zebb_17

Membres

Afficher le profil Afficher son activité

Compteur de contenus
114
Inscription
le 12 mai 2005
Dernière visite
le 15 juillet 2012

Contact Methods

Website URL
http://
ICQ
0

Profile Information

Sexe
Female

zebb_17's Achievements

Power Member (5/12)

Réputation sur la communauté

Carte graphique PC portable

zebb_17 a répondu à un(e) sujet de zebb_17 dans Hardware

Bonjour, c'est noté! Mais avant de marquer ce sujet comme résolu, j'attends de voir si d'autres avis peuvent être donnés...
- le 12 juillet 2012
- 5 réponses
Carte graphique PC portable

zebb_17 a répondu à un(e) sujet de zebb_17 dans Hardware

Bonsoir Merci pour le renseignement! J'ai acheté un autre PC, mais c'était pour savoir si ça pouvait faire un PC de "dépannage" pour quelqu'un qui en n'a plus... et à quel coût... Je crois donc que c'est mort...
- le 11 juillet 2012
- 5 réponses
Carte graphique PC portable

zebb_17 a répondu à un(e) sujet de zebb_17 dans Hardware

Personne pour me renseigner ?
- le 10 juillet 2012
- 5 réponses
Carte graphique PC portable

zebb_17 a posté un sujet dans Hardware

Bonsoir, j'ai mon ancien PC portable dont la carte graphique est HS Pc HP pavillon dv6620 J'aurai aimé savoir s'il était possible de la changer sur un portable et si non, s'il existe des cartes graphiques externes? car là, écran noir et les bips au démarrage m'indiquent que c'est la carte graphique qui est morte (j'ai quand même essayé de branché un écran pour être sûre et c'est pareil... écran noir) Merci d'avance pour vos réponses.
- le 8 juillet 2012
- 5 réponses
[Résolu] Problème disque dur externe

zebb_17 a répondu à un(e) sujet de zebb_17 dans Software

Bonjour et merci pour la réponse. J'ai alloué la lettre d'origine à chaque partition et cela a fonctionné. Merci beaucoup
- le 27 juillet 2011
- 4 réponses
[Résolu] Problème disque dur externe

zebb_17 a répondu à un(e) sujet de zebb_17 dans Software

Personne a une petite idée?
- le 27 juillet 2011
- 4 réponses
[Résolu] Problème disque dur externe

zebb_17 a posté un sujet dans Software

Bonjour, je viens vers vous car j'ai un soucis depuis quelques temps avec mon DD externe Iomega. Lorsque je le branche sur mon pc portable sous seven il est reconnu dans la barre des taches mais impossible de l'ouvrir, il ne se lance pas et n'est pas dispo dans le poste de travail. Je n'avais jamais eu de soucis auparavant. Par contre il se lance sur d'autre PC (sous xp) Le disque a 2 partitions dont une en WBFS. Quand je vais dans Gestion d'ordinateur et Gestion du disque il apparaît mais sans lettre allouée... J'ai besoin de formater mon pc et du coup je ne peux rien sauvegarder donc problème. Et j'ai des dossiers sur le dd externe que j'ai besoin d'utiliser... Merci d'avance pour votre aide.
- le 26 juillet 2011
- 4 réponses
Problème son PC et casque

zebb_17 a répondu à un(e) sujet de zebb_17 dans Hardware

Bonjour, merci pour ta réponse. Tout ça est déjà fait; les pilotes sont à jour et le micro casque déjà par défaut.
- le 7 juin 2011
- 3 réponses
Problème son PC et casque

zebb_17 a posté un sujet dans Hardware

Bonjour, je vais essayer d'être claire dans l'explication de mon problème... Je suis sous seven 32, pc portable HP J'ai un micro casque usb logitech; quand je le branche sur le pc il fonctionne parfaitement avec toutes les applications (skype...) sauf une! En effet, jouant un peu à Second life, quand je désire passer en chat vocal sur le jeu j'ai un soucis: j'ai tous les son du jeu dans le casque mais j'entends les personnes avec qui je parle sur es enceintes du pc. J'ai vu dans le mélangeur que l'application second life est présente pour le casque et pour les haut parleur. J'ai ce problème depuis hier, avant cela fonctionnait parfaitement alors que je n'ai rien changé. Le micro fonctionne très bien par contre. Dans les paramètres audios du jeu je n'ai pas de choix pour la sortie audio, il me propose juste mes enceintes pc... mais ca n'avait jamais posé problème avant hier. Si quelq'un a une idée elle serait la bienvenue car là j'ai tout essayé en vain. Merci d'avance.
- le 3 juin 2011
- 3 réponses
Rapport HijackThis

zebb_17 a répondu à un(e) sujet de zebb_17 dans Analyses et éradication malwares

Bonjour, comme promis je repasse donner des nouvelles du PC; ça à l'air d'aller, il chauffe pas mal mais bon, ça reste un portable... Merci pour ton aide
- le 4 février 2011
- 6 réponses
Rapport HijackThis

zebb_17 a répondu à un(e) sujet de zebb_17 dans Analyses et éradication malwares

Bonsoir et merci pour ta réponse, voici le rapport: Je reviendrai dire s'il y a une amélioration. All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully. C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. Registry value HKEY_USERS\S-1-5-21-1927437801-3944909697-2610780679-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: GÃ©raldine User: Géraldine ->Temp folder emptied: 29026 bytes ->Temporary Internet Files folder emptied: 109447 bytes ->Java cache emptied: 366479 bytes ->FireFox cache emptied: 97475574 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 4941 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 608 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 93,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: GÃ©raldine User: Géraldine ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.20.6 log created on 02032011_010856 Files\Folders moved on Reboot... Registry entries deleted on Reboot...
- le 3 février 2011
- 6 réponses
Rapport HijackThis

zebb_17 a répondu à un(e) sujet de zebb_17 dans Analyses et éradication malwares

Bonsoir, merci pour ta réponse; voici les deux rapports demandés: OTL logfile created on: 01/02/2011 21:41:22 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Géraldine\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 141,58 Gb Total Space | 57,47 Gb Free Space | 40,59% Space Free | Partition Type: NTFS Drive D: | 7,46 Gb Total Space | 2,31 Gb Free Space | 30,96% Space Free | Partition Type: NTFS Computer Name: GÉRALDINE-PC | User Name: Géraldine | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Géraldine\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation) PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation) PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Program Files\Samsung\FW LiveUpdate\FWManager.exe ( ) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe (InterVideo Inc.) PRC - C:\TeamScripT4\mirc.exe (mIRC Co. Ltd.) ========== Modules (SafeList) ========== MOD - C:\Users\Géraldine\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation) MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation) MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (IAStorDataMgrSvc) Intel® -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (EvtEng) Intel® -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation) SRV - (RegSrvc) Intel® -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation) SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) Programme d’installation ActiveX (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (Capture Device Service) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe (InterVideo Inc.) ========== Driver Services (SafeList) ========== DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (NETwLv32) Pilote de carte de la série Intel® -- C:\Windows\System32\drivers\NETwLv32.sys (Intel Corporation) DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft) DRV - (DrvAgent32) -- C:\Windows\System32\drivers\DrvAgent32.sys (Phoenix Technologies) DRV - (cpuidlep) -- C:\Windows\System32\drivers\cpuidlep.sys () DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek ) DRV - (netw5v32) Pilote de carte de la série Intel® -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated) DRV - (ssm_mdm) -- C:\Windows\System32\drivers\ssm_mdm.sys (MCCI Corporation) DRV - (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) -- C:\Windows\System32\drivers\ssm_bus.sys (MCCI Corporation) DRV - (ssm_mdfl) -- C:\Windows\System32\drivers\ssm_mdfl.sys (MCCI Corporation) DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (usbaudio) Pilote USB audio (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.) DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (btnetBUs) -- C:\Windows\System32\drivers\btnetBus.sys () DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (BtHidBus) -- C:\Windows\System32\Drivers\BtHidBus.sys (IVT Corporation.) DRV - (IvtBtBUs) -- C:\Windows\System32\drivers\IvtBtBus.sys (IVT Corporation.) DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Windows ® 2000 DDK provider) DRV - (giveio) -- C:\Windows\system32\giveio.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1C AB F8 C8 D1 42 CB 01 [binary data] IE - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1 FF - prefs.js..extensions.enabledItems: [email protected]:0.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: multilinks@plugin:2.0.0.17 FF - prefs.js..extensions.enabledItems: {5CEFD22F-9A9E-4544-9BFC-C4F2FBCA87D6}:1.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0 FF - prefs.js..network.proxy.backup.ftp: "localhost" FF - prefs.js..network.proxy.backup.ftp_port: 9666 FF - prefs.js..network.proxy.backup.gopher: "localhost" FF - prefs.js..network.proxy.backup.gopher_port: 9666 FF - prefs.js..network.proxy.backup.socks: "localhost" FF - prefs.js..network.proxy.backup.socks_port: 9666 FF - prefs.js..network.proxy.backup.ssl: "localhost" FF - prefs.js..network.proxy.backup.ssl_port: 9666 FF - prefs.js..network.proxy.http: "localhost" FF - prefs.js..network.proxy.http_port: 9666 FF - prefs.js..network.proxy.socks: "localhost" FF - prefs.js..network.proxy.socks_port: 9050 FF - prefs.js..network.proxy.socks_remote_dns: true FF - prefs.js..network.proxy.ssl: "localhost" FF - prefs.js..network.proxy.ssl_port: 9666 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/08 23:36:19 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/08 23:36:18 | 000,000,000 | ---D | M] [2010/12/04 20:18:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Extensions [2010/08/24 13:39:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Extensions\[email protected] [2010/12/04 20:18:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Extensions\MediaCoder [2011/02/01 21:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Firefox\Profiles\u5jmeubz.default\extensions [2011/01/17 13:03:09 | 000,000,000 | ---D | M] ("UltraSurf Firefox Tool") -- C:\Users\Géraldine\AppData\Roaming\mozilla\Firefox\Profiles\u5jmeubz.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} [2010/10/23 14:54:01 | 000,000,000 | ---D | M] (KOLOBOK Smiles) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Firefox\Profiles\u5jmeubz.default\extensions\{5CEFD22F-9A9E-4544-9BFC-C4F2FBCA87D6} [2010/12/24 00:21:44 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Firefox\Profiles\u5jmeubz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011/01/27 01:45:26 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Firefox\Profiles\u5jmeubz.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010/09/01 16:02:21 | 000,000,000 | ---D | M] (Mega-Debrid plugin) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Firefox\Profiles\u5jmeubz.default\extensions\[email protected] [2010/10/17 10:08:32 | 000,000,000 | ---D | M] (Multi Links) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Firefox\Profiles\u5jmeubz.default\extensions\multilinks@plugin [2011/02/01 21:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010/12/05 23:02:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/12/05 23:02:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010/12/21 11:12:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} File not found (No name found) -- C:\USERS\GÃ©RALDINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\U5JMEUBZ.DEFAULT\EXTENSIONS\{5B52016C-D097-4AEC-BE61-9F129D8FDDBA} File not found (No name found) -- C:\USERS\GÃ©RALDINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\U5JMEUBZ.DEFAULT\EXTENSIONS\{5CEFD22F-9A9E-4544-9BFC-C4F2FBCA87D6} File not found (No name found) -- C:\USERS\GÃ©RALDINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\U5JMEUBZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D} File not found (No name found) -- C:\USERS\GÃ©RALDINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\U5JMEUBZ.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781} File not found (No name found) -- C:\USERS\GÃ©RALDINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\U5JMEUBZ.DEFAULT\EXTENSIONS\[email protected] File not found (No name found) -- C:\USERS\GÃ©RALDINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\U5JMEUBZ.DEFAULT\EXTENSIONS\MULTILINKS@PLUGIN [2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010/12/11 18:03:26 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/12/11 18:03:26 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/12/11 18:03:26 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2010/12/11 18:03:27 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/12/11 18:03:27 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [Name of App] C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe ( ) O4 - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001..\Run: [F.lux] C:\Users\Géraldine\Local Settings\Apps\F.lux\flux.exe () O4 - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2005/09/11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ] O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation) NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation) SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation) SafeBootMin: Primary disk - Driver Group SafeBootMin: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: Dhcp - C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: ndiscap - C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation) SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe" ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {AA60F483-BB49-4141-0CB3-C13CBDF648C4} - Browser Customizations ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker 2.6 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm () Drivers32: msacm.avis - C:\Windows\System32\ff_acm.acm () Drivers32: msacm.divxa32 - C:\Windows\System32\DivXa32.acm (Hacked With Joy !) Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\Windows\System32\LameACM.acm (http://www.mp3dev.org/) Drivers32: msacm.mpegacm - C:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.) Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems) Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll () Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org) Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll () Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation) NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation) ========== Files/Folders - Created Within 30 Days ========== [2011/02/01 21:39:07 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Géraldine\Desktop\OTL.exe [2011/01/17 02:49:26 | 000,000,000 | ---D | C] -- C:\Users\Géraldine\Documents\ultrasurf [2011/01/14 12:48:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com [2011/01/12 12:40:37 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2011/01/12 12:40:30 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2011/01/12 12:40:30 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011/01/12 12:40:30 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll [2011/01/12 12:40:30 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2011/01/12 12:40:29 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2011/01/12 12:40:29 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2011/01/12 12:40:28 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll [2011/01/12 12:40:28 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2011/01/12 12:40:28 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys [2011/01/12 12:40:28 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2011/01/12 12:40:28 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2011/01/12 12:40:27 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2011/01/09 13:38:24 | 000,000,000 | ---D | C] -- C:\FreudUsers [2011/01/09 13:31:11 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2011/01/09 13:31:11 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2011/01/09 13:31:11 | 010,466,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2011/01/09 13:31:11 | 004,941,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2011/01/09 13:31:11 | 002,895,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2011/01/09 13:31:11 | 002,251,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2011/01/09 13:31:11 | 000,941,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll [2011/01/09 13:31:11 | 000,837,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll [2011/01/09 13:31:11 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011/01/09 13:31:11 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2011/01/09 00:52:44 | 000,000,000 | ---D | C] -- C:\Users\Géraldine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux [2011/01/09 00:52:42 | 000,000,000 | ---D | C] -- C:\Users\Géraldine\AppData\Local\Apps [2011/01/08 23:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011/01/08 23:35:39 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2011/01/08 23:35:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2011/01/08 23:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2011/01/08 23:34:24 | 000,000,000 | ---D | C] -- C:\Users\Géraldine\AppData\Local\Apple [2011/01/08 23:34:20 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2011/01/08 23:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2011/01/07 00:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn [2011/01/07 00:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn ========== Files - Modified Within 30 Days ========== [2011/02/01 21:39:12 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Géraldine\Desktop\OTL.exe [2011/02/01 21:33:15 | 000,155,219 | ---- | M] () -- C:\Users\Géraldine\Desktop\bubbles.jpg [2011/02/01 17:05:28 | 000,000,435 | ---- | M] () -- C:\Users\Géraldine\AppData\Roaming\SamsungLiveUpdateConfig.ini [2011/02/01 17:05:14 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2011/02/01 17:05:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/02/01 17:04:59 | 1609,375,744 | -HS- | M] () -- C:\hiberfil.sys [2011/02/01 16:56:34 | 001,830,472 | ---- | M] () -- C:\Users\Géraldine\Desktop\tournois.pdf [2011/01/29 11:53:30 | 000,000,600 | ---- | M] () -- C:\Users\Géraldine\PUTTY.RND [2011/01/28 02:29:53 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/01/28 02:29:53 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/01/26 11:27:56 | 000,704,480 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/01/26 11:27:56 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/01/26 11:27:56 | 000,130,754 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/01/26 11:27:56 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/01/14 16:09:19 | 000,015,872 | ---- | M] () -- C:\Users\Géraldine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/01/09 20:58:01 | 000,001,409 | ---- | M] () -- C:\Windows\System32\tmpECA4F.FOT [2011/01/09 20:58:01 | 000,001,409 | ---- | M] () -- C:\Windows\System32\tmp7CB4F.FOT [2011/01/09 20:58:01 | 000,001,409 | ---- | M] () -- C:\Windows\System32\tmp0EC4F.FOT [2011/01/09 03:20:04 | 686,630,912 | ---- | M] () -- C:\Users\Géraldine\Desktop\Le psy c'est vous cas n°2.ISO [2011/01/09 03:05:44 | 732,606,464 | ---- | M] () -- C:\Users\Géraldine\Desktop\Le psy c'est vous cas n°1.ISO [2011/01/08 23:36:02 | 000,001,775 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011/01/07 00:13:53 | 000,000,863 | ---- | M] () -- C:\Users\Géraldine\Desktop\ImgBurn.lnk ========== Files Created - No Company Name ========== [2011/02/01 16:56:34 | 001,830,472 | ---- | C] () -- C:\Users\Géraldine\Desktop\tournois.pdf [2011/01/17 22:34:32 | 000,155,219 | ---- | C] () -- C:\Users\Géraldine\Desktop\bubbles.jpg [2011/01/17 02:50:37 | 000,000,600 | ---- | C] () -- C:\Users\Géraldine\PUTTY.RND [2011/01/09 20:58:01 | 000,001,409 | ---- | C] () -- C:\Windows\System32\tmpECA4F.FOT [2011/01/09 20:58:01 | 000,001,409 | ---- | C] () -- C:\Windows\System32\tmp7CB4F.FOT [2011/01/09 20:58:01 | 000,001,409 | ---- | C] () -- C:\Windows\System32\tmp0EC4F.FOT [2011/01/09 03:06:44 | 686,630,912 | ---- | C] () -- C:\Users\Géraldine\Desktop\Le psy c'est vous cas n°2.ISO [2011/01/09 02:50:28 | 732,606,464 | ---- | C] () -- C:\Users\Géraldine\Desktop\Le psy c'est vous cas n°1.ISO [2011/01/08 23:36:02 | 000,001,775 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011/01/08 23:34:21 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2011/01/07 00:13:53 | 000,000,863 | ---- | C] () -- C:\Users\Géraldine\Desktop\ImgBurn.lnk [2011/01/02 20:04:39 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010/12/31 13:39:41 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2010/12/31 13:07:39 | 000,262,123 | ---- | C] () -- C:\Users\Géraldine\AppData\Roaming\Error.log [2010/12/31 10:18:13 | 000,000,435 | ---- | C] () -- C:\Users\Géraldine\AppData\Roaming\SamsungLiveUpdateConfig.ini [2010/12/04 20:10:51 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2010/12/04 16:17:14 | 000,008,472 | ---- | C] () -- C:\Users\Géraldine\AppData\Roaming\PStrip.bko [2010/12/04 11:00:45 | 000,008,495 | ---- | C] () -- C:\Users\Géraldine\AppData\Roaming\PStrip.bk! [2010/12/04 11:00:39 | 000,008,472 | ---- | C] () -- C:\Users\Géraldine\AppData\Roaming\PStrip.bak [2010/12/03 18:16:29 | 000,008,495 | ---- | C] () -- C:\Users\Géraldine\AppData\Roaming\PStrip.ini [2010/10/24 13:16:52 | 000,000,128 | ---- | C] () -- C:\Windows\ulead32.ini [2010/10/24 13:16:08 | 000,015,872 | ---- | C] () -- C:\Users\Géraldine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/10/21 20:43:15 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2010/10/21 20:43:15 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2010/09/29 12:45:57 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2010/08/26 15:13:54 | 000,004,484 | ---- | C] () -- C:\Windows\System32\drivers\cpuidlep.sys [2010/08/24 13:18:57 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2010/08/24 12:54:46 | 000,000,017 | ---- | C] () -- C:\Users\Géraldine\AppData\Local\resmon.resmoncfg [2010/08/24 12:24:52 | 000,210,456 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll [2010/08/24 12:24:52 | 000,206,360 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll [2010/08/24 12:24:52 | 000,198,168 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll [2010/08/24 12:24:52 | 000,198,168 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll [2010/08/24 12:24:52 | 000,194,072 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll [2010/08/24 12:24:52 | 000,026,136 | ---- | C] () -- C:\Windows\System32\IVIresize.dll [2010/08/23 22:40:37 | 000,058,792 | ---- | C] () -- C:\Windows\System32\wbload.dll [2010/06/23 11:35:52 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010/06/23 11:35:52 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010/04/25 02:33:48 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009/08/16 09:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009/07/14 01:55:09 | 000,587,776 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2008/12/07 11:44:54 | 000,030,088 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys [2008/09/19 22:57:34 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2007/10/25 16:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2007/02/05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2005/02/05 20:46:00 | 000,004,608 | ---- | C] () -- C:\Windows\fgexec.dll [2003/09/16 16:52:28 | 000,147,456 | ---- | C] () -- C:\Windows\System32\vorbis.dll [2003/09/16 16:43:31 | 000,884,736 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll [2003/09/16 16:41:43 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll [1999/01/22 19:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL [1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys ========== LOP Check ========== [2010/08/26 15:27:51 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\BatteryCare [2010/12/05 23:08:09 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Broad Intelligence [2011/01/02 20:12:02 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\DAEMON Tools Lite [2010/12/04 15:30:49 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\DeepBurner [2010/10/24 14:59:10 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\DVDVideoSoft [2010/12/28 17:08:58 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\FreeBurner [2010/10/24 15:04:00 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\GeoVid [2010/08/24 12:52:00 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\GlarySoft [2010/12/28 14:41:08 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\ImgBurn [2011/01/02 20:13:48 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Merscom [2010/12/29 18:12:39 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Mipony [2010/12/05 16:23:03 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\mkvtoolnix [2010/12/22 18:28:51 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\ooVoo Details [2010/12/22 18:27:54 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\oovooinstaller [2010/08/23 18:44:16 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Opera [2010/10/21 20:58:12 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\PC Suite [2010/12/05 23:02:25 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\QuickStoresToolbar [2010/12/22 18:26:03 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\QuteCom [2010/10/21 21:32:21 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Samsung [2010/09/17 14:43:09 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\SecondLife [2010/08/24 13:39:13 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\TomTom [2010/12/31 13:30:13 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Twan Wintjes [2010/10/28 12:39:19 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Tyre [2010/08/24 12:26:37 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Ulead Systems [2010/12/22 18:20:45 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\WengoPhone [2010/08/23 19:50:36 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Win7codecs [2010/10/29 11:39:41 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\X-Chat 2 [2011/02/01 17:05:14 | 000,000,320 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job [2011/01/01 17:38:37 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %systemroot%\system32\drivers\*.sys /lockedfiles > [2011/01/02 20:04:39 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011/02/01 21:33:18 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Adobe [2010/08/26 14:11:16 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Avira [2010/08/26 15:27:51 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\BatteryCare [2010/12/05 23:08:09 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Broad Intelligence [2011/01/02 20:12:02 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\DAEMON Tools Lite [2010/12/04 15:30:49 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\DeepBurner [2010/12/05 00:09:24 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\DivX [2010/10/24 14:59:10 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\DVDVideoSoft [2010/12/28 17:08:58 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\FreeBurner [2010/10/24 15:04:00 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\GeoVid [2010/08/24 12:52:00 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\GlarySoft [2010/08/23 15:43:03 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Identities [2010/12/28 14:41:08 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\ImgBurn [2010/08/23 16:30:36 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\InstallShield [2010/08/23 16:29:54 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Intel [2010/08/23 16:35:46 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Intel Corporation [2010/08/23 16:17:50 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Macromedia [2010/08/23 18:50:27 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Malwarebytes [2009/07/14 10:00:32 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Media Center Programs [2011/01/25 03:27:33 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Media Player Classic [2011/01/02 20:13:48 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Merscom [2011/01/01 14:26:35 | 000,000,000 | --SD | M] -- C:\Users\Géraldine\AppData\Roaming\Microsoft [2010/08/24 13:15:51 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Microsoft Web Folders [2010/12/29 18:12:39 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Mipony [2010/12/05 16:23:03 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\mkvtoolnix [2010/08/23 16:06:09 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Mozilla [2011/01/01 14:22:36 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Nero [2010/10/16 10:21:54 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\NVIDIA 3D Vision Video Player [2010/12/22 18:28:51 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\ooVoo Details [2010/12/22 18:27:54 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\oovooinstaller [2010/08/23 18:44:16 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Opera [2010/10/21 20:58:12 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\PC Suite [2010/12/05 23:02:25 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\QuickStoresToolbar [2010/12/22 18:26:03 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\QuteCom [2010/10/21 21:32:21 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Samsung [2010/09/17 14:43:09 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\SecondLife [2011/02/01 21:26:58 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Skype [2011/02/01 16:04:26 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\skypePM [2010/08/24 13:39:13 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\TomTom [2010/12/31 13:30:13 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Twan Wintjes [2010/10/28 12:39:19 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Tyre [2010/08/24 12:26:37 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Ulead Systems [2010/12/01 14:48:13 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\vlc [2010/12/22 18:20:45 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\WengoPhone [2010/08/23 19:50:36 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Win7codecs [2010/08/23 20:11:04 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\WinRAR [2010/10/29 11:39:41 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\X-Chat 2 < %APPDATA%\*.exe /s > [2006/12/01 09:13:48 | 000,040,960 | ---- | M] () -- C:\Users\Géraldine\AppData\Roaming\Tyre\appstop.exe < %SYSTEMDRIVE%\*.exe > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys < MD5 for: ATAPI.SYS > [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys < MD5 for: CDROM.SYS > [2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys [2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys [2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys < MD5 for: CNGAUDIT.DLL > [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: DISK.SYS > [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys < MD5 for: EXPLORER.EXE > [2009/11/13 16:04:59 | 002,951,168 | ---- | M] (Microsoft Corporation) MD5=0371A06EF950BCDFC8A78E7B571869B3 -- C:\Users\Géraldine\Documents\Thèmes\Dynamic_Black_____by_DjabyTown\Dynamic Black\System Files\RTM\x86 (32-bit)\Big Taskbar\explorer.exe [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2009/11/10 15:15:21 | 003,206,144 | ---- | M] (Microsoft Corporation) MD5=2BB457EDBA37215C7EBC0057674A5E48 -- C:\Users\Géraldine\Documents\Thèmes\Dynamic_Black_____by_DjabyTown\Dynamic Black\System Files\RTM\x64 (64-bit)\explorer.exe [2009/11/13 16:04:42 | 002,951,168 | ---- | M] (Microsoft Corporation) MD5=554EF8D42873217844CB12E433B6066A -- C:\Users\Géraldine\Documents\Thèmes\Dynamic_Black_____by_DjabyTown\Dynamic Black\System Files\RTM\x86 (32-bit)\explorer.exe [2009/10/31 06:45:39 | 002,131,456 | ---- | M] (Microsoft Corporation) MD5=5EFFF5789BC55EDDC0885DE3BE96F232 -- C:\Windows\explorer.exe [2009/11/10 15:21:11 | 003,206,144 | ---- | M] (Microsoft Corporation) MD5=66C7686E9779056F3A0B83996B4A3A11 -- C:\Users\Géraldine\Documents\Thèmes\Dynamic_Black_____by_DjabyTown\Dynamic Black\System Files\RTM\x64 (64-bit)\big taskbar\explorer.exe [2010/02/23 15:48:17 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=91329F5339F3943E35FBBF5F934F077C -- C:\Users\Géraldine\Documents\Thèmes\ProjectX 2 port to Windows 7\Orb_NeoN_v2_by_Oxygendelta\explorer.exe [2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe [2010/02/05 21:31:56 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1D20B79F600E89F3D29EA3528719013 -- C:\Users\Géraldine\Documents\Thèmes\ProjectX 2 port to Windows 7\system files\explorer.exe < MD5 for: IASTOR.SYS > [2010/11/05 23:39:18 | 000,354,840 | ---- | M] (Intel Corporation) MD5=F4037A3FEDB92DD97C95F320766EA5C9 -- C:\Windows\System32\drivers\iaStor.sys [2010/11/05 23:39:18 | 000,354,840 | ---- | M] (Intel Corporation) MD5=F4037A3FEDB92DD97C95F320766EA5C9 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_c1d4bb208009ee37\iaStor.sys < MD5 for: IASTORV.SYS > [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys < MD5 for: NDIS.SYS > [2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys [2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys < MD5 for: NETLOGON.DLL > [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: RASACD.SYS > [2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\System32\drivers\rasacd.sys [2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_0fb054d9c6a6b4d4\rasacd.sys < MD5 for: RDPWD.SYS > [2009/07/14 01:01:55 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=801371BA9782282892D00AADB08EE367 -- C:\Windows\System32\drivers\rdpwd.sys [2009/07/14 01:01:55 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=801371BA9782282892D00AADB08EE367 -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_4b4bde6b36561dcb\rdpwd.sys < MD5 for: SCECLI.DLL > [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll < MD5 for: SFLOPPY.SYS > [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\drivers\sfloppy.sys [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_x86_neutral_2102f5344367a352\sfloppy.sys [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_e6e06650dbcf54b4\sfloppy.sys < MD5 for: TCPIP.SYS > [2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys [2010/06/14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys [2010/06/14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\System32\drivers\tcpip.sys [2010/06/14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys < MD5 for: TDPIPE.SYS > [2009/07/14 01:01:37 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1875C1490D99E70E449E3AFAE9FCBADF -- C:\Windows\System32\drivers\tdpipe.sys [2009/07/14 01:01:37 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1875C1490D99E70E449E3AFAE9FCBADF -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_db828d8fa60ad848\tdpipe.sys < MD5 for: TDTCP.SYS > [2009/07/14 01:01:37 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=7551E91EA999EE9A8E9C331D5A9C31F3 -- C:\Windows\System32\drivers\tdtcp.sys [2009/07/14 01:01:37 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=7551E91EA999EE9A8E9C331D5A9C31F3 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_db828d8fa60ad848\tdtcp.sys < MD5 for: USBPRINT.SYS > [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\drivers\usbprint.sys [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_x86_neutral_203e16627752a160\usbprint.sys [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_32d0188e22bd908f\usbprint.sys < MD5 for: USBSCAN.SYS > [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\System32\drivers\usbscan.sys [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_x86_neutral_6a74c91c1f723826\usbscan.sys [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_59b5278c421a3644\usbscan.sys < MD5 for: USERINIT.EXE > [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WININIT.EXE > [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/07/14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll [2009/07/14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll [2010/11/04 06:48:18 | 000,185,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll [2009/07/14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\LocationApi.dll < %systemroot%\Tasks\*.job /lockedfiles > < End of report > OTL Extras logfile created on: 01/02/2011 21:41:22 - Run 1 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Géraldine\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 141,58 Gb Total Space | 57,47 Gb Free Space | 40,59% Space Free | Partition Type: NTFS Drive D: | 7,46 Gb Total Space | 2,31 Gb Free Space | 30,96% Space Free | Partition Type: NTFS Computer Name: GÉRALDINE-PC | User Name: Géraldine | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1927437801-3944909697-2610780679-1001\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Force Uninstall] -- C:\Program Files\Perfect Uninstaller\PU.exe "%1" () Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\xchat\xchat.exe" = C:\Program Files\xchat\xchat.exe:*:Enabled:XChat IRC Client ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional "{0004040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 CD-ROM 2 "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{11F5D779-7BD9-465A-BBC4-10701386BCB9}" = FW LiveUpdate "{1EE88B84-7BE5-4FB5-8DEA-B81D5409D62E}" = Opera 11.00 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0 "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java 6 Update 23 "{26DB09BC-6EB5-4CE0-A05D-D4DECE60E189}_is1" = Phoenix Viewer 1.5.0.168 "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4D83E500-4D0C-11DF-A750-005056C00008}" = Paragon Alignment Tool™ 2.0 Covermount (English) "{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5F194F8F-5DD1-4726-90DA-7A0B2BEBE842}}_is1" = Aneesoft HD Video Converter "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{61F25370-7465-4404-BE28-4629BF808699}" = LightScribe Applications "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{75ADEFA2-D4FF-4B37-9E93-4306E6AC176B}_is1" = ImgBurn 2.3.2.0 Fr "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver "{83258E90-1F76-4E13-9F60-A0F8ED41E76F}" = PC Connectivity Solution "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{93665FB0-2A3D-47E1-AB9A-1925130924BB}" = Ma-Config.com "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A10F672B-01C4-498F-ADBD-3E5B144284B7}_is1" = Tomtomax Maxi-Box V2.0.21 "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français "{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 266.35 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 266.35 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CCC4E428-411E-4605-B515-317D50ABD477}" = Ulead DVD MovieFactory 6 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D75AEB5B-FA18-4BD4-9EED-54CA46DB5AE8}" = Logiciel Intel® PROSet/Wireless WiFi "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F5CC2EF8-20A4-4366-A681-3FE849E65809}" = RICOH Media Driver "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center "{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo "{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}" = LightScribe System Software "504244733D18C8F63FF584AEB290E3904E791693" = Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "7-Zip" = 7-Zip 4.65 "AC3Filter" = AC3Filter (remove only) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "AviSynth" = AviSynth 2.5 "CCleaner" = CCleaner "CoreAAC Audio Decoder" = CoreAAC Audio Decoder (remove only) "DivX Setup.divx.com" = Configuration DivX "DIVXAudioCompressor4.02" = DivX Audio Compressor 4.02 "DriverAgent.exe" = DriverAgent by eSupport.com "DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders "EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v5.50 "ffdshow_is1" = ffdshow v1.1.3517 [2010-07-31] "Free Video to Flash Converter_is1" = Free Video to Flash Converter version 4.7.16 "Glary Utilities_is1" = Glary Utilities 2.28.0.1011 "HaaliMkx" = Haali Media Splitter "iCare Data Recovery_is1" = iCare Data Recovery 4.0 "InstallShield_{CCC4E428-411E-4605-B515-317D50ABD477}" = Ulead DVD MovieFactory 6 TBYB "JetBee_is1" = JetBee FREE 4.0.7 (build 324) "LameACM" = Lame ACM MP3 Codec "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "MiPony" = MiPony 1.2.0 "mIRC" = mIRC "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "Ncesoft Flip Book Maker_is1" = Ncesoft Flip Book Maker 2.3.1 "OggDS" = Direct Show Ogg Vorbis Filter (remove only) "Perfect Uninstaller_is1" = Perfect Uninstaller v6.3.3.5 "RealAlt_is1" = Real Alternative 1.9.0 "Satsuki Decoder Pack" = Satsuki Decoder Pack "SpeedFan" = SpeedFan (remove only) "SynTPDeinstKey" = Synaptics Pointing Device Driver "TeamScripT 4" = TeamScripT 4 "TomTom HOME" = TomTom HOME 2.7.6.2056 "Tyre_is1" = Tyre "Uninstall_is1" = Uninstall 1.0.0.1 "Unlocker" = Unlocker 1.9.0 "VidGIF_is1" = VidGIF "VLC media player" = VLC media player 1.1.5 "WBFS Manager 3.0" = WBFS Manager 3.0 "WinLiveSuite" = Windows Live "WinRAR archiver" = Logiciel d'archivage WinRAR "Wondershare DVD Slideshow Builder Deluxe_is1" = Wondershare DVD Slideshow Builder Deluxe(Build 6.0.0.22) "Wondershare Flash Gallery Factory Standard_is1" = Wondershare Flash Gallery Factory Standard 4.8.0.1 "Xvid_is1" = Xvid 1.2.1 VAQ final uninstall ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1927437801-3944909697-2610780679-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Flux" = F.lux ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 29/01/2011 20:22:19 | Computer Name = Géraldine-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante Skype.exe, version : 5.1.0.104, horodatage : 0x4d21d204 Nom du module défaillant : Skype.exe, version : 5.1.0.104, horodatage : 0x4d21d204 Code d’exception : 0xc0000005 Décalage d’erreur : 0x001a22c9 ID du processus défaillant : 0xf0c Heure de début de l’application défaillante : 0x01cbbfa0c3041b80 Chemin d’accès de l’application défaillante : C:\Program Files\Skype\Phone\Skype.exe Chemin d’accès du module défaillant: C:\Program Files\Skype\Phone\Skype.exe ID de rapport : ff7cf328-2c06-11e0-adf3-001b249a3db5 Error - 30/01/2011 06:48:23 | Computer Name = Géraldine-PC | Source = Winlogon | ID = 4103 Description = Échec de l’activation de la licence Windows. Erreur 0x80070005. Error - 30/01/2011 17:41:01 | Computer Name = Géraldine-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante mirc.exe, version : 6.1.6.0, horodatage : 0x40ec154b Nom du module défaillant : ntdll.dll, version : 6.1.7600.16559, horodatage : 0x4ba9b21e Code d’exception : 0xc0000005 Décalage d’erreur : 0x000555f3 ID du processus défaillant : 0x15d8 Heure de début de l’application défaillante : 0x01cbc0b6bf1d0362 Chemin d’accès de l’application défaillante : C:\TeamScripT4\mirc.exe Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll ID de rapport : a0f05df2-2cb9-11e0-b179-001b249a3db5 Error - 31/01/2011 07:01:20 | Computer Name = Géraldine-PC | Source = Winlogon | ID = 4103 Description = Échec de l’activation de la licence Windows. Erreur 0x80070005. Error - 31/01/2011 18:04:25 | Computer Name = Géraldine-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante mirc.exe, version : 6.1.6.0, horodatage : 0x40ec154b Nom du module défaillant : ntdll.dll, version : 6.1.7600.16559, horodatage : 0x4ba9b21e Code d’exception : 0xc0000005 Décalage d’erreur : 0x000555f3 ID du processus défaillant : 0xf14 Heure de début de l’application défaillante : 0x01cbc180e25b917b Chemin d’accès de l’application défaillante : C:\TeamScripT4\mirc.exe Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll ID de rapport : 103f92ef-2d86-11e0-b13b-001b249a3db5 Error - 01/02/2011 06:22:46 | Computer Name = Géraldine-PC | Source = Winlogon | ID = 4103 Description = Échec de l’activation de la licence Windows. Erreur 0x80070005. Error - 01/02/2011 09:42:30 | Computer Name = Géraldine-PC | Source = Winlogon | ID = 4103 Description = Échec de l’activation de la licence Windows. Erreur 0x80070005. Error - 01/02/2011 12:01:34 | Computer Name = Géraldine-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante Skype.exe, version : 5.1.0.104, horodatage : 0x4d21d204 Nom du module défaillant : Skype.exe, version : 5.1.0.104, horodatage : 0x4d21d204 Code d’exception : 0xc0000005 Décalage d’erreur : 0x001a22c9 ID du processus défaillant : 0xa10 Heure de début de l’application défaillante : 0x01cbc21d1c6cbbd4 Chemin d’accès de l’application défaillante : C:\Program Files\Skype\Phone\Skype.exe Chemin d’accès du module défaillant: C:\Program Files\Skype\Phone\Skype.exe ID de rapport : 8a8671cc-2e1c-11e0-a7f5-001b249a3db5 Error - 01/02/2011 12:03:14 | Computer Name = Géraldine-PC | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante Skype.exe, version : 5.1.0.104, horodatage : 0x4d21d204 Nom du module défaillant : Skype.exe, version : 5.1.0.104, horodatage : 0x4d21d204 Code d’exception : 0xc0000005 Décalage d’erreur : 0x001a22c9 ID du processus défaillant : 0x42c Heure de début de l’application défaillante : 0x01cbc2297f0b1478 Chemin d’accès de l’application défaillante : C:\Program Files\Skype\Phone\Skype.exe Chemin d’accès du module défaillant: C:\Program Files\Skype\Phone\Skype.exe ID de rapport : c61c7b83-2e1c-11e0-a7f5-001b249a3db5 Error - 01/02/2011 12:05:09 | Computer Name = Géraldine-PC | Source = Winlogon | ID = 4103 Description = Échec de l’activation de la licence Windows. Erreur 0x80070005. [ System Events ] Error - 01/01/2011 12:39:07 | Computer Name = Géraldine-PC | Source = nvlddmkm | ID = 11141134 Description = Error - 01/01/2011 14:03:36 | Computer Name = Géraldine-PC | Source = Service Control Manager | ID = 7034 Description = Le service InCD Helper s’est terminé de façon inattendue pour la 1ème fois. Error - 01/01/2011 15:10:18 | Computer Name = Géraldine-PC | Source = Service Control Manager | ID = 7034 Description = Le service LightScribeService Direct Disc Labeling Service s’est terminé de façon inattendue pour la 1ème fois. Error - 01/01/2011 15:10:24 | Computer Name = Géraldine-PC | Source = Service Control Manager | ID = 7034 Description = Le service Nero Update s’est terminé de façon inattendue pour la 1ème fois. Error - 01/01/2011 15:10:30 | Computer Name = Géraldine-PC | Source = Service Control Manager | ID = 7034 Description = Le service Nero Registry InCD Service s’est terminé de façon inattendue pour la 1ème fois. Error - 02/01/2011 07:17:12 | Computer Name = Géraldine-PC | Source = DCOM | ID = 10001 Description = Error - 03/01/2011 07:19:43 | Computer Name = Géraldine-PC | Source = DCOM | ID = 10001 Description = Error - 04/01/2011 06:57:39 | Computer Name = Géraldine-PC | Source = DCOM | ID = 10001 Description = Error - 04/01/2011 10:58:51 | Computer Name = Géraldine-PC | Source = volsnap | ID = 393252 Description = Les clichés instantanés du volume C: ont été annulés car le stockage du cliché instantané n’a pas pu s’agrandir en raison d’une limite utilisateur. Error - 05/01/2011 07:20:03 | Computer Name = Géraldine-PC | Source = DCOM | ID = 10001 Description = < End of report >
- le 1 février 2011
- 6 réponses
Rapport HijackThis

zebb_17 a posté un sujet dans Analyses et éradication malwares

Bonjour, j'ai un soucis avec mon Pc portable; il est très lent et je ne sais plus quoi faire, je suis au bord du formatage... J'ai fait une analyse MB sans aucun résultat et une analyse antivirus (antivir) sans aucun résultat non plus. Je poste un scan HijackThis, si quelqu'un peut m'aider svp. Merci d'avance. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:01:35, on 01/02/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Samsung\FW LiveUpdate\FWManager.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\Géraldine\Local Settings\Apps\F.lux\flux.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Géraldine\Documents\Logiciels\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [Name of App] C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe r O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [F.lux] "C:\Users\Géraldine\Local Settings\Apps\F.lux\flux.exe" /noshow O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 20925 bytes
- le 1 février 2011
- 6 réponses
PC lent et surchauffe

zebb_17 a répondu à un(e) sujet de zebb_17 dans Analyses et éradication malwares

Bonjour, merci pour ta reponse mais tout ca je le sais déjà Ventilo nettoyé et qui fonctionne... c'est un pc portable, j'ai en plus un plateau avec ventilo en dessous... POssible de me m'analyser le rapport Hijackthis plutot? Merci
- le 9 mai 2010
- 2 réponses
PC lent et surchauffe

zebb_17 a posté un sujet dans Analyses et éradication malwares

Bonjour, depuis quelques jours mon PC est lent et surchauffe (survenu brutalement); j'ai passé adaware et malwarebytes mais rien n'y fait. Je colle le rapport HijackThis, si qqn peut m'aider. (je tourne sous windows 7 intégrale) Merci d'avance Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:50:16, on 09/05/2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\RocketDock\RocketDock.exe C:\Users\Géraldine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Full glass.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Glary Utilities\memdefrag.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min/nosplash O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - Startup: Full glass.exe O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: ASO3DiskOptimizer - Systweak Inc. - C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\nlssrv32.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe -- End of file - 5872 bytes
- le 9 mai 2010
- 2 réponses

Connexion

zebb_17

Compteur de contenus

Inscription

Dernière visite

Contact Methods

Profile Information

zebb_17's Achievements

Power Member (5/12)

Réputation sur la communauté

Carte graphique PC portable

Carte graphique PC portable

Carte graphique PC portable

Carte graphique PC portable

[Résolu] Problème disque dur externe

[Résolu] Problème disque dur externe

[Résolu] Problème disque dur externe

Problème son PC et casque

Problème son PC et casque

Rapport HijackThis

Rapport HijackThis

Rapport HijackThis

Rapport HijackThis

PC lent et surchauffe

PC lent et surchauffe

Zebulon

Outils en ligne

Naviguer