Votre question

Probleme virus xp antispyware

Tags :
  • Antispyware
  • Sécurité
Dernière réponse : dans Sécurité et virus
18 Avril 2011 02:05:39

Bonjour, j'ai un problème avec xp anti spyware, incapable d'ouvrir iinternet explorer, dès que j'essaie une fenêtre s'ouvre et xp anti spyware blocke l'accès. En ouvrant task manager et en fermant les applications inconnues sous administrator, je réussis à naviguer à nouveau. Je me suis rendu compte que dès que j'ouvre msn messenger le problème survient à tout coup. Pas trop familier avec les antivirus et antispyware, si vous pourriez me guider dans les mesures à suivre. Merci de votre aide.

Autres pages sur : probleme virus antispyware

a c 614 8 Sécurité
18 Avril 2011 15:22:04

Bonjour,

C'est un rogue, un faux utilitaire de sécurité.

à faire :

1) Télécharge RogueKiller (de Tigzy) sur ton bureau.

  • Ferme toutes tes fenêtres, puis double clique sur RogueKiller.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • S'il est bloqué, renomme-le avant winlogon.exe et réessaye

  • Une fois l'initialisation terminée, choisis l'option 1 et valide.
  • Un rapport s'ouvrira, copie-colle son contenu dans ta prochaine réponse

    (S'il ne s'ouvre pas, il est enregistré sur le bureau : RKreport.txt)
    18 Avril 2011 20:27:19

    RogueKiller V4.3.9 [04/16/2011] by Tigzy
    contact at http://www.sur-la-toile.com
    mail: tigzyRK<at>gmail<dot>com
    Feedback: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...

    Operating System: Windows XP (5.1.2600 Service Pack 2) 32 bits version
    Started in : Normal mode
    User: Danis Mallais [Admin rights]
    Mode: Scan -- Date : 04/18/2011 15:19:38

    Bad processes: 0

    Registry Entries: 10
    [APPDT/TMP/DESKTOP] HKCU\[...]\Run : AdVantage (C:\Documents and Settings\Danis Mallais\Application Data\advantage\AdVantage.exe) -> FOUND
    [APPDT/TMP/DESKTOP] HKUS\S-1-5-21-2802500144-973721220-2682169100-1006[...]\Run : AdVantage (C:\Documents and Settings\Danis Mallais\Application Data\advantage\AdVantage.exe) -> FOUND
    [HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> FOUND
    [HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> FOUND
    [HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> FOUND
    [FILEASSO] HKCU\[...]Software\Classes\.exe\shell\open\command : ("C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\coj.exe" -a "%1" %*) -> FOUND
    [FILEASSO] HKCU\[...]Software\Classes\exefile\shell\open\command : ("C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\coj.exe" -a "%1" %*) -> FOUND
    [FILEASSO] HKCR\[...]exefile\shell\open\command : ("C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\coj.exe" -a "%1" %*) -> FOUND
    [FILEASSO] HKCR\[...].exe\shell\open\command : ("C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\coj.exe" -a "%1" %*) -> FOUND
    [FILEASSO] HKLM\[...]Software\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command : ("C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\coj.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe") -> FOUND

    HOSTS File:
    127.0.0.1 localhost


    Finished : << RKreport[1].txt >>
    RKreport[1].txt



    Contenus similaires
    18 Avril 2011 20:44:40

    maintenant j'ai des problèmes, lorsque j'essaie d'ouvrir des fichiers audios, mon win media player dit qu'il ne supporte pas les formats mp3 et midi, et lorsque j'essaie d'ouvrir des exe par exempe, il me demande avec quel programme je veux l'ouvrir, aussi j'ai du mal à faire fonctionner le pad de mon portable, il ne répond pas bien, je me demande si je n'ai pas une infection plus grave ???
    a c 614 8 Sécurité
    19 Avril 2011 09:05:44

    Re,

    Alors je vais te mettre le préambule que je n'avais pas encore mis afin que tu te rende compte qu'il faut savoir être patient le temps qu'on agisse vraiment sur l'infection !


    Préambule à toute désinfection :

    La désinfection demande l'utilisation d'outils et de procédures plus ou moins complexes, sensibles et potentiellement dangereux.
    Nous nous efforçons donc de traduire cela le plus clairement possible, néanmoins, il convient de respecter quelques conseils pour son bon déroulement :

  • Le PC infecté doit être utilisé le moins possible, mis à part pour les procédures et communiquer sur le forum.
  • Lis toujours l'intégralité des procédures avant de les entamer, ou sauvegarde-les (impression/ fichier texte).
    (En effet certaines circonstances pourraient t'empêcher de poursuivre la lecture, redémarrage de pc par exemple)
  • Réalise entièrement, précisément et dans l'ordre donné, les procédures demandées, sans cela tu risques de créer plus de problèmes que tu n'en résoudrais. Ne tente rien par toi-même sans nous en faire part avant !
  • N'hésite pas à poser toute question avant d'entamer les procédures, et rapporte immédiatement les problèmes rencontrés lors de celles-ci.


    Enfin, sache que la désinfection n'est terminée que lorsque la personne qui t'a pris en main te le dit.
    La disparition des symptômes ne signifie pas obligatoirement la disparition de l'infection !

    De plus, malgré nos précautions, un plantage du PC est toujours possible, pense à sauvegarder le maximum possible tes documents auparavant !


    A suivre :


    1) Relance RogueKiller :
  • Ferme toutes tes fenêtres, puis double clique sur RogueKiller.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • Une fois l'initialisation terminée, choisis l'option 2 et valide.
  • Laisse l'outil travailler.
  • Un rapport s'ouvrira, copie-colle son contenu dans ta prochaine réponse

    (S'il ne s'ouvre pas, il est enregistré sur le bureau : RKreport.txt)


    Ensuite :

    2) Télécharge MalwareByte's Anti-Malware :

  • Installe le programme (aide ici)
  • Lance-le et met à jour la base de définition.

  • Choisi ensuite "Exécuter un examen complet" puis "Rechercher"
  • Sélectionne les disques dur et clique sur "Lancer l'examen"
  • Laisse l'analyse se faire (cela peut durer longtemps).
  • A la fin, vérifie que les éléments trouvés soient coché (dans "Résultat de l'examen).
  • Puis clique sur "Supprimer la sélection" en bas.
  • Un redémarrage peut être nécessaire.

  • Un rapport va s'afficher, enregistre-le sur ton bureau.
  • ou sinon, après le démarrage, il se trouvera dans "Rapports/logs"

    Et enfin :

    Télécharge OTL (de Old Timer) sur ton bureau.
  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Coche en haut la case devant "Tous les utilisateurs"
  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.
    netsvcs
    msconfig
    drivers32
    activex
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    CREATERESTOREPOINT

  • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
  • A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.
    PS : Les rapports sont aussi enregistrés sur le bureau

    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    19 Avril 2011 19:42:28

    Lorsque j'ai voulu faire la mise à jour pour malwarebytes,il y avait une erreur. J'ai dû faire un scan sans mise à jour et suprimer la sélection ensuite j'ai pû faire la mise à jour. C'est pourquoi tu trouveras 2 rapporsts malwarebytes, le premier sans la mise à jour et le 2ieme avec la mise à jour. le rapport extra de otl est émis avant la mise à jour de malwarebytes car après la mise à jour de malwarebytes j'ai refait le scan avec otl mais aucun rapport extra n'est sorti, seulement le rapport otl...

    RogueKiller V4.3.9 [04/16/2011] by Tigzy
    contact at http://www.sur-la-toile.com
    mail: tigzyRK<at>gmail<dot>com
    Feedback: http://www.sur-la-toile.com/discussion-193725-1-BRogueK...

    Operating System: Windows XP (5.1.2600 Service Pack 2) 32 bits version
    Started in : Normal mode
    User: Danis Mallais [Admin rights]
    Mode: Remove -- Date : 04/19/2011 10:09:45

    Bad processes: 0

    Registry Entries: 7
    [APPDT/TMP/DESKTOP] HKCU\[...]\Run : AdVantage (C:\Documents and Settings\Danis Mallais\Application Data\advantage\AdVantage.exe) -> DELETED
    [HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> REPLACED (0)
    [HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> REPLACED (0)
    [HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> REPLACED (0)
    [FILE ASSO] HKCU\[...]Software\Classes\.exe\shell\open\command : ("C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\coj.exe" -a "%1" %*) -> REPLACED : ("%1" %*)
    [FILE ASSO] HKCU\[...]Software\Classes\exefile\shell\open\command : ("C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\coj.exe" -a "%1" %*) -> REPLACED : ("%1" %*)
    [FILE ASSO] HKLM\[...]Software\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command : ("C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\coj.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe") -> REPLACED : ("C:\Program Files\internet explorer\iexplore.exe")

    HOSTS File:
    127.0.0.1 localhost


    Finished : << RKreport[2].txt >>
    RKreport[1].txt ; RKreport[2].txt

    ______________________________
    avant mise à jour

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Version de la base de données: 5363

    Windows 5.1.2600 Service Pack 2
    Internet Explorer 8.0.6001.18702

    2011-04-19 11:59:44
    mbam-log-2011-04-19 (11-59-44).txt

    Type d'examen: Examen complet (C:\|D:\|)
    Elément(s) analysé(s): 201004
    Temps écoulé: 1 heure(s), 2 minute(s), 31 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 3
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 36

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\advantage_DAEM (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\advantage (Adware.Vomba) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    HKEY_CLASSES_ROOT\exefile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: () Good: ("%1" %*) -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    c:\program files\advantage (Adware.Advantage) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    c:\documents and settings\danis mallais\application data\advantage\advantage.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\documents and settings\danis mallais\application data\advantage\advuninst.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\documents and settings\danis mallais\desktop\rk_quarantine\advantage.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\program files\advantage\advuninst.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\RECYCLER\s-1-5-21-2802500144-973721220-2682169100-1006\Dc8.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP32\A0000600.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP32\A0000601.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP32\A0000603.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP32\A0000604.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP32\A0000606.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP32\A0000607.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP32\A0000608.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP32\A0000609.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003623.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003624.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003627.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003629.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003630.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003631.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003633.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003634.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003636.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003637.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003638.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003777.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003778.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003780.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003781.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003783.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003784.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003785.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP39\A0003626.dll (Adware.Seekmo) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\rp41\a0004254.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\RP41\A0004404.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
    c:\system volume information\_restore{2ae341e1-1d41-47b3-ae84-fddc37834243}\rp82\a0032368.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    c:\Temp\xvid-win32.exe (Adware.Hotbar) -> Quarantined and deleted successfully.

    ______________________________
    après mise à jour

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Version de la base de données: 6399

    Windows 5.1.2600 Service Pack 2
    Internet Explorer 8.0.6001.18702

    2011-04-19 13:52:16
    mbam-log-2011-04-19 (13-52-16).txt

    Type d'examen: Examen complet (C:\|D:\|)
    Elément(s) analysé(s): 214251
    Temps écoulé: 50 minute(s), 52 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    c:\documents and settings\danis mallais\Desktop\pcfix-v303-fr.exe (Adware.PCFixCleaner) -> Quarantined and deleted successfully.
    c:\documents and settings\danis mallais\Desktop\wmvconvertersetup.exe (Adware.Agent) -> Quarantined and deleted successfully.

    ------------------------------------------------------------------

    OTL logfile created on: 2011-04-19 14:03:35 - Run 2
    OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Danis Mallais\Desktop
    Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

    446,00 Mb Total Physical Memory | 206,00 Mb Available Physical Memory | 46,00% Memory free
    1,00 Gb Paging File | 1,00 Gb Available in Paging File | 70,00% Paging File free
    Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 79,65 Gb Total Space | 34,53 Gb Free Space | 43,35% Space Free | Partition Type: NTFS
    Drive D: | 13,51 Gb Total Space | 2,53 Gb Free Space | 18,72% Space Free | Partition Type: NTFS

    Computer Name: YOUR-D325C4BA28 | User Name: Danis Mallais | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011-04-19 10:08:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Danis Mallais\Desktop\OTL.exe
    PRC - [2011-02-23 11:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2010-10-17 16:38:42 | 000,742,912 | ---- | M] (FileZilla Project) -- C:\Program Files\FileZilla Server\FileZilla server.exe
    PRC - [2010-02-18 12:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
    PRC - [2005-08-25 23:11:58 | 000,053,248 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    PRC - [2005-08-22 17:49:28 | 000,028,672 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\TCtrlIOHook.exe
    PRC - [2005-08-06 06:18:00 | 000,978,944 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    PRC - [2005-07-15 14:52:42 | 001,077,322 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    PRC - [2005-06-30 14:05:56 | 000,671,744 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
    PRC - [2005-06-06 13:58:44 | 000,024,576 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\ZoomingHook.exe
    PRC - [2005-05-31 21:16:44 | 000,282,624 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
    PRC - [2005-05-31 21:16:24 | 000,045,056 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
    PRC - [2005-04-26 20:13:20 | 000,122,880 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    PRC - [2005-04-18 12:33:42 | 000,188,416 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
    PRC - [2005-04-05 20:25:34 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    PRC - [2005-02-17 12:23:16 | 000,014,848 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\CTHELPER.EXE
    PRC - [2005-01-27 11:36:54 | 000,045,056 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
    PRC - [2005-01-17 20:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    PRC - [2005-01-10 11:52:36 | 000,081,920 | ---- | M] () -- C:\Program Files\Creative\Sound Blaster Audigy 2\Feature Mode Utility\CTModUtl.exe
    PRC - [2005-01-07 11:32:14 | 000,053,248 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster Audigy 2\Feature Mode Utility\CTAPR.exe
    PRC - [2004-12-30 04:32:20 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    PRC - [2004-12-22 17:50:04 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\acs.exe
    PRC - [2004-12-02 19:23:34 | 000,102,400 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    PRC - [2004-11-30 12:00:00 | 000,135,168 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
    PRC - [2004-08-28 04:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
    PRC - [2004-08-28 04:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
    PRC - [2004-08-04 09:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2003-09-17 11:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe
    PRC - [2003-09-05 22:16:30 | 000,184,320 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe
    PRC - [2003-06-18 02:00:00 | 000,045,056 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster Audigy 2\DVDAudio\CTDVDDET.exe
    PRC - [2000-02-09 00:19:48 | 000,036,864 | R--- | M] (Roland) -- C:\Program Files\Roland\VSC32\vscvol.exe
    PRC - [2000-02-07 04:02:44 | 000,036,864 | R--- | M] (Roland) -- C:\Program Files\Roland\VSC32\Vsc32Cnf.exe


    ========== Modules (SafeList) ==========

    MOD - [2011-04-19 10:08:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Danis Mallais\Desktop\OTL.exe
    MOD - [2011-02-23 11:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
    MOD - [2005-02-17 12:23:16 | 000,007,168 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTAGENT.DLL
    MOD - [2004-08-04 09:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [Disabled | Stopped] -- -- (HidServ)
    SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
    SRV - [2011-02-23 11:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2010-10-17 16:38:42 | 000,742,912 | ---- | M] (FileZilla Project) [Auto | Running] -- C:\Program Files\FileZilla Server\FileZilla Server.exe -- (FileZilla Server)
    SRV - [2005-01-17 20:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
    SRV - [2004-12-22 17:50:04 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
    SRV - [2004-08-28 04:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


    ========== Driver Services (SafeList) ==========

    DRV - [2011-02-23 10:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
    DRV - [2011-02-23 10:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2011-02-23 10:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2011-02-23 10:55:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
    DRV - [2011-02-23 10:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2011-02-23 10:54:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
    DRV - [2011-02-23 10:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2011-02-05 21:31:10 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
    DRV - [2011-01-25 15:28:14 | 000,015,890 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
    DRV - [2005-07-29 13:55:46 | 000,030,592 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
    DRV - [2005-07-05 11:36:36 | 001,245,696 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2005-06-03 23:49:42 | 000,009,600 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav)
    DRV - [2005-06-02 07:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
    DRV - [2005-04-18 23:40:52 | 002,317,504 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
    DRV - [2005-03-04 17:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
    DRV - [2005-02-17 12:26:14 | 001,298,944 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctmmfilt.sys -- (ctmmfilt)
    DRV - [2005-02-17 12:23:50 | 000,008,704 | R--- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pfmodnt.sys -- (PfModNT)
    DRV - [2005-02-17 12:19:16 | 000,339,984 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
    DRV - [2005-02-17 12:18:20 | 000,410,752 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
    DRV - [2005-02-17 12:18:18 | 000,007,168 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
    DRV - [2005-02-17 12:18:16 | 000,704,000 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
    DRV - [2005-02-17 12:18:14 | 000,172,032 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k)
    DRV - [2005-02-17 12:18:14 | 000,148,480 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
    DRV - [2005-02-17 12:18:12 | 000,106,496 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
    DRV - [2005-02-17 12:18:10 | 000,138,752 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
    DRV - [2005-02-17 12:18:10 | 000,071,680 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
    DRV - [2005-02-17 12:18:08 | 000,497,664 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
    DRV - [2005-01-31 03:31:08 | 000,159,104 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTMSFSYN.SYS -- (CTMSFSYN)
    DRV - [2004-12-22 17:45:36 | 000,393,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
    DRV - [2004-11-15 05:22:08 | 000,101,874 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
    DRV - [2004-08-03 19:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
    DRV - [2004-07-30 19:05:08 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSIOMngr.sys -- (SrvcSSIOMngr)
    DRV - [2004-06-27 23:35:24 | 000,069,760 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
    DRV - [2003-09-19 05:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
    DRV - [2003-01-29 18:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
    DRV - [2002-01-24 19:43:40 | 000,006,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tbiosdrv.sys -- (TBiosDrv)
    DRV - [2001-04-16 10:16:58 | 000,951,284 | R--- | M] (Roland) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vsc.sys -- (vsc32)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========



    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.shoptoshiba.ca/welcome
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.shoptoshiba.ca/welcome
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-2802500144-973721220-2682169100-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
    IE - HKU\S-1-5-21-2802500144-973721220-2682169100-1006\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    IE - HKU\S-1-5-21-2802500144-973721220-2682169100-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    O1 HOSTS File: ([2004-08-04 09:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
    O3 - HKLM\..\Toolbar: (Yahoo! Barre d'outils) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
    O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\Sound Blaster Audigy 2\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)
    O4 - HKLM..\Run: [CTFeatureModeUtility] C:\Program Files\Creative\Sound Blaster Audigy 2\Feature Mode Utility\CTModUtl.exe ()
    O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)
    O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
    O4 - HKLM..\Run: [FileZilla Server Interface] C:\Program Files\FileZilla Server\FileZilla Server Interface.exe (FileZilla Project)
    O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.)
    O4 - HKLM..\Run: [LtMoh] C:\\Program Files\\ltmoh\\Ltmoh.exe ()
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [NDSTray.exe] File not found
    O4 - HKLM..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe (TOSHIBA)
    O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA)
    O4 - HKLM..\Run: [TCtryIOHook] C:\WINDOWS\System32\TCtrlIOHook.exe (TOSHIBA)
    O4 - HKLM..\Run: [TFncKy] File not found
    O4 - HKLM..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
    O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [vsc32cnf.exe] C:\Program Files\Roland\VSC32\Vsc32Cnf.exe (Roland)
    O4 - HKLM..\Run: [vscvol.exe] C:\Program Files\Roland\VSC32\vscvol.exe (Roland)
    O4 - HKLM..\Run: [ZoomingHook] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA)
    O4 - HKU\S-1-5-21-2802500144-973721220-2682169100-1006..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)
    O4 - HKU\S-1-5-21-2802500144-973721220-2682169100-1006..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe (Creative Technology Ltd)
    O4 - HKU\S-1-5-21-2802500144-973721220-2682169100-1006..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd.)
    O4 - HKU\S-1-5-21-2802500144-973721220-2682169100-1006..\Run: [SetDefaultMIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd)
    O4 - HKU\S-1-5-21-2802500144-973721220-2682169100-1006..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-2802500144-973721220-2682169100-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash... (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
    O24 - Desktop WallPaper: C:\WINDOWS\OrganicMetal.bmp
    O24 - Desktop BackupWallPaper: C:\WINDOWS\OrganicMetal.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2005-08-30 22:51:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{18f3d30a-28b6-11e0-9e59-0011f5c22c08}\Shell - "" = AutoRun
    O33 - MountPoints2\{18f3d30a-28b6-11e0-9e59-0011f5c22c08}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{18f3d30a-28b6-11e0-9e59-0011f5c22c08}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.exe
    O33 - MountPoints2\{6c5b7d70-6374-11e0-9e7d-0011f5c22c08}\Shell - "" = AutoRun
    O33 - MountPoints2\{6c5b7d70-6374-11e0-9e7d-0011f5c22c08}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{6c5b7d70-6374-11e0-9e7d-0011f5c22c08}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
    O33 - MountPoints2\{fde5ddae-5b44-11e0-9e79-0011f5c22c08}\Shell - "" = AutoRun
    O33 - MountPoints2\{fde5ddae-5b44-11e0-9e79-0011f5c22c08}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{fde5ddae-5b44-11e0-9e79-0011f5c22c08}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O35 - HKU\S-1-5-21-2802500144-973721220-2682169100-1006..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKU\S-1-5-21-2802500144-973721220-2682169100-1006\...exe [@ = exefile] -- "%1" %*

    NetSvcs: 6to4 - File not found
    NetSvcs: AppMgmt - File not found
    NetSvcs: HidServ - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: WmdmPmSp - File not found


    Drivers32: MIDI2 - C:\WINDOWS\System32\vscapi.dll (Roland)
    Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
    Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
    Drivers32: WAVE2 - C:\WINDOWS\System32\vscapi.dll (Roland)

    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
    ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
    ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:o E /CALLER:WINNT /user /install
    ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
    ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
    ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
    ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point (17746534284132352)

    ========== Files/Folders - Created Within 30 Days ==========

    [2011-04-19 10:13:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Application Data\Malwarebytes
    [2011-04-19 10:12:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2011-04-19 10:12:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2011-04-19 10:12:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2011-04-19 10:12:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2011-04-19 10:12:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2011-04-19 10:07:51 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Danis Mallais\Desktop\OTL.exe
    [2011-04-19 10:07:26 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Danis Mallais\Desktop\mbam-setup-1.50.1.1100.exe
    [2011-04-18 15:19:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Desktop\RK_Quarantine
    [2011-04-18 10:37:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Desktop\temp2
    [2011-04-17 15:05:10 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
    [2011-04-17 15:05:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
    [2011-04-17 15:05:09 | 000,301,528 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
    [2011-04-17 15:05:07 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
    [2011-04-17 15:05:07 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
    [2011-04-17 15:05:06 | 000,371,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
    [2011-04-17 15:05:05 | 000,102,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
    [2011-04-17 15:05:05 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
    [2011-04-17 15:05:05 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
    [2011-04-17 15:04:54 | 000,040,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
    [2011-04-17 15:04:53 | 000,190,016 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
    [2011-04-17 15:04:38 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
    [2011-04-17 15:04:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
    [2011-04-17 14:55:04 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Danis Mallais\Desktop\HiJackThis.exe
    [2011-04-11 20:53:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Desktop\temp
    [2011-04-10 10:31:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Application Data\U3
    [2011-04-05 15:21:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\My Documents\Mes fichiers reçus
    [2011-04-05 12:29:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Desktop\Rino Boudreau
    [2011-04-04 14:58:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
    [2011-04-04 14:58:04 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
    [2011-03-31 13:00:29 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
    [2011-03-31 12:58:55 | 002,228,534 | ---- | C] ( ) -- C:\Documents and Settings\Danis Mallais\Desktop\audacity-win-1.2.6.exe
    [2011-03-31 12:55:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Application Data\Sony
    [2011-03-31 12:54:37 | 145,533,376 | ---- | C] (Sony Creative Software Inc.) -- C:\Documents and Settings\Danis Mallais\Desktop\soundforgepro10.0c.exe
    [2011-03-31 00:13:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Desktop\110330210817
    [2011-03-29 15:38:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
    [2011-03-29 10:38:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\PCHealth
    [2011-03-28 11:23:49 | 000,372,736 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hppldcoi.dll
    [2011-03-28 11:23:49 | 000,309,760 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
    [2011-03-28 11:23:48 | 000,593,920 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpwtscl5.dll
    [2011-03-28 11:23:48 | 000,315,392 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpwvst01.dll
    [2011-03-28 11:23:47 | 000,716,288 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpwwiax9.dll
    [2011-03-28 11:19:29 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
    [2011-03-28 11:19:29 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
    [2011-03-28 11:19:27 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
    [2011-03-28 11:19:26 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
    [2011-03-28 11:19:24 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
    [2011-03-28 11:19:24 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
    [2011-03-28 11:19:20 | 000,000,000 | ---D | C] -- C:\b4be9ffed561ed3a5335c5fb42
    [2011-03-28 11:13:50 | 000,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
    [2011-03-28 11:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
    [2011-03-26 20:41:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
    [2011-03-26 20:23:25 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
    [2011-03-25 10:59:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WEBREG
    [2011-03-25 10:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Application Data\HP
    [2011-03-25 10:58:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\HP
    [2011-03-25 09:35:07 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
    [2011-03-25 09:29:10 | 000,122,880 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpf3l092.dll
    [2011-03-25 09:29:09 | 000,452,408 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpzids01.dll
    [2011-03-25 09:24:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
    [2011-03-25 09:24:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Application Data\Yahoo!
    [2011-03-25 09:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
    [2011-03-24 23:59:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HP
    [2011-03-24 23:59:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP
    [2011-03-24 23:59:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
    [2011-03-24 23:59:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\hpoj4500g510n-z
    [2011-03-24 23:57:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
    [2011-03-24 23:57:18 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
    [2011-03-24 23:57:14 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
    [2011-03-24 23:56:11 | 000,000,000 | ---D | C] -- C:\Program Files\HP
    [2011-03-24 19:03:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EVH Flyer Creator
    [2011-03-24 19:02:11 | 000,000,000 | ---D | C] -- C:\Program Files\EVH Flyer Creator
    [2011-03-24 19:02:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Business Objects
    [2011-01-25 15:28:12 | 000,028,672 | ---- | C] ( ) -- C:\WINDOWS\System32\ControlACS.exe
    [2005-02-17 12:23:42 | 000,032,768 | R--- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
    [2005-02-17 12:18:06 | 000,009,216 | ---- | C] ( ) -- C:\WINDOWS\System32\KILLAPPS.EXE
    [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011-04-19 13:57:16 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\dmcuijeb.sys
    [2011-04-19 12:03:43 | 000,000,588 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
    [2011-04-19 12:03:43 | 000,000,588 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
    [2011-04-19 12:02:40 | 004,958,588 | ---- | M] () -- C:\WINDOWS\{00000005-00000000-00000000-00001102-00000008-20011102}.CDF
    [2011-04-19 12:01:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011-04-19 12:01:35 | 467,845,120 | -HS- | M] () -- C:\hiberfil.sys
    [2011-04-19 12:01:00 | 000,023,880 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000000-00001102-00000008-20011102}.rfx
    [2011-04-19 12:01:00 | 000,023,880 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000000-00001102-00000008-20011102}.rfx
    [2011-04-19 12:01:00 | 000,011,500 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000000-00001102-00000008-20011102}.rfx
    [2011-04-19 12:01:00 | 000,007,884 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000005-00000000-00000000-00001102-00000008-20011102}.rfx
    [2011-04-19 12:01:00 | 000,007,884 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000005-00000000-00000000-00001102-00000008-20011102}.rfx
    [2011-04-19 10:12:55 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011-04-19 10:08:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Danis Mallais\Desktop\OTL.exe
    [2011-04-19 10:07:27 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Danis Mallais\Desktop\mbam-setup-1.50.1.1100.exe
    [2011-04-18 15:11:53 | 001,098,752 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\RogueKiller.exe
    [2011-04-17 20:47:45 | 000,014,650 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\2106004185
    [2011-04-17 20:47:44 | 000,014,650 | -HS- | M] () -- C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\2106004185
    [2011-04-17 15:05:10 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
    [2011-04-17 15:05:06 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2011-04-17 14:59:51 | 054,097,512 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\avast_free6_01Net.exe
    [2011-04-17 14:55:06 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Danis Mallais\Desktop\HiJackThis.exe
    [2011-04-15 21:28:49 | 004,958,588 | ---- | M] () -- C:\WINDOWS\{00000005-00000000-00000000-00001102-00000008-20011102}.BAK
    [2011-04-15 21:24:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\TPTray.INI
    [2011-04-12 21:48:40 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011-04-11 21:01:57 | 000,413,380 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\Location de locaux.pdf
    [2011-04-11 20:58:19 | 003,984,844 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\temp.zip
    [2011-04-11 15:57:28 | 000,006,882 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\imagesCAO1LS51.jpg
    [2011-04-10 10:28:02 | 000,002,597 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\n-Track Studio.lnk
    [2011-04-10 10:26:54 | 000,021,372 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\maman la plus belle femme au monde.mid
    [2011-04-10 10:24:24 | 000,043,488 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\good hearted woman.mid
    [2011-04-10 10:20:57 | 000,148,738 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\~ntrck_backup-New song.sng
    [2011-04-10 10:20:14 | 000,033,856 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\achy breaky heart.mid
    [2011-04-08 13:59:57 | 000,023,092 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\Georges St-Pierre 'Rushfit' Workout Program[www.torrent411.com].torrent
    [2011-04-05 12:31:42 | 000,161,336 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\Rino Boudreau.zip
    [2011-04-04 15:50:21 | 000,093,619 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\suroit medley.mid
    [2011-03-31 13:00:31 | 000,000,641 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\Audacity.lnk
    [2011-03-31 12:59:05 | 002,228,534 | ---- | M] ( ) -- C:\Documents and Settings\Danis Mallais\Desktop\audacity-win-1.2.6.exe
    [2011-03-31 12:55:04 | 145,533,376 | ---- | M] (Sony Creative Software Inc.) -- C:\Documents and Settings\Danis Mallais\Desktop\soundforgepro10.0c.exe
    [2011-03-31 11:43:17 | 000,048,722 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\CQ auto Peggy.pdf
    [2011-03-31 11:43:13 | 000,077,077 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\CQ hab Peggy.pdf
    [2011-03-31 11:43:07 | 000,062,702 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\CVA Peggy.pdf
    [2011-03-31 01:22:39 | 004,353,011 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\til I gain control again.kfn
    [2011-03-31 00:13:37 | 000,040,905 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\110330210817.zip
    [2011-03-31 00:08:05 | 000,855,863 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\~ntrck_backup-~ntrck_backup-New song.sng
    [2011-03-30 14:18:07 | 000,559,137 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\~ntrck_backup-traveling band.sng
    [2011-03-30 09:28:22 | 000,002,219 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Del MP3 Karaoke.lnk
    [2011-03-29 09:28:16 | 000,298,362 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face9.jpg
    [2011-03-29 09:01:11 | 000,010,542 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\58540_434068986686_582286686_5339343_1325443_a.jpg
    [2011-03-29 09:01:11 | 000,009,186 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\63536_434068856686_582286686_5339341_5196055_a.jpg
    [2011-03-29 08:57:36 | 000,008,976 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\61919_434068776686_582286686_5339340_3091643_a.jpg
    [2011-03-29 08:57:16 | 000,008,292 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\149803_453622906686_582286686_5697570_4626479_a.jpg
    [2011-03-28 22:01:50 | 000,003,276 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\.recently-used.xbel
    [2011-03-28 21:28:58 | 000,039,412 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\1.pdf
    [2011-03-28 21:27:51 | 000,056,796 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\2.svg
    [2011-03-28 11:26:58 | 000,207,053 | ---- | M] () -- C:\WINDOWS\hpwins28.dat
    [2011-03-28 11:17:46 | 000,406,612 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2011-03-28 11:17:46 | 000,063,792 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2011-03-26 20:50:12 | 000,135,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2011-03-26 20:36:43 | 000,863,330 | ---- | M] () -- C:\WINDOWS\hpwins28.dat.temp
    [2011-03-24 23:16:27 | 000,099,064 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face7.jpg
    [2011-03-24 23:16:27 | 000,091,721 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face56.jpg
    [2011-03-24 23:16:27 | 000,078,943 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face8.jpg
    [2011-03-24 23:16:00 | 000,070,165 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face3.jpg
    [2011-03-24 23:15:59 | 000,071,263 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face2.jpg
    [2011-03-24 23:15:59 | 000,050,487 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face5.jpg
    [2011-03-24 23:15:59 | 000,011,583 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face4.jpg
    [2011-03-24 23:15:39 | 000,053,677 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face1.jpg
    [2011-03-24 23:08:52 | 001,166,454 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face8.bmp
    [2011-03-24 23:08:38 | 001,166,454 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face7.bmp
    [2011-03-24 23:08:30 | 000,151,578 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face6.bmp
    [2011-03-24 23:08:20 | 001,036,854 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face5.bmp
    [2011-03-24 23:08:10 | 001,166,454 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face4.bmp
    [2011-03-24 23:08:01 | 001,166,454 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face3.bmp
    [2011-03-24 23:07:51 | 001,166,454 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face2.bmp
    [2011-03-24 23:07:38 | 001,166,454 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face1.bmp
    [2011-03-24 22:33:20 | 000,039,725 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\4.svg
    [2011-03-24 22:28:53 | 000,039,679 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\3.svg
    [2011-03-24 20:43:10 | 000,017,391 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\2.PNG
    [2011-03-24 20:38:11 | 000,023,475 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\1.png
    [2011-03-24 20:15:20 | 000,002,248 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\1.svg
    [2011-03-24 20:13:20 | 000,365,123 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\contrat005146.odt
    [2011-03-24 19:44:31 | 000,072,704 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\TS030002683.pub
    [2011-03-24 19:17:55 | 000,010,341 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\Tri-FoldBrochure.ott
    [2011-03-24 19:07:05 | 000,002,329 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EVH Flyer Creator.lnk
    [2011-03-24 18:54:52 | 063,105,024 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\EVHSetup.exe
    [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011-04-19 13:57:16 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\dmcuijeb.sys
    [2011-04-19 10:12:55 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011-04-18 15:11:45 | 001,098,752 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\RogueKiller.exe
    [2011-04-17 15:05:10 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
    [2011-04-17 14:59:39 | 054,097,512 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\avast_free6_01Net.exe
    [2011-04-15 21:24:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TPTray.INI
    [2011-04-15 11:26:49 | 000,014,650 | -HS- | C] () -- C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\2106004185
    [2011-04-15 11:26:49 | 000,014,650 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2106004185
    [2011-04-11 21:01:55 | 000,413,380 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\Location de locaux.pdf
    [2011-04-11 20:58:18 | 003,984,844 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\temp.zip
    [2011-04-11 16:01:46 | 000,006,882 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\imagesCAO1LS51.jpg
    [2011-04-10 10:26:53 | 000,021,372 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\maman la plus belle femme au monde.mid
    [2011-04-10 10:24:24 | 000,043,488 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\good hearted woman.mid
    [2011-04-10 10:20:14 | 000,033,856 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\achy breaky heart.mid
    [2011-04-08 13:59:53 | 000,023,092 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\Georges St-Pierre 'Rushfit' Workout Program[www.torrent411.com].torrent
    [2011-04-05 12:31:41 | 000,161,336 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\Rino Boudreau.zip
    [2011-04-04 15:50:20 | 000,093,619 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\suroit medley.mid
    [2011-03-31 13:00:31 | 000,000,647 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Audacity.lnk
    [2011-03-31 13:00:31 | 000,000,641 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\Audacity.lnk
    [2011-03-31 11:43:17 | 000,048,722 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\CQ auto Peggy.pdf
    [2011-03-31 11:43:12 | 000,077,077 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\CQ hab Peggy.pdf
    [2011-03-31 11:43:07 | 000,062,702 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\CVA Peggy.pdf
    [2011-03-31 01:22:39 | 004,353,011 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\til I gain control again.kfn
    [2011-03-31 00:13:37 | 000,040,905 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\110330210817.zip
    [2011-03-30 23:28:05 | 000,855,863 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\~ntrck_backup-~ntrck_backup-New song.sng
    [2011-03-30 13:08:07 | 000,559,137 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\~ntrck_backup-traveling band.sng
    [2011-03-29 09:28:40 | 000,298,362 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face9.jpg
    [2011-03-29 09:01:37 | 000,010,542 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\58540_434068986686_582286686_5339343_1325443_a.jpg
    [2011-03-29 09:01:34 | 000,009,186 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\63536_434068856686_582286686_5339341_5196055_a.jpg
    [2011-03-29 09:01:30 | 000,008,976 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\61919_434068776686_582286686_5339340_3091643_a.jpg
    [2011-03-29 09:00:01 | 000,008,292 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\149803_453622906686_582286686_5697570_4626479_a.jpg
    [2011-03-28 22:01:50 | 000,003,276 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\.recently-used.xbel
    [2011-03-28 21:28:58 | 000,039,412 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\1.pdf
    [2011-03-28 11:25:15 | 000,207,053 | ---- | C] () -- C:\WINDOWS\hpwins28.dat
    [2011-03-28 11:25:14 | 000,000,418 | ---- | C] () -- C:\WINDOWS\hpwmdl28.dat
    [2011-03-25 11:30:12 | 000,863,330 | ---- | C] () -- C:\WINDOWS\hpwins28.dat.temp
    [2011-03-25 11:30:12 | 000,000,418 | ---- | C] () -- C:\WINDOWS\hpwmdl28.dat.temp
    [2011-03-24 23:16:59 | 000,078,943 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face8.jpg
    [2011-03-24 23:16:51 | 000,099,064 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face7.jpg
    [2011-03-24 23:16:42 | 000,091,721 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face56.jpg
    [2011-03-24 23:16:31 | 000,050,487 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face5.jpg
    [2011-03-24 23:16:24 | 000,011,583 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face4.jpg
    [2011-03-24 23:16:15 | 000,070,165 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face3.jpg
    [2011-03-24 23:16:06 | 000,071,263 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face2.jpg
    [2011-03-24 23:15:56 | 000,053,677 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face1.jpg
    [2011-03-24 23:08:52 | 001,166,454 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face8.bmp
    [2011-03-24 23:08:38 | 001,166,454 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face7.bmp
    [2011-03-24 23:08:30 | 000,151,578 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face6.bmp
    [2011-03-24 23:08:20 | 001,036,854 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face5.bmp
    [2011-03-24 23:08:10 | 001,166,454 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face4.bmp
    [2011-03-24 23:08:01 | 001,166,454 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face3.bmp
    [2011-03-24 23:07:51 | 001,166,454 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face2.bmp
    [2011-03-24 23:07:38 | 001,166,454 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face1.bmp
    [2011-03-24 22:33:20 | 000,039,725 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\4.svg
    [2011-03-24 22:28:53 | 000,039,679 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\3.svg
    [2011-03-24 22:19:42 | 000,056,796 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\2.svg
    [2011-03-24 20:43:10 | 000,017,391 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\2.PNG
    [2011-03-24 20:38:11 | 000,023,475 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\1.png
    [2011-03-24 20:15:20 | 000,002,248 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\1.svg
    [2011-03-24 20:13:17 | 000,365,123 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\contrat005146.odt
    [2011-03-24 19:44:30 | 000,072,704 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\TS030002683.pub
    [2011-03-24 19:17:54 | 000,010,341 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\Tri-FoldBrochure.ott
    [2011-03-24 19:03:16 | 000,002,329 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EVH Flyer Creator.lnk
    [2011-03-24 18:54:47 | 063,105,024 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\EVHSetup.exe
    [2011-02-05 13:19:41 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011-01-25 15:36:13 | 000,032,343 | R--- | C] () -- C:\WINDOWS\System32\e10kxwdm.ini
    [2011-01-25 15:36:13 | 000,000,193 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
    [2011-01-25 15:28:12 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\ControlWZCS.exe
    [2011-01-25 15:28:11 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
    [2011-01-25 15:28:11 | 000,095,617 | ---- | C] () -- C:\WINDOWS\atiicdxx.dat
    [2011-01-25 15:28:11 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\acs.exe
    [2011-01-25 15:27:58 | 000,270,336 | ---- | C] () -- C:\WINDOWS\System32\PlugPlayPCIDevice.exe
    [2011-01-25 15:27:58 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\MFCFirstRemove.exe
    [2011-01-25 15:22:49 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
    [2011-01-25 15:22:49 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
    [2011-01-25 15:22:49 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
    [2011-01-25 15:22:49 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
    [2011-01-25 15:22:08 | 000,006,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\Tbiosdrv.sys
    [2009-08-04 20:24:54 | 001,400,832 | ---- | C] () -- C:\WINDOWS\System32\PawLib.dll
    [2005-08-31 22:43:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
    [2005-08-31 21:22:12 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2005-08-31 21:18:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
    [2005-08-31 21:17:48 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
    [2005-08-31 21:17:48 | 000,200,704 | ---- | C] () --
    a c 614 8 Sécurité
    19 Avril 2011 22:33:01

    Re,

    Ok pour Roguekiller et Malwarebyte's.

    Par contre, remet-moi les rapport OTL et Extra.txt en suivant ma consigne :

    Citation :
    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.


    Car là, je n'ai que le premier et il n'est pas entier.

    [:_tom_:7]
    20 Avril 2011 01:00:41

    J'ai refait le scan mais comme j'avais expliqué il sort que le OTL.Txt et non l'extra, je t'envois OTL.Txt...

    OTL logfile created on: 2011-04-19 19:51:01 - Run 3
    OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Danis Mallais\Desktop
    Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

    446,00 Mb Total Physical Memory | 254,00 Mb Available Physical Memory | 57,00% Memory free
    1,00 Gb Paging File | 1,00 Gb Available in Paging File | 69,00% Paging File free
    Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 79,65 Gb Total Space | 34,42 Gb Free Space | 43,22% Space Free | Partition Type: NTFS
    Drive D: | 13,51 Gb Total Space | 2,53 Gb Free Space | 18,72% Space Free | Partition Type: NTFS

    Computer Name: YOUR-D325C4BA28 | User Name: Danis Mallais | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011-04-19 10:08:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Danis Mallais\Desktop\OTL.exe
    PRC - [2011-02-23 11:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2010-10-17 16:38:42 | 000,742,912 | ---- | M] (FileZilla Project) -- C:\Program Files\FileZilla Server\FileZilla server.exe
    PRC - [2010-02-18 12:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
    PRC - [2005-08-25 23:11:58 | 000,053,248 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    PRC - [2005-08-22 17:49:28 | 000,028,672 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\TCtrlIOHook.exe
    PRC - [2005-08-06 06:18:00 | 000,978,944 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    PRC - [2005-07-15 14:52:42 | 001,077,322 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    PRC - [2005-06-30 14:05:56 | 000,671,744 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
    PRC - [2005-06-06 13:58:44 | 000,024,576 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\ZoomingHook.exe
    PRC - [2005-05-31 21:16:44 | 000,282,624 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
    PRC - [2005-05-31 21:16:24 | 000,045,056 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
    PRC - [2005-04-26 20:13:20 | 000,122,880 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    PRC - [2005-04-18 12:33:42 | 000,188,416 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
    PRC - [2005-04-05 20:25:34 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    PRC - [2005-02-17 12:23:16 | 000,014,848 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\CTHELPER.EXE
    PRC - [2005-01-27 11:36:54 | 000,045,056 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
    PRC - [2005-01-17 20:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    PRC - [2005-01-10 11:52:36 | 000,081,920 | ---- | M] () -- C:\Program Files\Creative\Sound Blaster Audigy 2\Feature Mode Utility\CTModUtl.exe
    PRC - [2005-01-07 11:32:14 | 000,053,248 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster Audigy 2\Feature Mode Utility\CTAPR.exe
    PRC - [2004-12-30 04:32:20 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    PRC - [2004-12-22 17:50:04 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\acs.exe
    PRC - [2004-12-02 19:23:34 | 000,102,400 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    PRC - [2004-11-30 12:00:00 | 000,135,168 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
    PRC - [2004-08-28 04:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
    PRC - [2004-08-28 04:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
    PRC - [2004-08-04 09:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2003-09-17 11:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe
    PRC - [2003-09-05 22:16:30 | 000,184,320 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe
    PRC - [2003-06-18 02:00:00 | 000,045,056 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster Audigy 2\DVDAudio\CTDVDDET.exe
    PRC - [2000-02-09 00:19:48 | 000,036,864 | R--- | M] (Roland) -- C:\Program Files\Roland\VSC32\vscvol.exe
    PRC - [2000-02-07 04:02:44 | 000,036,864 | R--- | M] (Roland) -- C:\Program Files\Roland\VSC32\Vsc32Cnf.exe


    ========== Modules (SafeList) ==========

    MOD - [2011-04-19 10:08:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Danis Mallais\Desktop\OTL.exe
    MOD - [2011-02-23 11:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
    MOD - [2005-02-17 12:23:16 | 000,007,168 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTAGENT.DLL
    MOD - [2004-08-04 09:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [Disabled | Stopped] -- -- (HidServ)
    SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
    SRV - [2011-02-23 11:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2010-10-17 16:38:42 | 000,742,912 | ---- | M] (FileZilla Project) [Auto | Running] -- C:\Program Files\FileZilla Server\FileZilla Server.exe -- (FileZilla Server)
    SRV - [2005-01-17 20:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
    SRV - [2004-12-22 17:50:04 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
    SRV - [2004-08-28 04:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


    ========== Driver Services (SafeList) ==========

    DRV - [2011-02-23 10:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
    DRV - [2011-02-23 10:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2011-02-23 10:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2011-02-23 10:55:47 | 000,102,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
    DRV - [2011-02-23 10:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2011-02-23 10:54:57 | 000,030,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
    DRV - [2011-02-23 10:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2011-02-05 21:31:10 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
    DRV - [2011-01-25 15:28:14 | 000,015,890 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
    DRV - [2005-07-29 13:55:46 | 000,030,592 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
    DRV - [2005-07-05 11:36:36 | 001,245,696 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
    DRV - [2005-06-03 23:49:42 | 000,009,600 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav)
    DRV - [2005-06-02 07:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
    DRV - [2005-04-18 23:40:52 | 002,317,504 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
    DRV - [2005-03-04 17:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
    DRV - [2005-02-17 12:26:14 | 001,298,944 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctmmfilt.sys -- (ctmmfilt)
    DRV - [2005-02-17 12:23:50 | 000,008,704 | R--- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pfmodnt.sys -- (PfModNT)
    DRV - [2005-02-17 12:19:16 | 000,339,984 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
    DRV - [2005-02-17 12:18:20 | 000,410,752 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
    DRV - [2005-02-17 12:18:18 | 000,007,168 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
    DRV - [2005-02-17 12:18:16 | 000,704,000 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
    DRV - [2005-02-17 12:18:14 | 000,172,032 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k)
    DRV - [2005-02-17 12:18:14 | 000,148,480 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
    DRV - [2005-02-17 12:18:12 | 000,106,496 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
    DRV - [2005-02-17 12:18:10 | 000,138,752 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
    DRV - [2005-02-17 12:18:10 | 000,071,680 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
    DRV - [2005-02-17 12:18:08 | 000,497,664 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
    DRV - [2005-01-31 03:31:08 | 000,159,104 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTMSFSYN.SYS -- (CTMSFSYN)
    DRV - [2004-12-22 17:45:36 | 000,393,600 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
    DRV - [2004-11-15 05:22:08 | 000,101,874 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
    DRV - [2004-08-03 19:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
    DRV - [2004-07-30 19:05:08 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSIOMngr.sys -- (SrvcSSIOMngr)
    DRV - [2004-06-27 23:35:24 | 000,069,760 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
    DRV - [2003-09-19 05:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
    DRV - [2003-01-29 18:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
    DRV - [2002-01-24 19:43:40 | 000,006,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tbiosdrv.sys -- (TBiosDrv)
    DRV - [2001-04-16 10:16:58 | 000,951,284 | R--- | M] (Roland) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vsc.sys -- (vsc32)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========



    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.shoptoshiba.ca/welcome
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.shoptoshiba.ca/welcome
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-2802500144-973721220-2682169100-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
    IE - HKU\S-1-5-21-2802500144-973721220-2682169100-1006\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    IE - HKU\S-1-5-21-2802500144-973721220-2682169100-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    O1 HOSTS File: ([2004-08-04 09:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
    O3 - HKLM\..\Toolbar: (Yahoo! Barre d'outils) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
    O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\Sound Blaster Audigy 2\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)
    O4 - HKLM..\Run: [CTFeatureModeUtility] C:\Program Files\Creative\Sound Blaster Audigy 2\Feature Mode Utility\CTModUtl.exe ()
    O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)
    O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\Sound Blaster Audigy 2\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
    O4 - HKLM..\Run: [FileZilla Server Interface] C:\Program Files\FileZilla Server\FileZilla Server Interface.exe (FileZilla Project)
    O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.)
    O4 - HKLM..\Run: [LtMoh] C:\\Program Files\\ltmoh\\Ltmoh.exe ()
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [NDSTray.exe] File not found
    O4 - HKLM..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe (TOSHIBA)
    O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA)
    O4 - HKLM..\Run: [TCtryIOHook] C:\WINDOWS\System32\TCtrlIOHook.exe (TOSHIBA)
    O4 - HKLM..\Run: [TFncKy] File not found
    O4 - HKLM..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
    O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [vsc32cnf.exe] C:\Program Files\Roland\VSC32\Vsc32Cnf.exe (Roland)
    O4 - HKLM..\Run: [vscvol.exe] C:\Program Files\Roland\VSC32\vscvol.exe (Roland)
    O4 - HKLM..\Run: [ZoomingHook] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA)
    O4 - HKU\S-1-5-21-2802500144-973721220-2682169100-1006..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)
    O4 - HKU\S-1-5-21-2802500144-973721220-2682169100-1006..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe (Creative Technology Ltd)
    O4 - HKU\S-1-5-21-2802500144-973721220-2682169100-1006..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTProAgent.exe (DT Soft Ltd.)
    O4 - HKU\S-1-5-21-2802500144-973721220-2682169100-1006..\Run: [SetDefaultMIDI] C:\WINDOWS\MIDIDEF.EXE (Creative Technology Ltd)
    O4 - HKU\S-1-5-21-2802500144-973721220-2682169100-1006..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-2802500144-973721220-2682169100-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-wind... (Java Plug-in 1.6.0_20)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash... (Shockwave Flash Object)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
    O24 - Desktop WallPaper: C:\WINDOWS\OrganicMetal.bmp
    O24 - Desktop BackupWallPaper: C:\WINDOWS\OrganicMetal.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2005-08-30 22:51:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O33 - MountPoints2\{18f3d30a-28b6-11e0-9e59-0011f5c22c08}\Shell - "" = AutoRun
    O33 - MountPoints2\{18f3d30a-28b6-11e0-9e59-0011f5c22c08}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{18f3d30a-28b6-11e0-9e59-0011f5c22c08}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL autorun.exe
    O33 - MountPoints2\{6c5b7d70-6374-11e0-9e7d-0011f5c22c08}\Shell - "" = AutoRun
    O33 - MountPoints2\{6c5b7d70-6374-11e0-9e7d-0011f5c22c08}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{6c5b7d70-6374-11e0-9e7d-0011f5c22c08}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
    O33 - MountPoints2\{fde5ddae-5b44-11e0-9e79-0011f5c22c08}\Shell - "" = AutoRun
    O33 - MountPoints2\{fde5ddae-5b44-11e0-9e79-0011f5c22c08}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{fde5ddae-5b44-11e0-9e79-0011f5c22c08}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O35 - HKU\S-1-5-21-2802500144-973721220-2682169100-1006..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKU\S-1-5-21-2802500144-973721220-2682169100-1006\...exe [@ = exefile] -- "%1" %*

    NetSvcs: 6to4 - File not found
    NetSvcs: AppMgmt - File not found
    NetSvcs: HidServ - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Iprip - File not found
    NetSvcs: Irmon - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: WmdmPmSp - File not found


    Drivers32: MIDI2 - C:\WINDOWS\System32\vscapi.dll (Roland)
    Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
    Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
    Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
    Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
    Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
    Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
    Drivers32: WAVE2 - C:\WINDOWS\System32\vscapi.dll (Roland)

    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
    ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
    ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
    ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:o E /CALLER:WINNT /user /install
    ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
    ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
    ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
    ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
    ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
    ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
    ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point (17746534284132352)

    ========== Files/Folders - Created Within 30 Days ==========

    [2011-04-19 10:13:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Application Data\Malwarebytes
    [2011-04-19 10:12:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
    [2011-04-19 10:12:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2011-04-19 10:12:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2011-04-19 10:12:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2011-04-19 10:12:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2011-04-19 10:07:51 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Danis Mallais\Desktop\OTL.exe
    [2011-04-19 10:07:26 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Danis Mallais\Desktop\mbam-setup-1.50.1.1100.exe
    [2011-04-18 15:19:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Desktop\RK_Quarantine
    [2011-04-18 10:37:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Desktop\temp2
    [2011-04-17 15:05:10 | 000,019,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
    [2011-04-17 15:05:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
    [2011-04-17 15:05:09 | 000,301,528 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
    [2011-04-17 15:05:07 | 000,049,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
    [2011-04-17 15:05:07 | 000,025,432 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
    [2011-04-17 15:05:06 | 000,371,544 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
    [2011-04-17 15:05:05 | 000,102,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
    [2011-04-17 15:05:05 | 000,096,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
    [2011-04-17 15:05:05 | 000,030,680 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
    [2011-04-17 15:04:54 | 000,040,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
    [2011-04-17 15:04:53 | 000,190,016 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
    [2011-04-17 15:04:38 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
    [2011-04-17 15:04:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
    [2011-04-17 14:55:04 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Danis Mallais\Desktop\HiJackThis.exe
    [2011-04-11 20:53:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Desktop\temp
    [2011-04-10 10:31:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Application Data\U3
    [2011-04-05 15:21:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\My Documents\Mes fichiers reçus
    [2011-04-05 12:29:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Desktop\Rino Boudreau
    [2011-04-04 14:58:13 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll
    [2011-04-04 14:58:04 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll
    [2011-03-31 13:00:29 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
    [2011-03-31 12:58:55 | 002,228,534 | ---- | C] ( ) -- C:\Documents and Settings\Danis Mallais\Desktop\audacity-win-1.2.6.exe
    [2011-03-31 12:55:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Application Data\Sony
    [2011-03-31 12:54:37 | 145,533,376 | ---- | C] (Sony Creative Software Inc.) -- C:\Documents and Settings\Danis Mallais\Desktop\soundforgepro10.0c.exe
    [2011-03-31 00:13:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Desktop\110330210817
    [2011-03-29 15:38:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
    [2011-03-29 10:38:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\PCHealth
    [2011-03-28 11:23:49 | 000,372,736 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hppldcoi.dll
    [2011-03-28 11:23:49 | 000,309,760 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\difxapi.dll
    [2011-03-28 11:23:48 | 000,593,920 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpwtscl5.dll
    [2011-03-28 11:23:48 | 000,315,392 | R--- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpwvst01.dll
    [2011-03-28 11:23:47 | 000,716,288 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpwwiax9.dll
    [2011-03-28 11:19:29 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
    [2011-03-28 11:19:29 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
    [2011-03-28 11:19:27 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
    [2011-03-28 11:19:26 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
    [2011-03-28 11:19:24 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
    [2011-03-28 11:19:24 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
    [2011-03-28 11:19:20 | 000,000,000 | ---D | C] -- C:\b4be9ffed561ed3a5335c5fb42
    [2011-03-28 11:13:50 | 000,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
    [2011-03-28 11:13:39 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
    [2011-03-26 20:41:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
    [2011-03-26 20:23:25 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
    [2011-03-25 10:59:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WEBREG
    [2011-03-25 10:58:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Application Data\HP
    [2011-03-25 10:58:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\HP
    [2011-03-25 09:35:07 | 000,006,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
    [2011-03-25 09:29:10 | 000,122,880 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpf3l092.dll
    [2011-03-25 09:29:09 | 000,452,408 | R--- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpzids01.dll
    [2011-03-25 09:24:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
    [2011-03-25 09:24:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Danis Mallais\Application Data\Yahoo!
    [2011-03-25 09:24:30 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
    [2011-03-24 23:59:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HP
    [2011-03-24 23:59:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HP
    [2011-03-24 23:59:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
    [2011-03-24 23:59:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\hpoj4500g510n-z
    [2011-03-24 23:57:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
    [2011-03-24 23:57:18 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
    [2011-03-24 23:57:14 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
    [2011-03-24 23:56:11 | 000,000,000 | ---D | C] -- C:\Program Files\HP
    [2011-03-24 19:03:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EVH Flyer Creator
    [2011-03-24 19:02:11 | 000,000,000 | ---D | C] -- C:\Program Files\EVH Flyer Creator
    [2011-03-24 19:02:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Business Objects
    [2011-01-25 15:28:12 | 000,028,672 | ---- | C] ( ) -- C:\WINDOWS\System32\ControlACS.exe
    [2005-02-17 12:23:42 | 000,032,768 | R--- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
    [2005-02-17 12:18:06 | 000,009,216 | ---- | C] ( ) -- C:\WINDOWS\System32\KILLAPPS.EXE
    [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011-04-19 17:21:15 | 000,011,500 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000000-00001102-00000008-20011102}.rfx
    [2011-04-19 17:21:14 | 000,023,880 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000000-00001102-00000008-20011102}.rfx
    [2011-04-19 17:21:14 | 000,023,880 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000000-00001102-00000008-20011102}.rfx
    [2011-04-19 17:21:14 | 000,007,884 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000005-00000000-00000000-00001102-00000008-20011102}.rfx
    [2011-04-19 17:21:14 | 000,007,884 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000005-00000000-00000000-00001102-00000008-20011102}.rfx
    [2011-04-19 17:21:04 | 004,958,588 | ---- | M] () -- C:\WINDOWS\{00000005-00000000-00000000-00001102-00000008-20011102}.CDF
    [2011-04-19 13:57:16 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\dmcuijeb.sys
    [2011-04-19 12:03:43 | 000,000,588 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
    [2011-04-19 12:03:43 | 000,000,588 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
    [2011-04-19 12:01:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2011-04-19 12:01:35 | 467,845,120 | -HS- | M] () -- C:\hiberfil.sys
    [2011-04-19 10:12:55 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011-04-19 10:08:04 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Danis Mallais\Desktop\OTL.exe
    [2011-04-19 10:07:27 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Danis Mallais\Desktop\mbam-setup-1.50.1.1100.exe
    [2011-04-18 15:11:53 | 001,098,752 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\RogueKiller.exe
    [2011-04-17 20:47:45 | 000,014,650 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\2106004185
    [2011-04-17 20:47:44 | 000,014,650 | -HS- | M] () -- C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\2106004185
    [2011-04-17 15:05:10 | 000,001,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
    [2011-04-17 15:05:06 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2011-04-17 14:59:51 | 054,097,512 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\avast_free6_01Net.exe
    [2011-04-17 14:55:06 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Danis Mallais\Desktop\HiJackThis.exe
    [2011-04-15 21:28:49 | 004,958,588 | ---- | M] () -- C:\WINDOWS\{00000005-00000000-00000000-00001102-00000008-20011102}.BAK
    [2011-04-15 21:24:54 | 000,000,000 | ---- | M] () -- C:\WINDOWS\TPTray.INI
    [2011-04-12 21:48:40 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011-04-11 21:01:57 | 000,413,380 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\Location de locaux.pdf
    [2011-04-11 20:58:19 | 003,984,844 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\temp.zip
    [2011-04-11 15:57:28 | 000,006,882 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\imagesCAO1LS51.jpg
    [2011-04-10 10:28:02 | 000,002,597 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\n-Track Studio.lnk
    [2011-04-10 10:26:54 | 000,021,372 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\maman la plus belle femme au monde.mid
    [2011-04-10 10:24:24 | 000,043,488 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\good hearted woman.mid
    [2011-04-10 10:20:57 | 000,148,738 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\~ntrck_backup-New song.sng
    [2011-04-10 10:20:14 | 000,033,856 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\achy breaky heart.mid
    [2011-04-08 13:59:57 | 000,023,092 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\Georges St-Pierre 'Rushfit' Workout Program[www.torrent411.com].torrent
    [2011-04-05 12:31:42 | 000,161,336 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\Rino Boudreau.zip
    [2011-04-04 15:50:21 | 000,093,619 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\suroit medley.mid
    [2011-03-31 13:00:31 | 000,000,641 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\Audacity.lnk
    [2011-03-31 12:59:05 | 002,228,534 | ---- | M] ( ) -- C:\Documents and Settings\Danis Mallais\Desktop\audacity-win-1.2.6.exe
    [2011-03-31 12:55:04 | 145,533,376 | ---- | M] (Sony Creative Software Inc.) -- C:\Documents and Settings\Danis Mallais\Desktop\soundforgepro10.0c.exe
    [2011-03-31 11:43:17 | 000,048,722 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\CQ auto Peggy.pdf
    [2011-03-31 11:43:13 | 000,077,077 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\CQ hab Peggy.pdf
    [2011-03-31 11:43:07 | 000,062,702 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\CVA Peggy.pdf
    [2011-03-31 01:22:39 | 004,353,011 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\til I gain control again.kfn
    [2011-03-31 00:13:37 | 000,040,905 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\110330210817.zip
    [2011-03-31 00:08:05 | 000,855,863 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\~ntrck_backup-~ntrck_backup-New song.sng
    [2011-03-30 14:18:07 | 000,559,137 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\~ntrck_backup-traveling band.sng
    [2011-03-30 09:28:22 | 000,002,219 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Del MP3 Karaoke.lnk
    [2011-03-29 09:28:16 | 000,298,362 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face9.jpg
    [2011-03-29 09:01:11 | 000,010,542 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\58540_434068986686_582286686_5339343_1325443_a.jpg
    [2011-03-29 09:01:11 | 000,009,186 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\63536_434068856686_582286686_5339341_5196055_a.jpg
    [2011-03-29 08:57:36 | 000,008,976 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\61919_434068776686_582286686_5339340_3091643_a.jpg
    [2011-03-29 08:57:16 | 000,008,292 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\149803_453622906686_582286686_5697570_4626479_a.jpg
    [2011-03-28 22:01:50 | 000,003,276 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\.recently-used.xbel
    [2011-03-28 21:28:58 | 000,039,412 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\1.pdf
    [2011-03-28 21:27:51 | 000,056,796 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\2.svg
    [2011-03-28 11:26:58 | 000,207,053 | ---- | M] () -- C:\WINDOWS\hpwins28.dat
    [2011-03-28 11:17:46 | 000,406,612 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2011-03-28 11:17:46 | 000,063,792 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2011-03-26 20:50:12 | 000,135,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2011-03-26 20:36:43 | 000,863,330 | ---- | M] () -- C:\WINDOWS\hpwins28.dat.temp
    [2011-03-24 23:16:27 | 000,099,064 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face7.jpg
    [2011-03-24 23:16:27 | 000,091,721 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face56.jpg
    [2011-03-24 23:16:27 | 000,078,943 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face8.jpg
    [2011-03-24 23:16:00 | 000,070,165 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face3.jpg
    [2011-03-24 23:15:59 | 000,071,263 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face2.jpg
    [2011-03-24 23:15:59 | 000,050,487 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face5.jpg
    [2011-03-24 23:15:59 | 000,011,583 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face4.jpg
    [2011-03-24 23:15:39 | 000,053,677 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face1.jpg
    [2011-03-24 23:08:52 | 001,166,454 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face8.bmp
    [2011-03-24 23:08:38 | 001,166,454 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face7.bmp
    [2011-03-24 23:08:30 | 000,151,578 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face6.bmp
    [2011-03-24 23:08:20 | 001,036,854 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face5.bmp
    [2011-03-24 23:08:10 | 001,166,454 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face4.bmp
    [2011-03-24 23:08:01 | 001,166,454 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face3.bmp
    [2011-03-24 23:07:51 | 001,166,454 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face2.bmp
    [2011-03-24 23:07:38 | 001,166,454 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\face1.bmp
    [2011-03-24 22:33:20 | 000,039,725 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\4.svg
    [2011-03-24 22:28:53 | 000,039,679 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\3.svg
    [2011-03-24 20:43:10 | 000,017,391 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\2.PNG
    [2011-03-24 20:38:11 | 000,023,475 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\1.png
    [2011-03-24 20:15:20 | 000,002,248 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\1.svg
    [2011-03-24 20:13:20 | 000,365,123 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\contrat005146.odt
    [2011-03-24 19:44:31 | 000,072,704 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\TS030002683.pub
    [2011-03-24 19:17:55 | 000,010,341 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\Tri-FoldBrochure.ott
    [2011-03-24 19:07:05 | 000,002,329 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EVH Flyer Creator.lnk
    [2011-03-24 18:54:52 | 063,105,024 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Desktop\EVHSetup.exe
    [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011-04-19 13:57:16 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\dmcuijeb.sys
    [2011-04-19 10:12:55 | 000,000,795 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
    [2011-04-18 15:11:45 | 001,098,752 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\RogueKiller.exe
    [2011-04-17 15:05:10 | 000,001,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
    [2011-04-17 14:59:39 | 054,097,512 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\avast_free6_01Net.exe
    [2011-04-15 21:24:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TPTray.INI
    [2011-04-15 11:26:49 | 000,014,650 | -HS- | C] () -- C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\2106004185
    [2011-04-15 11:26:49 | 000,014,650 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2106004185
    [2011-04-11 21:01:55 | 000,413,380 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\Location de locaux.pdf
    [2011-04-11 20:58:18 | 003,984,844 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\temp.zip
    [2011-04-11 16:01:46 | 000,006,882 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\imagesCAO1LS51.jpg
    [2011-04-10 10:26:53 | 000,021,372 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\maman la plus belle femme au monde.mid
    [2011-04-10 10:24:24 | 000,043,488 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\good hearted woman.mid
    [2011-04-10 10:20:14 | 000,033,856 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\achy breaky heart.mid
    [2011-04-08 13:59:53 | 000,023,092 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\Georges St-Pierre 'Rushfit' Workout Program[www.torrent411.com].torrent
    [2011-04-05 12:31:41 | 000,161,336 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\Rino Boudreau.zip
    [2011-04-04 15:50:20 | 000,093,619 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\suroit medley.mid
    [2011-03-31 13:00:31 | 000,000,647 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Audacity.lnk
    [2011-03-31 13:00:31 | 000,000,641 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\Audacity.lnk
    [2011-03-31 11:43:17 | 000,048,722 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\CQ auto Peggy.pdf
    [2011-03-31 11:43:12 | 000,077,077 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\CQ hab Peggy.pdf
    [2011-03-31 11:43:07 | 000,062,702 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\CVA Peggy.pdf
    [2011-03-31 01:22:39 | 004,353,011 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\til I gain control again.kfn
    [2011-03-31 00:13:37 | 000,040,905 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\110330210817.zip
    [2011-03-30 23:28:05 | 000,855,863 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\~ntrck_backup-~ntrck_backup-New song.sng
    [2011-03-30 13:08:07 | 000,559,137 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\~ntrck_backup-traveling band.sng
    [2011-03-29 09:28:40 | 000,298,362 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face9.jpg
    [2011-03-29 09:01:37 | 000,010,542 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\58540_434068986686_582286686_5339343_1325443_a.jpg
    [2011-03-29 09:01:34 | 000,009,186 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\63536_434068856686_582286686_5339341_5196055_a.jpg
    [2011-03-29 09:01:30 | 000,008,976 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\61919_434068776686_582286686_5339340_3091643_a.jpg
    [2011-03-29 09:00:01 | 000,008,292 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\149803_453622906686_582286686_5697570_4626479_a.jpg
    [2011-03-28 22:01:50 | 000,003,276 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\.recently-used.xbel
    [2011-03-28 21:28:58 | 000,039,412 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\1.pdf
    [2011-03-28 11:25:15 | 000,207,053 | ---- | C] () -- C:\WINDOWS\hpwins28.dat
    [2011-03-28 11:25:14 | 000,000,418 | ---- | C] () -- C:\WINDOWS\hpwmdl28.dat
    [2011-03-25 11:30:12 | 000,863,330 | ---- | C] () -- C:\WINDOWS\hpwins28.dat.temp
    [2011-03-25 11:30:12 | 000,000,418 | ---- | C] () -- C:\WINDOWS\hpwmdl28.dat.temp
    [2011-03-24 23:16:59 | 000,078,943 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face8.jpg
    [2011-03-24 23:16:51 | 000,099,064 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face7.jpg
    [2011-03-24 23:16:42 | 000,091,721 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face56.jpg
    [2011-03-24 23:16:31 | 000,050,487 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face5.jpg
    [2011-03-24 23:16:24 | 000,011,583 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face4.jpg
    [2011-03-24 23:16:15 | 000,070,165 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face3.jpg
    [2011-03-24 23:16:06 | 000,071,263 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face2.jpg
    [2011-03-24 23:15:56 | 000,053,677 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face1.jpg
    [2011-03-24 23:08:52 | 001,166,454 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face8.bmp
    [2011-03-24 23:08:38 | 001,166,454 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face7.bmp
    [2011-03-24 23:08:30 | 000,151,578 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face6.bmp
    [2011-03-24 23:08:20 | 001,036,854 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face5.bmp
    [2011-03-24 23:08:10 | 001,166,454 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face4.bmp
    [2011-03-24 23:08:01 | 001,166,454 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face3.bmp
    [2011-03-24 23:07:51 | 001,166,454 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face2.bmp
    [2011-03-24 23:07:38 | 001,166,454 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\face1.bmp
    [2011-03-24 22:33:20 | 000,039,725 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\4.svg
    [2011-03-24 22:28:53 | 000,039,679 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\3.svg
    [2011-03-24 22:19:42 | 000,056,796 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\2.svg
    [2011-03-24 20:43:10 | 000,017,391 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\2.PNG
    [2011-03-24 20:38:11 | 000,023,475 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\1.png
    [2011-03-24 20:15:20 | 000,002,248 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\1.svg
    [2011-03-24 20:13:17 | 000,365,123 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\contrat005146.odt
    [2011-03-24 19:44:30 | 000,072,704 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\TS030002683.pub
    [2011-03-24 19:17:54 | 000,010,341 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\Tri-FoldBrochure.ott
    [2011-03-24 19:03:16 | 000,002,329 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EVH Flyer Creator.lnk
    [2011-03-24 18:54:47 | 063,105,024 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Desktop\EVHSetup.exe
    [2011-02-05 13:19:41 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011-01-25 15:36:13 | 000,032,343 | R--- | C] () -- C:\WINDOWS\System32\e10kxwdm.ini
    [2011-01-25 15:36:13 | 000,000,193 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
    [2011-01-25 15:28:12 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\ControlWZCS.exe
    [2011-01-25 15:28:11 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
    [2011-01-25 15:28:11 | 000,095,617 | ---- | C] () -- C:\WINDOWS\atiicdxx.dat
    [2011-01-25 15:28:11 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\acs.exe
    [2011-01-25 15:27:58 | 000,270,336 | ---- | C] () -- C:\WINDOWS\System32\PlugPlayPCIDevice.exe
    [2011-01-25 15:27:58 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\MFCFirstRemove.exe
    [2011-01-25 15:22:49 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
    [2011-01-25 15:22:49 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
    [2011-01-25 15:22:49 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
    [2011-01-25 15:22:49 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
    [2011-01-25 15:22:08 | 000,006,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\Tbiosdrv.sys
    [2009-08-04 20:24:54 | 001,400,832 | ---- | C] () -- C:\WINDOWS\System32\PawLib.dll
    [2005-08-31 22:43:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
    [2005-08-31 21:22:12 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2005-08-31 21:18:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
    [2005-08-31 21:17:48 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
    [2005-08-31 21:17:48 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
    [2005-08-31 21:17:48 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
    [2005-08-31 21:17:48 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
    [2005-08-31 21:17:48 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
    [2005-08-31 21:17:48 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
    [2005-08-31 21:06:42 | 000,000,292 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2005-08-31 21:04:11 | 000,051,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys
    [2005-08-31 21:04:11 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
    [2005-08-31 21:03:09 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\EBLib.DLL
    [2005-08-31 21:01:59 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
    [2005-08-31 21:01:59 | 000,001,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
    [2005-08-31 21:01:59 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxhweq.dat
    [2005-08-31 21:01:59 | 000,000,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxeq.dat
    [2005-08-31 00:24:19 | 000,095,617 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
    [2005-08-30 22:55:43 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
    [2005-08-30 22:54:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
    [2005-08-30 22:49:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
    [2005-08-30 22:32:09 | 000,002,388 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
    [2005-08-30 22:31:42 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
    [2005-08-30 22:31:42 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
    [2005-08-30 22:31:40 | 000,406,612 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
    [2005-08-30 22:31:40 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
    [2005-08-30 22:31:40 | 000,063,792 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
    [2005-08-30 22:31:40 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
    [2005-08-30 22:31:38 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
    [2005-08-30 22:31:38 | 000,004,631 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
    [2005-08-30 22:31:37 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
    [2005-08-30 22:31:34 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
    [2005-08-30 22:31:34 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
    [2005-08-30 22:31:29 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
    [2005-08-30 22:31:19 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
    [2005-08-30 15:43:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
    [2005-08-30 15:42:37 | 000,135,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2005-08-10 23:02:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
    [2005-08-02 14:39:44 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\HWS_Ctrl.dll
    [2005-06-20 14:24:48 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
    [2005-06-13 10:11:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
    [2005-06-06 13:44:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\SPCtl.dll
    [2005-06-06 13:39:40 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\EKECioCtl.dll
    [2005-02-17 12:24:40 | 000,068,096 | ---- | C] () -- C:\WINDOWS\System32\CTMMACTL.DLL
    [2005-02-17 12:24:20 | 000,030,720 | ---- | C] () -- C:\WINDOWS\System32\CTBURST.DLL
    [2005-02-17 12:23:16 | 000,033,280 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
    [2005-02-17 12:19:50 | 000,140,643 | R--- | C] () -- C:\WINDOWS\System32\ctbas2w.dat
    [2005-02-17 12:19:16 | 000,222,368 | R--- | C] () -- C:\WINDOWS\System32\ctdlang.dat
    [2005-02-17 12:18:40 | 000,265,066 | R--- | C] () -- C:\WINDOWS\System32\ctsbas2w.dat
    [2005-02-17 12:18:32 | 000,113,221 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
    [2005-02-17 12:18:30 | 000,231,821 | ---- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT
    [2005-02-17 12:18:08 | 000,313,207 | R--- | C] () -- C:\WINDOWS\System32\ctstatic.dat
    [2005-02-17 12:18:08 | 000,053,932 | R--- | C] () -- C:\WINDOWS\System32\ctdaught.dat
    [2005-02-17 12:18:08 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\REGPLIB.EXE
    [2003-03-21 06:56:12 | 000,000,194 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
    [1998-03-22 14:50:02 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll

    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.exe >

    < %ALLUSERSPROFILE%\Application Data\*. >
    [2011-04-17 15:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
    [2011-02-05 15:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
    [2011-02-05 21:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
    [2011-02-05 13:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD Shrink
    [2011-03-26 20:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HP
    [2011-04-19 10:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    [2011-01-27 21:53:25 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
    [2011-01-25 14:41:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Recisio
    [2005-08-30 22:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
    [2011-01-28 22:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
    [2011-03-25 10:59:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WEBREG
    [2011-03-28 21:30:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion

    < %ALLUSERSPROFILE%\Application Data\*.exe /s >

    < %APPDATA%\*. >
    [2011-01-26 21:49:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\Adobe
    [2011-04-19 10:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\advantage
    [2011-02-05 15:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\AVS4YOU
    [2011-04-14 16:40:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\BitTorrent
    [2011-01-25 15:42:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\Creative
    [2011-02-05 21:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\DAEMON Tools Pro
    [2011-01-29 15:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\FileZilla
    [2011-03-12 02:34:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\Help
    [2011-03-25 11:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\HP
    [2005-08-30 22:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\Identities
    [2011-01-29 11:37:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\inkscape
    [2005-08-31 21:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\InterTrust
    [2011-01-25 15:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\Macromedia
    [2011-04-19 10:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\Malwarebytes
    [2011-03-25 10:59:56 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Danis Mallais\Application Data\Microsoft
    [2011-01-28 22:05:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\OpenOffice.org
    [2011-03-31 01:16:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\Smart Recorder
    [2011-02-05 13:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\Sonic
    [2011-03-31 12:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\Sony
    [2011-01-28 22:01:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\Sun
    [2005-08-31 21:16:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\toshiba
    [2011-04-18 10:37:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\U3
    [2011-04-12 21:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\vlc
    [2011-02-05 13:55:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\WinAVI
    [2011-03-25 09:24:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Danis Mallais\Application Data\Yahoo!

    < %APPDATA%\*.exe /s >
    [2011-01-25 14:02:20 | 000,025,214 | R--- | M] () -- C:\Documents and Settings\Danis Mallais\Application Data\Microsoft\Installer\{47312E0A-043C-409D-B6D0-1482457F2CDA}\_16496df1.exe
    [2011-01-25 14:02:20 | 000,002,998 | R--- | M] () -- C:\Documents and Settings\Danis Mallais\Application Data\Microsoft\Installer\{47312E0A-043C-409D-B6D0-1482457F2CDA}\_18be6784.exe
    [2011-01-25 14:02:20 | 000,002,998 | R--- | M] () -- C:\Documents and Settings\Danis Mallais\Application Data\Microsoft\Installer\{47312E0A-043C-409D-B6D0-1482457F2CDA}\_294823.exe
    [2011-01-25 14:02:20 | 000,025,214 | R--- | M] () -- C:\Documents and Settings\Danis Mallais\Application Data\Microsoft\Installer\{47312E0A-043C-409D-B6D0-1482457F2CDA}\_2cd672ae.exe
    [2011-01-25 14:02:20 | 000,025,214 | R--- | M] () -- C:\Documents and Settings\Danis Mallais\Application Data\Microsoft\Installer\{47312E0A-043C-409D-B6D0-1482457F2CDA}\_4ae13d6c.exe
    [2011-01-25 14:02:20 | 000,002,998 | R--- | M] () -- C:\Documents and Settings\Danis Mallais\Application Data\Microsoft\Installer\{47312E0A-043C-409D-B6D0-1482457F2CDA}\_69525f90.exe
    [2006-12-14 10:00:02 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Danis Mallais\Application Data\U3\000097713390388C\cleanup.exe
    [2007-02-12 17:46:54 | 003,096,576 | ---- | M] (SanDisk Corporation) -- C:\Documents and Settings\Danis Mallais\Applica
    a c 614 8 Sécurité
    20 Avril 2011 09:25:03

    Re,

    Il est encore incomplet !
    Si je te demande d'en passer par ce site de dépôt en ligne :
    http://www.cijoint.fr/
    Ce n'est pas pour rien, sinon le forum coupe ton message !

    Et il ne fallait pas "refaire" le scan, juste me poster le rapport.
    D'où l'absence du Extra.txt qui ne se crée qu'au premier passage.

    Mais il semble que tu avais déjà utilisé OTL sur ce pc, puisqu'on en est au 3ième rapport crée ...

    Merci donc de déposer ton rapport OTL.txt sur le site cijoint, et de me fournir le lien seulement.
    a c 614 8 Sécurité
    20 Avril 2011 15:04:14

    Re,

    Une raison pour que ton pc ne soit pas à jour avec le service pack 3 d'XP ?


    A suivre :

    Relance OTL.exe
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • Copie/colle ce qui suit dans le cadre Personnalisation en bas à gauche.
    :OTL
    [2011-04-17 20:47:45 | 000,014,650 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\2106004185
    [2011-04-17 20:47:44 | 000,014,650 | -HS- | M] () -- C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\2106004185
    [4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

    :Commands
    [emptytemp]
    [emptyflash]


  • Puis clique sur le bouton Correction en haut à gauche
  • Si le pc demande à redémarrer accepte.
  • Poste le rapport de suppression.


    Si plus de symptômes, tu peux passer au ménage final :


    1) Relance OTL.exe
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")

  • Clique sur "Purge d'outils"
  • Valide l'avertissement par "ok" et laisse le pc redémarrer.

    Tu peux aussi supprimer le programme RogueKiller.


    2) Purge de la restauration système :

    Elle contient des restes de l'infection, suis ce tuto pour la purger :

    XP :
    http://www.inforumatique.fr/la-restauration-du-systeme-...

    (Fin du tuto)


    Mise à jour du système et des logiciels :

    /!\ Windows XP Sp2 n'est plus suivi par Microsoft, il faut absolument passé au service pack 3, sinon tu seras extrêmement vulnérable au faille de sécurité !

    Met à jour ton système vers le service pack 3 et fais l'ensemble des mises à jours proposées :
    http://update.microsoft.com/microsoftupdate/v6/default....

    Met à jour les programmes suivants :
    - Java vers la version 6 update 24 (pense à supprimer les anciennes version dans ajout/suppression des programmes )


    Pour aller plus loin dans ta protection et éviter de te faire réinfecter voici quelques conseils supplémentaires :

  • Installer un parefeu en remplacement de celui de Windows XP :
    Le parefeu intégré de Windows XP n'est pas assez performant, il est intéressant de le remplacer par un parefeu plus complet, tel Zone Alarm ou Kerio par exemple ... /!\ comme les antivirus, un seul parefeu sur ton pc, pense donc à désactiver celui de Windows si tu en installes un autre !!!

  • Attention lors de l'installation de logiciel :
    Veiller à toujours lire les conditions d'utilisation (CLUF), afin de déceler la gestion des données personnelles, l'installation de sponsors publicitaires ou tout autre atteintes à la vie privée. Refuser les toolbars et autres addons proposés.

  • Utiliser un navigateur alternatif pour surfer de manière plus sécurisée :
    Firefox offre une meilleure sécurité par rapport à Internet Explorer, surtout si on le complète de quelques plugins très intéressant : Noscript et WOT par exemple.

  • Surfer sans les droits d'administration : En session limitée ou avec DropMyRight
    Cela diminue considérablement les risques d'infections, car certaines infection ne peuvent alors plus s'installer.

  • Maintenir ses logiciels et son système à jour :
    De nombreuses infections sont dû à des failles de windows, mais aussi de logiciel tiers, comme Sun Java, Adobe Acrobat Reader, etc
    Tu peux faire un scan de vulnérabilité pour connaitre tes logiciels présentant des failles non corrigées ou à mettre à jour.

    Enfin, le plus important reste ton comportement sur ton PC, tu restes la plus importante protection : Évites les comportement à risque : P2P, cracks, téléchargements et installations douteux via des pubs, les messageries instantanées, ou des sites inconnu, sites pornographiques.
    A lire !


    Tu peux indiquer ton sujet "réglé" en cliquant sur le bouton "éditer" dans ton tout premier message.
    -> Ajoute ensuite "résolu" à coté de ton titre et valide.

    Tu peux aussi, si tu le souhaites, valider une "meilleure réponse", ton sujet sera alors automatiquement marqué comme "résolu"

    A bientôt sur les forums Tom's Guide
    20 Avril 2011 16:40:24

    All processes killed
    ========== OTL ==========
    C:\Documents and Settings\All Users\Application Data\2106004185 moved successfully.
    C:\Documents and Settings\Danis Mallais\Local Settings\Application Data\2106004185 moved successfully.
    C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
    C:\WINDOWS\System32\SET41.tmp deleted successfully.
    C:\WINDOWS\System32\SET4D.tmp deleted successfully.
    C:\WINDOWS\System32\SET5A.tmp deleted successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Danis Mallais
    ->Temp folder emptied: 77226970 bytes
    ->Temporary Internet Files folder emptied: 314579476 bytes
    ->Java cache emptied: 9809 bytes
    ->Flash cache emptied: 46245 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 32902 bytes

    User: LocalService
    ->Temp folder emptied: 66016 bytes
    ->Temporary Internet Files folder emptied: 35875 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 19306017 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 2348502 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 435301076 bytes

    Total Files Cleaned = 810,00 mb


    [EMPTYFLASH]

    User: All Users

    User: Danis Mallais
    ->Flash cache emptied: 0 bytes

    User: Default User

    User: LocalService

    User: NetworkService

    Total Flash Files Cleaned = 0,00 mb


    OTL by OldTimer - Version 3.2.22.3 log created on 04202011_112350

    Files\Folders moved on Reboot...
    File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

    Registry entries deleted on Reboot...
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS