Slow computer, high CPU, got and cleaned trojan, but...

Two weird things have happened upon machine restart, following combofix:

1- Internet Explorer was no longer defined as my default browser
2- My Intelp Pro Wireless card icon in the system tray has changed appearance, and a message states that it is managed by windows and no longer by intel.

Are these things normal?

Thanks

Executed the combofix again, however, on reboot I was not present and antivirus and Comodo, everything were restarted, went crazy. (catchme.dll, global hooks, etc.). Here is the log:

ComboFix 12-02-11.02 - Toshiba 2012-02-11 15:32:38.2.2 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.2.1036.18.3070.2349 [GMT -5:00]
Lancé depuis: C:\Documents and Settings\Toshiba\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\Toshiba\Bureau\cfscript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

FILE ::
"c:\docume~1\Toshiba\LOCALS~1\Temp\pxxdqkob.sys"


(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))



((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_PXXDQKOB
-------\Service_pxxdqkob


((((((((((((((((((((((((((((( Fichiers créés du 2012-01-11 au 2012-02-11 ))))))))))))))))))))))))))))))))))))


2012-02-10 00:47:20 . 2012-02-10 00:47:20 388096 ----a-r- C:\Documents and Settings\Toshiba\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-02-10 00:47:14 . 2012-02-10 00:47:14 -------- d-----w- C:\Program Files\Trend Micro
2012-02-10 00:43:15 . 2012-02-10 00:43:37 -------- d-----w- C:\Documents and Settings\Toshiba\Application Data\GetRightToGo
2012-02-10 00:38:45 . 2010-01-10 23:40:12 118784 ----a-w- C:\WINDOWS\system32\MSSTDFMT.DLL
2012-02-10 00:03:51 . 2012-02-10 00:03:51 -------- d-----w- C:\WINDOWS\system32\wbem\Repository
2012-02-09 02:05:58 . 2012-02-09 02:05:59 -------- d-----w- C:\VritualRoot
2012-02-05 14:45:21 . 2012-02-05 14:45:21 -------- d-----w- C:\Documents and Settings\Toshiba\Local Settings\Application Data\Comodo
2012-02-05 01:46:50 . 2012-02-05 01:46:50 -------- d-----w- C:\Documents and Settings\Toshiba\Local Settings\Application Data\Temp
2012-02-04 19:40:03 . 2012-02-04 19:40:04 -------- d-----w- C:\Program Files\7-Zip
2012-02-04 17:10:06 . 2012-02-04 17:10:40 -------- d-----w- C:\Program Files\Fichiers communs\Adobe
2012-02-04 14:51:44 . 2012-02-04 21:16:51 -------- d-----w- C:\Documents and Settings\Toshiba\Application Data\Intuit Canada
2012-02-04 14:51:35 . 2012-02-04 21:16:02 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Intuit Canada
2012-02-03 03:19:37 . 2012-02-03 03:19:37 -------- d-----w- C:\Documents and Settings\LocalService\Bureau
2012-01-31 02:55:58 . 2012-01-31 02:55:58 -------- d-----w- C:\Documents and Settings\Toshiba\Application Data\Sonic
2012-01-23 02:01:50 . 2001-08-23 22:47:16 5632 ----a-w- C:\WINDOWS\system32\ptpusb.dll
2012-01-23 02:01:49 . 2008-04-13 18:45:34 15104 -c--a-w- C:\WINDOWS\system32\dllcache\usbscan.sys
2012-01-23 02:01:49 . 2008-04-13 18:45:34 15104 ----a-w- C:\WINDOWS\system32\drivers\usbscan.sys
2012-01-23 02:01:48 . 2008-04-14 02:33:40 159232 ----a-w- C:\WINDOWS\system32\ptpusd.dll
2012-01-17 04:41:15 . 2012-01-17 04:41:15 -------- d-----w- C:\Documents and Settings\Toshiba\Local Settings\Application Data\MetaGeek,_LLC
2012-01-16 00:12:12 . 2012-01-16 00:12:12 -------- d-----w- C:\Program Files\MetaGeek
2012-01-14 15:57:16 . 2012-01-14 15:57:03 101720 ----a-w- C:\WINDOWS\system32\drivers\SBREDrv.sys
2012-01-14 15:50:10 . 2012-02-10 02:56:19 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Lavasoft
2012-01-14 15:50:10 . 2012-01-14 15:50:10 -------- d-----w- C:\Program Files\Lavasoft
2012-01-14 15:01:31 . 2012-01-14 15:01:31 -------- d-----w- C:\Documents and Settings\Toshiba\Application Data\WinPatrol
.


(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

2012-02-08 23:45:16 . 2006-01-18 11:04:06 26624 ----a-w- C:\WINDOWS\system32\userinit.exe
2012-01-17 21:00:48 . 2011-12-19 23:59:22 494968 ----a-w- C:\WINDOWS\system32\drivers\cmdGuard.sys
2012-01-05 02:50:49 . 2012-01-05 02:50:49 414368 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2012-01-04 03:56:17 . 2012-01-04 03:56:16 1700352 ----a-w- C:\WINDOWS\system32\gdiplus.dll
2012-01-04 01:36:54 . 2012-01-04 01:36:54 21275 ----a-w- C:\WINDOWS\system32\drivers\AegisP.sys
2011-12-19 23:59:24 . 2011-12-19 23:59:24 97760 ----a-w- C:\WINDOWS\system32\drivers\inspect.sys
2011-12-19 23:59:22 . 2011-12-19 23:59:22 31704 ----a-w- C:\WINDOWS\system32\drivers\cmdhlp.sys
2011-12-19 23:59:20 . 2011-12-19 23:59:20 18056 ----a-w- C:\WINDOWS\system32\drivers\cmderd.sys
2011-12-19 23:58:58 . 2011-12-19 23:58:58 33984 ----a-w- C:\WINDOWS\system32\cmdcsr.dll
2011-12-19 23:58:56 . 2011-12-19 23:58:56 301224 ----a-w- C:\WINDOWS\system32\guard32.dll
2011-12-10 20:24:06 . 2012-01-12 01:41:47 20464 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2011-11-28 18:01:25 . 2012-01-06 02:34:59 41184 ----a-w- C:\WINDOWS\avastSS.scr
2011-11-28 18:01:23 . 2012-01-06 02:34:58 199816 ----a-w- C:\WINDOWS\system32\aswBoot.exe
2011-11-28 17:53:53 . 2012-01-06 02:35:18 435032 ----a-w- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-11-28 17:53:35 . 2012-01-06 02:35:22 314456 ----a-w- C:\WINDOWS\system32\drivers\aswSP.sys
2011-11-28 17:52:19 . 2012-01-06 02:35:19 34392 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-11-28 17:52:16 . 2012-01-06 02:35:19 52952 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-11-28 17:52:02 . 2012-01-06 02:35:18 111320 ----a-w- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-11-28 17:51:59 . 2012-01-06 02:35:18 105176 ----a-w- C:\WINDOWS\system32\drivers\aswmon.sys
2011-11-28 17:51:50 . 2012-01-06 02:35:22 20568 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-11-28 17:48:49 . 2012-01-06 02:35:18 30808 ----a-w- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-11-25 21:57:09 . 2006-01-18 11:04:08 293888 ----a-w- C:\WINDOWS\system32\winsrv.dll
2011-11-23 14:40:17 . 2006-01-18 11:04:08 1859712 ----a-w- C:\WINDOWS\system32\win32k.sys
2011-11-20 06:12:29 . 2006-01-18 11:03:58 61952 ----a-w- C:\WINDOWS\system32\packager.exe
2011-11-16 14:22:22 . 2006-01-18 11:04:08 354816 ----a-w- C:\WINDOWS\system32\winhttp.dll
2011-11-16 14:22:22 . 2006-01-18 11:04:00 152064 ----a-w- C:\WINDOWS\system32\schannel.dll


((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01:17 122512 ----a-w- C:\Program Files\AVAST Software\Avast\ashShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-11 15:08:00 65536]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-02-04 14:56:00 4617600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="launchapp" [X]
"CFSServ.exe"="CFSServ.exe -NoClient" [X]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2005-12-28 23:21:02 61952]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-10-06 04:20:00 122940]
"SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2005-05-17 08:24:50 118784]
"Toshiba Hotkey Utility"="C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" [2006-01-05 22:00:06 1589248]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-15 18:32:58 761945]
"nwiz"="nwiz.exe" [2005-12-15 04:42:00 1519616]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-15 04:42:00 7331840]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-05 17:37:40 667718]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-11-28 16:41:50 602182]
"COMODO Internet Security"="C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" [2011-12-21 05:41:44 6676808]
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe" [2011-11-28 18:01:24 3744552]
"Adobe ARM"="C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 13:10:42 843712]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 02:33:59 15360]

C:\Documents and Settings\Toshiba\Menu Démarrer\Programmes\Démarrage\
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]

C:\Documents and Settings\Toshiba\Menu Démarrer\Programmes\Démarrage\
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]

C:\Documents and Settings\Toshiba\Menu Démarrer\Programmes\Démarrage\
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2006-1-18 155648]

C:\Documents and Settings\Toshiba\Menu Démarrer\Programmes\Démarrage\
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 00:02:18 113024]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54:14 551296 ----a-w- C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\WINDOWS\system32\guard32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO]
2011-11-23 10:27:04 208184 ----a-w- C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLA.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPA]
2011-11-23 10:27:06 182584 ----a-w- C:\Program Files\Comodo\COMODO GeekBuddy\VALA.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [2012-01-04 22:13:45 17904]
R1 aswSnx;aswSnx;C:\WINDOWS\system32\drivers\aswSnx.sys [2012-01-05 21:35:18 435032]
R1 aswSP;aswSP;C:\WINDOWS\system32\drivers\aswSP.sys [2012-01-05 21:35:22 314456]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\WINDOWS\system32\drivers\cmdGuard.sys [2011-12-19 18:59:22 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\WINDOWS\system32\drivers\cmdhlp.sys [2011-12-19 18:59:22 31704]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv.sys [2011-07-22 11:27:02 12880]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 16:55:22 67664]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore.exe [2011-08-11 18:38:07 116608]
R2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service;C:\Program Files\Emsisoft Anti-Malware\a2service.exe [2012-01-04 22:13:43 3025112]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-01-05 21:35:22 20568]
R2 CLPSLS;COMODO livePCsupport Service;C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 05:27:04 1052472]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-12-23 07:12:10 2152152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 13:16:28 130384]
S3 a2acc;a2acc;C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys [2012-01-04 22:13:44 51632]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys [2011-12-23 07:12:10 15232]
S3 NETwLx32; Pilote de carte de la série Intel(R) Wireless WiFi Link 5000 pour Windows XP 32 bits ;C:\WINDOWS\system32\drivers\NETwLx32.sys [2012-01-05 21:48:30 6609920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 13:16:28 753504]

Contenu du dossier 'Tâches planifiées'

2012-02-11 C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-12-23 12:12:10 . 2012-02-10 03:12:34]


------- Examen supplémentaire -------

uStart Page = hxxp://www.google.ca/


**************************************************************************
Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés:

**************************************************************************

--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(856)
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

- - - - - - - > 'lsass.exe'(912)
C:\WINDOWS\system32\guard32.dll

- - - - - - - > 'explorer.exe'(2328)
C:\WINDOWS\system32\guard32.dll
C:\WINDOWS\system32\webcheck.dll
C:\WINDOWS\system32\WPDShServiceObj.dll
C:\WINDOWS\system32\PortableDeviceTypes.dll
C:\WINDOWS\system32\PortableDeviceApi.dll
C:\WINDOWS\system32\eappprxy.dll
C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA

- - - - - - - > 'csrss.exe'(824)
C:\WINDOWS\system32\cmdcsr.dll

------------------------ Autres processus actifs ------------------------

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wscntfy.exe

**************************************************************************

Heure de fin: 2012-02-11 16:12:46 - La machine a redémarré
ComboFix-quarantined-files.txt 2012-02-11 21:12:41
ComboFix2.txt 2012-02-11 19:25:12

Avant-CF: 59 138 338 816 octets libres
Après-CF: 59 112 894 464 octets libres

- - End Of File - - 73EF1422C52A6AC7C40CA44A78851EA0

Computers seems ok. No longer have that weird message when connecting to internet, before that COMODO always told me I was using an unsecured connection even if I had WPA2 and seemed active. Now, no such message anymore. CPU seems better also.

I will execute OTL later tonight and come back with the results.

Wow, OTL scan is very fast, so it's laready done. OTL gave out two logs: OTL.txt and Extra.txt:

OTL logfile created on: 2012-02-11 17:38:41 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Toshiba\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 77,30% Memory free
4,84 Gb Paging File | 4,20 Gb Available in Paging File | 86,74% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,79 Gb Total Space | 55,05 Gb Free Space | 49,24% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA-29519BD | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-02-11 17:29:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
PRC - [2012-02-09 22:12:26 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2012-02-09 22:12:23 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2012-02-04 09:56:00 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012-01-23 22:41:59 | 003,025,112 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe
PRC - [2011-12-19 18:59:00 | 001,960,584 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
PRC - [2011-11-28 13:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-11-28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-11-23 05:27:04 | 001,052,472 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe
PRC - [2011-08-11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011-01-17 16:37:42 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011-01-17 16:37:42 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2008-04-13 21:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-01-05 17:00:06 | 001,589,248 | ---- | M] (TOSHIBA Inc.) -- C:\Program Files\TOSHIBA\Windows Utilities\Hotkey.exe
PRC - [2005-12-15 13:21:00 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe
PRC - [2005-12-05 12:37:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2005-11-28 11:41:50 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2005-11-28 11:37:52 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2005-10-05 23:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005-05-17 03:24:50 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
PRC - [2005-04-11 10:08:00 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2005-01-17 12:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2004-08-27 20:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2004-08-27 20:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe


========== Modules (No Company Name) ==========

MOD - [2012-02-11 16:00:55 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012-02-11 16:00:52 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012-02-11 13:21:35 | 001,691,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12021101\algo.dll
MOD - [2012-02-09 22:13:00 | 000,430,568 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\VipreBridge.dll
MOD - [2012-02-09 22:12:51 | 000,591,232 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll
MOD - [2012-02-09 21:58:03 | 000,508,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\thorax.aaw
MOD - [2012-02-05 12:41:50 | 000,181,616 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll
MOD - [2012-02-05 12:41:48 | 000,210,288 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll
MOD - [2012-01-07 11:19:36 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2012-01-04 22:09:49 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012-01-04 22:09:49 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2012-01-03 08:10:46 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
MOD - [2011-12-23 07:12:12 | 000,308,560 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\Vipre.dll
MOD - [2005-11-28 11:59:16 | 000,876,544 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
MOD - [2005-11-28 11:59:16 | 000,208,965 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2005-11-28 11:59:16 | 000,053,322 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
MOD - [2005-11-03 11:37:58 | 000,970,862 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2012-02-09 22:12:23 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2012-01-23 22:41:59 | 003,025,112 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2011-12-19 18:59:00 | 001,960,584 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011-11-28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011-11-23 05:27:04 | 001,052,472 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS)
SRV - [2011-08-11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2005-04-03 18:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005-01-17 12:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004-08-27 20:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2012-01-17 16:00:48 | 000,494,968 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011-12-23 07:12:10 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011-12-19 18:59:24 | 000,097,760 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2011-12-19 18:59:22 | 000,031,704 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011-11-28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-11-28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-11-28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-11-28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-11-28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011-11-28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011-11-28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011-11-02 10:13:12 | 000,051,632 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2011-07-22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011-07-12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011-05-19 13:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
DRV - [2010-10-07 07:11:38 | 006,609,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETwLx32.sys -- (NETwLx32) Pilote de carte de la série Intel(R)
DRV - [2006-01-12 10:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2005-12-28 18:20:38 | 000,561,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2005-12-04 14:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2005-11-29 14:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005-11-28 12:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005-11-07 19:12:00 | 000,997,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005-11-07 19:11:00 | 000,723,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005-11-07 19:11:00 | 000,202,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005-10-05 23:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005-10-05 23:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005-10-05 23:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005-10-05 23:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005-10-05 23:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005-10-05 23:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005-10-05 23:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005-08-25 06:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005-08-25 06:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005-06-11 00:42:00 | 000,005,504 | ---- | M] (Quanta Computer Corp) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BoiHwSetup.sys -- (BoiHwsetup)
DRV - [2005-06-01 23:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005-05-05 08:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qmofiltr.sys -- (qmofiltr)
DRV - [2003-09-18 19:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003-01-29 10:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2002-01-24 14:43:40 | 000,006,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tbiosdrv.sys -- (TBiosDrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



O1 HOSTS File: ([2012-02-11 15:58:14 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CFSServ.exe] CFSServ.exe -NoClient File not found
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [LaunchApp] launchapp File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Toshiba Hotkey Utility] C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe (TOSHIBA Inc.)
O4 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O4 - Startup: C:\Documents and Settings\Toshiba\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\__aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\NPJPI150_04.dll (Sun Microsystems, Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/...ls/en/x86/client/wuweb_site.cab?1325644805328 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1325984729437 (MUWebControl Class)
O18 - Protocol\Handler\intu-ir2011 - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) -C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-01-18 05:32:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012-02-11 17:29:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
[2012-02-11 16:33:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Toshiba\Recent
[2012-02-11 16:33:44 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012-02-11 16:12:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012-02-11 15:28:46 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012-02-11 14:02:04 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012-02-11 13:41:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012-02-11 13:41:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012-02-11 13:41:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012-02-11 13:41:02 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012-02-11 13:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012-02-11 13:38:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012-02-11 13:34:37 | 004,401,300 | R--- | C] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\ComboFix.exe
[2012-02-11 10:18:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Bureau\bootkit_remover
[2012-02-11 09:20:05 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Toshiba\Bureau\aswMBR.exe
[2012-02-09 23:03:20 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\dds.scr
[2012-02-09 21:56:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Lavasoft
[2012-02-09 20:21:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012-02-09 19:47:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Menu Démarrer\Programmes\HiJackThis
[2012-02-09 19:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012-02-09 19:43:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Application Data\GetRightToGo
[2012-02-09 19:38:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SpywareBlaster
[2012-02-08 21:05:58 | 000,000,000 | ---D | C] -- C:\VritualRoot
[2012-02-07 21:53:27 | 002,002,320 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Toshiba\Bureau\HousecallLauncher.exe
[2012-02-07 21:46:31 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Toshiba\Bureau\mbam--setup-1.60.1.1000.exe
[2012-02-05 09:45:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\Comodo
[2012-02-04 20:46:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\Temp
[2012-02-04 16:32:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Mes documents\ImpôtRapide
[2012-02-04 14:40:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\7-Zip
[2012-02-04 14:40:03 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012-02-04 12:10:06 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe
[2012-02-04 12:09:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012-02-04 09:51:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Application Data\Intuit Canada
[2012-02-04 09:51:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intuit Canada
[2012-01-30 21:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Application Data\Sonic
[2012-01-22 21:05:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Bureau\Photos décembre 2011 - Janvier 2012
[2012-01-22 21:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Bureau\Nouveau dossier
[2012-01-16 23:41:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\MetaGeek,_LLC
[2012-01-15 19:12:12 | 000,000,000 | ---D | C] -- C:\Program Files\MetaGeek
[2012-01-15 19:12:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Menu Démarrer\Programmes\MetaGeek
[2012-01-15 19:09:48 | 002,056,228 | ---- | C] (MetaGeek, LLC) -- C:\Documents and Settings\Toshiba\Bureau\inSSIDer-Installer-2.0.7.0126.exe
[2012-01-14 10:57:16 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2012-01-14 10:50:10 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2012-01-14 10:50:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2012-01-14 10:01:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Application Data\WinPatrol
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-02-11 17:29:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
[2012-02-11 16:31:18 | 000,002,465 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\inSSIDer 2.0.lnk
[2012-02-11 15:58:31 | 000,043,758 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012-02-11 15:58:14 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012-02-11 15:52:42 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012-02-11 15:51:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-02-11 15:51:31 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
[2012-02-11 14:02:30 | 000,000,456 | RHS- | M] () -- C:\BOOT.INI
[2012-02-11 13:34:39 | 004,401,300 | R--- | M] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\ComboFix.exe
[2012-02-11 12:01:10 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\MBR.dat
[2012-02-11 09:20:34 | 000,044,607 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\bootkit_remover.zip
[2012-02-11 09:20:07 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Toshiba\Bureau\aswMBR.exe
[2012-02-09 23:08:58 | 119,172,784 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\setup_11.0.0.1245.x01_2012_02_10_06_53.exe
[2012-02-09 23:03:24 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\dds.scr
[2012-02-09 22:29:35 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-02-09 21:57:44 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2012-02-09 21:57:44 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2012-02-09 21:56:59 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
[2012-02-09 19:51:43 | 000,002,451 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\HiJackThis.lnk
[2012-02-08 21:10:39 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\k9it3vi3.exe
[2012-02-08 19:01:25 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-02-08 04:16:24 | 000,302,152 | ---- | M] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\census.cache
[2012-02-08 04:15:20 | 000,175,661 | ---- | M] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\ars.cache
[2012-02-07 21:54:33 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\housecall.guid.cache
[2012-02-07 21:53:27 | 002,002,320 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Toshiba\Bureau\HousecallLauncher.exe
[2012-02-07 21:48:38 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
[2012-02-07 21:46:31 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Toshiba\Bureau\mbam--setup-1.60.1.1000.exe
[2012-02-07 18:59:09 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\restauration.reg
[2012-02-07 17:19:45 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-02-04 21:10:02 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2012-02-04 12:11:30 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2012-01-21 13:59:50 | 000,553,636 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2012-01-21 13:59:50 | 000,482,174 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-01-21 13:59:50 | 000,094,952 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2012-01-21 13:59:50 | 000,080,056 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-01-17 16:00:48 | 000,494,968 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[2012-01-15 19:09:49 | 002,056,228 | ---- | M] (MetaGeek, LLC) -- C:\Documents and Settings\Toshiba\Bureau\inSSIDer-Installer-2.0.7.0126.exe
[2012-01-14 10:57:03 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2012-01-14 10:48:00 | 012,410,880 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\Ad-Aware96Install.msi
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-02-11 14:02:29 | 000,000,340 | ---- | C] () -- C:\Boot.bak
[2012-02-11 14:02:22 | 000,263,488 | RHS- | C] () -- C:\cmldr
[2012-02-11 13:41:03 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012-02-11 13:41:03 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012-02-11 13:41:02 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012-02-11 13:41:02 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012-02-11 13:41:02 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012-02-11 12:01:10 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\MBR.dat
[2012-02-11 09:20:34 | 000,044,607 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\bootkit_remover.zip
[2012-02-09 23:07:20 | 119,172,784 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\setup_11.0.0.1245.x01_2012_02_10_06_53.exe
[2012-02-09 21:56:59 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
[2012-02-09 19:47:17 | 000,002,451 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\HiJackThis.lnk
[2012-02-08 21:10:37 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\k9it3vi3.exe
[2012-02-08 04:16:24 | 000,302,152 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\census.cache
[2012-02-08 04:15:20 | 000,175,661 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\ars.cache
[2012-02-07 21:54:33 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\housecall.guid.cache
[2012-02-07 18:59:09 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\restauration.reg
[2012-02-07 18:54:58 | 3219,312,640 | -HS- | C] () -- C:\hiberfil.sys
[2012-02-04 12:11:30 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk
[2012-02-04 12:11:30 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2012-01-17 19:03:13 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2012-01-17 19:03:13 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2012-01-15 19:12:12 | 000,002,465 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\inSSIDer 2.0.lnk
[2012-01-14 10:50:36 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012-01-14 10:47:58 | 012,410,880 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\Ad-Aware96Install.msi
[2012-01-07 22:11:56 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-01-03 20:38:44 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\fusioncache.dat
[2012-01-03 20:34:54 | 000,006,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\Tbiosdrv.sys
[2012-01-03 20:34:50 | 000,000,037 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2012-01-03 20:34:44 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006-01-19 16:40:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006-01-18 14:28:02 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006-01-18 14:28:02 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006-01-18 14:28:02 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006-01-18 14:28:02 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006-01-18 14:28:02 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006-01-18 14:28:02 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006-01-18 07:34:09 | 000,012,060 | ---- | C] () -- C:\WINDOWS\HWSetupStr.ini
[2006-01-18 07:34:09 | 000,002,226 | R--- | C] () -- C:\WINDOWS\SVPW32Str.ini
[2006-01-18 06:23:57 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006-01-18 06:22:57 | 000,134,872 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006-01-18 06:07:12 | 000,028,672 | ---- | C] () -- C:\WINDOWS\WHideCmd.exe
[2006-01-18 06:06:23 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2006-01-18 06:06:23 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2006-01-18 06:06:23 | 000,009,378 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2006-01-18 06:06:23 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2006-01-18 06:04:16 | 000,553,636 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2006-01-18 06:04:16 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2006-01-18 06:04:16 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2006-01-18 06:04:15 | 000,094,952 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2006-01-18 06:04:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006-01-18 06:03:59 | 000,482,174 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006-01-18 06:03:59 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006-01-18 06:03:59 | 000,080,056 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006-01-18 06:03:59 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006-01-18 06:03:57 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006-01-18 06:03:57 | 000,004,688 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006-01-18 06:03:56 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006-01-18 06:03:51 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006-01-18 06:03:51 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006-01-18 06:03:45 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006-01-18 06:03:39 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006-01-18 05:56:34 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006-01-18 05:52:58 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006-01-18 05:50:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2006-01-18 05:50:36 | 000,022,529 | ---- | C] () -- C:\WINDOWS\System32\ortag32.dll
[2006-01-18 05:36:37 | 000,002,368 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006-01-18 05:35:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006-01-18 05:33:29 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006-01-18 05:33:27 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-01-18 05:33:27 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-01-18 05:33:26 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-01-18 05:33:24 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-01-18 05:33:24 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006-01-18 05:33:24 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-01-18 05:33:21 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006-01-18 05:33:21 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006-01-18 05:33:20 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006-01-18 05:29:54 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005-12-16 12:35:12 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
[2005-12-08 14:56:50 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\tsbwls.dll
[2005-11-28 16:33:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

========== LOP Check ==========

[2012-01-04 23:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012-01-03 23:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CPA_VA
[2006-01-18 07:17:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\toshiba
[2012-01-04 19:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\ElevatedDiagnostics
[2012-02-09 19:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\GetRightToGo
[2012-01-07 11:20:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\OpenOffice.org
[2012-01-14 13:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\toshiba
[2012-01-14 10:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\WinPatrol
[2012-02-11 15:52:42 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2012-02-09 20:20:41 | 000,006,541 | ---- | M] () -- C:\aaw7boot.log
[2006-01-18 05:32:30 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012-01-09 21:15:13 | 000,000,340 | ---- | M] () -- C:\Boot.bak
[2012-02-11 14:02:30 | 000,000,456 | RHS- | M] () -- C:\BOOT.INI
[2004-08-05 00:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-08-03 23:00:08 | 000,263,488 | RHS- | M] () -- C:\cmldr
[2012-02-11 16:12:49 | 000,014,679 | ---- | M] () -- C:\ComboFix.txt
[2006-01-18 05:32:30 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006-01-04 15:06:00 | 001,447,841 | ---- | M] () -- C:\EULA.pdf
[2012-02-11 15:51:31 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
[2006-01-18 05:32:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2006-01-17 21:39:26 | 000,009,173 | ---- | M] () -- C:\Lisez Moi.htm
[2003-10-20 15:36:42 | 000,000,034 | RH-- | M] () -- C:\loados.bat
[2006-01-18 05:32:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-05 00:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2012-01-03 22:36:13 | 000,252,240 | RHS- | M] () -- C:\ntldr
[2012-02-11 15:51:13 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\Fonts\*.com >
[2006-04-18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006-06-29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006-04-18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006-06-29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006-01-18 05:31:47 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008-07-06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008-07-06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2011-11-28 13:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2004-12-07 20:04:46 | 000,045,056 | ---- | M] (TOSHIBA) -- C:\WINDOWS\cfdemo.scr
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2006-01-18 06:15:28 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006-01-18 06:15:28 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006-01-18 06:15:28 | 000,430,080 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2006-01-18 05:39:15 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf
[2012-01-03 22:50:53 | 000,000,107 | -HS- | M] () -- C:\Documents and Settings\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

COntinuing OTl.txt and then Extra.txt

< %USERPROFILE%\Cookies\*.txt /x >
[2012-02-11 17:28:22 | 000,098,304 | ---- | M] () -- C:\Documents and Settings\Toshiba\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007-06-29 11:59:14 | 000,318,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >
[2005-12-04 05:14:58 | 000,552,960 | ---- | M] (Intel Corporation) -- C:\WINDOWS\Installer\iProInst.exe
[6 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008-04-13 21:33:22 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004-08-03 19:07:10 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004-08-03 19:07:10 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008-05-02 09:01:52 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008-04-13 12:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008-04-13 21:34:13 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004-08-03 19:07:10 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2004-08-03 19:07:10 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2004-08-03 19:07:10 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004-08-03 19:07:10 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004-08-03 19:07:10 | 000,127,843 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< End of report >

OTL Extras logfile created on: 2012-02-11 17:38:41 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Toshiba\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 77,30% Memory free
4,84 Gb Paging File | 4,20 Gb Available in Paging File | 86,74% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,79 Gb Total Space | 55,05 Gb Free Space | 49,24% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA-29519BD | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{099D12EC-0321-4CAC-A0CC-33D020156FCD}" = Toshiba Utility
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = Assist TOSHIBA
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = Utilitaire de zoom TOSHIBA
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{7E0610A2-E336-40B3-B685-C4905E97EC9A}" = OpenOffice.org 3.3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8E9976D2-E563-43DE-A51F-5AEBC38D1F08}" = Ad-Aware
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9A08615A-6113-46F9-8819-5BA66B6600FD}" = Toshiba Hotkey Utility
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = Pilote du DVD-RAM
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Réducteur de bruit lect. CD/DVD
"{A12EA295-32EA-42BB-8442-2C2BE852D4AA}" = inSSIDer 2.0
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Français
"{ACA1086B-9B62-4F80-B4B9-5659395E4F25}" = Toshiba Controls Utility
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F77890F3-774A-4CBE-A2E3-7BB0DC71D1FA}" = Toshiba Touchpad Utility
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5047&SUBSYS_1179FF31" = HDAUDIO Soft Data Fax Modem with SmartCP
"Comodo Dragon" = Comodo Dragon
"COMODO GeekBuddy" = COMODO GeekBuddy
"ie8" = Windows Internet Explorer 8
"InstallShield_{099D12EC-0321-4CAC-A0CC-33D020156FCD}" = Toshiba Utility
"InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{ACA1086B-9B62-4F80-B4B9-5659395E4F25}" = Toshiba Controls Utility
"InstallShield_{F77890F3-774A-4CBE-A2E3-7BB0DC71D1FA}" = Toshiba Touchpad Utility
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"Outil de diagnostic PC" = Outil de diagnostic PC TOSHIBA
"ProInst" = Logiciel Intel(R) PROSet/Wireless
"PROSet" = Intel(R) PRO Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Toshiba Tbiosdrv Driver" = Toshiba Tbiosdrv Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media*11
"Windows XP Service" = Windows XP Service Pack*3
"WinLiveSuite_Wave3" = Installation Windows Live
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2012-02-04 20:22:43 | Computer Name = TOSHIBA-29519BD | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 2012-02-05 16:59:29 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 2012-02-05 16:59:47 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 2012-02-05 17:00:12 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 2012-02-06 00:13:09 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 2012-02-06 00:13:28 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 2012-02-08 22:07:53 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1002
Description = Application bloquée k1qzcch4.exe, version 1.0.15.15641, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 2012-02-08 22:08:16 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1002
Description = Application bloquée k1qzcch4.exe, version 1.0.15.15641, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 2012-02-08 22:08:21 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1001
Description = Détecteur d'erreurs -1467729550.

Error - 2012-02-09 00:10:34 | Computer Name = TOSHIBA-29519BD | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

[ System Events ]
Error - 2012-02-10 21:35:07 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.

Error - 2012-02-10 21:35:52 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.

Error - 2012-02-10 21:40:22 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.

Error - 2012-02-10 22:23:11 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.

Error - 2012-02-11 10:40:44 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.

Error - 2012-02-11 10:41:28 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.

Error - 2012-02-11 10:41:40 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.

Error - 2012-02-11 12:56:28 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.

Error - 2012-02-11 16:44:58 | Computer Name = TOSHIBA-29519BD | Source = PlugPlayManager | ID = 11
Description = Le périphérique Root\LEGACY_PXXDQKOB\0000 a disparu du système sans
que sa suppression ait tout d'abord été préparée.

Error - 2012-02-11 17:01:41 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.


< End of report >

Here is second OTL scan as requested:

OTL logfile created on: 2012-02-11 19:02:15 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Toshiba\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 73,85% Memory free
4,84 Gb Paging File | 4,09 Gb Available in Paging File | 84,51% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,79 Gb Total Space | 55,03 Gb Free Space | 49,23% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA-29519BD | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-02-11 17:29:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
PRC - [2012-02-09 22:12:26 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2012-02-09 22:12:23 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2012-02-04 09:56:00 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012-01-23 22:41:59 | 003,025,112 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe
PRC - [2011-12-19 18:59:00 | 001,960,584 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
PRC - [2011-11-28 13:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-11-28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-11-23 05:27:04 | 001,052,472 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe
PRC - [2011-08-11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011-01-17 16:37:42 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011-01-17 16:37:42 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2008-04-13 21:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-01-05 17:00:06 | 001,589,248 | ---- | M] (TOSHIBA Inc.) -- C:\Program Files\TOSHIBA\Windows Utilities\Hotkey.exe
PRC - [2005-12-15 13:21:00 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe
PRC - [2005-12-05 12:37:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2005-11-28 11:41:50 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2005-11-28 11:37:52 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2005-10-05 23:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005-05-17 03:24:50 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
PRC - [2005-04-11 10:08:00 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2005-01-17 12:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2004-08-27 20:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2004-08-27 20:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe


========== Modules (No Company Name) ==========

MOD - [2012-02-11 16:00:55 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012-02-11 16:00:52 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012-02-11 13:21:35 | 001,691,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12021101\algo.dll
MOD - [2012-02-09 22:13:00 | 000,430,568 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\VipreBridge.dll
MOD - [2012-02-09 22:12:51 | 000,591,232 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll
MOD - [2012-02-09 21:58:03 | 000,508,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\thorax.aaw
MOD - [2012-02-05 12:41:50 | 000,181,616 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll
MOD - [2012-02-05 12:41:48 | 000,210,288 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll
MOD - [2012-01-07 11:19:36 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2012-01-04 22:09:49 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012-01-04 22:09:49 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2012-01-03 08:10:46 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
MOD - [2011-12-23 07:12:12 | 000,308,560 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\Vipre.dll
MOD - [2005-11-28 11:59:16 | 000,876,544 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
MOD - [2005-11-28 11:59:16 | 000,208,965 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2005-11-28 11:59:16 | 000,053,322 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
MOD - [2005-11-03 11:37:58 | 000,970,862 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2012-02-09 22:12:23 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2012-01-23 22:41:59 | 003,025,112 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2011-12-19 18:59:00 | 001,960,584 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011-11-28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011-11-23 05:27:04 | 001,052,472 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS)
SRV - [2011-08-11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2005-04-03 18:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005-01-17 12:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004-08-27 20:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2012-01-17 16:00:48 | 000,494,968 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011-12-23 07:12:10 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011-12-19 18:59:24 | 000,097,760 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2011-12-19 18:59:22 | 000,031,704 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011-11-28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-11-28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-11-28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-11-28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-11-28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011-11-28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011-11-28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011-11-02 10:13:12 | 000,051,632 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2011-07-22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011-07-12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011-05-19 13:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
DRV - [2010-10-07 07:11:38 | 006,609,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETwLx32.sys -- (NETwLx32) Pilote de carte de la série Intel(R)
DRV - [2006-01-12 10:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2005-12-28 18:20:38 | 000,561,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2005-12-04 14:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2005-11-29 14:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005-11-28 12:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005-11-07 19:12:00 | 000,997,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005-11-07 19:11:00 | 000,723,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005-11-07 19:11:00 | 000,202,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005-10-05 23:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005-10-05 23:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005-10-05 23:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005-10-05 23:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005-10-05 23:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005-10-05 23:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005-10-05 23:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005-08-25 06:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005-08-25 06:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005-06-11 00:42:00 | 000,005,504 | ---- | M] (Quanta Computer Corp) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BoiHwSetup.sys -- (BoiHwsetup)
DRV - [2005-06-01 23:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005-05-05 08:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qmofiltr.sys -- (qmofiltr)
DRV - [2003-09-18 19:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003-01-29 10:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2002-01-24 14:43:40 | 000,006,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tbiosdrv.sys -- (TBiosDrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========




IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



O1 HOSTS File: ([2012-02-11 15:58:14 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CFSServ.exe] CFSServ.exe -NoClient File not found
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [LaunchApp] launchapp File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Toshiba Hotkey Utility] C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe (TOSHIBA Inc.)
O4 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O4 - Startup: C:\Documents and Settings\Toshiba\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\##aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\NPJPI150_04.dll (Sun Microsystems, Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/...ls/en/x86/client/wuweb_site.cab?1325644805328 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1325984729437 (MUWebControl Class)
O18 - Protocol\Handler\intu-ir2011 - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) -C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-01-18 05:32:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012-02-11 18:25:00 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\TFC.exe
[2012-02-11 17:29:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
[2012-02-11 16:33:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Toshiba\Recent
[2012-02-11 16:33:44 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012-02-11 16:12:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012-02-11 15:28:46 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012-02-11 14:02:04 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012-02-11 13:41:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012-02-11 13:41:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012-02-11 13:41:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012-02-11 13:41:02 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012-02-11 13:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012-02-11 13:38:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012-02-11 13:34:37 | 004,401,300 | R--- | C] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\ComboFix.exe
[2012-02-11 10:18:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Bureau\bootkit_remover
[2012-02-11 09:20:05 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Toshiba\Bureau\aswMBR.exe
[2012-02-09 23:03:20 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\dds.scr
[2012-02-09 21:56:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Lavasoft
[2012-02-09 20:21:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012-02-09 19:47:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Menu Démarrer\Programmes\HiJackThis
[2012-02-09 19:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012-02-09 19:43:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Application Data\GetRightToGo
[2012-02-09 19:38:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SpywareBlaster
[2012-02-08 21:05:58 | 000,000,000 | ---D | C] -- C:\VritualRoot
[2012-02-07 21:53:27 | 002,002,320 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Toshiba\Bureau\HousecallLauncher.exe
[2012-02-07 21:46:31 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Toshiba\Bureau\mbam--setup-1.60.1.1000.exe
[2012-02-05 09:45:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\Comodo
[2012-02-04 20:46:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\Temp
[2012-02-04 16:32:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Mes documents\ImpôtRapide
[2012-02-04 14:40:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\7-Zip
[2012-02-04 14:40:03 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012-02-04 12:10:06 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe
[2012-02-04 12:09:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012-02-04 09:51:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Application Data\Intuit Canada
[2012-02-04 09:51:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intuit Canada
[2012-01-30 21:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Application Data\Sonic
[2012-01-22 21:05:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Bureau\Photos décembre 2011 - Janvier 2012
[2012-01-22 21:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Bureau\Nouveau dossier
[2012-01-16 23:41:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\MetaGeek,_LLC
[2012-01-15 19:12:12 | 000,000,000 | ---D | C] -- C:\Program Files\MetaGeek
[2012-01-15 19:12:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Menu Démarrer\Programmes\MetaGeek
[2012-01-15 19:09:48 | 002,056,228 | ---- | C] (MetaGeek, LLC) -- C:\Documents and Settings\Toshiba\Bureau\inSSIDer-Installer-2.0.7.0126.exe
[2012-01-14 10:57:16 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2012-01-14 10:50:10 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2012-01-14 10:50:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2012-01-14 10:01:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Application Data\WinPatrol
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-02-11 18:25:09 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\TFC.exe
[2012-02-11 18:24:49 | 000,336,319 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\FSS.exe
[2012-02-11 18:24:28 | 000,869,194 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\SecurityCheck.exe
[2012-02-11 17:29:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
[2012-02-11 16:31:18 | 000,002,465 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\inSSIDer 2.0.lnk
[2012-02-11 15:58:31 | 000,043,758 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012-02-11 15:58:14 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012-02-11 15:52:42 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012-02-11 15:51:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-02-11 15:51:31 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
[2012-02-11 14:02:30 | 000,000,456 | RHS- | M] () -- C:\BOOT.INI
[2012-02-11 13:34:39 | 004,401,300 | R--- | M] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\ComboFix.exe
[2012-02-11 12:01:10 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\MBR.dat
[2012-02-11 09:20:34 | 000,044,607 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\bootkit_remover.zip
[2012-02-11 09:20:07 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Toshiba\Bureau\aswMBR.exe
[2012-02-09 23:08:58 | 119,172,784 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\setup_11.0.0.1245.x01_2012_02_10_06_53.exe
[2012-02-09 23:03:24 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\dds.scr
[2012-02-09 22:29:35 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-02-09 21:57:44 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2012-02-09 21:57:44 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2012-02-09 21:56:59 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
[2012-02-09 19:51:43 | 000,002,451 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\HiJackThis.lnk
[2012-02-08 21:10:39 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\k9it3vi3.exe
[2012-02-08 19:01:25 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-02-08 04:16:24 | 000,302,152 | ---- | M] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\census.cache
[2012-02-08 04:15:20 | 000,175,661 | ---- | M] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\ars.cache
[2012-02-07 21:54:33 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\housecall.guid.cache
[2012-02-07 21:53:27 | 002,002,320 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Toshiba\Bureau\HousecallLauncher.exe
[2012-02-07 21:48:38 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
[2012-02-07 21:46:31 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Toshiba\Bureau\mbam--setup-1.60.1.1000.exe
[2012-02-07 18:59:09 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\restauration.reg
[2012-02-07 17:19:45 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-02-04 21:10:02 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2012-02-04 12:11:30 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2012-01-21 13:59:50 | 000,553,636 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2012-01-21 13:59:50 | 000,482,174 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-01-21 13:59:50 | 000,094,952 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2012-01-21 13:59:50 | 000,080,056 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-01-17 16:00:48 | 000,494,968 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[2012-01-15 19:09:49 | 002,056,228 | ---- | M] (MetaGeek, LLC) -- C:\Documents and Settings\Toshiba\Bureau\inSSIDer-Installer-2.0.7.0126.exe
[2012-01-14 10:57:03 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2012-01-14 10:48:00 | 012,410,880 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\Ad-Aware96Install.msi
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-02-11 18:24:47 | 000,336,319 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\FSS.exe
[2012-02-11 18:24:19 | 000,869,194 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\SecurityCheck.exe
[2012-02-11 14:02:29 | 000,000,340 | ---- | C] () -- C:\Boot.bak
[2012-02-11 14:02:22 | 000,263,488 | RHS- | C] () -- C:\cmldr
[2012-02-11 13:41:03 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012-02-11 13:41:03 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012-02-11 13:41:02 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012-02-11 13:41:02 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012-02-11 13:41:02 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012-02-11 12:01:10 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\MBR.dat
[2012-02-11 09:20:34 | 000,044,607 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\bootkit_remover.zip
[2012-02-09 23:07:20 | 119,172,784 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\setup_11.0.0.1245.x01_2012_02_10_06_53.exe
[2012-02-09 21:56:59 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
[2012-02-09 19:47:17 | 000,002,451 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\HiJackThis.lnk
[2012-02-08 21:10:37 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\k9it3vi3.exe
[2012-02-08 04:16:24 | 000,302,152 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\census.cache
[2012-02-08 04:15:20 | 000,175,661 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\ars.cache
[2012-02-07 21:54:33 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\housecall.guid.cache
[2012-02-07 18:59:09 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\restauration.reg
[2012-02-07 18:54:58 | 3219,312,640 | -HS- | C] () -- C:\hiberfil.sys
[2012-02-04 12:11:30 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk
[2012-02-04 12:11:30 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2012-01-17 19:03:13 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2012-01-17 19:03:13 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2012-01-15 19:12:12 | 000,002,465 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\inSSIDer 2.0.lnk
[2012-01-14 10:50:36 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012-01-14 10:47:58 | 012,410,880 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\Ad-Aware96Install.msi
[2012-01-07 22:11:56 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-01-03 20:38:44 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\fusioncache.dat
[2012-01-03 20:34:54 | 000,006,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\Tbiosdrv.sys
[2012-01-03 20:34:50 | 000,000,037 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2012-01-03 20:34:44 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006-01-19 16:40:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006-01-18 14:28:02 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006-01-18 14:28:02 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006-01-18 14:28:02 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006-01-18 14:28:02 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006-01-18 14:28:02 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006-01-18 14:28:02 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006-01-18 07:34:09 | 000,012,060 | ---- | C] () -- C:\WINDOWS\HWSetupStr.ini
[2006-01-18 07:34:09 | 000,002,226 | R--- | C] () -- C:\WINDOWS\SVPW32Str.ini
[2006-01-18 06:23:57 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006-01-18 06:22:57 | 000,134,872 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006-01-18 06:07:12 | 000,028,672 | ---- | C] () -- C:\WINDOWS\WHideCmd.exe
[2006-01-18 06:06:23 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2006-01-18 06:06:23 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2006-01-18 06:06:23 | 000,009,378 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2006-01-18 06:06:23 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2006-01-18 06:04:16 | 000,553,636 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2006-01-18 06:04:16 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2006-01-18 06:04:16 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2006-01-18 06:04:15 | 000,094,952 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2006-01-18 06:04:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006-01-18 06:03:59 | 000,482,174 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006-01-18 06:03:59 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006-01-18 06:03:59 | 000,080,056 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006-01-18 06:03:59 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006-01-18 06:03:57 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006-01-18 06:03:57 | 000,004,688 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006-01-18 06:03:56 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006-01-18 06:03:51 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006-01-18 06:03:51 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006-01-18 06:03:45 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006-01-18 06:03:39 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006-01-18 05:56:34 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006-01-18 05:52:58 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006-01-18 05:50:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2006-01-18 05:50:36 | 000,022,529 | ---- | C] () -- C:\WINDOWS\System32\ortag32.dll
[2006-01-18 05:36:37 | 000,002,368 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006-01-18 05:35:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006-01-18 05:33:29 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006-01-18 05:33:27 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-01-18 05:33:27 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-01-18 05:33:26 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-01-18 05:33:24 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-01-18 05:33:24 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006-01-18 05:33:24 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-01-18 05:33:21 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006-01-18 05:33:21 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006-01-18 05:33:20 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006-01-18 05:29:54 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005-12-16 12:35:12 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
[2005-12-08 14:56:50 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\tsbwls.dll
[2005-11-28 16:33:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

========== LOP Check ==========

[2012-01-04 19:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\ElevatedDiagnostics
[2012-02-09 19:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\GetRightToGo
[2012-01-07 11:20:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\OpenOffice.org
[2012-01-14 13:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\toshiba
[2012-01-14 10:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\WinPatrol
[2012-01-04 23:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012-01-03 23:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CPA_VA
[2006-01-18 07:17:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\toshiba
[2012-02-11 15:52:42 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========



========== Custom Scans ==========


< :OTL >

< O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. >

< O3 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. >

< O3 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. >

< O4 - HKLM..\Run: [CFSServ.exe] CFSServ.exe -NoClient File not found >

< >

< :Commands >

< [purity] >

< [emptytemp] >

< [emptyjava] >

< [emptyflash] >

< [Reboot] >

< End of report >

Security Check scan as requested:

Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
avast! Free Antivirus
COMODO Internet Security
```````````````````````````````
Anti-malware/Other Utilities Check:
Ad-Aware
Spybot - Search & Destroy
SUPERAntiSpyware
CCleaner
Adobe Reader X (10.1.2)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
Comodo Firewall cmdagent.exe
Emsisoft Anti-Malware a2service.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastUI.exe
``````````End of Log````````````

FSS Scan as requested:

Farbar Service Scanner Version: 10-02-2012
Ran by Toshiba (administrator) on 11-02-2012 at 19:23:39
Running from "C:\Documents and Settings\Toshiba\Bureau"
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================

ESET online scan is in progress

I will post results when finished.

Oh sorry, I must have misread that part, I will redo the scan indeed after E-set, no problem.

E-Set Online scanner came out without infections - No log.

I'll redo OTL.

OTL redone with "fix" and custom elements requested... Here is the log.

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_USERS\S-1-5-21-2094576669-3068703796-1105417404-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.
Registry value HKEY_USERS\S-1-5-21-2094576669-3068703796-1105417404-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CFSServ.exe deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 602 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Toshiba
->Temp folder emptied: 74719 bytes
->Temporary Internet Files folder emptied: 47539350 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 558 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 43928 bytes
RecycleBin emptied: 113 bytes

Total Files Cleaned = 46,00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Toshiba
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Toshiba
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 02112012_224727

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Hello here is the requested log from step 1.

I will complete other steps.

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Toshiba
->Temp folder emptied: 17241 bytes
->Temporary Internet Files folder emptied: 4452877 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 4,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Toshiba
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Toshiba
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.31.0 log created on 02112012_232348

Files\Folders moved on Reboot...
C:\Documents and Settings\Toshiba\Local Settings\Temporary Internet Files\Content.IE5\OK4ZFKXY\partner[2].htm moved successfully.
C:\Documents and Settings\Toshiba\Local Settings\Temporary Internet Files\Content.IE5\OK4ZFKXY\search[1].htm moved successfully.
C:\Documents and Settings\Toshiba\Local Settings\Temporary Internet Files\Content.IE5\OK4ZFKXY\showthread[1].php moved successfully.
C:\Documents and Settings\Toshiba\Local Settings\Temporary Internet Files\Content.IE5\5YF1S1BT\partner[1].htm moved successfully.
C:\Documents and Settings\Toshiba\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...

Thank you !

I believe everything is complete now.

Thank you very much for your help, I deeply deeply appreciate the advice you have given me. My computer seems much more healthy now.

Just for my own interest: what virus / rootkit / other did I have? One or two? Lots?