========== Standard Registry (SafeList) ==========[/color]


    [color=#E56717]========== Internet Explorer ==========[/color]

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,start page = http://www.msn.com/
    IE - HKLM\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,start page = http://eu.ask.com?o=101916&l=dis
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://be.msn.com/defaultf.aspx?lang=fr-be&ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-be
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 1A EA 0D 6C F9 C9 01  [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    [color=#E56717]========== FireFox ==========[/color]

    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..browser.search.defaultthis.engineName: "Softonic France Customized Web Search"
    FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1351374&SearchSource=3&q={searchTerms}"
    FF - prefs.js..browser.search.order.1: "Ask.com"
    FF - prefs.js..browser.search.selectedEngine: "Wikipédia (fr)"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.be/firefox"
    FF - prefs.js..extensions.enabledItems: {b1d89840-39fe-11db-a98b-0800200c9a66}:0.51
    FF - prefs.js..extensions.enabledItems: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:11.0.1
    FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.192
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
    FF - prefs.js..extensions.enabledItems: chromifox@altmusictv.com:3.6.5

    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/14 13:38:19 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/14 20:27:24 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/06/29 15:46:41 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
    FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky PURE\THBExt [2010/06/29 15:45:38 | 000,000,000 | ---D | M]

    [2009/03/22 12:22:59 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Extensions
    [2010/09/15 17:12:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions
    [2010/09/14 16:42:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}
    [2010/07/22 22:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
    [2010/08/17 22:55:33 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    [2010/07/22 22:36:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{5b175400-2368-11de-8c30-0800200c9a66}
    [2010/02/23 17:42:06 | 000,000,000 | ---D | M] (Tamper Data) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
    [2010/07/22 22:36:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
    [2009/12/07 11:06:59 | 000,000,000 | ---D | M] (JeuxVideo.Fox) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{b1d89840-39fe-11db-a98b-0800200c9a66}
    [2010/09/05 13:31:36 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2010/07/22 22:36:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
    [2010/07/22 22:37:05 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\battlefieldheroespatcher@ea.com-trash
    [2010/07/22 19:45:42 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\chromifox@altmusictv.com
    [2010/07/22 22:36:25 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\nasanightlaunch@example.com
    [2010/09/11 13:53:29 | 000,002,253 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\askcom.xml
    [2010/06/04 10:18:20 | 000,000,933 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\conduit.xml
    [2009/08/19 13:26:11 | 000,002,399 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\daemon-search.xml
    [2009/03/21 20:50:41 | 000,001,659 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\live-search.xml
    [2010/09/15 20:01:29 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
    [2010/06/29 15:46:40 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru
    [2009/02/21 08:24:52 | 000,660,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
    [2009/04/08 04:06:28 | 000,122,880 | ---- | M] (AB) -- C:\Program Files\mozilla firefox\plugins\NPOP7PlugIn.dll
    [2007/03/10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
    [2010/08/25 02:40:16 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2010/08/25 02:40:16 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
    [2010/08/25 02:40:16 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2010/08/25 02:40:16 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2010/08/25 02:40:16 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    Hosts file not found
    O2 - BHO: (Softonic France Toolbar) - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
    O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
    O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Reg Error: Value error. File not found
    O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (Softonic France Toolbar) - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found
    O3 - HKCU\..\Toolbar\WebBrowser: (Softonic France Toolbar) - {364D4E0C-543F-4B85-ABE3-19551139DA4F} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
    O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe File not found
    O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
    O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
    O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKCU..\Run: [HKCU] C:\Users\Brummel\AppData\Roaming\install\Firefox.exe File not found
    O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
    O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
    O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: Mon Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
    O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
    O13 - gopher Prefix: missing
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab (BDSCANONLINE Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
    O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} http://www.fiaa.eu/OPLauncher.cab (Perparer Class)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)
    O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll (Kaspersky Lab)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
    O24 - Desktop WallPaper: C:\Users\Brummel\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Brummel\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{ecab13ef-924c-11df-8bab-001167899dc3}\Shell\AutoRun\command - "" = F:\Launcher.exe -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

    [2010/09/15 19:59:56 | 000,000,000 | ---D | C] -- C:\ToolBar SD
    [2010/09/15 13:49:53 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\vlc
    [2010/09/14 20:26:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2010/09/14 17:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
    [2010/09/14 17:13:10 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\Anti-Malware
    [2010/09/14 16:57:44 | 000,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
    [2010/09/14 14:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
    [2010/09/11 17:51:06 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\Nero
    [2010/09/11 17:44:20 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\Nero
    [2010/09/11 17:25:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
    [2010/09/11 17:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
    [2010/09/11 14:51:33 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\Nero_AG
    [2010/09/11 14:19:24 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\Simply Super Software
    [2010/09/11 14:19:16 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll
    [2010/09/11 14:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
    [2010/09/11 14:19:15 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\Simply Super Software
    [2010/09/11 14:19:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
    [2010/09/11 14:11:04 | 000,046,080 | ---- | C] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4vyqy8433VY.exe
    [2010/09/11 14:05:58 | 000,046,080 | ---- | C] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4zxlm9800ZX.exe
    [2010/09/11 14:04:39 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\NeroVision
    [2010/09/11 14:04:33 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\Nero
    [2010/09/11 13:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
    [2010/09/11 13:44:32 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
    [2010/09/11 13:44:31 | 002,252,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
    [2010/09/11 13:44:31 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
    [2010/09/11 07:45:14 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Desktop\default.aspx_fichiers
    [2010/09/04 11:45:05 | 000,000,000 | ---D | C] -- C:\TaalNet2
    [2010/08/28 17:46:34 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\G4G.PL
    [2010/08/26 11:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
    [2010/08/25 18:57:46 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Desktop\voiture
    [2010/08/25 00:11:36 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\i3D_Software
    [2010/08/24 23:56:56 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\BFBC2CC
    [2010/08/24 23:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\BFBC2CC
    [2009/04/02 22:52:40 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Brummel\AppData\Roaming\pcouffin.sys
    [6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
    [6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

    [2010/09/15 20:11:47 | 005,505,024 | -HS- | M] () -- C:\Users\Brummel\NTUSER.DAT
    [2010/09/15 20:00:24 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CA14B8DA-6BFA-4122-932B-BAA462944ADE}.job
    [2010/09/15 19:34:14 | 000,003,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/09/15 19:34:14 | 000,003,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/09/15 19:28:01 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/09/15 13:57:02 | 000,137,976 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
    [2010/09/15 13:56:53 | 000,234,280 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
    [2010/09/15 13:25:35 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.001
    [2010/09/15 13:25:24 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/09/15 13:25:15 | 002,929,511 | -H-- | M] () -- C:\Users\Brummel\AppData\Local\IconCache.db
    [2010/09/15 12:38:51 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
    [2010/09/15 12:34:35 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.dat
    [2010/09/15 12:34:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010/09/15 12:34:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/09/15 12:34:10 | 3757,236,224 | -HS- | M] () -- C:\hiberfil.sys
    [2010/09/14 13:38:21 | 000,001,748 | ---- | M] () -- C:\Users\Brummel\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2010/09/13 19:05:35 | 000,038,912 | ---- | M] () -- C:\Users\Brummel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010/09/12 18:16:22 | 727,843,152 | ---- | M] () -- C:\Users\Brummel\Desktop\The expendables - unite speciale.avi
    [2010/09/12 18:15:59 | 000,005,344 | ---- | M] () -- C:\Users\Brummel\Desktop\GetAttachment.aspx.jpg
    [2010/09/12 18:09:40 | 012,137,592 | ---- | M] () -- C:\Users\Brummel\Desktop\Hotmail.zip
    [2010/09/12 09:29:22 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
    [2010/09/11 16:56:25 | 000,061,737 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\SQLite3.dll
    [2010/09/11 14:11:04 | 000,046,080 | ---- | M] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4vyqy8433VY.exe
    [2010/09/11 14:05:58 | 000,046,080 | ---- | M] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4zxlm9800ZX.exe
    [2010/09/11 12:58:33 | 728,151,092 | ---- | M] () -- C:\Users\Brummel\Desktop\L'exorciste.avi
    [2010/09/11 07:45:32 | 000,006,134 | ---- | M] () -- C:\Users\Brummel\Desktop\default.aspx.htm
    [2010/09/10 21:51:54 | 000,611,328 | ---- | M] () -- C:\Users\Brummel\Desktop\Bonus_Malus_exemple[1].ppt
    [2010/09/07 16:32:46 | 000,000,671 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\vso_ts_preview.xml
    [2010/08/26 23:42:00 | 742,828,032 | ---- | M] () -- C:\Users\Brummel\Desktop\Full Metal Jacket.avi
    [2010/08/25 20:11:16 | 000,724,790 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
    [2010/08/25 20:11:16 | 000,639,418 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010/08/25 20:11:16 | 000,133,784 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
    [2010/08/25 20:11:16 | 000,116,356 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010/08/25 20:11:15 | 001,607,428 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010/08/25 18:53:25 | 002,541,919 | ---- | M] () -- C:\Users\Brummel\Desktop\photos kia sorento.zip
    [2010/08/24 22:36:26 | 000,138,056 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\PnkBstrK.sys
    [2010/08/24 22:35:53 | 002,434,856 | ---- | M] () -- C:\Windows\System32\pbsvc_bc2.exe
    [2010/08/17 19:12:24 | 000,000,721 | ---- | M] () -- C:\Users\Brummel\Desktop\Planreliefearth.kmz
    [6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
    [6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    [color=#E56717]========== Files Created - No Company Name ==========[/color]

    [2010/09/14 13:38:21 | 000,001,748 | ---- | C] () -- C:\Users\Brummel\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2010/09/12 18:15:52 | 000,005,344 | ---- | C] () -- C:\Users\Brummel\Desktop\GetAttachment.aspx.jpg
    [2010/09/12 18:09:08 | 012,137,592 | ---- | C] () -- C:\Users\Brummel\Desktop\Hotmail.zip
    [2010/09/12 17:07:09 | 727,843,152 | ---- | C] () -- C:\Users\Brummel\Desktop\The expendables - unite speciale.avi
    [2010/09/12 10:01:39 | 3757,236,224 | -HS- | C] () -- C:\hiberfil.sys
    [2010/09/11 16:56:25 | 000,061,737 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\SQLite3.dll
    [2010/09/11 14:19:17 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
    [2010/09/11 14:19:17 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
    [2010/09/11 14:19:16 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
    [2010/09/11 14:19:16 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
    [2010/09/11 12:48:14 | 728,151,092 | ---- | C] () -- C:\Users\Brummel\Desktop\L'exorciste.avi
    [2010/09/11 07:45:32 | 000,006,134 | ---- | C] () -- C:\Users\Brummel\Desktop\default.aspx.htm
    [2010/09/10 21:51:54 | 000,611,328 | ---- | C] () -- C:\Users\Brummel\Desktop\Bonus_Malus_exemple[1].ppt
    [2010/08/26 23:27:06 | 742,828,032 | ---- | C] () -- C:\Users\Brummel\Desktop\Full Metal Jacket.avi
    [2010/08/25 18:53:21 | 002,541,919 | ---- | C] () -- C:\Users\Brummel\Desktop\photos kia sorento.zip
    [2010/08/24 22:35:53 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
    [2010/08/17 19:12:23 | 000,000,721 | ---- | C] () -- C:\Users\Brummel\Desktop\Planreliefearth.kmz
    [2010/06/04 16:53:21 | 000,000,036 | ---- | C] () -- C:\Users\Brummel\AppData\Local\housecall.guid.cache
    [2010/04/30 18:47:07 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
    [2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
    [2010/03/14 14:58:05 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.001
    [2010/03/14 14:57:28 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.dat
    [2010/01/23 16:07:10 | 000,004,096 | -H-- | C] () -- C:\Users\Brummel\AppData\Local\keyfile3.drm
    [2009/12/02 17:00:26 | 000,000,008 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\DofusAppId0_2
    [2009/12/02 16:55:36 | 000,000,173 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\D2Info0
    [2009/12/02 16:55:36 | 000,000,008 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\DofusAppId0_1
    [2009/11/24 18:14:23 | 000,000,095 | ---- | C] () -- C:\Users\Brummel\AppData\Local\fusioncache.dat
    [2009/10/28 14:29:40 | 000,000,940 | ---- | C] () -- C:\Windows\bdoscandellang.ini
    [2009/09/11 02:01:44 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
    [2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
    [2009/05/23 21:10:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2009/04/14 17:24:28 | 000,001,356 | ---- | C] () -- C:\Users\Brummel\AppData\Local\d3d9caps.dat
    [2009/04/02 22:53:56 | 000,000,671 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\vso_ts_preview.xml
    [2009/04/02 22:53:14 | 000,000,034 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\pcouffin.log
    [2009/04/02 22:52:40 | 000,087,608 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\inst.exe
    [2009/04/02 22:52:40 | 000,007,887 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\pcouffin.cat
    [2009/04/02 22:52:40 | 000,001,144 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\pcouffin.inf
    [2009/04/02 12:32:40 | 000,138,056 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\PnkBstrK.sys
    [2009/04/02 12:32:40 | 000,137,976 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
    [2009/03/28 11:35:09 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
    [2009/03/26 21:47:41 | 000,011,822 | ---- | C] () -- C:\Windows\Ascd_log.ini
    [2009/03/22 22:21:40 | 002,931,168 | ---- | C] () -- C:\Program Files\FLV PlayerFCSetup.exe
    [2009/03/22 22:21:08 | 009,810,664 | ---- | C] () -- C:\Program Files\FLV PlayerRCATSetup.exe
    [2009/03/22 22:19:49 | 021,126,776 | ---- | C] () -- C:\Program Files\FLV PlayerRCSetup.exe
    [2009/03/22 20:26:56 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
    [2009/03/21 19:50:02 | 000,038,912 | ---- | C] () -- C:\Users\Brummel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/03/21 11:40:50 | 000,024,206 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\UserTile.png
    [2009/03/21 01:06:33 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
    [2009/03/21 01:06:32 | 000,011,575 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
    [2009/03/21 01:06:25 | 000,012,536 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
    [2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
    [2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
    [2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
    [2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
    [2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
    [2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
    [2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
    [2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
    [2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
    [2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
    [2007/07/04 21:51:52 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys
    [2006/12/06 00:56:38 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
    [2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

    [color=#E56717]========== LOP Check ==========[/color]

    [2010/02/11 00:19:56 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\.purple
    [2009/12/02 16:55:39 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\app
    [2010/07/22 19:14:44 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Auslogics
    [2010/09/10 23:02:31 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\BFBC2CC
    [2009/04/05 20:43:09 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Canneverbe_Limited
    [2009/05/18 15:07:31 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Canon
    [2010/03/10 15:38:27 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\CocoonSoftware
    [2009/03/28 11:39:08 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DAEMON Tools
    [2009/08/19 13:28:26 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DAEMON Tools Lite
    [2009/03/28 11:39:08 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DAEMON Tools Pro
    [2009/11/08 01:04:46 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DNA
    [2009/12/02 18:19:03 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Dofus 2
    [2009/12/02 17:00:26 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2009/12/02 16:55:36 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/05/26 17:11:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\ECE9E45009AF62BD28AAB7CE6CDFF483
    [2010/01/20 16:01:00 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\FileZilla
    [2010/04/30 18:47:11 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\FreeAudioPack
    [2009/10/03 15:48:55 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\GetRightToGo
    [2010/02/20 23:14:27 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\gtk-2.0
    [2010/01/29 21:56:15 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\ijjigame
    [2010/09/14 14:32:05 | 000,000,000 | RHSD | M] -- C:\Users\Brummel\AppData\Roaming\install
    [2010/03/10 19:55:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\iriverter
    [2010/09/15 15:46:28 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Mumble
    [2010/07/18 12:42:58 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Nokia
    [2010/07/18 12:41:38 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PC Suite
    [2009/03/21 11:40:50 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PeerNetworking
    [2010/01/24 20:12:16 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PhotoFiltre
    [2010/02/04 23:01:12 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PhotoFiltre Studio X
    [2010/01/23 14:20:46 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Publish Providers
    [2010/09/14 16:45:32 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\QuickScan
    [2009/12/02 16:55:39 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
    [2010/09/11 14:19:15 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Simply Super Software
    [2010/01/23 14:20:25 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Sony
    [2010/06/25 15:27:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\SystemRequirementsLab
    [2009/07/16 12:42:34 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\TeamViewer
    [2009/03/21 20:42:50 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Thunderbird
    [2010/08/17 21:13:52 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\TS3Client
    [2009/12/04 21:50:32 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\uTorrent
    [2010/09/07 16:32:47 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Vso
    [2009/06/06 22:32:19 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Warsow
    [2009/06/30 12:19:17 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Windows Live Writer
    [2010/09/15 11:46:09 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2010/09/15 20:00:24 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CA14B8DA-6BFA-4122-932B-BAA462944ADE}.job

    [color=#E56717]========== Purity Check ==========[/color]



    [color=#E56717]========== Custom Scans ==========[/color]


    [color=#A23BEC]< c:\users\Brummel\appdata\roaming\install\*.log >[/color]

    [color=#A23BEC]< c:\users\Brummel\appdata\roaming\install\*.dll >[/color]

    [color=#A23BEC]< c:\users\Brummel\appdata\roaming\install\*.exe  >[/color]

    [color=#E56717]========== Files - Unicode (All) ==========[/color]
    [2010/08/27 20:22:08 | 732,254,208 | ---- | M] ()(C:\Users\Brummel\Desktop\Hors.de.Controle.DVDRIP.FRENCH-Da??????.avi) -- C:\Users\Brummel\Desktop\Hors.de.Controle.DVDRIP.FRENCH-Dαякηєѕѕ.avi
    [2010/08/27 20:12:33 | 732,254,208 | ---- | C] ()(C:\Users\Brummel\Desktop\Hors.de.Controle.DVDRIP.FRENCH-Da??????.avi) -- C:\Users\Brummel\Desktop\Hors.de.Controle.DVDRIP.FRENCH-Dαякηєѕѕ.avi
    [2010/06/26 14:13:38 | 000,000,000 | ---D | M](C:\Users\Brummel\Documents\?? ???) -- C:\Users\Brummel\Documents\넥슨 플러그
    [2010/06/26 14:13:38 | 000,000,000 | ---D | C](C:\Users\Brummel\Documents\?? ???) -- C:\Users\Brummel\Documents\넥슨 플러그

    [color=#E56717]========== Alternate Data Streams ==========[/color]

    @Alternate Data Stream - 64 bytes -> C:\Users\Brummel\Desktop\The expendables - unite speciale.avi:TOC.WMV
    @Alternate Data Stream - 64 bytes -> C:\Users\Brummel\Desktop\Fire ball.avi:TOC.WMV
    @Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF
    < End of report >
Dokfight
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 15
Inscription: 14 Sep 2010 19:57
 

Re: Aide, trojan que j'arrive pas à delete

Message le 15 Sep 2010 19:20

Voilà pour toolbar:

Code: Tout sélectionner
   -----------\\  ToolBar S&D 1.2.9   XP/Vista

   Microsoft® Windows Vista™ Édition Familiale Premium  ( v6.0.6000 )
   X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU     E7300  @ 2.66GHz )
   BIOS : BIOS Date: 09/05/08 15:01:31 Ver: 08.00.12
   USER : Brummel ( Administrator )
   BOOT : Normal boot
   Antivirus : Kaspersky PURE 9.0.0.192 (Activated)
   Firewall  : Kaspersky PURE 9.0.0.192 (Activated)
   C:\ (Local Disk) - NTFS - Total:698 Go (Free:293 Go)
   D:\ (CD or DVD)
   E:\ (CD or DVD)

   "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
   Option : [2] ( mer. 15/09/2010|20:17 )

   [ UAC => 1 ]

   -----------\\ SUPPRESSION

   Supprime! - C:\Program Files\Mozilla Firefox\extensions\dealio@mybrowserbar.com
   Supprime! - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
   Supprime! - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll.bak0
   Supprime! - C:\Program Files\DAEMON Tools Toolbar\Resources
   Supprime! - C:\Program Files\DAEMON Tools Toolbar\uninst.exe
   Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
   Supprime! - C:\Program Files\DAEMON Tools Toolbar

   -----------\\  Recherche de Fichiers / Dossiers ...


   -----------\\  [..\Internet Explorer\Main]

   [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
   "Local Page"="C:\\Windows\\system32\\blank.htm"
   "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
   "Search Bar"="http://search.msn.be/spbasic.htm?lang=fr-be"
   "Start Page Redirect Cache"="http://be.msn.com/defaultf.aspx?lang=fr-be&ocid=iehp"
   "start page"="http://eu.ask.com?o=101916&l=dis"
   "Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

   [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
   "Default_Page_URL"="http://www.yahoo.com"
   "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
   "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
   "Local Page"="C:\\Windows\\System32\\blank.htm"
   "start page"="http://www.msn.com/"


   --------------------\\  Recherche d'autres infections

   --------------------\\  Cracks & Keygens ..

   C:\Users\Brummel\AppData\Roaming\uTorrent\YU_pro_2008.v6.1.1252.Incl.KeyGen-FFF-D.V.T.rar.torrent
   C:\Users\Brummel\Desktop\Brummel\Brummel Dossier\graver DVD\Keygen.exe
   C:\Users\Brummel\Desktop\Brummel\Brummel Dossier\Jeux\EA Games Generic Keygen 190.exe
   C:\Users\Brummel\Desktop\Brummel\MUSIQUE\Eminem Relapse\18  Eminem - Crack A Bottle [Feat. Dr. Dre And 50 Cent].mp3


   [ UAC => 1 ]


   1 - "C:\ToolBar SD\TB_1.txt" - mer. 15/09/2010|20:19 - Option : [2]

   -----------\\  Fin du rapport a 20:19:05,82

Dokfight
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 15
Inscription: 14 Sep 2010 19:57
 

Re: Aide, trojan que j'arrive pas à delete

Message le 15 Sep 2010 19:25

Voilà après la suppression de truc avec tollbarSD

OTL.Txt:

Code: Tout sélectionner
OTL logfile created on: 15/09/2010 20:22:25 - Run 3
OTL by OldTimer - Version 3.2.12.0     Folder = C:\Users\Brummel\Desktop\Brummel\Brummel Dossier\Logiciel
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 698,64 Gb Total Space | 293,95 Gb Free Space | 42,08% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-DE-BRUMMEL
Current User Name: Brummel
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Brummel\Desktop\Brummel\Brummel Dossier\Logiciel\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtblfs.exe (Kaspersky Lab)
PRC - C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
PRC - C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
PRC - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
PRC - C:\Program Files\RocketDock\RocketDock.exe ()
PRC - C:\Windows\System32\WerFault.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\Brummel\Desktop\Brummel\Brummel Dossier\Logiciel\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des File not found
SRV - (a2AntiMalware) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
SRV - (CSObjectsSrv) -- C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
SRV - (a2free) -- C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (SandraTheSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe (SiSoftware)
SRV - (SandraDataSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe (SiSoftware)
SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (a2acc) -- C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys (Emsi Software GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
DRV - (CSCrySec) -- C:\Windows\system32\DRIVERS\CSCrySec.sys (Infowatch)
DRV - (CSVirtualDiskDrv) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys (Infowatch)
DRV - (KLBG) -- C:\Windows\system32\DRIVERS\klbg.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology Corp.)
DRV - (BlueletAudio) -- C:\Windows\System32\drivers\blueletaudio.sys (IVT Corporation.)
DRV - (Btcsrusb) -- C:\Windows\System32\drivers\btcusb.sys (IVT Corporation.)
DRV - (BlueletSCOAudio) -- C:\Windows\System32\drivers\BlueletSCOAudio.sys (IVT Corporation.)
DRV - (BT) -- C:\Windows\System32\drivers\btnetdrv.sys (IVT Corporation.)
DRV - (BTHidMgr) -- C:\Windows\System32\Drivers\BTHidMgr.sys (IVT Corporation.)
DRV - (BTHidEnum) -- C:\Windows\System32\Drivers\vbtenum.sys (IVT Corporation.)
DRV - (VcommMgr) -- C:\Windows\System32\drivers\VCommMgr.sys (IVT Corporation.)
DRV - (VComm) -- C:\Windows\System32\drivers\VComm.sys (IVT Corporation.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (usbaudio) Pilote USB audio (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (RT61) -- C:\Windows\System32\drivers\rt61.sys (Ralink Technology Inc.)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,start page = http://www.msn.com/
IE - HKLM\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,start page = http://eu.ask.com?o=101916&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://be.msn.com/defaultf.aspx?lang=fr-be&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-be
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 1A EA 0D 6C F9 C9 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic France Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1351374&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Wikipédia (fr)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.be/firefox"
FF - prefs.js..extensions.enabledItems: {b1d89840-39fe-11db-a98b-0800200c9a66}:0.51
FF - prefs.js..extensions.enabledItems: {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:11.0.1
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.192
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: chromifox@altmusictv.com:3.6.5
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/14 13:38:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/14 20:27:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/06/29 15:46:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky PURE\THBExt [2010/06/29 15:45:38 | 000,000,000 | ---D | M]
 
[2009/03/22 12:22:59 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Extensions
[2010/09/15 17:12:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions
[2010/09/14 16:42:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{00352F14-3F76-4e4d-ACFF-9972D7E4B3B9}
[2010/07/22 22:36:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2010/08/17 22:55:33 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/07/22 22:36:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{5b175400-2368-11de-8c30-0800200c9a66}
[2010/02/23 17:42:06 | 000,000,000 | ---D | M] (Tamper Data) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}
[2010/07/22 22:36:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2009/12/07 11:06:59 | 000,000,000 | ---D | M] (JeuxVideo.Fox) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{b1d89840-39fe-11db-a98b-0800200c9a66}
[2010/09/05 13:31:36 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/07/22 22:36:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2010/07/22 22:37:05 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\battlefieldheroespatcher@ea.com-trash
[2010/07/22 19:45:42 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\chromifox@altmusictv.com
[2010/07/22 22:36:25 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\mozilla\Firefox\Profiles\0teihibf.default\extensions\nasanightlaunch@example.com
[2010/09/11 13:53:29 | 000,002,253 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\askcom.xml
[2010/06/04 10:18:20 | 000,000,933 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\conduit.xml
[2009/08/19 13:26:11 | 000,002,399 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\daemon-search.xml
[2009/03/21 20:50:41 | 000,001,659 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\live-search.xml
[2010/09/15 20:01:29 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010/06/29 15:46:40 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2009/02/21 08:24:52 | 000,660,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2009/04/08 04:06:28 | 000,122,880 | ---- | M] (AB) -- C:\Program Files\mozilla firefox\plugins\NPOP7PlugIn.dll
[2007/03/10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2010/08/25 02:40:16 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/08/25 02:40:16 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/08/25 02:40:16 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/08/25 02:40:16 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/08/25 02:40:16 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
 
Hosts file not found
O2 - BHO: (Softonic France Toolbar) - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Softonic France Toolbar) - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic France Toolbar) - {364D4E0C-543F-4B85-ABE3-19551139DA4F} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe File not found
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [HKCU] C:\Users\Brummel\AppData\Roaming\install\Firefox.exe File not found
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Ajouter à l'Anti-bannière - C:\Program Files\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Mon Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-BE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} http://www.fiaa.eu/OPLauncher.cab (Perparer Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Users\Brummel\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Brummel\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ecab13ef-924c-11df-8bab-001167899dc3}\Shell\AutoRun\command - "" = F:\Launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/09/15 19:59:56 | 000,000,000 | ---D | C] -- C:\ToolBar SD
[2010/09/15 13:49:53 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\vlc
[2010/09/14 20:26:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/09/14 17:13:10 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2010/09/14 17:13:10 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\Anti-Malware
[2010/09/14 16:57:44 | 000,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2010/09/14 14:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/09/11 17:51:06 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\Nero
[2010/09/11 17:44:20 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\Nero
[2010/09/11 17:25:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2010/09/11 17:25:09 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010/09/11 14:51:33 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\Nero_AG
[2010/09/11 14:19:24 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\Simply Super Software
[2010/09/11 14:19:16 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll
[2010/09/11 14:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2010/09/11 14:19:15 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\Simply Super Software
[2010/09/11 14:19:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010/09/11 14:11:04 | 000,046,080 | ---- | C] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4vyqy8433VY.exe
[2010/09/11 14:05:58 | 000,046,080 | ---- | C] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4zxlm9800ZX.exe
[2010/09/11 14:04:39 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Documents\NeroVision
[2010/09/11 14:04:33 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\Nero
[2010/09/11 13:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010/09/11 13:44:32 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2010/09/11 13:44:31 | 002,252,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
[2010/09/11 13:44:31 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2010/09/11 07:45:14 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Desktop\default.aspx_fichiers
[2010/09/04 11:45:05 | 000,000,000 | ---D | C] -- C:\TaalNet2
[2010/08/28 17:46:34 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\G4G.PL
[2010/08/26 11:46:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010/08/25 18:57:46 | 000,000,000 | ---D | C] -- C:\Users\Brummel\Desktop\voiture
[2010/08/25 00:11:36 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Local\i3D_Software
[2010/08/24 23:56:56 | 000,000,000 | ---D | C] -- C:\Users\Brummel\AppData\Roaming\BFBC2CC
[2010/08/24 23:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\BFBC2CC
[2009/04/02 22:52:40 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Brummel\AppData\Roaming\pcouffin.sys
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/09/15 20:24:19 | 005,505,024 | -HS- | M] () -- C:\Users\Brummel\NTUSER.DAT
[2010/09/15 20:23:16 | 000,000,671 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\vso_ts_preview.xml
[2010/09/15 20:15:05 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CA14B8DA-6BFA-4122-932B-BAA462944ADE}.job
[2010/09/15 19:34:14 | 000,003,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/15 19:34:14 | 000,003,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/15 19:28:01 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/15 13:57:02 | 000,137,976 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/09/15 13:56:53 | 000,234,280 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010/09/15 13:25:35 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/09/15 13:25:24 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/15 13:25:15 | 002,929,511 | -H-- | M] () -- C:\Users\Brummel\AppData\Local\IconCache.db
[2010/09/15 12:38:51 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/09/15 12:34:35 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/09/15 12:34:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/15 12:34:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/15 12:34:10 | 3757,236,224 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/14 13:38:21 | 000,001,748 | ---- | M] () -- C:\Users\Brummel\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/13 19:05:35 | 000,038,912 | ---- | M] () -- C:\Users\Brummel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/12 18:15:59 | 000,005,344 | ---- | M] () -- C:\Users\Brummel\Desktop\GetAttachment.aspx.jpg
[2010/09/12 18:09:40 | 012,137,592 | ---- | M] () -- C:\Users\Brummel\Desktop\Hotmail.zip
[2010/09/12 09:29:22 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/09/11 16:56:25 | 000,061,737 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\SQLite3.dll
[2010/09/11 14:11:04 | 000,046,080 | ---- | M] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4vyqy8433VY.exe
[2010/09/11 14:05:58 | 000,046,080 | ---- | M] (Microsoft) -- C:\Users\Brummel\AppData\Roaming\4zxlm9800ZX.exe
[2010/09/11 12:58:33 | 728,151,092 | ---- | M] () -- C:\Users\Brummel\Desktop\L'exorciste.avi
[2010/09/11 07:45:32 | 000,006,134 | ---- | M] () -- C:\Users\Brummel\Desktop\default.aspx.htm
[2010/09/10 21:51:54 | 000,611,328 | ---- | M] () -- C:\Users\Brummel\Desktop\Bonus_Malus_exemple[1].ppt
[2010/08/25 20:11:16 | 000,724,790 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/08/25 20:11:16 | 000,639,418 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/25 20:11:16 | 000,133,784 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/08/25 20:11:16 | 000,116,356 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/25 20:11:15 | 001,607,428 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/25 18:53:25 | 002,541,919 | ---- | M] () -- C:\Users\Brummel\Desktop\photos kia sorento.zip
[2010/08/24 22:36:26 | 000,138,056 | ---- | M] () -- C:\Users\Brummel\AppData\Roaming\PnkBstrK.sys
[2010/08/24 22:35:53 | 002,434,856 | ---- | M] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/08/17 19:12:24 | 000,000,721 | ---- | M] () -- C:\Users\Brummel\Desktop\Planreliefearth.kmz
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/09/14 13:38:21 | 000,001,748 | ---- | C] () -- C:\Users\Brummel\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/09/12 18:15:52 | 000,005,344 | ---- | C] () -- C:\Users\Brummel\Desktop\GetAttachment.aspx.jpg
[2010/09/12 18:09:08 | 012,137,592 | ---- | C] () -- C:\Users\Brummel\Desktop\Hotmail.zip
[2010/09/12 10:01:39 | 3757,236,224 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/11 16:56:25 | 000,061,737 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\SQLite3.dll
[2010/09/11 14:19:17 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010/09/11 14:19:17 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010/09/11 14:19:16 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2010/09/11 14:19:16 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2010/09/11 12:48:14 | 728,151,092 | ---- | C] () -- C:\Users\Brummel\Desktop\L'exorciste.avi
[2010/09/11 07:45:32 | 000,006,134 | ---- | C] () -- C:\Users\Brummel\Desktop\default.aspx.htm
[2010/09/10 21:51:54 | 000,611,328 | ---- | C] () -- C:\Users\Brummel\Desktop\Bonus_Malus_exemple[1].ppt
[2010/08/25 18:53:21 | 002,541,919 | ---- | C] () -- C:\Users\Brummel\Desktop\photos kia sorento.zip
[2010/08/24 22:35:53 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/08/17 19:12:23 | 000,000,721 | ---- | C] () -- C:\Users\Brummel\Desktop\Planreliefearth.kmz
[2010/06/04 16:53:21 | 000,000,036 | ---- | C] () -- C:\Users\Brummel\AppData\Local\housecall.guid.cache
[2010/04/30 18:47:07 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010/03/14 14:58:05 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/03/14 14:57:28 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/01/23 16:07:10 | 000,004,096 | -H-- | C] () -- C:\Users\Brummel\AppData\Local\keyfile3.drm
[2009/12/02 17:00:26 | 000,000,008 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\DofusAppId0_2
[2009/12/02 16:55:36 | 000,000,173 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\D2Info0
[2009/12/02 16:55:36 | 000,000,008 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\DofusAppId0_1
[2009/11/24 18:14:23 | 000,000,095 | ---- | C] () -- C:\Users\Brummel\AppData\Local\fusioncache.dat
[2009/10/28 14:29:40 | 000,000,940 | ---- | C] () -- C:\Windows\bdoscandellang.ini
[2009/09/11 02:01:44 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/05/23 21:10:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/04/14 17:24:28 | 000,001,356 | ---- | C] () -- C:\Users\Brummel\AppData\Local\d3d9caps.dat
[2009/04/02 22:53:56 | 000,000,671 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\vso_ts_preview.xml
[2009/04/02 22:53:14 | 000,000,034 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\pcouffin.log
[2009/04/02 22:52:40 | 000,087,608 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\inst.exe
[2009/04/02 22:52:40 | 000,007,887 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\pcouffin.cat
[2009/04/02 22:52:40 | 000,001,144 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\pcouffin.inf
[2009/04/02 12:32:40 | 000,138,056 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\PnkBstrK.sys
[2009/04/02 12:32:40 | 000,137,976 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/03/28 11:35:09 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009/03/26 21:47:41 | 000,011,822 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009/03/22 22:21:40 | 002,931,168 | ---- | C] () -- C:\Program Files\FLV PlayerFCSetup.exe
[2009/03/22 22:21:08 | 009,810,664 | ---- | C] () -- C:\Program Files\FLV PlayerRCATSetup.exe
[2009/03/22 22:19:49 | 021,126,776 | ---- | C] () -- C:\Program Files\FLV PlayerRCSetup.exe
[2009/03/22 20:26:56 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2009/03/21 19:50:02 | 000,038,912 | ---- | C] () -- C:\Users\Brummel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/21 11:40:50 | 000,024,206 | ---- | C] () -- C:\Users\Brummel\AppData\Roaming\UserTile.png
[2009/03/21 01:06:33 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2009/03/21 01:06:32 | 000,011,575 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009/03/21 01:06:25 | 000,012,536 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2008/10/07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007/07/04 21:51:52 | 000,003,972 | ---- | C] () -- C:\Windows\System32\drivers\PciBus.sys
[2006/12/06 00:56:38 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/02/11 00:19:56 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\.purple
[2009/12/02 16:55:39 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\app
[2010/07/22 19:14:44 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Auslogics
[2010/09/10 23:02:31 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\BFBC2CC
[2009/04/05 20:43:09 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Canneverbe_Limited
[2009/05/18 15:07:31 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Canon
[2010/03/10 15:38:27 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\CocoonSoftware
[2009/03/28 11:39:08 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DAEMON Tools
[2009/08/19 13:28:26 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DAEMON Tools Lite
[2009/03/28 11:39:08 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DAEMON Tools Pro
[2009/11/08 01:04:46 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\DNA
[2009/12/02 18:19:03 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Dofus 2
[2009/12/02 17:00:26 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2009/12/02 16:55:36 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/05/26 17:11:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\ECE9E45009AF62BD28AAB7CE6CDFF483
[2010/01/20 16:01:00 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\FileZilla
[2010/04/30 18:47:11 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\FreeAudioPack
[2009/10/03 15:48:55 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\GetRightToGo
[2010/02/20 23:14:27 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\gtk-2.0
[2010/01/29 21:56:15 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\ijjigame
[2010/09/14 14:32:05 | 000,000,000 | RHSD | M] -- C:\Users\Brummel\AppData\Roaming\install
[2010/03/10 19:55:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\iriverter
[2010/09/15 15:46:28 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Mumble
[2010/07/18 12:42:58 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Nokia
[2010/07/18 12:41:38 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PC Suite
[2009/03/21 11:40:50 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PeerNetworking
[2010/01/24 20:12:16 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PhotoFiltre
[2010/02/04 23:01:12 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\PhotoFiltre Studio X
[2010/01/23 14:20:46 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Publish Providers
[2010/09/14 16:45:32 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\QuickScan
[2009/12/02 16:55:39 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010/09/11 14:19:15 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Simply Super Software
[2010/01/23 14:20:25 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Sony
[2010/06/25 15:27:04 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\SystemRequirementsLab
[2009/07/16 12:42:34 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\TeamViewer
[2009/03/21 20:42:50 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Thunderbird
[2010/08/17 21:13:52 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\TS3Client
[2009/12/04 21:50:32 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\uTorrent
[2010/09/15 20:23:16 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Vso
[2009/06/06 22:32:19 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Warsow
[2009/06/30 12:19:17 | 000,000,000 | ---D | M] -- C:\Users\Brummel\AppData\Roaming\Windows Live Writer
[2010/09/15 11:46:09 | 000,032,544 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/09/15 20:15:05 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CA14B8DA-6BFA-4122-932B-BAA462944ADE}.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< c:\users\dokfight\appdata\roaming\install\*.log >[/color]
 
[color=#A23BEC]< c:\users\dokfight\appdata\roaming\install\*.dll >[/color]
 
[color=#A23BEC]< c:\users\dokfight\appdata\roaming\install\*.exe  >[/color]
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2010/06/26 14:13:38 | 000,000,000 | ---D | M](C:\Users\Brummel\Documents\?? ???) -- C:\Users\Brummel\Documents\넥슨 플러그
[2010/06/26 14:13:38 | 000,000,000 | ---D | C](C:\Users\Brummel\Documents\?? ???) -- C:\Users\Brummel\Documents\넥슨 플러그
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >
Dokfight
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 15
Inscription: 14 Sep 2010 19:57
 

Re: Aide, trojan que j'arrive pas à delete

Message le 15 Sep 2010 19:59

hello,

j'ai rien mis sur un disque dur car j'en ai pas


Si tu as des documents très important je te conseille quand même de les sauvegarder ( voir graver sur un CD, DVD..)
Toute désinfection comporte des risques pour la stabilité du PC (même si dans ton cas les risques sont très limité), on est jamais à l'abri d'un plantage.

* Fais un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:Files
C:\Users\Brummel\AppData\Roaming\logs.dat
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\askcom.xml
C:\Program Files\Softonic_France
C:\Users\Brummel\AppData\Roaming\inst.exe
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
:OTL
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
IE - HKLM\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,start page = http://eu.ask.com?o=101916&l=dis
IE - HKCU\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic France Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1351374&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
O2 - BHO: (Softonic France Toolbar) - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF

:commands
[emptytemp]
[EMPTYFLASH]
[PURITY]
[REBOOT]
[RESETHOSTS]


* Cliques sur l'icône "Correction" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport va s'ouvrir "OTL.Txt"
* Copie et colle le rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

ensuite...

rend toi sur Virus Total

une fois sur la page d'accueil....

1:Clique sur "Parcourir" > dans la fenêtre d'explorateur qui s'ouvre choisie le fichier a analyser et cliques sur "Ouvrir".

pour toi,c'est C:\Users\Brummel\AppData\Roaming\4vyqy8433VY.exe


2:Le chemin complet du fichier a analyser doit apparaitre dans la fenêtre

3:Cliques sur "Envoyer le fichier"

ensuite patiente le temps du scan et poste un copier/coller du rapport qui apparait à l'écran

Image

ensuite fait la même manipulation avec:

C:\Users\Brummel\AppData\Roaming\4zxlm9800ZX.exe

et donne moi les résultats (liens des deux pages après l'analyse)

@++
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: Aide, trojan que j'arrive pas à delete

Message le 15 Sep 2010 20:50

Pour C:\Users\Brummel\AppData\Roaming\4vyqy8433VY.exe =>

Code: Tout sélectionner
Antivirus     Version     Last Update     Result
AhnLab-V3   2010.09.16.00   2010.09.15   -
AntiVir   8.2.4.52   2010.09.15   -
Antiy-AVL   2.0.3.7   2010.09.15   -
Authentium   5.2.0.5   2010.09.15   -
Avast   4.8.1351.0   2010.09.15   -
Avast5   5.0.594.0   2010.09.15   -
AVG   9.0.0.851   2010.09.15   -
BitDefender   7.2   2010.09.15   -
CAT-QuickHeal   11.00   2010.09.15   -
ClamAV   0.96.2.0-git   2010.09.15   -
Comodo   6089   2010.09.15   -
DrWeb   5.0.2.03300   2010.09.15   -
Emsisoft   5.0.0.37   2010.09.15   -
eSafe   7.0.17.0   2010.09.15   -
eTrust-Vet   36.1.7856   2010.09.15   -
F-Prot   4.6.1.107   2010.09.15   -
F-Secure   9.0.15370.0   2010.09.15   -
Fortinet   4.1.143.0   2010.09.15   -
GData   21   2010.09.15   -
Ikarus   T3.1.1.88.0   2010.09.15   -
Jiangmin   13.0.900   2010.09.15   -
K7AntiVirus   9.63.2522   2010.09.15   -
Kaspersky   7.0.0.125   2010.09.15   -
McAfee   5.400.0.1158   2010.09.15   -
McAfee-GW-Edition   2010.1C   2010.09.15   -
Microsoft   1.6103   2010.09.15   -
NOD32   5453   2010.09.15   -
Norman   6.06.06   2010.09.15   -
nProtect   2010-09-15.01   2010.09.15   -
Panda   10.0.2.7   2010.09.15   -
PCTools   7.0.3.5   2010.09.15   -
Prevx   3.0   2010.09.15   -
Rising   22.65.02.04   2010.09.15   -
Sophos   4.57.0   2010.09.15   -
Sunbelt   6879   2010.09.15   -
SUPERAntiSpyware   4.40.0.1006   2010.09.15   -
Symantec   20101.1.1.7   2010.09.15   -
TheHacker   6.7.0.0.018   2010.09.15   -
TrendMicro   9.120.0.1004   2010.09.15   -
TrendMicro-HouseCall   9.120.0.1004   2010.09.15   -
VBA32   3.12.14.0   2010.09.15   -
ViRobot   2010.8.25.4006   2010.09.15   -
VirusBuster   12.65.8.0   2010.09.15   -
Additional information
Show all
MD5   : c2507b905a8ad5904480b4a36d831da6
SHA1  : a3279378d7c535a24a21e1fdbd0e40c97634241a
SHA256: 8f8fb61d2e84676e321d4485daadbb2e5332cf1a1244a7168487f8d626602d53
ssdeep: 384:1okY726twFACH6twFC8TOsWLnLz7g0xqRHjMIhVv/mukcmjCeMar5vdz0TZwRtZT:dg8TQx
6gILXJGCoT08Z0AvZq/M
File size : 46080 bytes
First seen: 2010-09-15 19:43:30
Last seen : 2010-09-15 19:43:30
TrID:
Generic CIL Executable (.NET, Mono, etc.) (79.2%)
Windows Screen Saver (14.1%)
Win16/32 Executable Delphi generic (2.2%)
Generic Win/DOS Executable (2.1%)
DOS Executable Generic (2.1%)
sigcheck:
publisher....: Microsoft
copyright....: Copyright (c) Microsoft 2010
product......: Crak V.12
description..: Crak V.12
original name: Crak V.12.exe
internal name: Crak V.12.exe
file version.: 1.0.0.0
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0xC01E
timedatestamp....: 0x4C7C1A9E (Mon Aug 30 20:54:54 2010)
machinetype......: 0x14c (I386)

[[ 4 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x2000, 0xA024, 0xA200, 7.07, 476bcc6de1bf802ac261ae978b3eb18b
.sdata, 0xE000, 0x88, 0x200, 1.96, 77771d1c9bcdb7dddabaaac36dcb250b
.rsrc, 0x10000, 0x848, 0xA00, 2.91, a50e868f5d2f7ee28e395fb7f1d7603d
.reloc, 0x12000, 0xC, 0x200, 0.08, c4ed2ada33bb1e5bd71d8b2fe6d15a19

[[ 1 import(s) ]]
mscoree.dll: _CorExeMain
Symantec reputation:Suspicious.Insight


Pour C:\Users\Brummel\AppData\Roaming\4zxlm9800ZX.exe =>

Code: Tout sélectionner
Antivirus      Version      Last Update      Result
AhnLab-V3    2010.09.16.00    2010.09.15    -
AntiVir    8.2.4.52    2010.09.15    -
Antiy-AVL    2.0.3.7    2010.09.15    -
Authentium    5.2.0.5    2010.09.15    -
Avast    4.8.1351.0    2010.09.15    -
Avast5    5.0.594.0    2010.09.15    -
AVG    9.0.0.851    2010.09.15    -
BitDefender    7.2    2010.09.15    -
CAT-QuickHeal    11.00    2010.09.15    -
ClamAV    0.96.2.0-git    2010.09.15    -
Comodo    6089    2010.09.15    -
DrWeb    5.0.2.03300    2010.09.15    -
Emsisoft    5.0.0.37    2010.09.15    -
eSafe    7.0.17.0    2010.09.15    -
eTrust-Vet    36.1.7856    2010.09.15    -
F-Prot    4.6.1.107    2010.09.15    -
F-Secure    9.0.15370.0    2010.09.15    -
Fortinet    4.1.143.0    2010.09.15    -
GData    21    2010.09.15    -
Ikarus    T3.1.1.88.0    2010.09.15    -
Jiangmin    13.0.900    2010.09.15    -
K7AntiVirus    9.63.2522    2010.09.15    -
Kaspersky    7.0.0.125    2010.09.15    -
McAfee    5.400.0.1158    2010.09.15    -
McAfee-GW-Edition    2010.1C    2010.09.15    -
Microsoft    1.6103    2010.09.15    -
NOD32    5453    2010.09.15    -
Norman    6.06.06    2010.09.15    -
nProtect    2010-09-15.01    2010.09.15    -
Panda    10.0.2.7    2010.09.15    -
PCTools    7.0.3.5    2010.09.15    -
Prevx    3.0    2010.09.15    -
Rising    22.65.02.04    2010.09.15    -
Sophos    4.57.0    2010.09.15    -
Sunbelt    6879    2010.09.15    -
SUPERAntiSpyware    4.40.0.1006    2010.09.15    -
Symantec    20101.1.1.7    2010.09.15    -
TheHacker    6.7.0.0.018    2010.09.15    -
TrendMicro    9.120.0.1004    2010.09.15    -
TrendMicro-HouseCall    9.120.0.1004    2010.09.15    -
VBA32    3.12.14.0    2010.09.15    -
ViRobot    2010.8.25.4006    2010.09.15    -
VirusBuster    12.65.8.0    2010.09.15    -
Additional information
Show all
MD5   : c2507b905a8ad5904480b4a36d831da6
SHA1  : a3279378d7c535a24a21e1fdbd0e40c97634241a
SHA256: 8f8fb61d2e84676e321d4485daadbb2e5332cf1a1244a7168487f8d626602d53
ssdeep: 384:1okY726twFACH6twFC8TOsWLnLz7g0xqRHjMIhVv/mukcmjCeMar5vdz0TZwRtZT:dg8TQx
6gILXJGCoT08Z0AvZq/M
File size : 46080 bytes
First seen: 2010-09-15 19:43:30
Last seen : 2010-09-15 19:47:46
TrID:
Generic CIL Executable (.NET, Mono, etc.) (79.2%)
Windows Screen Saver (14.1%)
Win16/32 Executable Delphi generic (2.2%)
Generic Win/DOS Executable (2.1%)
DOS Executable Generic (2.1%)
sigcheck:
publisher....: Microsoft
copyright....: Copyright (c) Microsoft 2010
product......: Crak V.12
description..: Crak V.12
original name: Crak V.12.exe
internal name: Crak V.12.exe
file version.: 1.0.0.0
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0xC01E
timedatestamp....: 0x4C7C1A9E (Mon Aug 30 20:54:54 2010)
machinetype......: 0x14c (I386)

[[ 4 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x2000, 0xA024, 0xA200, 7.07, 476bcc6de1bf802ac261ae978b3eb18b
.sdata, 0xE000, 0x88, 0x200, 1.96, 77771d1c9bcdb7dddabaaac36dcb250b
.rsrc, 0x10000, 0x848, 0xA00, 2.91, a50e868f5d2f7ee28e395fb7f1d7603d
.reloc, 0x12000, 0xC, 0x200, 0.08, c4ed2ada33bb1e5bd71d8b2fe6d15a19

[[ 1 import(s) ]]
mscoree.dll: _CorExeMain


PS/

* Fais un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:Files
C:\Users\Brummel\AppData\Roaming\logs.dat
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\askcom.xml
C:\Program Files\Softonic_France
C:\Users\Brummel\AppData\Roaming\inst.exe
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
:OTL
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
IE - HKLM\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,start page = http://eu.ask.com?o=101916&l=dis
IE - HKCU\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic France Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1351374&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
O2 - BHO: (Softonic France Toolbar) - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF

:commands
[emptytemp]
[EMPTYFLASH]
[PURITY]
[REBOOT]
[RESETHOSTS]



* Cliques sur l'icône "Correction" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport va s'ouvrir "OTL.Txt"
* Copie et colle le rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés


pour ce qui est de çà, j'ai eu un message error, et puis çà mettais resetfichierHOSt, c'est normal ? j'ai donc abandonné le truc, et passé à la 2° étape/
Dokfight
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 15
Inscription: 14 Sep 2010 19:57
 

Re: Aide, trojan que j'arrive pas à delete

Message le 15 Sep 2010 21:07

helo,

pour éviter le message d'erreur recommence avec cette nouvelle citation, ça devrait passer :wink:
:Files
C:\Users\Brummel\AppData\Roaming\logs.dat
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\askcom.xml
C:\Program Files\Softonic_France
C:\Users\Brummel\AppData\Roaming\inst.exe
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
:OTL
PRC - C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
IE - HKLM\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,start page = http://eu.ask.com?o=101916&l=dis
IE - HKCU\..\URLSearchHook: {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic France Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1351374&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
O2 - BHO: (Softonic France Toolbar) - {364d4e0c-543f-4b85-abe3-19551139da4f} - C:\Program Files\Softonic_France\tbSoft.dll (Conduit Ltd.)
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF

:commands
[emptytemp]
[EMPTYFLASH]
[PURITY]


@++
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: Aide, trojan que j'arrive pas à delete

Message le 15 Sep 2010 21:35

Voilà le rapport OTL:

Code: Tout sélectionner
All processes killed
========== FILES ==========
File\Folder C:\Users\Brummel\AppData\Roaming\logs.dat not found.
File\Folder C:\Program Files\Application Updater\ApplicationUpdater.exe not found.
File\Folder C:\Users\Brummel\AppData\Roaming\Mozilla\FireFox\Profiles\0teihibf.default\searchplugins\askcom.xml not found.
File\Folder C:\Program Files\Softonic_France not found.
File\Folder C:\Users\Brummel\AppData\Roaming\inst.exe not found.
Unable to delete ADS C:\ProgramData\TEMP:05EE1EEF .
File\Folder [6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] not found.
File\Folder [6 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] not found.
File\Folder [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] not found.
========== OTL ==========
No active process named ApplicationUpdater.exe was found!
Error: No service named Application Updater was found to stop!
Service\Driver key Application Updater not found.
File  C:\Program Files\Application Updater\ApplicationUpdater.exe  not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{364d4e0c-543f-4b85-abe3-19551139da4f} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{364d4e0c-543f-4b85-abe3-19551139da4f}\ not found.
File C:\Program Files\Softonic_France\tbSoft.dll not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\start page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{364d4e0c-543f-4b85-abe3-19551139da4f} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{364d4e0c-543f-4b85-abe3-19551139da4f}\ not found.
File C:\Program Files\Softonic_France\tbSoft.dll not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "Softonic France Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1351374&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{364d4e0c-543f-4b85-abe3-19551139da4f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{364d4e0c-543f-4b85-abe3-19551139da4f}\ not found.
File C:\Program Files\Softonic_France\tbSoft.dll not found.
Unable to delete ADS C:\ProgramData\TEMP:05EE1EEF .
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Brummel
->Temp folder emptied: 36793 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 31092267 bytes
->Flash cache emptied: 627 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: SHS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 79194 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 30,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Brummel
->Flash cache emptied: 0 bytes
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
Dokfight
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 15
Inscription: 14 Sep 2010 19:57
 

Re: Aide, trojan que j'arrive pas à delete

Message le 16 Sep 2010 16:18

hello,

Bien, apriori la première tentative de suppression avait bien fonctionné :wink:

Je vois que tu as Malwarebytes sur ton PC..
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

peux tu faire sa mise à jours et faire un scan rapide pour me poster le rapport STP... :wink:
Avatar de l'utilisateur
jeanmimigab
PC-Infopraticien
PC-Infopraticien
 
Messages: 2986
Inscription: 29 Nov 2009 12:05
 

Re: Aide, trojan que j'arrive pas à delete

Message le 16 Sep 2010 16:43

Code: Tout sélectionner
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 4629

Windows 6.0.6000
Internet Explorer 8.0.6001.18904

16/09/2010 17:42:45
mbam-log-2010-09-16 (17-42-45).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 149284
Temps écoulé: 11 minute(s), 7 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Dokfight
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 15
Inscription: 14 Sep 2010 19:57
 

Suivante


Sujets similaires

Message Aide suite à une analyse FRST contre un virus vbc.exe
Bonjour tout le monde, J'ai récemment constaté que j'étais infecté par un virus lié à vbc.exe, ce qui entraîne une utilisation du CPU allant jusqu'à 30% voire 40%. J'ai donc effectué mes analyses FRST et voici les rapports obtenus : - FRST.txt: https://pjjoint.malekal.com/files.php?id=FRST_20240315_ ...
Réponses: 3

Message : besoin d'aide pour un pc portable à 500 euros
Bonjour à tous, J'ai besoin d'un sacré coup de main et de vos compétences. Voilà, j'ai un ami de mon fils avec ses frères et s?urs. Ils vont casser leur tirelire pour acheter un PC portable à leur s?ur pour son anniversaire . Elle va avoir 17 ans car leurs parents ne peuvent pas se le permettre . ...
Réponses: 3

Message [Réglé] recherche antivirus et anti trojan pour tel android
Salut tout le mondeje possede un Samsung GALAXY S23 ULTRA, système Android version 14 et version One Ui 6.0 je ne sais pas trop à quoi cela correspond exactement, c'est juste pour information il y a bien dessus maintenance de l'application un onglet protection des applications, mais comme je fais ...
Réponses: 5

Message [Résolu] comment utiliser opera
Bonjour J'ai installé opera, je n'arrive pas à le mettre en français ? Il y a aussi la page d'accueil qui me gêne, pleine de petites fenêtres qui ne m'intéressèrent pas. Merci
Réponses: 13

Message [Résolu] Impossible lancer Windows défender hors ligne WIN10
Salut à vous j'ai voulu lancer Windows Defender hors ligne et malgré plusieurs tentatives et démarrages, il ne se passe rien je suis allé sur mon disque dur C où est installé Windows Defender et puis sur offline j'ai cliqué sur en administrateur : OfflineScannerShellet voici le message Je précis ...
Réponses: 64

Message mot de pass [Résolu]
bonjour quand j'allume le pc il demande un mot de passe et option de connexion ..comment je peu supprimé ça pour que l'ordi s'allume sans cet option ...si y a moyen ça sera bien ps: installation Windows car j'ai remplacé mon DD par un SSD ce week-endmerci
Réponses: 23


Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 15 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.