Votre question

Virus ?!

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
9 Octobre 2010 14:45:53

Bonjour à vous,

antivir a "piqué sa crise de nerf".
Rapport HiJackTis ci dessous.
Merci d'avance !!


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:40:56, on 09/10/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Users\Titi\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] "C:\Windows\is-DFV0A.exe" /REG
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\Windows\TEMP\E_S7B19.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" (User 'Default user')
O4 - Startup: Game Alarm.lnk = C:\Games\Game Alarm\gamealarm.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: OneNote Table Of Contents.onetoc2
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1ca888351c0962c) (gupdate1ca888351c0962c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 9427 bytes

Autres pages sur : virus

a c 614 8 Sécurité
9 Octobre 2010 18:24:26

Bonsoir, [:arslan:13]

Et antivir a piqué sa crise sur ... quoi ? On a droit de savoir ? :D 

Fichier détecté, et emplacement ?

Des symptôme ?
10 Octobre 2010 11:51:55

Fichiers détectés que j'ai mis en quarantaine mais j'ai supprimé la quarantaine...
Contenus similaires
a c 614 8 Sécurité
10 Octobre 2010 12:17:58

Re,

çà va pas nous aider çà ...

Encore des alertes ?

Je vois un truc zarbi dans le rapport, regardons plus en profondeur :

Télécharge OTL (de Old Timer) sur ton bureau.
  • Ferme toutes tes fenêtres, puis double clique sur OTL.exe pour le lancer.
    (Utilisateur de Vista/Windows 7 faites un clic droit -> "Exécuter en tant qu'administrateur")
  • Sous Personnalisation, copie-colle l'ensemble du texte ci-dessous, laisse les autres options par défaut.
    netsvcs
    msconfig
    drivers32
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    CREATERESTOREPOINT

  • Clique sur le bouton Analyse en haut à gauche puis patiente quelques instants.
  • A la fin du scan, deux rapports s'ouvriront OTL.Txt et Extras.Txt. Copie/colle ici l'ensemble des rapports.
    PS : Les rapports sont aussi enregistrés sur le bureau

    Pour les rapports, merci d'utiliser ce service de rapport en ligne : dépose le fichier via "parcourir" et poste simplement le lien obtenu.
    25 Octobre 2010 10:52:32

    Bonjour,

    Comme demandé :

    OTL Extras logfile created on: 24/10/2010 18:30:42 - Run 1
    OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\Titi\Downloads
    Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18975)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,00% Memory free
    4,00 Gb Paging File | 3,00 Gb Available in Paging File | 77,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 39,06 Gb Total Space | 8,84 Gb Free Space | 22,62% Space Free | Partition Type: NTFS
    Drive D: | 37,27 Gb Total Space | 25,63 Gb Free Space | 68,77% Space Free | Partition Type: NTFS

    Computer Name: MESSUVE | User Name: Titi | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
    Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "FirewallDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0580E9F1-697B-4A80-BB87-78C9999C5CE7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
    "{0F7AEEA9-4A07-4C60-9D54-38BD26FE8AAC}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe |
    "{1114DB12-902A-4F30-9E9E-D30DD35C2C78}" = lport=rpc | protocol=6 | dir=in | svc=schedule | app=c:\windows\system32\svchost.exe |
    "{161F6975-602C-4C3E-98DE-9D175CEA6817}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{1A23135C-580D-443A-A475-CF9FE7DAD1D8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{1A8F8103-45E9-4405-8A02-C2D72BA83D12}" = lport=5357 | protocol=6 | dir=in | app=system |
    "{1BD76C80-BD78-416A-A02A-AFC7EBC24DDE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
    "{1D33C43E-2307-4E65-A5D9-615AA182A79C}" = lport=445 | protocol=6 | dir=in | app=system |
    "{21F478C5-860C-48D1-82D9-D48782C942DF}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=c:\windows\system32\svchost.exe |
    "{224FB77B-8438-490D-B72D-AC798DA0A46B}" = lport=2178 | protocol=6 | dir=in | app=system |
    "{24B3CB6A-5EC1-4B94-9C48-258C7AEC76C2}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
    "{2AC431DC-CB60-4E35-8B3F-341A0D2F9437}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
    "{2B9DA63A-9DE0-414F-9912-B0CDCA99653E}" = rport=445 | protocol=6 | dir=out | app=system |
    "{2CDAEE3E-FA3A-4898-B13A-079060F5ECE4}" = lport=rpc | protocol=6 | dir=in | svc=* | app=c:\windows\system32\svchost.exe |
    "{2EA7AEF7-B614-4908-883B-46F7323CA6E8}" = lport=138 | protocol=17 | dir=in | app=system |
    "{2F650E6D-4A7F-4148-BA56-53382CCB3095}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
    "{2F8EEC43-657B-4ADF-9F89-0DD572B85992}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=c:\windows\system32\svchost.exe |
    "{34236913-313C-43AA-AEDD-EBAB9C46E900}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{36F3A3F5-F0F8-4A26-A1A9-AC88D70DB06A}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\p2phost.exe |
    "{372B4BAA-F6B9-4777-B326-FE2F24BB2821}" = lport=rpc | protocol=6 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
    "{38FCA8AC-4F03-4A12-9F1E-A436D42EE8DD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe |
    "{3976618B-DCFD-4B80-89FD-B446FBD4D138}" = rport=5357 | protocol=6 | dir=out | app=system |
    "{3A1BF5A9-6994-4BA0-9BB3-C433F7DA0F14}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchost.exe |
    "{4129E6C9-80FB-4CB2-B0CA-BDA840699CFE}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{42F23771-5449-4F75-BC1B-B087E30C6ECD}" = lport=443 | protocol=6 | dir=in | app=system |
    "{43B1D7BA-6583-40F1-8EBC-2BF0710866F9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{440EF65A-0799-4E00-84BA-2FA1F4EFB631}" = lport=23520 | protocol=6 | dir=in | name=bitcomet 23520 tcp |
    "{4658F73D-D0E0-43E0-87E2-BB4D0FADDEE5}" = rport=1701 | protocol=17 | dir=out | app=system |
    "{488FE97A-D89A-4721-8907-2B80F9FC41C0}" = rport=5358 | protocol=6 | dir=out | app=system |
    "{492123E9-13B2-4C31-9B94-EFCBF94E54E1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=partage de fichiers et d'imprimantes (service spouleur - rpc-epmap) |
    "{4928FD51-7132-44C9-B4F9-7476123E2DC7}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
    "{4BBDFD04-58EB-41E7-A3C7-5597BD2E4DBB}" = rport=139 | protocol=6 | dir=out | app=system |
    "{4C038329-CA00-4746-8933-1E4203457265}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\p2phost.exe |
    "{4E6F5AC5-69E8-4DC2-A28D-AB2D2038E940}" = lport=139 | protocol=6 | dir=in | app=system |
    "{4E79472B-D530-492B-A52B-B65348CEDEE7}" = lport=5358 | protocol=6 | dir=in | app=system |
    "{4E86C204-B841-46D8-B29B-C53E7C88FEBB}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=c:\windows\system32\svchost.exe |
    "{52957D15-6B73-4D4E-B432-D3B93C323046}" = lport=80 | protocol=6 | dir=in | app=system |
    "{566BAD82-01B9-4947-A9C4-B91CA40CFB78}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{57D10F27-8F8E-4FC4-8910-60C0CE890DC3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
    "{5A382287-2CA5-4657-8EFF-D6B794E57E42}" = lport=137 | protocol=17 | dir=in | app=system |
    "{5D2FB665-4924-4748-AB8A-662580B1D47D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
    "{5E85E98B-4662-491D-A590-A13B3016B9C3}" = lport=1688 | protocol=6 | dir=in | svc=slsvc | app=c:\windows\system32\slsvc.exe |
    "{5F0DB13A-2C9F-4741-B163-012BF406CE62}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe |
    "{6292032B-F17E-4B8D-83E9-8F7EA1E1DE56}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
    "{63956580-B2F3-4A52-9D19-FDD165D480CC}" = lport=445 | protocol=6 | dir=in | app=system |
    "{65A20C16-4323-4466-AEE2-66790985BC28}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
    "{6753A723-E1DB-4389-9498-7EA54EAEAF1E}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
    "{69CA6882-DF94-4FEB-A3EF-AB48C15545F5}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{6A82D74E-3C92-46C5-ACBA-41EC6C6E2288}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
    "{6E56D9CE-8123-434F-A9B1-A9C1739ACF80}" = lport=26819 | protocol=6 | dir=in | name=bitcomet 26819 tcp |
    "{74FA6673-EFE7-485C-BDCC-7D000B69E89D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{7C2B7E20-2672-4EFC-BB2B-5B8EF87BC218}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
    "{812237B4-ED7A-4DBB-8266-CEEFB13D5039}" = lport=1701 | protocol=17 | dir=in | app=system |
    "{82164242-7598-496D-8472-650A16578AAF}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{8288BD72-C620-4791-975F-44783262F18F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe |
    "{8DC93DAB-1C67-47C9-9384-670C19843F34}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
    "{8DCBB238-F693-4B4B-902C-198DAFFCF119}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\netproj.exe |
    "{915CEF58-741A-4DEE-9BD3-9A4591B3A6B7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
    "{97AEB881-15FB-4DB7-94E3-AF6B20564443}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
    "{9A347CFA-647B-468C-81C3-0969952D2C62}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
    "{9B181289-E007-47B0-AE78-CFB4177A2D97}" = rport=137 | protocol=17 | dir=out | app=system |
    "{9B802147-5CA3-40B1-8039-A04A535E254A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
    "{9DDF51F7-052B-4D66-B20A-EF6AAE4C636F}" = lport=26819 | protocol=17 | dir=in | name=bitcomet 26819 udp |
    "{A16B332E-FA02-4B20-91AD-918F61C6B9F1}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=c:\windows\system32\dfsr.exe |
    "{A54F2B2C-A8CF-498E-82AB-AD5A2A9257DA}" = lport=445 | protocol=6 | dir=in | app=system |
    "{A617E5A4-3049-4134-8168-3A9651651281}" = lport=445 | protocol=6 | dir=in | app=system |
    "{A6527194-029A-46D0-B744-C0DA5250F1E8}" = rport=1723 | protocol=6 | dir=out | app=system |
    "{AC59C692-AA0C-4E07-91C6-C55BAF5DF579}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\netproj.exe |
    "{B2BF7A9F-85DB-456E-9317-09D9B355C6D6}" = lport=rpc | protocol=6 | dir=in | svc=policyagent | app=c:\windows\system32\svchost.exe |
    "{B5AB836A-DA24-4DD6-904D-EAAFDE610BA0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
    "{B828AEF3-6E16-4A86-B171-C78A8FECB717}" = lport=162 | protocol=17 | dir=in | svc=snmptrap | app=c:\windows\system32\snmptrap.exe |
    "{BDAFBFA9-9E8A-4EFA-871D-DDA094D13B45}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=c:\windows\system32\vds.exe |
    "{BE693053-FC52-442C-AFFB-594A3A2B9C3C}" = lport=23520 | protocol=17 | dir=in | name=bitcomet 23520 udp |
    "{BEDB51EA-C42A-47FB-B250-48D5584BE35C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{BF527C27-9E44-45C1-98B3-4C7738877E35}" = lport=rpc | protocol=6 | dir=in | svc=ktmrm | app=c:\windows\system32\svchost.exe |
    "{BFBB7E6F-A822-4276-92D1-D299174009D6}" = lport=3702 | protocol=17 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
    "{C0D18702-3DD7-48A0-859F-A60EEAAA2226}" = lport=135 | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
    "{C1D8DEF7-FF86-4C70-A05B-76A2575A3346}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{C25C1475-8D8C-48D9-B05E-641250A8576A}" = lport=3389 | protocol=6 | dir=in | app=system |
    "{CD332D3F-868B-4C29-98AD-2CC129E13AEA}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
    "{CE8E4C8C-9393-405C-9045-48BF5E64FD60}" = rport=138 | protocol=17 | dir=out | app=system |
    "{CF331591-7C4E-44C5-9835-51A88DBCBDD9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
    "{D8560AB7-7028-4F0E-A0E7-5C20C4C28C9A}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\services.exe |
    "{DC7FF548-02EF-4D70-A9FF-714E8E0339AB}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
    "{E6103749-C94C-4FF8-8C70-121754E263C6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{ECCC655B-D69D-4FE4-A8F9-106A5DCBA69C}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{ECD26476-A242-4744-9B38-DD2FC96C3DE3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{ED77A3E6-3DF7-44BE-B68D-3A1BD5DCBED2}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\vdsldr.exe |
    "{ED9CD6F6-C599-4649-8B33-6B0BBE7E30CF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
    "{F0BED5CB-F341-4CA0-BC1C-EC446F514E14}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
    "{F1F9B1B0-0164-4ADF-B482-D64D9FAA4E5F}" = rport=2178 | protocol=6 | dir=out | app=system |
    "{F42C1934-8B95-4CD0-8E57-83CE8CD60F17}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=c:\windows\system32\dfsr.exe |
    "{F4CD0F2D-1E6E-4438-9C10-7D3F8D289E8A}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=c:\windows\system32\svchost.exe |
    "{F7B9AB43-AE4D-4027-8BF6-5B4E8827E6EF}" = rport=3702 | protocol=17 | dir=out | svc=bits | app=c:\windows\system32\svchost.exe |
    "{FCA605C7-8263-4425-975B-B6C3C286D92C}" = lport=445 | protocol=6 | dir=in | app=system |
    "{FF292C55-B5D9-4782-8E64-4561BF4A8EA3}" = lport=1723 | protocol=6 | dir=in | app=system |
    "{FF9B83EF-86D9-4299-BC93-9336ADF153D6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{15E7E8D2-E1B1-4A96-8ED7-7E596EA3245B}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
    "{166F418C-08A1-47B7-90E6-A0CDD97DDF47}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{18D427D8-E116-442C-9264-A838EB109756}" = protocol=6 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
    "{1A2CB7E0-E54C-40CB-B523-E59BAEDC18D4}" = protocol=6 | dir=in | svc=winmgmt | app=c:\windows\system32\svchost.exe |
    "{22432524-A8A1-4954-95A1-584E880242DB}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
    "{30AA8480-8F3D-4E25-8E8C-F8C5071E3DCA}" = protocol=17 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |
    "{3ACC0A76-F06A-481C-9279-63B3236E7746}" = protocol=6 | dir=in | app=c:\windows\system32\msdtc.exe |
    "{3F518695-99BD-451A-B1C8-AAF8370C431D}" = protocol=6 | dir=in | app=c:\windows\system32\plasrv.exe |
    "{40D5080F-AF20-4970-AE6A-0F4B68A432D0}" = protocol=17 | dir=in | app=d:\program files\hamachi\hamachi.exe |
    "{42F13DAB-F847-4B72-AD80-DC341BF63DFE}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
    "{43636B7A-917D-4262-84CB-B660E6E18B84}" = protocol=6 | dir=in | app=c:\windows\system32\wbem\unsecapp.exe |
    "{45A26805-48D6-4953-8930-6D137E9B4A41}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
    "{46890540-CED8-4FB1-B6CB-A6C4302182F8}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
    "{49B84057-F880-4044-AC90-723FD92116BC}" = protocol=6 | dir=out | svc=winmgmt | app=c:\windows\system32\svchost.exe |
    "{4A45D589-46CC-4C35-B9DB-56C3C8B72815}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{4F205916-A67A-4A71-B333-62710397871B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
    "{538BA76C-653F-40EC-A31B-015FE510A85E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
    "{5A41E788-47E7-4710-8F41-0830F61291C7}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
    "{616E57B2-044E-4082-AB02-E3F8415E5914}" = protocol=6 | dir=out | app=system |
    "{634899FE-0772-486C-95EA-C4A16E831420}" = protocol=6 | dir=out | app=c:\windows\system32\netproj.exe |
    "{646FB569-A344-4B29-90BE-3E800B6E6787}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
    "{65C8EA81-B2BA-4D70-9181-83BFEE6AE66E}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
    "{6A3E3250-6DA1-4D80-A4C9-CC48CAF3C4E4}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
    "{6A8D9207-2551-44FF-B660-21B91514B2C8}" = protocol=58 | dir=out | name=partage de fichiers et d'imprimantes (demande d'écho - trafic sortant icmpv6) |
    "{704D21F7-75F7-4754-AF13-E4EF25CD520A}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
    "{7296672D-1721-4E5C-A1C7-98D95A03D4CC}" = protocol=17 | dir=in | app=d:\program files\gsc game world\cossacks ii\cossacks2.exe |
    "{74C8E4F0-1DE5-44F0-896D-261340BC081D}" = protocol=6 | dir=in | svc=msiscsi | app=c:\windows\system32\svchost.exe |
    "{765A8C57-1FF0-4F2D-BD61-98F04DE2CD20}" = protocol=6 | dir=out | app=c:\program files\windows collaboration\wincollab.exe |
    "{7A375E82-B00B-4901-9598-D5CFB6423491}" = protocol=6 | dir=in | app=d:\program files\hamachi\hamachi.exe |
    "{7BBC9BA6-6D76-42FD-96CB-84BDD82B2790}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
    "{7BED985A-62C4-41E9-ACDB-0BC96943BA94}" = protocol=6 | dir=out | app=c:\windows\system32\p2phost.exe |
    "{88F83B4A-2553-4BA5-9915-F42A69154F96}" = protocol=6 | dir=in | app=c:\program files\sports interactive\football manager 2009\fm.exe |
    "{8B05BC75-5B24-48CC-90A4-FB1A46B49EF8}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
    "{8B21452C-34E8-4A40-A8C9-E1AAC37A349C}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
    "{8BFE6C5C-7061-4203-8DB1-ABFCADA1E570}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{91895A34-32F0-43AC-921B-4AE308025A59}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
    "{9302308A-F55E-44DF-B64D-C3E8492BDBCB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{97E9881E-4E2A-41A8-B624-39F9B67579DA}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
    "{9BB1FE75-099C-49D0-ABC6-632B8530FEE9}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
    "{9F29F78F-580E-4361-B85B-947677B16607}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "{A4FA8277-03C8-4AF6-935B-BE54BD6DA30C}" = protocol=6 | dir=out | app=system |
    "{A65D8513-5238-4C0E-8A3D-DF9BD2972121}" = protocol=6 | dir=out | app=c:\windows\system32\msdtc.exe |
    "{A7BC3880-AC97-42CC-95AC-3DE3FE27FCBE}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
    "{B0EFD460-8CAF-419A-A59D-AE0A3713C8F2}" = protocol=17 | dir=in | app=c:\program files\sports interactive\football manager 2009\fm.exe |
    "{B18CA07A-FFB8-431A-B65D-6EAD0881A3DA}" = protocol=6 | dir=in | app=c:\windows\system32\netproj.exe |
    "{B99F7B2C-1AB0-43B9-A630-5A98269E3187}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
    "{BE1FCE67-2D42-4DC4-B367-E6BF3B9438BA}" = protocol=58 | dir=in | name=partage de fichiers et d'imprimantes (demande d'écho - trafic entrant icmpv6) |
    "{BF1177AA-985E-4B0D-B14D-6DFC673187CD}" = protocol=17 | dir=out | app=c:\program files\windows collaboration\wincollab.exe |
    "{C4665DA9-9CAB-4866-B4F1-33792877CF1D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{CD07115B-AF1C-4FA8-86B7-5DD1B7D4EB1D}" = protocol=1 | dir=in | name=partage de fichiers et d'imprimantes (demande d'écho - trafic entrant icmpv4) |
    "{CE4E84B5-EC9C-4C99-B04D-50F7EB667054}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{CEC05C8D-5FC2-4D67-A04B-D81BA03DF1F4}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
    "{CEE3B62F-FE8C-4FFA-8504-D8002A89DEF5}" = protocol=1 | dir=out | name=partage de fichiers et d'imprimantes (demande d'écho - trafic sortant icmpv4) |
    "{DD231EC0-B9A6-47E1-93C1-618EA0CBA36F}" = protocol=6 | dir=in | app=d:\program files\gsc game world\cossacks ii\cossacks2.exe |
    "{DDF8E93E-4041-4AF2-8A2B-6D6A37F7F28B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
    "{DE819103-0741-40ED-89F8-6D5EDD9BC1C9}" = protocol=6 | dir=in | app=c:\windows\system32\p2phost.exe |
    "{E20755BC-CBBD-4A4D-9696-8365D0E2B1F9}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
    "{E362087C-C0BB-4AFC-AD73-3B9750624494}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
    "{E6178D93-F248-4D92-A894-36F20DA6D1DF}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
    "{EC961DC4-940D-4CD6-8177-5C8F051DA9D3}" = protocol=6 | dir=out | svc=msiscsi | app=c:\windows\system32\svchost.exe |
    "{EF62227E-320E-4987-9188-80E6001A2608}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
    "{F8B1F7AB-F8F3-4C29-9F96-C4CFA425C165}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
    "{FD070636-B4B9-4042-9C59-F743FC2B0657}" = protocol=6 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |
    "{FFEB5F1D-DEEB-45FF-B249-AC157C6051AE}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
    "TCP Query User{03B8F32A-4DE4-404F-8180-CEBBBABFCD4C}D:\program files\gsc game world\cossacks ii\data\engine.exe" = protocol=6 | dir=in | app=d:\program files\gsc game world\cossacks ii\data\engine.exe |
    "TCP Query User{0DE4C93F-7A73-4E87-A5FC-E2DA960E1B31}C:\program files\postal2stp\system\postal2.exe" = protocol=6 | dir=in | app=c:\program files\postal2stp\system\postal2.exe |
    "TCP Query User{0E16137C-3D36-4A08-AFCD-661729545BEE}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
    "TCP Query User{13511903-9FD6-4B69-A5A5-0D8F8DE6EA6B}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
    "TCP Query User{1C50F353-BFC6-4F62-A92B-FA922058BF53}D:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=d:\program files\bitcomet\bitcomet.exe |
    "TCP Query User{49DF2D27-8757-4914-ABFB-E10185DA3156}D:\program files\postal2stp\system\postal2mp.exe" = protocol=6 | dir=in | app=d:\program files\postal2stp\system\postal2mp.exe |
    "TCP Query User{528B015F-9D47-41C9-BA49-4E0B5BE61624}C:\program files\packet tracer 5.2\bin\packettracer5.exe" = protocol=6 | dir=in | app=c:\program files\packet tracer 5.2\bin\packettracer5.exe |
    "TCP Query User{52A0103B-657C-4110-B323-80CAADD9AA37}C:\program files\messengerdiscovery\messengerdiscovery live.exe" = protocol=6 | dir=in | app=c:\program files\messengerdiscovery\messengerdiscovery live.exe |
    "TCP Query User{5B580438-F097-4E4A-A1C6-D0D34F6F2C56}D:\program files\cossacks - back to war\dmcr.exe" = protocol=6 | dir=in | app=d:\program files\cossacks - back to war\dmcr.exe |
    "TCP Query User{8D948006-129A-4C0E-9CE2-3CE76770A6B6}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
    "TCP Query User{8E9A1CC7-5FFA-48F9-A532-CB62B6A2C8C2}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "TCP Query User{9AAF72BF-3E43-4AB7-8A81-C9D5C57771DE}D:\program files\postal2stp\system\postal2.exe" = protocol=6 | dir=in | app=d:\program files\postal2stp\system\postal2.exe |
    "TCP Query User{A1090B17-1F62-45DF-998E-7D79C535E038}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
    "TCP Query User{A3C3DC51-B3E6-4709-ABB4-E7CAF0F0B63F}D:\program files\postal2stp\system\postal2mp.exe" = protocol=6 | dir=in | app=d:\program files\postal2stp\system\postal2mp.exe |
    "TCP Query User{A7355058-0E86-493A-9140-D8B97A29C7ED}D:\program files\cossacks - back to war\dmcr.exe" = protocol=6 | dir=in | app=d:\program files\cossacks - back to war\dmcr.exe |
    "TCP Query User{CBA0AE68-8CB6-4E21-B527-89A9A7E9BE24}C:\users\titi\desktop\postal 2\system\postal2.exe" = protocol=6 | dir=in | app=c:\users\titi\desktop\postal 2\system\postal2.exe |
    "TCP Query User{D21423BC-276B-4AE4-82FB-ED2A6E85F2BB}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
    "TCP Query User{D6175555-E466-4EB7-B887-C924E2E0BA55}D:\programmes\cossacks - back to war\dmcr.exe" = protocol=6 | dir=in | app=d:\programmes\cossacks - back to war\dmcr.exe |
    "UDP Query User{13ADD215-2C86-4130-AE8F-DD74F1FF5A38}D:\program files\postal2stp\system\postal2mp.exe" = protocol=17 | dir=in | app=d:\program files\postal2stp\system\postal2mp.exe |
    "UDP Query User{21B7D01C-774F-4F1B-91DC-F985A6DB6399}D:\program files\cossacks - back to war\dmcr.exe" = protocol=17 | dir=in | app=d:\program files\cossacks - back to war\dmcr.exe |
    "UDP Query User{3878619D-05CF-458B-9C41-7EDDD4EADA8C}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "UDP Query User{4F1D3DFD-094F-4A86-A286-B1411204030B}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
    "UDP Query User{579176EC-C415-43D4-8FAD-22CFF431911B}D:\program files\postal2stp\system\postal2mp.exe" = protocol=17 | dir=in | app=d:\program files\postal2stp\system\postal2mp.exe |
    "UDP Query User{5EB48241-5E6F-4636-8B3E-81A62EE81AC6}D:\program files\cossacks - back to war\dmcr.exe" = protocol=17 | dir=in | app=d:\program files\cossacks - back to war\dmcr.exe |
    "UDP Query User{701449E3-555A-43E3-AE94-E6BC1EB6C294}D:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=d:\program files\bitcomet\bitcomet.exe |
    "UDP Query User{7B278C3B-A8E5-4A43-B482-5E476BD095D7}C:\program files\postal2stp\system\postal2.exe" = protocol=17 | dir=in | app=c:\program files\postal2stp\system\postal2.exe |
    "UDP Query User{826C2253-DC19-43CB-ADC9-5DCA39B66215}D:\program files\gsc game world\cossacks ii\data\engine.exe" = protocol=17 | dir=in | app=d:\program files\gsc game world\cossacks ii\data\engine.exe |
    "UDP Query User{ADF2C861-3E6C-451F-90DD-5EC86223910A}C:\users\titi\desktop\postal 2\system\postal2.exe" = protocol=17 | dir=in | app=c:\users\titi\desktop\postal 2\system\postal2.exe |
    "UDP Query User{C40D956E-CB3B-4649-A44D-94DC752FEA30}C:\program files\packet tracer 5.2\bin\packettracer5.exe" = protocol=17 | dir=in | app=c:\program files\packet tracer 5.2\bin\packettracer5.exe |
    "UDP Query User{CBF652DD-A192-40F9-BE08-46909EC2E075}D:\programmes\cossacks - back to war\dmcr.exe" = protocol=17 | dir=in | app=d:\programmes\cossacks - back to war\dmcr.exe |
    "UDP Query User{CF38BB4C-C370-4CAA-899C-DFE15A68F300}C:\program files\messengerdiscovery\messengerdiscovery live.exe" = protocol=17 | dir=in | app=c:\program files\messengerdiscovery\messengerdiscovery live.exe |
    "UDP Query User{D4BE2AE1-76CC-4759-8E3D-2C8B3A8FA33A}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
    "UDP Query User{F273F0BB-8F41-4026-B5E4-AD1EFB64E7E8}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
    "UDP Query User{F353A8E0-0153-483E-8221-CC4A458CABC8}D:\program files\postal2stp\system\postal2.exe" = protocol=17 | dir=in | app=d:\program files\postal2stp\system\postal2.exe |
    "UDP Query User{F3620D73-30B5-41D3-8943-42A0456A57AD}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
    "UDP Query User{F6B48FF5-BD70-4178-B167-51F6E832DD75}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Assistant de connexion Windows Live ID
    "{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 21
    "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
    "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
    "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
    "{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker
    "{53C239F5-7E23-493D-8FB6-F8EEEA5C2154}" = Garmin Training Center
    "{53FED732-39DF-4973-85CD-854115455007}" = Sun VirtualBox
    "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
    "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
    "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
    "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
    "{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
    "{888019C0-54D4-40C2-9274-27B9DAB17017}" = Intel(R) Network Connections 14.0.40.0
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
    "{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1036}" = Nero 8
    "{8D8B167A-ED0F-43F1-AC10-3F4379F7CBBB}" = ArcSoft MediaConverter 2.5
    "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
    "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
    "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
    "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
    "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
    "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
    "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
    "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
    "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{95120000-0122-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
    "{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 3.81
    "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
    "{AC76BA86-7AD7-1036-7B44-A90000000001}" = Adobe Reader 9 - Français
    "{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
    "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
    "{B301DCED-AA7B-4EE5-8EB6-967DA385714A}" = Ma-Config.com
    "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
    "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
    "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}" = Search Settings 1.2
    "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
    "{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}" = Windows Live Contrôle parental
    "{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
    "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
    "{EAFEF30E-3789-49C7-A6D9-77C12E005BAC}" = Safari
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
    "{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
    "{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
    "45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
    "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
    "Ask.com Search Assistant" = Ask.com Search Assistant 1.0.2
    "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
    "CCleaner" = CCleaner
    "Cisco Packet Tracer_is1" = Cisco Packet Tracer 5.2
    "ENTERPRISE" = Microsoft Office Enterprise 2007
    "EPSON Printer and Utilities" = EPSON Logiciel imprimante
    "EPSON Scanner" = EPSON Scan
    "Football Manager 2009" = Football Manager 2009
    "Glary Utilities_is1" = Glary Utilities 2.28.0.1011
    "Google Chrome" = Google Chrome
    "KLiteCodecPack_is1" = K-Lite Codec Pack 3.9.5 (Full)
    "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
    "Mozilla Thunderbird (3.0.3)" = Mozilla Thunderbird (3.0.3)
    "PhotoFiltre" = PhotoFiltre
    "Postal 2 STP - Free Multiplayer Edition" = Postal 2 STP - Free Multiplayer Edition
    "PROSetDX" = Intel(R) Network Connections 14.0.40.0
    "TomTom HOME" = TomTom HOME 2.7.3.1894
    "VLC media player" = VLC media player 0.9.2
    "WinLiveSuite_Wave3" = Installation Windows Live

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "gamealarm-DEFAULT" = Game Alarm
    "tc10-FR_FTV_MAIN" = VTT Challenge 10 (FR)

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 09/10/2010 04:04:27 | Computer Name = MESSUVE | Source = .NET Runtime Optimization Service | ID = 1111
    Description =

    Error - 09/10/2010 04:04:50 | Computer Name = MESSUVE | Source = .NET Runtime Optimization Service | ID = 1111
    Description =

    Error - 09/10/2010 05:20:27 | Computer Name = MESSUVE | Source = .NET Runtime Optimization Service | ID = 1111
    Description =

    Error - 09/10/2010 05:22:17 | Computer Name = MESSUVE | Source = .NET Runtime Optimization Service | ID = 1111
    Description =

    Error - 09/10/2010 07:55:40 | Computer Name = MESSUVE | Source = .NET Runtime Optimization Service | ID = 1111
    Description =

    Error - 09/10/2010 08:13:42 | Computer Name = MESSUVE | Source = .NET Runtime Optimization Service | ID = 1111
    Description =

    Error - 09/10/2010 11:27:22 | Computer Name = MESSUVE | Source = .NET Runtime Optimization Service | ID = 1111
    Description =

    Error - 22/10/2010 12:49:14 | Computer Name = MESSUVE | Source = .NET Runtime Optimization Service | ID = 1111
    Description =

    Error - 23/10/2010 01:59:17 | Computer Name = MESSUVE | Source = .NET Runtime Optimization Service | ID = 1111
    Description =

    Error - 23/10/2010 06:13:08 | Computer Name = MESSUVE | Source = Application Error | ID = 1000
    Description = Application défaillante iexplore.exe, version 8.0.6001.18975, horodatage
    0x4c8710a6, module défaillant swg.dll_unloaded, version 0.0.0.0, horodatage 0x4bad61ac,
    code d’exception 0xc0000005, décalage d’erreur 0x0341a75b, ID du processus 0x4a4,
    heure de début de l’application 0x01cb729ad0932d6b.

    [ OSession Events ]
    Error - 09/08/2010 07:43:14 | Computer Name = MESSUVE | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
    12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13013
    seconds with 540 seconds of active time. This session ended with a crash.

    [ System Events ]
    Error - 22/10/2010 16:06:18 | Computer Name = MESSUVE | Source = Service Control Manager | ID = 7000
    Description =

    Error - 22/10/2010 16:06:18 | Computer Name = MESSUVE | Source = Service Control Manager | ID = 7009
    Description =

    Error - 22/10/2010 16:06:18 | Computer Name = MESSUVE | Source = Service Control Manager | ID = 7000
    Description =

    Error - 22/10/2010 16:08:17 | Computer Name = MESSUVE | Source = Service Control Manager | ID = 7009
    Description =

    Error - 22/10/2010 16:08:17 | Computer Name = MESSUVE | Source = Service Control Manager | ID = 7000
    Description =

    Error - 22/10/2010 16:09:00 | Computer Name = MESSUVE | Source = Service Control Manager | ID = 7009
    Description =

    Error - 22/10/2010 16:09:00 | Computer Name = MESSUVE | Source = Service Control Manager | ID = 7000
    Description =

    Error - 22/10/2010 16:09:00 | Computer Name = MESSUVE | Source = Service Control Manager | ID = 7009
    Description =

    Error - 22/10/2010 16:09:00 | Computer Name = MESSUVE | Source = Service Control Manager | ID = 7000
    Description =

    Error - 22/10/2010 16:09:30 | Computer Name = MESSUVE | Source = DCOM | ID = 10010
    Description =


    < End of report >


    OTL logfile created on: 24/10/2010 18:30:42 - Run 1
    OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\Titi\Downloads
    Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18975)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,00% Memory free
    4,00 Gb Paging File | 3,00 Gb Available in Paging File | 77,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 39,06 Gb Total Space | 8,84 Gb Free Space | 22,62% Space Free | Partition Type: NTFS
    Drive D: | 37,27 Gb Total Space | 25,63 Gb Free Space | 68,77% Space Free | Partition Type: NTFS

    Computer Name: MESSUVE | User Name: Titi | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2010/10/24 18:29:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Titi\Downloads\OTL.exe
    PRC - [2010/09/17 17:11:49 | 019,619,328 | ---- | M] (Europe Support Ltd. N.V.) -- C:\Games\Game Alarm\gamealarm.exe
    PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PRC - [2010/04/15 09:52:39 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2010/03/18 11:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    PRC - [2010/02/25 11:59:04 | 000,450,560 | ---- | M] () -- C:\Games\Game Alarm\Updater.exe
    PRC - [2009/11/13 13:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    PRC - [2009/11/13 13:31:12 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    PRC - [2009/08/23 14:16:01 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    PRC - [2009/08/11 14:16:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
    PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    PRC - [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
    PRC - [2007/08/03 12:51:18 | 001,422,632 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    PRC - [2007/08/03 12:51:06 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
    PRC - [2007/03/09 16:28:02 | 000,598,016 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SOUNDMAN.EXE


    ========== Modules (SafeList) ==========

    MOD - [2010/10/24 18:29:21 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Titi\Downloads\OTL.exe
    MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010/08/13 14:43:14 | 000,259,440 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
    SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
    SRV - [2010/02/21 01:05:18 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
    SRV - [2009/11/13 13:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
    SRV - [2009/09/25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009/08/23 14:16:01 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2009/08/11 14:16:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2009/08/05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
    SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
    SRV - [2009/04/11 08:28:18 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Programme d'installation ActiveX (AxInstSV)
    SRV - [2009/04/11 08:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
    SRV - [2008/01/19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2008/01/19 09:34:43 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lpdsvc.dll -- (LPDSVC)
    SRV - [2006/11/02 14:36:35 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iprip.dll -- (iprip)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
    DRV - [2010/05/01 14:05:04 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
    DRV - [2009/12/17 16:02:34 | 000,123,280 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
    DRV - [2009/12/17 16:02:34 | 000,110,096 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
    DRV - [2009/12/17 16:02:34 | 000,099,152 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
    DRV - [2009/12/17 16:02:34 | 000,041,616 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
    DRV - [2009/12/10 20:16:07 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
    DRV - [2009/08/11 14:16:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
    DRV - [2009/08/05 23:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
    DRV - [2009/04/25 12:09:05 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
    DRV - [2009/03/30 10:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
    DRV - [2009/02/13 12:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
    DRV - [2008/10/16 20:35:58 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
    DRV - [2008/09/23 16:12:12 | 000,125,560 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1g60i32.sys -- (E1G60) Intel(R)
    DRV - [2008/08/30 16:26:47 | 000,085,969 | ---- | M] (GMER) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gmer.sys -- (gmer)
    DRV - [2008/08/11 21:30:13 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
    DRV - [2008/07/24 18:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
    DRV - [2008/03/25 21:15:30 | 004,137,312 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVAC.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
    DRV - [2007/03/23 04:50:42 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwusb.sys -- (BTWUSB)
    DRV - [2006/12/12 14:38:12 | 000,286,208 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rt61.sys -- (RT61)
    DRV - [2006/11/02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
    DRV - [2006/11/02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
    DRV - [2006/11/02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
    DRV - [2006/11/02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
    DRV - [2006/11/02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
    DRV - [2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
    DRV - [2006/11/02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
    DRV - [2006/11/02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
    DRV - [2006/11/02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
    DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
    DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
    DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
    DRV - [2006/11/02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
    DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
    DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
    DRV - [2006/11/02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
    DRV - [2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
    DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
    DRV - [2006/11/02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
    DRV - [2006/11/02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2006/11/02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
    DRV - [2006/11/02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
    DRV - [2006/11/02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
    DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
    DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
    DRV - [2006/11/02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
    DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
    DRV - [2006/11/02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
    DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
    DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
    DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
    DRV - [2006/11/02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
    DRV - [2006/11/02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
    DRV - [2006/11/02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
    DRV - [2006/11/02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
    DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
    DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
    DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
    DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
    DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
    DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
    DRV - [2006/11/02 09:36:49 | 000,108,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ac97intc.sys -- (ac97intc) Service d'installation du pilote audio Intel(r) 82801 (WDM)
    DRV - [2006/11/02 09:36:46 | 001,897,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nv4_mini.sys -- (nv)
    DRV - [2006/10/14 05:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
    DRV - [2004/04/26 23:31:04 | 000,474,304 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvcd.sys -- (QCDonner) Logitech QuickCam Express(PID_0840)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lo.st

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Yahoo"
    FF - prefs.js..browser.search.defaulturl: "http://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
    FF - prefs.js..browser.search.selectedEngine: "Google"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: " fficial" rel="nofollow" target="_blank">http://fr.start2.mozilla.com/firefox?client=firefox-a&r..."
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {0497D7FA-B45F-11DB-9DCC-3D3756D89593}:1.0.0
    FF - prefs.js..extensions.enabledItems: undrm@readzik:1.3
    FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
    FF - prefs.js..keyword.URL: "http://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-ccle..."

    FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/30 20:37:21 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/30 20:37:21 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.3\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/05/30 20:37:21 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.3\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

    [2010/03/04 19:36:52 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\mozilla\Extensions
    [2010/03/04 19:36:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Titi\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
    [2009/12/30 22:01:00 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
    [2010/10/23 19:35:03 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\mozilla\Firefox\Profiles\46l8o9yi.default\extensions
    [2009/07/07 15:54:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Titi\AppData\Roaming\mozilla\Firefox\Profiles\46l8o9yi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2010/04/16 12:47:12 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Titi\AppData\Roaming\mozilla\Firefox\Profiles\46l8o9yi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    [2010/08/13 13:16:21 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\mozilla\Firefox\Profiles\46l8o9yi.default\extensions\undrm@readzik
    [2009/09/15 10:37:56 | 000,001,681 | ---- | M] () -- C:\Users\Titi\AppData\Roaming\Mozilla\FireFox\Profiles\46l8o9yi.default\searchplugins\ask.uk.xml
    [2009/04/25 12:12:35 | 000,002,399 | ---- | M] () -- C:\Users\Titi\AppData\Roaming\Mozilla\FireFox\Profiles\46l8o9yi.default\searchplugins\daemon-search.xml
    [2009/04/20 21:49:08 | 000,001,632 | ---- | M] () -- C:\Users\Titi\AppData\Roaming\
    a c 614 8 Sécurité
    25 Octobre 2010 21:44:36

    Re,

    Le deuxième rapport, OTL.txt est incomplet, merci de le reposter.

    Utilise le service cijoint si possible.

    (s'il n'accepte pas un fichier .log, renomme en .txt)

    26 Octobre 2010 10:04:02

    Bonjour,

    OTL logfile created on: 26/10/2010 09:38:55 - Run 2
    OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\Titi\Downloads
    Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18975)
    Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 56,00% Memory free
    4,00 Gb Paging File | 3,00 Gb Available in Paging File | 77,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 39,06 Gb Total Space | 7,72 Gb Free Space | 19,78% Space Free | Partition Type: NTFS
    Drive D: | 37,27 Gb Total Space | 25,30 Gb Free Space | 67,88% Space Free | Partition Type: NTFS

    Computer Name: MESSUVE | User Name: Titi | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2010/10/26 09:38:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Titi\Downloads\OTL(2).exe
    PRC - [2010/09/17 17:11:49 | 019,619,328 | ---- | M] (Europe Support Ltd. N.V.) -- C:\Games\Game Alarm\gamealarm.exe
    PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PRC - [2010/04/15 09:52:39 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2010/03/18 11:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    PRC - [2010/02/25 11:59:04 | 000,450,560 | ---- | M] () -- C:\Games\Game Alarm\Updater.exe
    PRC - [2009/11/13 13:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    PRC - [2009/11/13 13:31:12 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    PRC - [2009/08/23 14:16:01 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    PRC - [2009/08/11 14:16:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
    PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009/03/02 13:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    PRC - [2009/02/06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
    PRC - [2007/08/03 12:51:18 | 001,422,632 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    PRC - [2007/08/03 12:51:06 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
    PRC - [2007/03/09 16:28:02 | 000,598,016 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SOUNDMAN.EXE


    ========== Modules (SafeList) ==========

    MOD - [2010/10/26 09:38:31 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Titi\Downloads\OTL(2).exe
    MOD - [2010/08/31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010/08/13 14:43:14 | 000,259,440 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)
    SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
    SRV - [2010/02/21 01:05:18 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
    SRV - [2009/11/13 13:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
    SRV - [2009/09/25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009/08/23 14:16:01 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2009/08/11 14:16:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2009/08/05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
    SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
    SRV - [2009/04/11 08:28:18 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Programme d'installation ActiveX (AxInstSV)
    SRV - [2009/04/11 08:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
    SRV - [2008/01/19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2008/01/19 09:34:43 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lpdsvc.dll -- (LPDSVC)
    SRV - [2006/11/02 14:36:35 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\iprip.dll -- (iprip)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
    DRV - [2010/05/01 14:05:04 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)
    DRV - [2009/12/17 16:02:34 | 000,123,280 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
    DRV - [2009/12/17 16:02:34 | 000,110,096 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
    DRV - [2009/12/17 16:02:34 | 000,099,152 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
    DRV - [2009/12/17 16:02:34 | 000,041,616 | ---- | M] (Sun Microsystems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
    DRV - [2009/12/10 20:16:07 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
    DRV - [2009/08/11 14:16:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
    DRV - [2009/08/05 23:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
    DRV - [2009/04/25 12:09:05 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
    DRV - [2009/03/30 10:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
    DRV - [2009/02/13 12:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
    DRV - [2008/10/16 20:35:58 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
    DRV - [2008/09/23 16:12:12 | 000,125,560 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1g60i32.sys -- (E1G60) Intel(R)
    DRV - [2008/08/30 16:26:47 | 000,085,969 | ---- | M] (GMER) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gmer.sys -- (gmer)
    DRV - [2008/08/11 21:30:13 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
    DRV - [2008/07/24 18:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
    DRV - [2008/03/25 21:15:30 | 004,137,312 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVAC.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
    DRV - [2007/03/23 04:50:42 | 000,067,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwusb.sys -- (BTWUSB)
    DRV - [2006/12/12 14:38:12 | 000,286,208 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rt61.sys -- (RT61)
    DRV - [2006/11/02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
    DRV - [2006/11/02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
    DRV - [2006/11/02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
    DRV - [2006/11/02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
    DRV - [2006/11/02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
    DRV - [2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
    DRV - [2006/11/02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
    DRV - [2006/11/02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
    DRV - [2006/11/02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
    DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
    DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
    DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
    DRV - [2006/11/02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
    DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
    DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
    DRV - [2006/11/02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
    DRV - [2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
    DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
    DRV - [2006/11/02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
    DRV - [2006/11/02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2006/11/02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
    DRV - [2006/11/02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
    DRV - [2006/11/02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
    DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
    DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
    DRV - [2006/11/02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
    DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
    DRV - [2006/11/02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
    DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
    DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
    DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
    DRV - [2006/11/02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
    DRV - [2006/11/02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
    DRV - [2006/11/02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
    DRV - [2006/11/02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
    DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
    DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
    DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
    DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
    DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
    DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
    DRV - [2006/11/02 09:36:49 | 000,108,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ac97intc.sys -- (ac97intc) Service d'installation du pilote audio Intel(r) 82801 (WDM)
    DRV - [2006/11/02 09:36:46 | 001,897,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nv4_mini.sys -- (nv)
    DRV - [2006/10/14 05:04:33 | 004,422,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
    DRV - [2004/04/26 23:31:04 | 000,474,304 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvcd.sys -- (QCDonner) Logitech QuickCam Express(PID_0840)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lo.st

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Yahoo"
    FF - prefs.js..browser.search.defaulturl: "http://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
    FF - prefs.js..browser.search.selectedEngine: "Google"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: " fficial" rel="nofollow" target="_blank">http://fr.start2.mozilla.com/firefox?client=firefox-a&r..."
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {0497D7FA-B45F-11DB-9DCC-3D3756D89593}:1.0.0
    FF - prefs.js..extensions.enabledItems: undrm@readzik:1.3
    FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
    FF - prefs.js..keyword.URL: "http://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-ccle..."

    FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/30 20:37:21 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/05/30 20:37:21 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.3\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/05/30 20:37:21 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.3\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

    [2010/03/04 19:36:52 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\mozilla\Extensions
    [2010/03/04 19:36:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Titi\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
    [2009/12/30 22:01:00 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
    [2010/10/26 08:39:39 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\mozilla\Firefox\Profiles\46l8o9yi.default\extensions
    [2009/07/07 15:54:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Titi\AppData\Roaming\mozilla\Firefox\Profiles\46l8o9yi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2010/04/16 12:47:12 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Titi\AppData\Roaming\mozilla\Firefox\Profiles\46l8o9yi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    [2010/08/13 13:16:21 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\mozilla\Firefox\Profiles\46l8o9yi.default\extensions\undrm@readzik
    [2009/09/15 10:37:56 | 000,001,681 | ---- | M] () -- C:\Users\Titi\AppData\Roaming\Mozilla\FireFox\Profiles\46l8o9yi.default\searchplugins\ask.uk.xml
    [2009/04/25 12:12:35 | 000,002,399 | ---- | M] () -- C:\Users\Titi\AppData\Roaming\Mozilla\FireFox\Profiles\46l8o9yi.default\searchplugins\daemon-search.xml
    [2009/04/20 21:49:08 | 000,001,632 | ---- | M] () -- C:\Users\Titi\AppData\Roaming\Mozilla\FireFox\Profiles\46l8o9yi.default\searchplugins\live-search.xml
    [2010/10/25 11:41:44 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
    [2008/09/21 12:06:29 | 000,000,000 | ---D | M] (MSN Pictures Displayer) -- C:\Program Files\mozilla firefox\extensions\{0497D7FA-B45F-11DB-9DCC-3D3756D89593}
    [2010/04/15 10:02:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    [2010/08/10 09:14:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    [2010/10/25 11:41:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
    [2008/01/23 08:20:30 | 000,491,520 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
    [2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
    [2009/11/04 14:48:53 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
    [2009/11/04 14:48:53 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
    [2009/11/04 14:48:53 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
    [2009/11/04 14:48:53 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
    [2009/11/04 14:48:53 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

    O1 HOSTS File: ([2008/09/14 18:59:42 | 000,263,327 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 www.100888290cs.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 www.10sek.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 www.123topsearch.com
    O1 - Hosts: 127.0.0.1 123topsearch.com
    O1 - Hosts: 127.0.0.1 www.132.com
    O1 - Hosts: 127.0.0.1 132.com
    O1 - Hosts: 127.0.0.1 www.136136.net
    O1 - Hosts: 9133 more lines...
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
    O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
    O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
    O4 - HKLM..\Run: [SoundMan] C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
    O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
    O4 - HKCU..\Run: [EPSON Stylus DX4400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE (SEIKO EPSON CORPORATION)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
    O4 - Startup: C:\Users\Titi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk = C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
    O4 - Startup: C:\Users\Titi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Table Of Contents.onetoc2 ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
    O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.... (Checkers Class)
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.... (Solitaire Showdown Class)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-wind... (Java Plug-in 1.6.0_22)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPACl... (MessengerStatsClient Class)
    O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-wind... (Java Plug-in 1.6.0_22)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-wind... (Java Plug-in 1.6.0_22)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Users\Titi\Desktop\09a0o055.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Titi\Desktop\09a0o055.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{18f52282-99fd-11de-8499-806e6f6e6963}\Shell\AutoRun\command - "" = F:\wd_windows_tools\WDSetup.exe -- File not found
    O33 - MountPoints2\{3b45a721-3181-11de-9389-000874a8bcd6}\Shell - "" = AutoRun
    O33 - MountPoints2\{3b45a721-3181-11de-9389-000874a8bcd6}\Shell\AutoRun\command - "" = F:\RunGame.exe -- File not found
    O33 - MountPoints2\{439e2bf9-74d3-11dd-9792-000874a8bcd6}\Shell - "" = AutoRun
    O33 - MountPoints2\{439e2bf9-74d3-11dd-9792-000874a8bcd6}\Shell\AutoRun\command - "" = F:\setup.exe -- File not found
    O33 - MountPoints2\{b95aee0c-f57c-11de-87ed-000874a8bcd6}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Nla - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found


    Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
    Drivers32: msacm.divxa32 - C:\Windows\System32\divxa32.acm (Kristal StudioDFileDescription)
    Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
    Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
    Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
    Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
    Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
    Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)
    Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
    Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
    Drivers32: VIDC.HFYU - C:\Windows\System32\huffyuv.dll (Disappearing Inc.)
    Drivers32: vidc.i263 - C:\Windows\System32\I263_32.drv (Intel Corporation)
    Drivers32: VIDC.I420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)
    Drivers32: vidc.iv41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
    Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
    Drivers32: VIDC.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
    Drivers32: VIDC.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
    Drivers32: VIDC.VP62 - C:\Windows\System32\vp6vfw.dll (On2.com)
    Drivers32: VIDC.VP70 - C:\Windows\System32\vp7vfw.dll (On2.com)
    Drivers32: VIDC.X264 - C:\Windows\System32\x264vfw.dll ()
    Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
    Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2010/10/25 11:41:40 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
    [2010/10/25 11:41:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
    [2010/10/25 11:41:40 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
    [2010/10/23 13:12:49 | 000,000,000 | ---D | C] -- C:\Users\Titi\AppData\Roaming\dvdcss
    [2010/10/22 20:43:53 | 000,000,000 | ---D | C] -- C:\Users\Titi\Desktop\Photo David
    [2010/10/22 19:39:14 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
    [2010/10/22 19:39:03 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
    [2010/10/22 19:38:37 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
    [2010/10/22 19:38:16 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
    [2010/10/22 19:37:16 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2010/10/22 19:37:16 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
    [2010/10/22 19:37:16 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
    [2010/10/22 19:37:15 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2010/10/22 19:37:15 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
    [2010/10/22 19:37:15 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2010/10/22 19:37:15 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2010/10/22 19:37:15 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2010/10/22 19:37:14 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2010/10/22 19:37:14 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2010/10/22 19:37:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2010/10/22 19:37:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2010/10/22 19:37:14 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2010/10/22 19:37:14 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2010/10/22 19:37:14 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2010/10/22 19:37:14 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2010/10/22 19:37:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2010/10/22 19:37:03 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
    [2010/10/22 19:37:03 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
    [2010/10/22 19:37:00 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
    [2010/10/22 19:36:57 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
    [2010/10/09 14:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
    [2010/10/08 19:46:13 | 000,000,000 | ---D | C] -- D:\c435a9a56705b2eab4ef175cf8
    [2010/09/30 21:16:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
    [2008/03/05 16:30:18 | 001,694,728 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
    [2008/03/05 16:30:18 | 000,527,880 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe
    [2008/03/05 16:30:18 | 000,097,288 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2010/10/26 09:45:54 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D32AD5B0-C9B7-442E-9F41-92ABAC3D5EB4}.job
    [2010/10/26 09:12:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010/10/26 08:55:38 | 000,002,032 | ---- | M] () -- C:\Users\Titi\AppData\Local\d3d9caps.dat
    [2010/10/26 08:12:02 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010/10/26 08:05:08 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010/10/26 08:05:08 | 000,004,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010/10/26 08:04:50 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
    [2010/10/26 08:04:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010/10/25 19:13:33 | 000,010,755 | ---- | M] () -- C:\Users\Titi\Desktop\cv.docx
    [2010/10/25 19:05:05 | 000,000,162 | -H-- | M] () -- C:\Users\Titi\Desktop\~$cv.docx
    [2010/10/25 10:58:40 | 000,011,006 | ---- | M] () -- C:\Users\Titi\Desktop\lettre de motivation.docx
    [2010/10/23 07:55:37 | 000,375,064 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010/10/19 11:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
    [2010/10/09 14:39:32 | 000,062,634 | ---- | M] () -- D:\cc_20101009_143914.reg
    [2010/10/09 14:30:29 | 000,000,821 | ---- | M] () -- C:\Users\Titi\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2010/10/25 19:05:05 | 000,000,162 | -H-- | C] () -- C:\Users\Titi\Desktop\~$cv.docx
    [2010/10/25 08:55:43 | 000,011,006 | ---- | C] () -- C:\Users\Titi\Desktop\lettre de motivation.docx
    [2010/10/25 08:55:20 | 000,010,755 | ---- | C] () -- C:\Users\Titi\Desktop\cv.docx
    [2010/10/09 14:39:21 | 000,062,634 | ---- | C] () -- D:\cc_20101009_143914.reg
    [2010/10/09 14:30:29 | 000,000,821 | ---- | C] () -- C:\Users\Titi\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk

    [2009/06/02 18:49:53 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2008/09/28 11:58:52 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
    [2008/09/28 11:57:59 | 000,000,528 | ---- | C] () -- C:\Windows\_delis32.ini
    [2008/08/30 16:26:51 | 000,000,250 | ---- | C] () -- C:\Windows\gmer.ini
    [2008/08/30 16:26:47 | 000,884,736 | ---- | C] () -- C:\Windows\gmer.dll
    [2008/08/28 20:31:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2008/08/28 09:30:06 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
    [2008/08/21 20:44:58 | 000,027,503 | ---- | C] () -- C:\Users\Titi\AppData\Roaming\UserTile.png
    [2008/08/20 09:10:32 | 000,147,456 | ---- | C] () -- C:\Windows\System32\RTLCPAPI.dll
    [2008/06/19 12:23:06 | 002,121,235 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
    [2008/06/19 11:59:30 | 000,408,576 | ---- | C] () -- C:\Windows\System32\Smab.dll
    [2008/06/19 11:59:28 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
    [2008/06/17 19:41:17 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
    [2008/06/17 19:41:16 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
    [2008/06/17 19:41:15 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
    [2008/06/17 19:41:11 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
    [2008/06/17 08:52:49 | 000,175,104 | ---- | C] () -- C:\Users\Titi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/06/17 08:43:40 | 000,000,552 | ---- | C] () -- C:\Users\Titi\AppData\Local\d3d8caps.dat
    [2008/06/17 08:23:43 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
    [2008/06/15 13:04:10 | 000,002,032 | ---- | C] () -- C:\Users\Titi\AppData\Local\d3d9caps.dat
    [2008/03/05 16:30:20 | 001,805,306 | ---- | C] () -- C:\Program Files\NOV2007_d3dx9_36_x64.cab
    [2008/03/05 16:30:20 | 001,773,110 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab
    [2008/03/05 16:30:20 | 001,712,608 | ---- | C] () -- C:\Program Files\NOV2007_d3dx9_36_x86.cab
    [2008/03/05 16:30:20 | 001,446,530 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab
    [2008/03/05 16:30:20 | 001,413,862 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab
    [2008/03/05 16:30:20 | 001,128,177 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab
    [2008/03/05 16:30:20 | 000,867,848 | ---- | C] () -- C:\Program Files\NOV2007_d3dx10_36_x64.cab
    [2008/03/05 16:30:20 | 000,807,132 | ---- | C] () -- C:\Program Files\NOV2007_d3dx10_36_x86.cab
    [2008/03/05 16:30:20 | 000,254,442 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab
    [2008/03/05 16:30:20 | 000,229,498 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab
    [2008/03/05 16:30:20 | 000,200,010 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab
    [2008/03/05 16:30:20 | 000,183,321 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab
    [2008/03/05 16:30:20 | 000,151,512 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab
    [2008/03/05 16:30:20 | 000,138,977 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab
    [2008/03/05 16:30:20 | 000,125,584 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab
    [2008/03/05 16:30:20 | 000,096,982 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab
    [2008/03/05 16:30:20 | 000,086,925 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
    [2008/03/05 16:30:20 | 000,058,306 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab
    [2008/03/05 16:30:20 | 000,049,392 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab
    [2008/03/05 16:30:20 | 000,046,247 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
    [2008/03/05 16:30:20 | 000,025,115 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab
    [2008/03/05 16:30:20 | 000,021,744 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab
    [2008/03/05 16:30:18 | 013,265,040 | ---- | C] () -- C:\Program Files\dxnt.cab
    [2008/03/05 16:30:18 | 001,803,760 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab
    [2008/03/05 16:30:18 | 001,711,752 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab
    [2008/03/05 16:30:18 | 001,611,374 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab
    [2008/03/05 16:30:18 | 001,610,958 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab
    [2008/03/05 16:30:18 | 001,610,886 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab
    [2008/03/05 16:30:18 | 001,609,639 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab
    [2008/03/05 16:30:18 | 001,575,336 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab
    [2008/03/05 16:30:18 | 001,572,114 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab
    [2008/03/05 16:30:18 | 001,363,684 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab
    [2008/03/05 16:30:18 | 001,358,864 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
    [2008/03/05 16:30:18 | 001,351,430 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
    [2008/03/05 16:30:18 | 001,336,890 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
    [2008/03/05 16:30:18 | 001,248,387 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
    [2008/03/05 16:30:18 | 001,156,363 | ---- | C] () -- C:\Program Files\BDANT.cab
    [2008/03/05 16:30:18 | 001,085,608 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab
    [2008/03/05 16:30:18 | 001,080,344 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
    [2008/03/05 16:30:18 | 001,078,532 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
    [2008/03/05 16:30:18 | 001,065,813 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
    [2008/03/05 16:30:18 | 001,014,113 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
    [2008/03/05 16:30:18 | 000,976,020 | ---- | C] () -- C:\Program Files\BDAXP.cab
    [2008/03/05 16:30:18 | 000,855,886 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab
    [2008/03/05 16:30:18 | 000,848,132 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab
    [2008/03/05 16:30:18 | 000,821,508 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab
    [2008/03/05 16:30:18 | 000,800,467 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab
    [2008/03/05 16:30:18 | 000,702,644 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab
    [2008/03/05 16:30:18 | 000,702,212 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab
    [2008/03/05 16:30:18 | 000,702,072 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab
    [2008/03/05 16:30:18 | 000,699,465 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab
    [2008/03/05 16:30:18 | 000,213,767 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab
    [2008/03/05 16:30:18 | 000,201,696 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab
    [2008/03/05 16:30:18 | 000,200,722 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab
    [2008/03/05 16:30:18 | 000,199,366 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab
    [2008/03/05 16:30:18 | 000,198,275 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab
    [2008/03/05 16:30:18 | 000,193,435 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab
    [2008/03/05 16:30:18 | 000,192,680 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab
    [2008/03/05 16:30:18 | 000,183,863 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab
    [2008/03/05 16:30:18 | 000,181,745 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab
    [2008/03/05 16:30:18 | 000,179,247 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab
    [2008/03/05 16:30:18 | 000,156,612 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab
    [2008/03/05 16:30:18 | 000,156,509 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab
    [2008/03/05 16:30:18 | 000,154,825 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab
    [2008/03/05 16:30:18 | 000,151,583 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab
    [2008/03/05 16:30:18 | 000,146,559 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab
    [2008/03/05 16:30:18 | 000,138,195 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab
    [2008/03/05 16:30:18 | 000,134,631 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab
    [2008/03/05 16:30:18 | 000,133,991 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab
    [2008/03/05 16:30:18 | 000,133,297 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab
    [2008/03/05 16:30:18 | 000,100,417 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab
    [2008/03/05 16:30:18 | 000,097,396 | ---- | C] () -- C:\Program Files\dxupdate.cab
    [2008/03/05 16:30:18 | 000,088,102 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab
    [2008/03/05 16:30:18 | 000,087,989 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab
    [2008/03/05 16:30:18 | 000,056,902 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab
    [2008/03/05 16:30:18 | 000,047,596 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
    [2008/03/05 16:30:18 | 000,047,018 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab
    [2008/03/05 16:30:18 | 000,046,898 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab
    [2008/03/05 16:30:16 | 004,163,518 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
    [2008/03/05 16:30:16 | 001,398,718 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab
    [2008/03/05 16:30:16 | 001,348,242 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
    [2008/03/05 16:30:16 | 001,116,109 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab
    [2008/03/05 16:30:16 | 001,079,850 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
    [2008/03/05 16:30:16 | 000,917,318 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab
    [2008/03/05 16:30:16 | 000,180,021 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab
    [2008/02/05 13:28:20 | 000,000,051 | ---- | C] () -- C:\Users\Titi\AppData\Local\setup.txt
    [2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2004/03/26 09:56:40 | 000,017,191 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.exe >

    < %ALLUSERSPROFILE%\Application Data\*. >

    < %ALLUSERSPROFILE%\Application Data\*.exe /s >

    < %APPDATA%\*. >
    [2008/08/08 10:17:03 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Adobe
    [2010/08/03 17:51:19 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Apple Computer
    [2010/08/03 16:46:38 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\ArcSoft
    [2008/08/11 21:06:25 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Auslogics
    [2009/04/25 12:13:46 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\DAEMON Tools
    [2009/04/25 12:13:45 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\DAEMON Tools Lite
    [2009/12/27 10:19:19 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Desktopicon
    [2010/10/23 13:12:49 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\dvdcss
    [2008/08/24 20:39:13 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\EoRezo
    [2010/08/09 09:03:52 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\EPSON
    [2009/08/25 20:57:46 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\FileZilla
    [2009/10/20 18:44:55 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\GARMIN
    [2010/08/13 20:09:21 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\GlarySoft
    [2009/12/28 14:23:31 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Google
    [2008/08/20 19:02:13 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Hamachi
    [2008/06/15 13:04:52 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Identities
    [2010/08/03 16:27:59 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\InstallShield
    [2008/08/22 09:31:29 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\ItsLabel
    [2010/08/19 20:43:29 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Macromedia
    [2008/08/21 20:30:09 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Malwarebytes
    [2008/08/25 08:21:23 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Media Player Classic
    [2010/05/19 10:47:10 | 000,000,000 | --SD | M] -- C:\Users\Titi\AppData\Roaming\Microsoft
    [2008/08/26 08:20:30 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Mozilla
    [2009/01/14 20:28:46 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\NCH Swift Sound
    [2009/07/26 17:12:26 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Nero
    [2010/03/04 18:57:51 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\NeroVision
    [2010/10/09 14:26:27 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Skype
    [2010/10/09 14:25:23 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\skypePM
    [2009/09/08 19:24:03 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Sports Interactive
    [2008/08/25 20:30:12 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Talkback
    [2008/08/04 20:57:11 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\teamspeak2
    [2010/03/04 19:36:50 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Thunderbird
    [2009/12/30 22:16:04 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\TomTom
    [2009/09/24 15:58:09 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\vlc
    [2008/12/17 12:20:13 | 000,000,000 | ---D | M] -- C:\Users\Titi\AppData\Roaming\Yahoo!

    < %APPDATA%\*.exe /s >
    [2008/02/13 12:30:06 | 000,088,576 | ---- | M] (AD ON Multimedia Advertising GmbH) -- C:\Users\Titi\AppData\Roaming\Desktopicon\eBayShortcuts.exe

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [2010/09/08 07:56:52 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll
    [2009/04/11 08:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
    [2009/04/11 08:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >
    [2009/04/25 12:09:05 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys

    ========== Files - Unicode (All) ==========
    [2008/08/04 11:43:24 | 000,000,000 | ---D | M](C:\Windows\System32\??I?????) -- C:\Windows\System32\ﱸ瞅İɴࣉ瞆ᭉ瞰
    [2008/08/04 11:43:24 | 000,000,000 | ---D | C](C:\Windows\System32\??I?????) -- C:\Windows\System32\ﱸ瞅İɴࣉ瞆ᭉ瞰
    [2008/08/04 11:02:30 | 000,000,000 | ---D | M](C:\Windows\System32\??I;????) -- C:\Windows\System32\ﱸ瞅İ;ࣉ瞆誒瞛
    [2008/08/04 11:02:30 | 000,000,000 | ---D | C](C:\Windows\System32\??I;????) -- C:\Windows\System32\ﱸ瞅İ;ࣉ瞆誒瞛

    < End of report >

    Voilà
    a c 614 8 Sécurité
    26 Octobre 2010 17:39:26

    Re,


    1) Désinstalle ces programmes normalement (si présent) :

    - Search Settings 1.2
    - Ask.com Search Assistant 1.0.2
    (Logiciels publicitaires)


    2) Télécharge TDSSKiller de Kaspersky sur ton bureau.

  • Décompresse-le en faisant clic-droit dessus -> extraire tout... (clique sur "suivant", "suivant" et "Terminer".)
  • Double clique sur "TDSSKiller.exe" pour lancer l'outil.
    (Utilisateur de Vista/Windows 7 : effectue un clic droit sur TDSSKiller.exe et sélectionne "Exécuter en tant qu'administrateur".)

  • Clique alors sur le bouton "Start Scan".
  • Laisse le scan s'effectuer.

  • Dans la fenêtre de résultat, assures-toi que "Malicious objects" ait le statut "Cure"
  • Pour la partie "Suspicious object" clique sur "Skip" et choisi "Quarantine"
  • Clique enfin sur "Continue"

  • Il te sera surement demandé de redémarrer ton pc, fait-le en cliquant sur "Reboot now"

  • Au redémarrage va chercher le rapport de suppression, il se trouve ici :
    C:\ TDSSKiller.x.x.x.x_date_heure_log.txt

    Poste son contenu dans ta prochaine réponse.
    27 Octobre 2010 14:31:07

    Bonjour,

    Je n'ai pas vu le "Cure" et j'ai compris trop tard qu'il fallait mettre "Quatantine" mais apparemment il n'a rien trouvé enfin bref...

    2010/10/27 14:26:47.0494 TDSS rootkit removing tool 2.4.5.0 Oct 25 2010 09:49:04
    2010/10/27 14:26:47.0494 ================================================================================
    2010/10/27 14:26:47.0494 SystemInfo:
    2010/10/27 14:26:47.0495
    2010/10/27 14:26:47.0495 OS Version: 6.0.6002 ServicePack: 2.0
    2010/10/27 14:26:47.0495 Product type: Workstation
    2010/10/27 14:26:47.0495 ComputerName: MESSUVE
    2010/10/27 14:26:47.0497 UserName: Titi
    2010/10/27 14:26:47.0497 Windows directory: C:\Windows
    2010/10/27 14:26:47.0497 System windows directory: C:\Windows
    2010/10/27 14:26:47.0497 Processor architecture: Intel x86
    2010/10/27 14:26:47.0497 Number of processors: 1
    2010/10/27 14:26:47.0497 Page size: 0x1000
    2010/10/27 14:26:47.0497 Boot type: Normal boot
    2010/10/27 14:26:47.0497 ================================================================================
    2010/10/27 14:26:47.0919 Initialize success
    2010/10/27 14:26:51.0000 ================================================================================
    2010/10/27 14:26:51.0000 Scan started
    2010/10/27 14:26:51.0000 Mode: Manual;
    2010/10/27 14:26:51.0000 ================================================================================
    2010/10/27 14:26:52.0603 ac97intc (4b56caafed0b0b996341d74ce0e76565) C:\Windows\system32\drivers\ac97intc.sys
    2010/10/27 14:26:52.0933 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    2010/10/27 14:26:53.0184 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
    2010/10/27 14:26:53.0427 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
    2010/10/27 14:26:53.0693 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
    2010/10/27 14:26:53.0926 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
    2010/10/27 14:26:54.0187 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
    2010/10/27 14:26:54.0472 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\DRIVERS\agp440.sys
    2010/10/27 14:26:54.0702 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    2010/10/27 14:26:55.0105 ALCXWDM (75d32999d2711f8a5ca49ffd0cbb9abb) C:\Windows\system32\drivers\RTKVAC.SYS
    2010/10/27 14:26:55.0529 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
    2010/10/27 14:26:55.0775 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
    2010/10/27 14:26:55.0962 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
    2010/10/27 14:26:56.0284 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
    2010/10/27 14:26:56.0607 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
    2010/10/27 14:26:56.0865 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
    2010/10/27 14:26:57.0046 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
    2010/10/27 14:26:57.0244 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    2010/10/27 14:26:57.0385 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    2010/10/27 14:26:57.0482 avgio (f1d43170fdd7399ee17ea32d4f868b0c) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
    2010/10/27 14:26:57.0611 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\Windows\system32\DRIVERS\avgntflt.sys
    2010/10/27 14:26:57.0791 avipbb (ad9bd66a862116e79cb45bb6be46055f) C:\Windows\system32\DRIVERS\avipbb.sys
    2010/10/27 14:26:57.0977 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    2010/10/27 14:26:58.0395 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
    2010/10/27 14:26:58.0546 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    2010/10/27 14:26:58.0710 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    2010/10/27 14:26:58.0897 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    2010/10/27 14:26:59.0087 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    2010/10/27 14:26:59.0236 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    2010/10/27 14:26:59.0411 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    2010/10/27 14:26:59.0595 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    2010/10/27 14:26:59.0772 BTWUSB (57e91e9925976bbc98984eebaaf1d84c) C:\Windows\system32\Drivers\btwusb.sys
    2010/10/27 14:26:59.0971 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    2010/10/27 14:27:00.0125 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
    2010/10/27 14:27:00.0328 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
    2010/10/27 14:27:00.0519 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    2010/10/27 14:27:00.0630 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
    2010/10/27 14:27:00.0723 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
    2010/10/27 14:27:00.0976 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
    2010/10/27 14:27:01.0176 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
    2010/10/27 14:27:01.0442 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
    2010/10/27 14:27:01.0802 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
    2010/10/27 14:27:02.0054 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    2010/10/27 14:27:02.0214 driverhardwarev2 (a694d8db6d360a3bbb0bd1517f1c1aee) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
    2010/10/27 14:27:02.0344 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    2010/10/27 14:27:02.0485 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
    2010/10/27 14:27:02.0744 E1G60 (0bb1771e642d42531ba1094ef494e308) C:\Windows\system32\DRIVERS\E1G60I32.sys
    2010/10/27 14:27:02.0992 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    2010/10/27 14:27:03.0165 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
    2010/10/27 14:27:03.0295 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    2010/10/27 14:27:03.0383 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    2010/10/27 14:27:03.0579 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
    2010/10/27 14:27:03.0741 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    2010/10/27 14:27:03.0934 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    2010/10/27 14:27:04.0070 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
    2010/10/27 14:27:04.0200 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    2010/10/27 14:27:04.0384 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\Windows\system32\DRIVERS\fssfltr.sys
    2010/10/27 14:27:04.0484 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
    2010/10/27 14:27:04.0632 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
    2010/10/27 14:27:04.0781 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    2010/10/27 14:27:04.0956 gmer (b56eb0a2210980e76390bd670bcb618b) C:\Windows\system32\DRIVERS\gmer.sys
    2010/10/27 14:27:05.0209 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\Windows\system32\drivers\grmnusb.sys
    2010/10/27 14:27:05.0396 hamachi (7929a161f9951d173ca9900fe7067391) C:\Windows\system32\DRIVERS\hamachi.sys
    2010/10/27 14:27:05.0493 HDAudBus (5fd053f305b77ebe97f284b20d89dc1c) C:\Windows\system32\drivers\hdaudbus.sys
    2010/10/27 14:27:05.0572 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    2010/10/27 14:27:05.0629 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    2010/10/27 14:27:05.0777 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    2010/10/27 14:27:05.0865 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
    2010/10/27 14:27:05.0957 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
    2010/10/27 14:27:06.0070 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
    2010/10/27 14:27:06.0168 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    2010/10/27 14:27:06.0253 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
    2010/10/27 14:27:06.0427 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    2010/10/27 14:27:06.0584 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
    2010/10/27 14:27:06.0682 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    2010/10/27 14:27:06.0851 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    2010/10/27 14:27:07.0087 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
    2010/10/27 14:27:07.0214 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    2010/10/27 14:27:07.0385 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    2010/10/27 14:27:07.0503 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
    2010/10/27 14:27:07.0639 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    2010/10/27 14:27:07.0861 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    2010/10/27 14:27:08.0090 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    2010/10/27 14:27:08.0219 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    2010/10/27 14:27:08.0309 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
    2010/10/27 14:27:08.0443 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
    2010/10/27 14:27:08.0645 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    2010/10/27 14:27:08.0875 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
    2010/10/27 14:27:09.0131 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
    2010/10/27 14:27:09.0282 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
    2010/10/27 14:27:09.0374 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
    2010/10/27 14:27:09.0458 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
    2010/10/27 14:27:09.0686 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    2010/10/27 14:27:09.0902 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
    2010/10/27 14:27:10.0090 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    2010/10/27 14:27:10.0212 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    2010/10/27 14:27:10.0349 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    2010/10/27 14:27:10.0474 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    2010/10/27 14:27:10.0606 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    2010/10/27 14:27:10.0766 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
    2010/10/27 14:27:10.0867 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    2010/10/27 14:27:10.0938 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    2010/10/27 14:27:11.0107 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    2010/10/27 14:27:11.0354 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
    2010/10/27 14:27:11.0593 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    2010/10/27 14:27:11.0772 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    2010/10/27 14:27:12.0035 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
    2010/10/27 14:27:12.0292 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
    2010/10/27 14:27:12.0548 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    2010/10/27 14:27:12.0768 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    2010/10/27 14:27:12.0962 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    2010/10/27 14:27:13.0275 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    2010/10/27 14:27:13.0522 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    2010/10/27 14:27:13.0799 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    2010/10/27 14:27:14.0033 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    2010/10/27 14:27:14.0286 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    2010/10/27 14:27:14.0549 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    2010/10/27 14:27:14.0821 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    2010/10/27 14:27:15.0043 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    2010/10/27 14:27:15.0289 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    2010/10/27 14:27:15.0466 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    2010/10/27 14:27:15.0721 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    2010/10/27 14:27:15.0926 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    2010/10/27 14:27:16.0126 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    2010/10/27 14:27:16.0351 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
    2010/10/27 14:27:16.0698 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    2010/10/27 14:27:16.0930 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    2010/10/27 14:27:17.0152 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    2010/10/27 14:27:17.0406 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    2010/10/27 14:27:17.0668 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    2010/10/27 14:27:17.0914 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    2010/10/27 14:27:18.0196 nv (ebeb4fcf6c61b35ff64958d98a310a66) C:\Windows\system32\DRIVERS\nv4_mini.sys
    2010/10/27 14:27:18.0719 nvlddmkm (cfddedc1151839dd71f78472645214a5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
    2010/10/27 14:27:19.0059 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
    2010/10/27 14:27:19.0240 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
    2010/10/27 14:27:19.0447 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
    2010/10/27 14:27:19.0945 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
    2010/10/27 14:27:20.0291 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
    2010/10/27 14:27:20.0533 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
    2010/10/27 14:27:20.0780 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
    2010/10/27 14:27:21.0030 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    2010/10/27 14:27:21.0173 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
    2010/10/27 14:27:21.0382 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    2010/10/27 14:27:21.0692 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    2010/10/27 14:27:22.0154 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    2010/10/27 14:27:22.0381 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
    2010/10/27 14:27:22.0609 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    2010/10/27 14:27:22.0840 QCDonner (b1ad87b4c97b6b59fcd075001e76865f) C:\Windows\system32\DRIVERS\LVCD.sys
    2010/10/27 14:27:23.0107 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
    2010/10/27 14:27:23.0472 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    2010/10/27 14:27:23.0719 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    2010/10/27 14:27:23.0932 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    2010/10/27 14:27:24.0203 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    2010/10/27 14:27:24.0460 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    2010/10/27 14:27:24.0726 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    2010/10/27 14:27:24.0952 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    2010/10/27 14:27:25.0197 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    2010/10/27 14:27:25.0424 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
    2010/10/27 14:27:25.0688 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    2010/10/27 14:27:25.0973 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
    2010/10/27 14:27:26.0333 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    2010/10/27 14:27:26.0653 RT61 (6de7a483204ca5a57b672dcb25716361) C:\Windows\system32\DRIVERS\RT61.sys
    2010/10/27 14:27:27.0038 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    2010/10/27 14:27:27.0346 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    2010/10/27 14:27:27.0587 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
    2010/10/27 14:27:27.0870 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
    2010/10/27 14:27:28.0098 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    2010/10/27 14:27:28.0403 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
    2010/10/27 14:27:28.0632 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
    2010/10/27 14:27:28.0903 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
    2010/10/27 14:27:29.0163 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    2010/10/27 14:27:29.0392 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
    2010/10/27 14:27:29.0686 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
    2010/10/27 14:27:29.0948 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
    2010/10/27 14:27:30.0257 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    2010/10/27 14:27:30.0554 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    2010/10/27 14:27:30.0907 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\Windows\system32\Drivers\sptd.sys
    2010/10/27 14:27:30.0907 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
    2010/10/27 14:27:30.0963 sptd - detected Locked file (1)
    2010/10/27 14:27:31.0219 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
    2010/10/27 14:27:31.0524 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
    2010/10/27 14:27:31.0793 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
    2010/10/27 14:27:32.0056 ssmdrv (3ad0362cf68de3ac500e981700242cca) C:\Windows\system32\DRIVERS\ssmdrv.sys
    2010/10/27 14:27:32.0326 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    2010/10/27 14:27:32.0589 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    2010/10/27 14:27:32.0840 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    2010/10/27 14:27:33.0082 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    2010/10/27 14:27:33.0520 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
    2010/10/27 14:27:33.0836 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
    2010/10/27 14:27:34.0087 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
    2010/10/27 14:27:34.0351 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    2010/10/27 14:27:34.0605 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    2010/10/27 14:27:34.0825 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    2010/10/27 14:27:35.0128 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    2010/10/27 14:27:35.0535 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    2010/10/27 14:27:35.0812 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    2010/10/27 14:27:36.0039 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
    2010/10/27 14:27:36.0267 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
    2010/10/27 14:27:36.0535 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    2010/10/27 14:27:36.0891 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
    2010/10/27 14:27:37.0207 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
    2010/10/27 14:27:37.0593 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    2010/10/27 14:27:37.0809 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    2010/10/27 14:27:38.0064 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    2010/10/27 14:27:38.0399 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    2010/10/27 14:27:38.0624 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    2010/10/27 14:27:38.0897 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    2010/10/27 14:27:39.0141 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    2010/10/27 14:27:39.0370 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
    2010/10/27 14:27:39.0610 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    2010/10/27 14:27:39.0943 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
    2010/10/27 14:27:40.0169 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    2010/10/27 14:27:40.0381 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    2010/10/27 14:27:40.0619 VBoxDrv (bb2bf5e7078f05bac1e3dd523cb150f6) C:\Windows\system32\DRIVERS\VBoxDrv.sys
    2010/10/27 14:27:40.0901 VBoxNetAdp (87f80943992bda64bc2208f3ccd0d38a) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
    2010/10/27 14:27:41.0163 VBoxNetFlt (779a92465beb0f2a1ed180c09f0ffc0e) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
    2010/10/27 14:27:41.0474 VBoxUSBMon (b6879530399e6a7c769f87467ba62b29) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
    2010/10/27 14:27:41.0802 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
    2010/10/27 14:27:42.0029 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    2010/10/27 14:27:42.0268 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
    2010/10/27 14:27:42.0494 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
    2010/10/27 14:27:42.0731 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
    2010/10/27 14:27:42.0954 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    2010/10/27 14:27:43.0234 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    2010/10/27 14:27:43.0486 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    2010/10/27 14:27:43.0709 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
    2010/10/27 14:27:44.0012 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    2010/10/27 14:27:44.0280 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    2010/10/27 14:27:44.0354 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    2010/10/27 14:27:44.0653 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
    2010/10/27 14:27:44.0909 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
    2010/10/27 14:27:45.0573 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
    2010/10/27 14:27:46.0201 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
    2010/10/27 14:27:46.0413 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    2010/10/27 14:27:46.0745 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
    2010/10/27 14:27:47.0057 ================================================================================
    2010/10/27 14:27:47.0057 Scan finished
    2010/10/27 14:27:47.0057 ================================================================================
    2010/10/27 14:27:47.0096 Detected object count: 1
    2010/10/27 14:28:21.0233 Locked file(sptd) - User select action: Skip
    2010/10/27 14:29:29.0415 Deinitialize success




    2010/10/27 14:26:29.0462 TDSS rootkit removing tool 2.4.5.0 Oct 25 2010 09:49:04
    2010/10/27 14:26:29.0463 ================================================================================
    2010/10/27 14:26:29.0463 SystemInfo:
    2010/10/27 14:26:29.0463
    2010/10/27 14:26:29.0463 OS Version: 6.0.6002 ServicePack: 2.0
    2010/10/27 14:26:29.0463 Product type: Workstation
    2010/10/27 14:26:29.0463 ComputerName: MESSUVE
    2010/10/27 14:26:29.0464 UserName: Titi
    2010/10/27 14:26:29.0464 Windows directory: C:\Windows
    2010/10/27 14:26:29.0464 System windows directory: C:\Windows
    2010/10/27 14:26:29.0464 Processor architecture: Intel x86
    2010/10/27 14:26:29.0464 Number of processors: 1
    2010/10/27 14:26:29.0464 Page size: 0x1000
    2010/10/27 14:26:29.0464 Boot type: Normal boot
    2010/10/27 14:26:29.0464 ================================================================================
    2010/10/27 14:26:30.0410 Initialize success
    2010/10/27 14:26:38.0987 Deinitialize success

    27 Octobre 2010 14:56:15

    Bonjour, :hello:  hyunkel30,



    A+
    Edit : Mep
    a c 614 8 Sécurité
    27 Octobre 2010 16:59:18

    Re, Salut frederix ;) 

    Dediou ... t'es un habitué futur non ?

    Tu trouve pas çà un peu lourd de te faire désinfecter tout les mois ?
    Tu sens pas que ton comportement sur les PC et le web sont à revoir ? :o 

    Maintenant qu'on a commencé, on va finir, mais je crois que je vais pas non plus perdre trop de temps si de toute façon, c'est pour te revoir dans un mois ...


    Pour voir si le fichier que je pense est patché :

    Affiche les fichiers et dossiers cachés :
    http://www.inforumatique.fr/afficher-les-fichiers-cache...

    Va sur ce site :
    http://www.virustotal.com/fr/

    Clique sur "Parcourir" puis recherche ce fichier (si présent) :

    C:\Windows\system32\Drivers\sptd.sys

    Une fois sélectionné, clique sur "Send File", l'envoi va commencer.

    S'il te dit que ce fichier a déjà été analysé, redemande une analyse (bouton "Reanalysis"), et/ou laisse faire l'analyse jusqu'à avoir "terminée" en haut, après "current statut"

    Copie alors l'adresse dans la barre d'adresse de ton navigateur, puis donne-la moi dans ta prochaine réponse.
    30 Octobre 2010 09:33:01

    Bonjour à tous,

    Sachez qu'entre un copain qui fait n'importe quoi sur l'ordinateur, un autre, l'ordinateur de mon père, l'ordinateur de ma mère, moi et certaines autres personnes ça fait beaucoup de gens : c'est la raison pour laquelle je poste souvent sur votre forum pour désinfecter les ordinateurs.

    J'ai essayé de scanner le fichier en question, mais apparemment comme il est ouvert, le site n'arrive pas à le scanner...

    J'ai vraiment tout essayé mais rien à faire...
    a c 614 8 Sécurité
    30 Octobre 2010 15:27:01

    Re,

    :ange:  Apprend-leur les bons comportements alors ... ou fait-les payer :D 

    Mais vu ce qu'on trouve sur le tien, pas sur que vous ayez tous les bons comportements ;)  Je te donnerais des conseils à la fin, que j'espère tu suivras !

    Citation :
    J'ai essayé de scanner le fichier en question, mais apparemment comme il est ouvert, le site n'arrive pas à le scanner...

    Ok, soit c'est un infection, soit c'est deamon tool qui le bloque.

    Pour voir, passe en mode sans échec :
    http://www.inforumatique.fr/le-mode-sans-echec-mse-t354...

    tente de copier ce fichier à un autre endroit du pc, puis scanne cette copie en mode normal.

    [:_tom_:7]
    31 Octobre 2010 15:39:43

    Bonjour,

    Je tiens juste à vous informer que mon amis est partit pour une à trois semaines donc ne vous inquiétez pas si nous sommes long à écrire le rapport !
    20 Novembre 2010 17:04:33

    Problème : Je suis passé en sans échec, mais impossible d'avoir internet avec ce mode et prise en charge réseau...
    a c 614 8 Sécurité
    22 Novembre 2010 17:56:59

    Re-bonjour,

    Je ne demandais pas de le scanner en ce mode, mais de le copier à un autre endroit, pour avoir cette copie à scanner en repassant en mode normal (elle ne sera plus utilisé)

    [:_tom_:7]
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS