OTL logfile created on: 22/04/2013 16:16:05 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\RICHARD\Mes documents\Téléchargements Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 45,78% Memory free 3,85 Gb Paging File | 2,14 Gb Available in Paging File | 55,54% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 226,87 Gb Total Space | 148,04 Gb Free Space | 65,25% Space Free | Partition Type: NTFS Drive D: | 232,88 Gb Total Space | 232,38 Gb Free Space | 99,78% Space Free | Partition Type: NTFS Drive G: | 465,76 Gb Total Space | 427,88 Gb Free Space | 91,87% Space Free | Partition Type: NTFS Computer Name: MATHILDE | User Name: RICHARD | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2013/04/22 15:21:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\RICHARD\Mes documents\Téléchargements\OTL.exe PRC - [2013/04/19 15:54:33 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2012/12/24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360 Premier Edition\Engine\20.3.1.22\ccsvchst.exe PRC - [2011/11/11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe PRC - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe PRC - [2011/08/19 11:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\UMVPFSrv.exe PRC - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LQCVFX\COCIManager.exe PRC - [2011/02/18 16:37:16 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010/10/29 22:06:08 | 005,915,480 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2010/01/06 09:03:19 | 000,618,496 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe PRC - [2009/09/26 00:32:20 | 000,202,024 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\MaxSync.exe PRC - [2009/09/26 00:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe PRC - [2009/09/26 00:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe PRC - [2009/05/07 15:34:50 | 000,124,200 | ---- | M] () -- C:\Program Files\Hercules\WiFiStationN\WiFiN.exe PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008/03/27 17:13:18 | 000,660,136 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdnmon.exe PRC - [2008/03/27 17:13:11 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdnmsdmon.exe PRC - [2008/02/28 01:07:26 | 000,594,600 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdncoms.exe PRC - [2007/09/25 20:08:58 | 000,094,208 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Systray\SystrayApp.exe PRC - [2007/09/25 19:58:46 | 000,598,016 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Launcher\Launcher.exe PRC - [2007/09/25 19:33:26 | 000,716,800 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connectivity\ConnectivityManager.exe PRC - [2007/09/25 19:32:00 | 000,028,672 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connectivity\corecom\OraConfigRecover.exe PRC - [2007/09/25 19:31:52 | 000,360,448 | ---- | M] (France Telecom SA) -- C:\Program Files\Orange\Connectivity\corecom\CoreCom.exe PRC - [2007/09/25 19:28:12 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe PRC - [2007/09/25 19:27:50 | 000,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe PRC - [2007/09/25 19:24:56 | 000,090,112 | ---- | M] (France Telecom SA) -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe PRC - [2007/07/06 14:02:26 | 000,561,152 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe PRC - [2007/05/29 10:41:22 | 000,721,408 | ---- | M] (Hercules) -- C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiStationLB.exe PRC - [2005/05/11 13:52:04 | 000,737,381 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe PRC - [2005/05/11 13:52:00 | 000,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe PRC - [2005/05/11 13:50:34 | 000,110,672 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe PRC - [2005/05/11 13:50:14 | 000,221,266 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe PRC - [2005/01/07 12:01:52 | 000,049,152 | ---- | M] () -- c:\APPS\HIDSERVICE\HidService.exe PRC - [2004/04/08 05:25:04 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE PRC - [2003/05/02 11:31:50 | 000,024,576 | ---- | M] (NEC Computers International) -- C:\APPS\ABOARD\ABOARD.EXE PRC - [2003/05/02 11:31:38 | 000,069,632 | ---- | M] (NEC Computers International) -- C:\APPS\ABOARD\AOSD.EXE [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2013/04/19 15:54:32 | 003,133,336 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2013/02/14 11:01:58 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll MOD - [2013/01/11 00:06:58 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll MOD - [2013/01/10 22:36:48 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll MOD - [2013/01/10 22:36:26 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll MOD - [2013/01/10 22:35:22 | 000,539,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a351cdca2d71ee68ae3a581e13553b19\PresentationFramework.Luna.ni.dll MOD - [2013/01/10 22:35:20 | 000,368,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\dbfa6bdbfea6f90f3b604c3efce24047\PresentationFramework.Aero.ni.dll MOD - [2013/01/10 22:35:16 | 014,329,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2abe0b9f0e996273614f4cf1f6808eed\PresentationFramework.ni.dll MOD - [2013/01/10 22:34:01 | 012,218,368 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\2e26794770e6d33cf79a7f8daa4a48c3\PresentationCore.ni.dll MOD - [2013/01/10 22:33:35 | 003,325,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\4b889e41364baff1e456817b4777b610\WindowsBase.ni.dll MOD - [2013/01/10 22:32:52 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll MOD - [2013/01/10 22:31:47 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll MOD - [2012/12/18 16:28:24 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA MOD - [2012/05/30 08:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton 360 Premier Edition\Engine\20.3.1.22\wincfi39.dll MOD - [2011/11/11 14:09:20 | 000,336,408 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll MOD - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe MOD - [2011/08/19 11:26:16 | 000,183,320 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\SharedBin\LvApi11.dll MOD - [2011/08/19 03:25:29 | 000,471,040 | ---- | M] () -- C:\Program Files\Lexmark Toolbar\resource.dll MOD - [2011/08/19 03:09:40 | 000,528,384 | ---- | M] () -- C:\Program Files\Lexmark Toolbar\toolband.dll MOD - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Fichiers communs\LogiShrd\LQCVFX\COCIManager.exe MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\zlib1.dll MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\libxml2.dll MOD - [2010/10/29 22:02:38 | 000,751,616 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\vpxmd.dll MOD - [2010/10/29 22:01:30 | 000,027,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\SDL.dll MOD - [2010/05/07 18:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll MOD - [2010/05/07 18:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll MOD - [2010/05/07 18:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll MOD - [2010/05/07 18:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll MOD - [2010/05/07 18:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll MOD - [2010/01/06 09:03:19 | 000,618,496 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe MOD - [2009/09/26 00:32:18 | 000,066,856 | ---- | M] () -- C:\Program Files\Seagate\SeagateManager\Sync\ExtensionFilter.dll MOD - [2009/08/10 09:07:46 | 000,026,624 | ---- | M] () -- C:\WINDOWS\system32\ssp7ml3.dll MOD - [2009/05/07 15:34:50 | 000,124,200 | ---- | M] () -- C:\Program Files\Hercules\WiFiStationN\WiFiN.exe MOD - [2009/05/07 15:13:08 | 000,864,256 | ---- | M] () -- C:\Program Files\Hercules\WiFiStationN\en\WiFiN.resources.dll MOD - [2009/05/07 15:11:24 | 000,057,344 | ---- | M] () -- C:\Program Files\Hercules\WiFiStationN\WiFiCore.dll MOD - [2009/04/22 23:53:56 | 000,969,040 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtNetwork4.dll MOD - [2009/04/10 01:04:56 | 002,141,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtCore4.dll MOD - [2009/03/04 00:18:08 | 000,138,064 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll MOD - [2009/03/04 00:18:06 | 000,035,152 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qico4.dll MOD - [2009/03/04 00:18:06 | 000,029,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qgif4.dll MOD - [2009/03/04 00:17:46 | 011,311,952 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtWebKit4.dll MOD - [2009/03/04 00:17:46 | 000,363,856 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtXml4.dll MOD - [2009/03/04 00:17:44 | 000,200,016 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtSql4.dll MOD - [2009/03/04 00:17:40 | 000,475,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtOpenGL4.dll MOD - [2009/03/04 00:17:38 | 007,704,400 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtGui4.dll MOD - [2009/03/04 00:17:32 | 000,291,664 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\phonon4.dll MOD - [2008/08/25 19:29:06 | 000,131,072 | ---- | M] () -- C:\Program Files\Hercules\WiFiStationN\EnumDevLib.dll MOD - [2008/04/14 04:33:31 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008/03/27 17:13:18 | 000,660,136 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdnmon.exe MOD - [2008/03/27 17:13:11 | 000,025,256 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdnmsdmon.exe MOD - [2008/03/15 07:34:14 | 000,782,336 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdndrs.dll MOD - [2008/03/15 07:33:42 | 000,380,928 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdnscw.dll MOD - [2008/02/27 13:05:40 | 000,115,200 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdndrpp.dll MOD - [2008/01/04 21:09:23 | 000,036,864 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\app4r.monitor.core.dll MOD - [2008/01/04 21:09:23 | 000,028,672 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\app4r.monitor.common.dll MOD - [2008/01/04 21:08:04 | 000,061,440 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\app4r.devmons.mcmdevmon.dll MOD - [2007/11/22 18:55:48 | 000,011,776 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\app4r.devmons.mcmdevmon.autoplayutil.dll MOD - [2007/11/21 02:02:39 | 000,782,336 | ---- | M] () -- C:\WINDOWS\system32\lxdndrs.dll MOD - [2007/11/21 01:44:48 | 000,081,920 | ---- | M] () -- C:\WINDOWS\system32\lxdncaps.dll MOD - [2007/11/21 01:44:48 | 000,081,920 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdncaps.dll MOD - [2007/10/03 00:51:09 | 000,069,632 | ---- | M] () -- C:\WINDOWS\system32\lxdncnv4.dll MOD - [2007/10/03 00:51:09 | 000,069,632 | ---- | M] () -- C:\Program Files\Lexmark 2600 Series\lxdncnv4.dll MOD - [2007/09/27 14:33:18 | 000,233,472 | ---- | M] () -- C:\Program Files\Orange\Launcher\Plugins\PluginLnhRecovery.dll MOD - [2007/09/25 19:18:24 | 000,589,824 | ---- | M] () -- C:\Program Files\Orange\Launcher\Plugins\PluginLnhPromptManager2.dll MOD - [2007/06/07 20:27:50 | 000,520,192 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware 2007\Update.dll MOD - [2007/05/29 17:39:08 | 000,589,824 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdndatr.dll MOD - [2007/03/26 17:39:35 | 000,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdncats.dll MOD - [2006/01/25 15:48:36 | 000,032,768 | ---- | M] () -- C:\Program Files\Orange\Launcher\WatchClient.dll MOD - [2005/07/20 05:53:04 | 000,966,765 | ---- | M] () -- C:\Program Files\Hercules\WiFiStationN\acAuth.dll MOD - [2005/05/11 13:50:34 | 000,110,672 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe MOD - [2005/05/11 13:50:14 | 000,221,266 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe MOD - [2005/05/11 13:49:26 | 000,061,522 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLSchMgr.dll MOD - [2005/05/11 13:49:24 | 000,184,408 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapEngine.dll MOD - [2005/05/11 13:49:24 | 000,028,672 | ---- | M] () -- c:\APPS\Powercinema\Kernel\TV\CLCapSvcps.dll MOD - [2005/05/11 13:47:40 | 000,229,458 | ---- | M] () -- c:\APPS\Powercinema\Kernel\HomeNetWorking\CLNetMedia.dll MOD - [2005/01/07 12:01:52 | 000,049,152 | ---- | M] () -- c:\APPS\HIDSERVICE\HidService.exe [color=#E56717]========== Services (SafeList) ==========[/color] SRV - File not found [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Planificateur LiveUpdate automatique) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013/04/19 15:54:32 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/03/13 01:35:53 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/12/24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360 Premier Edition\Engine\20.3.1.22\ccSvcHst.exe -- (N360) SRV - [2011/08/19 11:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2011/02/18 16:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/09/26 00:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service) SRV - [2009/05/07 15:35:00 | 000,053,544 | ---- | M] (Guillemot Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\HerculesWiFiService.exe -- (HerculesWiFi) SRV - [2008/02/28 01:07:26 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lxdncoms.exe -- (lxdn_device) SRV - [2007/09/25 19:27:50 | 000,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Fichiers communs\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC) SRV - [2007/07/06 14:02:26 | 000,561,152 | ---- | M] (Lavasoft AB) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice) SRV - [2005/05/11 13:52:00 | 000,061,440 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service) SRV - [2005/05/11 13:50:34 | 000,110,672 | ---- | M] () [Auto | Running] -- c:\APPS\Powercinema\Kernel\TV\CLSched.exe -- (CLSched) SRV - [2005/05/11 13:50:14 | 000,221,266 | ---- | M] () [Auto | Running] -- c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) SRV - [2005/04/04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2005/01/07 12:01:52 | 000,049,152 | ---- | M] () [Auto | Running] -- c:\APPS\HIDSERVICE\HidService.exe -- (GenericHidService) SRV - [2004/10/25 16:23:04 | 003,485,696 | ---- | M] () [On_Demand | Stopped] -- C:\APPS\Inventime\mysql\bin\mysqld-nt.exe -- (MysqlInventime) SRV - [2004/04/08 05:25:04 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe -- (AOL ACS) SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\SSPORT.sys -- (SSPORT) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\DgiVecp.sys -- (DgiVecp) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\adiusbaw.sys -- (adiusbaw) DRV - File not found [Kernel | Auto | Stopped] -- System32\Drivers\adildr.sys -- (ADILOADER) DRV - [2013/04/13 01:53:06 | 001,000,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130412.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2013/03/17 11:40:15 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2013/03/16 17:09:29 | 001,603,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130420.003\NAVEX15.SYS -- (NAVEX15) DRV - [2013/03/16 17:09:29 | 000,093,296 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130420.003\NAVENG.SYS -- (NAVENG) DRV - [2013/03/13 16:57:20 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130419.001\IDSXpx86.sys -- (IDSxpx86) DRV - [2013/01/31 05:18:18 | 000,394,656 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1403010.016\symtdi.sys -- (SYMTDI) DRV - [2013/01/31 05:18:06 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\1403010.016\symefa.sys -- (SymEFA) DRV - [2013/01/29 03:45:18 | 000,602,712 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\N360\1403010.016\srtsp.sys -- (SRTSP) DRV - [2013/01/29 03:45:18 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1403010.016\srtspx.sys -- (SRTSPX) DRV - [2013/01/22 04:15:32 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\1403010.016\symds.sys -- (SymDS) DRV - [2012/11/16 04:22:01 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1403010.016\ironx86.sys -- (SymIRON) DRV - [2012/11/16 04:18:04 | 000,134,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\1403010.016\ccsetx86.sys -- (ccSet_N360) DRV - [2012/08/18 03:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2012/08/18 03:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2011/08/19 11:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) DRV - [2011/08/19 11:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS) DRV - [2011/08/19 11:26:34 | 000,022,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvbusflt.sys -- (CompFilter) DRV - [2010/05/07 18:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr) DRV - [2009/05/15 11:26:24 | 000,583,552 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su) DRV - [2008/12/17 08:02:08 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService) DRV - [2008/12/17 08:01:22 | 000,041,752 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2008/04/13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE) DRV - [2006/12/21 19:25:20 | 000,429,440 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73) DRV - [2006/07/24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2006/03/01 19:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5) DRV - [2005/08/24 07:39:24 | 000,137,884 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm) DRV - [2005/08/24 07:39:24 | 000,080,272 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) DRV - [2005/08/24 07:39:24 | 000,010,864 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl) DRV - [2005/05/27 12:51:26 | 000,799,744 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid) DRV - [2005/05/18 17:50:30 | 002,319,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) DRV - [2005/03/22 23:00:58 | 001,034,752 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2005/03/09 15:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2004/12/02 16:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp) DRV - [2004/08/17 05:44:22 | 000,091,263 | R--- | M] (VM) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbVM31b.sys -- (ZSMC301b) DRV - [2004/07/14 13:53:06 | 000,233,984 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZD1211U.sys -- (ZD1211U(Wireless) DRV - [2004/06/28 15:08:56 | 000,042,752 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl) DRV - [2003/09/23 11:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5) DRV - [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) DRV - [2001/08/17 22:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) DRV - [2001/08/17 22:49:10 | 000,026,624 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irstusb.sys -- (STIrUsb) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm IE - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.searchcanvas.com/?ot=6 [Binary data over 200 bytes] IE - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\Orange\SearchURLHook\SearchPageURL.dll () IE - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013/03/17 11:40:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013/04/22 16:01:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/19 15:54:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/21 19:06:45 | 000,000,000 | ---D | M] [2009/12/26 07:13:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\RICHARD\Application Data\Mozilla\Extensions [2013/04/22 12:51:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\RICHARD\Application Data\Mozilla\Firefox\Profiles\mpf5o5lx.default\extensions [2013/02/12 00:06:25 | 000,020,591 | ---- | M] () (No name found) -- C:\Documents and Settings\RICHARD\Application Data\Mozilla\Firefox\Profiles\mpf5o5lx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2013/02/14 22:11:33 | 000,817,280 | ---- | M] () (No name found) -- C:\Documents and Settings\RICHARD\Application Data\Mozilla\Firefox\Profiles\mpf5o5lx.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013/04/22 12:51:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2008/04/21 20:32:32 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2013/04/16 16:12:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{AAF6454A-4000-4015-84C1-6CD844C06B19} [2008/04/21 20:32:33 | 000,000,000 | ---D | M] (Google Settings) -- C:\Program Files\Mozilla Firefox\extensions\google-gzfb@partners.mozilla.com [2013/04/19 15:54:34 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2006/09/26 13:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll [2013/04/19 15:54:29 | 000,001,609 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2013/04/19 15:54:29 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2013/04/19 15:54:29 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2013/04/19 15:54:29 | 000,001,472 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2013/04/19 15:54:29 | 000,001,399 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2013/04/19 15:54:29 | 000,001,169 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2006/12/29 22:06:08 | 000,004,158 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 bin.errorprotector.com ## added by CiD O1 - Hosts: 127.0.0.1 br.errorsafe.com ## added by CiD O1 - Hosts: 127.0.0.1 br.winantivirus.com ## added by CiD O1 - Hosts: 127.0.0.1 br.winfixer.com ## added by CiD O1 - Hosts: 127.0.0.1 cdn.drivecleaner.com ## added by CiD O1 - Hosts: 127.0.0.1 cdn.errorsafe.com ## added by CiD O1 - Hosts: 127.0.0.1 cdn.winsoftware.com ## added by CiD O1 - Hosts: 127.0.0.1 de.errorsafe.com ## added by CiD O1 - Hosts: 127.0.0.1 de.winantivirus.com ## added by CiD O1 - Hosts: 127.0.0.1 download.cdn.drivecleaner.com ## added by CiD O1 - Hosts: 127.0.0.1 download.cdn.errorsafe.com ## added by CiD O1 - Hosts: 127.0.0.1 download.cdn.winsoftware.com ## added by CiD O1 - Hosts: 127.0.0.1 download.errorsafe.com ## added by CiD O1 - Hosts: 127.0.0.1 download.systemdoctor.com ## added by CiD O1 - Hosts: 127.0.0.1 download.winantispyware.com ## added by CiD O1 - Hosts: 127.0.0.1 download.windrivecleaner.com ## added by CiD O1 - Hosts: 127.0.0.1 download.winfixer.com ## added by CiD O1 - Hosts: 127.0.0.1 drivecleaner.com ## added by CiD O1 - Hosts: 127.0.0.1 dynamique.drivecleaner.com ## added by CiD O1 - Hosts: 127.0.0.1 errorprotector.com ## added by CiD O1 - Hosts: 127.0.0.1 errorsafe.com ## added by CiD O1 - Hosts: 127.0.0.1 es.winantivirus.com ## added by CiD O1 - Hosts: 127.0.0.1 fr.winantivirus.com ## added by CiD O1 - Hosts: 127.0.0.1 fr.winfixer.com ## added by CiD O1 - Hosts: 46 more lines... O2 - BHO: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll File not found O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360 Premier Edition\Engine\20.3.1.22\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360 Premier Edition\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll () O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\20.3.1.22\coieplg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008\..\Toolbar\ShellBrowser: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O3 - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008\..\Toolbar\WebBrowser: (Lexmark Barre d'outils) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll () O4 - HKLM..\Run: [ACTIVBOARD] c:\APPS\ABOARD\ABOARD.EXE (NEC Computers International) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Aimersoft Helper Compact.exe] C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [Google Updater] C:\Program Files\Google\Google Updater\GoogleUpdater.exe (Google) O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [lxdnamon] C:\Program Files\Lexmark 2600 Series\lxdnamon.exe () O4 - HKLM..\Run: [lxdnmon.exe] C:\Program Files\Lexmark 2600 Series\lxdnmon.exe () O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QT Lite\qttask.exe (Apple Inc.) O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () O4 - HKLM..\Run: [sfagent] C:\Program Files\Fighters\SPAMfighter\sfagent.exe File not found O4 - HKLM..\Run: [SystrayORAHSS] C:\Program Files\Orange\Systray\SystrayApp.exe (France Telecom SA) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.) O4 - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008..\Run: [Registry Reviver] C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe File not found O4 - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe () O4 - HKU\.DEFAULT..\RunOnce: [RealUpgradeHelper] C:\Program Files\Fichiers communs\Real\Update_OB\upgrdhlp.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-18..\RunOnce: [RealUpgradeHelper] C:\Program Files\Fichiers communs\Real\Update_OB\upgrdhlp.exe (RealNetworks, Inc.) O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WiFi Station N.lnk = C:\Program Files\Hercules\WiFiStationN\WiFiN.exe () O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\WiFi Station pour Livebox.lnk = C:\Program Files\Hercules\WiFi Station pour Livebox\WiFiStationLB.exe (Hercules) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Impression rapide - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Imprimer - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Easy-WebPrint Prévisualiser - C:\Program Files\Canon\Easy-WebPrint\Resource.dll () O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found O15 - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008\..Trusted Domains: localhost ([]http in Intranet local) O15 - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008\..Trusted Domains: orange.fr ([www] http in Trusted sites) O15 - HKU\S-1-5-21-3184665761-3304710903-2751737788-1008\..Trusted Ranges: GD ([http] in Intranet local) O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab (Checkers Class) O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab (MessengerStatsClient Class) O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} http://musicmix.messenger.msn.com/Medialogic.CAB (CMediaMix Object) O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab (Minesweeper Flags Class) O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/mjss/MJSS.cab109791.cab () O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://spaces.msn.com//PhotoUpload/MsnPUpld.cab (MSN Photo Upload Tool) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab (MessengerStatsClient Class) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab (MessengerStatsClient Class) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer) O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} http://kiw.imgag.com/imgag/cp/install/crusher-kiwen.cab (Creative Toolbox Plug-in) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class) O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} https://secure.gopetslive.com/dev/GoPetsWeb.cab (GoPetsWeb Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CA79020-6CC5-425D-84DF-048281DDF06D}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll File not found O24 - Desktop Components:0 (Ma page d'accueil) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\RICHARD\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\RICHARD\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/03/06 19:08:58 | 000,000,062 | ---- | M] () - G:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{1dc7afc2-93b2-11de-882b-0008d33c42ff}\Shell - "" = AutoRun O33 - MountPoints2\{1dc7afc2-93b2-11de-882b-0008d33c42ff}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (lsdelete) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2013/04/22 15:56:46 | 000,000,000 | ---D | C] -- C:\_OTL [2013/04/22 13:04:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2013/04/22 13:01:08 | 000,000,000 | ---D | C] -- C:\JRT [2013/04/22 12:21:27 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag [2013/04/22 12:21:27 | 000,000,000 | ---D | C] -- C:\ZHP [2013/04/10 19:30:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\jmdp [6 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2013/04/22 16:14:00 | 000,001,144 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3184665761-3304710903-2751737788-1006UA.job [2013/04/22 16:02:20 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013/04/22 16:01:00 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3184665761-3304710903-2751737788-1008.job [2013/04/22 16:00:57 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3184665761-3304710903-2751737788-1006.job [2013/04/22 16:00:56 | 000,000,262 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job [2013/04/22 16:00:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013/04/22 16:00:15 | 2146,881,536 | -HS- | M] () -- C:\hiberfil.sys [2013/04/22 12:22:56 | 000,001,631 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk [2013/04/22 12:22:56 | 000,001,526 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk [2013/04/22 12:22:56 | 000,000,676 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk [2013/04/22 10:58:55 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2013/04/21 22:34:15 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013/04/21 17:10:00 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3184665761-3304710903-2751737788-1006Core1cd18bdc143394a.job [2013/04/21 12:34:00 | 000,001,000 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job [2013/04/18 22:13:00 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3184665761-3304710903-2751737788-1008.job [2013/04/18 08:15:17 | 000,739,485 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\1403010.016\Cat.DB [2013/04/18 08:14:52 | 000,014,818 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\1403010.016\VT20130115.021 [2013/04/12 21:03:49 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013/04/11 11:21:55 | 000,434,960 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013/04/11 09:38:16 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013/04/08 08:40:26 | 000,002,325 | ---- | M] () -- C:\Documents and Settings\RICHARD\Bureau\Webplayer.lnk [2013/04/06 23:32:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3184665761-3304710903-2751737788-1006.job [2013/04/03 10:35:55 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\1403010.016\isolate.ini [2013/03/31 03:41:49 | 000,539,488 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat [2013/03/31 03:41:49 | 000,466,700 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013/03/31 03:41:49 | 000,098,426 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat [2013/03/31 03:41:49 | 000,081,724 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [6 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2013/04/22 16:00:15 | 2146,881,536 | -HS- | C] () -- C:\hiberfil.sys [2013/04/22 12:21:29 | 000,001,631 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk [2013/04/22 12:21:29 | 000,001,526 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk [2013/04/22 12:21:29 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\MBRCheck.lnk [2013/03/02 15:40:43 | 000,000,093 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc [2013/01/10 20:03:56 | 000,002,352 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2012/02/15 20:07:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011/09/01 22:42:04 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\RICHARD\Application Data\$_hpcst$.hpc [2011/08/26 07:11:05 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2011/08/26 07:11:05 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2011/08/12 12:20:14 | 000,015,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll [2009/11/29 16:37:56 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\RICHARD\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/03/08 14:23:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt [2005/10/02 00:19:24 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\RICHARD\Local Settings\Application Data\fusioncache.dat [color=#E56717]========== ZeroAccess Check ==========[/color] [2005/08/12 13:51:20 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 04:33:41 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 12:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 04:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [color=#E56717]========== LOP Check ==========[/color] [2013/04/22 10:59:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software [2008/08/31 14:27:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avg7 [2011/01/07 19:56:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts [2011/06/01 21:07:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Freetest 3 [2009/02/06 19:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse [2008/03/14 18:25:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Link Data Security [2005/10/12 21:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\OD2 [2007/08/30 10:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pinnacle [2010/03/06 19:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate [2013/03/17 11:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2009/03/04 14:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ThumbnailCache4R [2008/12/30 14:24:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL [2006/04/09 18:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems [2012/08/27 17:14:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UniversalisV13 [2007/09/15 11:56:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom [2009/12/20 16:20:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{0188C6A8-B559-4C1F-AA44-D0347C445C52} [2011/08/11 08:51:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42} [2010/08/09 13:46:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2007/07/30 22:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\AURORE\Application Data\Admin Mags [2006/05/23 21:29:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\AURORE\Application Data\BiasChin [2005/11/08 20:31:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\AURORE\Application Data\OD2 [2008/03/08 22:10:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\AURORE\Application Data\SPAMfighter [2006/05/26 09:51:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\AURORE\Application Data\Ulead Systems [2012/05/01 19:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Fighters [2012/01/06 22:45:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MARGARET\Application Data\Fighters [2010/01/22 23:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\MARGARET\Application Data\SPAMfighter [2011/10/25 13:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICHARD\Application Data\cs [2011/11/24 12:24:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICHARD\Application Data\IE [2009/12/12 10:19:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICHARD\Application Data\Leadertech [2011/11/15 01:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICHARD\Application Data\Lexmark Productivity Studio [2005/12/30 12:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICHARD\Application Data\OD2 [2011/08/27 16:29:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICHARD\Application Data\Regensoft [2011/09/06 08:52:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICHARD\Application Data\Reviversoft [2011/09/01 22:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RICHARD\Application Data\Ulead Systems [2006/05/14 15:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\Admin Mags [2006/08/24 23:13:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\cs [2007/08/24 14:06:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\EPSON [2012/06/03 05:15:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\Fighters [2011/02/19 11:34:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\Icones [2005/09/20 13:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\Leadertech [2009/01/22 22:25:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\Lexmark Productivity Studio [2009/05/27 19:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\LimeWire [2011/02/28 20:30:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\MusE [2006/06/30 00:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\NCH Swift Sound [2005/09/19 21:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\OD2 [2010/08/23 22:25:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\Red Kawa [2011/08/11 08:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\Reviversoft [2009/03/08 14:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\Samsung [2007/10/29 14:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\SPAMfighter [2006/01/29 22:49:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\Template [2006/06/05 10:39:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\Ulead Systems [2010/08/23 22:24:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\Uniblue [2008/03/14 18:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\Universalis V13 [2007/07/28 15:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\Vso [2008/08/26 13:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RITA\Application Data\Zylom [color=#E56717]========== Purity Check ==========[/color] < End of report >