Edwardounet

Bonjour, J'ai fait une mise à jour des drivers de ma carte graphique ce matin, j'ai ensuite relancé le PC et suis tombé sur le problème lié en pièce jointe. Je n'avais pas ce problème avant et le PC se lançait correctement sans passer par cet écran. Pour le reste, le PC fonctionne une fois F2 appuyé, juste cet écran au démarrage qui m'embête. Merci par avance pour votre aide. Cordialement.

Re, L'uac est activé et les maj auto aussi. Niveau antivirus/firewall, j'ai Eset Smart Security. En ce qui concerne le navigateur, j'utilise Chrome Sinon j'ai bien exécuté toutes les actions recommandées. Merci beaucoup pour le temps que tu m'as consacré.

Bonjour lance_yien, Oui je connais ces programmes, et je les utilises quotidiennement. Je vais les garder en démarrage automatique. Je n'ai toujours pas eu de problème avec la ram. Cdlt.

OTL logfile created on: 04/05/2011 10:49:35 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Edward\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 48,83 Gb Total Space | 16,70 Gb Free Space | 34,20% Space Free | Partition Type: NTFS Drive D: | 208,53 Gb Total Space | 45,86 Gb Free Space | 21,99% Space Free | Partition Type: NTFS Drive F: | 931,51 Gb Total Space | 769,50 Gb Free Space | 82,61% Space Free | Partition Type: NTFS Drive J: | 1863,01 Gb Total Space | 1051,47 Gb Free Space | 56,44% Space Free | Partition Type: NTFS Computer Name: EDWARD-PC | User Name: Edward | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/05/02 09:13:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.exe PRC - [2011/04/29 13:36:45 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011/03/27 22:11:04 | 007,642,112 | ---- | M] (FileZilla Project) -- C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe PRC - [2011/03/14 21:08:26 | 013,816,960 | ---- | M] (Winstep Software Technologies) -- C:\Program Files (x86)\Winstep\Nexus.exe PRC - [2011/02/11 18:26:22 | 000,377,344 | ---- | M] (Winstep Software Technologies) -- C:\Program Files (x86)\Winstep\WsxService.exe PRC - [2011/02/11 08:27:59 | 000,213,745 | ---- | M] () -- C:\Portable Program Files\Gridy\Gridy.exe PRC - [2010/04/07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2009/08/06 07:51:20 | 000,065,536 | R--- | M] () -- C:\Windows\SysWOW64\XSrvSetup.exe PRC - [2007/02/23 23:49:58 | 001,115,136 | ---- | M] () -- C:\Program Files (x86)\FastStone Capture\FSCapture.exe ========== Modules (SafeList) ========== MOD - [2011/05/02 09:13:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.exe MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011/01/27 00:55:36 | 000,203,776 | ---- | M] (AMD) [On_Demand | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011/01/26 19:01:28 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Disabled | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2010/11/23 17:21:12 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2010/06/17 06:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Disabled | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager) SRV:64bit: - [2010/04/07 21:10:42 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV:64bit: - [2010/04/07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011/04/29 13:36:45 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011/04/12 10:11:26 | 000,311,744 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files (x86)\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2011/02/11 18:26:22 | 000,377,344 | ---- | M] (Winstep Software Technologies) [Auto | Running] -- C:\Program Files (x86)\Winstep\WsxService.exe -- (Winstep Xtreme Service) SRV - [2010/11/23 17:24:50 | 001,974,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2010/11/23 17:21:02 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2010/04/23 05:39:00 | 000,136,616 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010/01/22 21:57:08 | 000,395,824 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2010/01/22 21:56:44 | 000,334,384 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2010/01/22 21:56:28 | 000,113,200 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService) SRV - [2010/01/22 21:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService) SRV - [2009/08/24 14:38:06 | 000,068,136 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service) SRV - [2009/08/06 07:51:20 | 000,065,536 | R--- | M] () [Auto | Running] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X) SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/01/27 01:37:20 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011/01/27 00:13:32 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011/01/13 04:17:30 | 000,122,624 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\zghsmdm.sys -- (zghsmdm) DRV:64bit: - [2010/12/29 03:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010/12/16 10:23:14 | 000,126,464 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse) DRV:64bit: - [2010/12/10 14:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010/12/10 14:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010/11/23 16:38:53 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2010/11/23 16:38:52 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2010/11/06 23:24:34 | 000,024,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter) DRV:64bit: - [2010/10/18 07:24:46 | 000,038,424 | ---- | M] (Google Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb) DRV:64bit: - [2010/05/17 08:35:12 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2010/05/09 23:29:02 | 000,145,936 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010/04/07 21:08:30 | 000,050,600 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:64bit: - [2010/04/07 21:08:28 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis) DRV:64bit: - [2010/04/07 21:08:26 | 000,169,592 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:64bit: - [2010/04/07 21:07:10 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:64bit: - [2010/04/07 21:03:52 | 000,163,888 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:64bit: - [2010/03/30 23:35:04 | 000,020,968 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz133_x64.sys -- (cpuz133) DRV:64bit: - [2010/03/09 12:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2010/01/22 21:58:22 | 000,068,656 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:64bit: - [2010/01/22 21:58:20 | 000,029,744 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd) DRV:64bit: - [2010/01/22 21:58:16 | 000,080,944 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:64bit: - [2010/01/22 21:58:16 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:64bit: - [2010/01/22 21:00:44 | 000,038,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:64bit: - [2010/01/22 17:12:58 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:64bit: - [2009/12/18 00:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2009/11/06 07:42:06 | 000,293,416 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx) DRV:64bit: - [2009/10/07 13:26:24 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009/08/09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:64bit: - [2009/07/17 20:52:00 | 000,201,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/05/05 04:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2009/04/28 03:03:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009/04/28 03:03:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2005/08/15 10:02:18 | 000,126,848 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P0620Vid.sys -- (P0620VID) DRV - [2011/04/25 13:19:02 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2010/10/07 12:34:32 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2010/08/30 12:19:54 | 000,015,872 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64) DRV - [2010/06/04 00:51:00 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv) DRV - [2010/06/04 00:50:44 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2010/04/23 05:38:48 | 000,052,352 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver2) DRV - [2010/02/01 04:27:24 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64) DRV - [2009/02/23 00:21:54 | 000,014,904 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys -- (AODDriver) DRV - [2008/02/15 16:30:48 | 000,015,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 4\LU4\Flashsys64.sys -- (FLASHSYS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mail.google.com/mail/?shva=1#inbox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 42 D3 B3 E6 D7 B6 CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/05/12 22:18:47 | 000,000,000 | ---D | M] [2010/05/19 20:15:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edward\AppData\Roaming\mozilla\Extensions [2011/03/16 00:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edward\AppData\Roaming\mozilla\Firefox\Profiles\v12zbrtz.default\extensions File not found (No name found) -- [2011/01/10 12:00:24 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX 4.0 BETA 7\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/03/28 11:58:43 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX 4.0 BETA 7\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} () (No name found) -- C:\USERS\EDWARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V12ZBRTZ.DEFAULT\EXTENSIONS\{40A1F5D7-AFC2-498F-B264-02668D616FF6}.XPI () (No name found) -- C:\USERS\EDWARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V12ZBRTZ.DEFAULT\EXTENSIONS\[email protected] O1 HOSTS File: ([2011/05/02 11:01:41 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKCU..\Run: [Nexus] C:\Program Files (x86)\Winstep\Nexus.exe (Winstep Software Technologies) O4 - Startup: C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk = C:\Program Files (x86)\FastStone Capture\FSCapture.exe () O4 - Startup: C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gridy.lnk = C:\Portable Program Files\Gridy\Gridy.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://service.futuremark.com/virtualmark/tc/FMSI.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab (Reg Error: Key error.) O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O27:64bit: - HKLM IFEO\acrord32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\steam.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\switchboard.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\acrord32.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" (TuneUp Software) O27 - HKLM IFEO\steam.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" (TuneUp Software) O27 - HKLM IFEO\switchboard.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" (TuneUp Software) O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/05/04 07:17:13 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{0D6F0B07-497C-4287-AC9D-6F0926ABAD2C} [2011/05/03 19:16:50 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{F4046E5C-A022-4D84-A004-002D0126E22C} [2011/05/03 15:57:06 | 000,000,000 | ---D | C] -- C:\Portable Program Files [2011/05/03 15:57:06 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gridy [2011/05/03 12:11:45 | 000,000,000 | ---D | C] -- C:\Windows\temp [2011/05/03 10:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winstep [2011/05/03 10:05:56 | 001,347,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvbvm50.dll [2011/05/03 10:05:56 | 000,798,208 | ---- | C] (Winstep Software Technologies) -- C:\Windows\SysWow64\NextControls.ocx [2011/05/03 10:05:56 | 000,608,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comctl32.ocx [2011/05/03 10:05:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Winstep [2011/05/03 10:05:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winstep [2011/05/03 09:18:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\W7NBC [2011/05/03 08:52:25 | 000,000,000 | ---D | C] -- C:\Users\Edward\Desktop\26326-ToYcon [2011/05/03 07:49:11 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.backup.exe [2011/05/03 07:39:11 | 000,000,000 | ---D | C] -- C:\Windows\W7SOC [2011/05/03 07:29:15 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\replacer [2011/05/03 07:16:16 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{9C882DE8-C686-4B2B-A1A8-96464B48D64E} [2011/05/02 18:08:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2011/05/02 17:48:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{4A9C9FA3-325E-42E3-8C30-911972349F72} [2011/05/02 15:33:02 | 000,521,448 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll [2011/05/02 15:33:02 | 000,189,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe [2011/05/02 15:33:02 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe [2011/05/02 15:33:02 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe [2011/05/02 15:32:57 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2011/05/02 15:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011/05/02 15:32:20 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011/05/02 15:32:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011/05/02 15:32:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011/05/02 13:42:01 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\RadeonPro Benchmarks [2011/05/02 11:07:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2011/05/02 11:01:22 | 000,000,000 | ---D | C] -- C:\_OTL [2011/05/02 09:13:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.exe [2011/05/02 07:49:43 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011/05/02 05:48:09 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{44F78535-FC07-4112-AC61-D3DF67C1620D} [2011/05/01 19:11:39 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011/05/01 19:11:39 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011/05/01 19:11:39 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011/05/01 19:11:34 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011/05/01 19:11:18 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/05/01 17:47:33 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{48B43689-8499-457C-853A-91549C64F6DC} [2011/05/01 16:35:18 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Malwarebytes [2011/05/01 16:35:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011/05/01 16:35:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/05/01 16:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/05/01 16:35:09 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011/05/01 16:35:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/05/01 05:46:57 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{B4079414-E88B-495D-BF56-C9615E3FF241} [2011/04/30 08:58:18 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\Criterion Games [2011/04/29 14:12:00 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\My Cheat Tables [2011/04/29 13:37:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft [2011/04/29 13:36:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\PunkBuster [2011/04/29 03:43:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag [2011/04/28 12:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com [2011/04/28 12:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ma-config.com [2011/04/28 12:04:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ma-config.com [2011/04/28 09:54:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aero Tuner [2011/04/27 17:34:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\mkvtoolnix [2011/04/27 17:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVtoolnix [2011/04/27 17:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MKVtoolnix [2011/04/27 16:03:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirtualDubMOD [2011/04/27 16:03:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDubMOD [2011/04/27 14:56:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\FastStone [2011/04/27 14:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture [2011/04/27 14:56:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FastStone Capture [2011/04/27 14:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter [2011/04/27 03:38:20 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Front Mission Evolved [2011/04/26 14:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2011/04/26 14:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011/04/26 14:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011/04/26 05:44:03 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2011/04/26 05:44:02 | 000,036,160 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2011/04/26 05:44:02 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2011/04/26 05:44:02 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2011/04/26 05:44:02 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2011/04/26 05:44:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011 [2011/04/26 05:43:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2011 [2011/04/26 05:43:30 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} [2011/04/26 05:27:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Martau [2011/04/26 05:27:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Total Uninstall 5 [2011/04/26 04:21:27 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{F1AC0983-DF4C-4301-BD1D-AA56D55C5568} [2011/04/25 15:50:06 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{4A1E87C6-434A-4FDB-9C69-60BE832D50CB} [2011/04/25 00:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2011/04/25 00:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2011/04/25 00:53:55 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Criterion Games [2011/04/25 00:43:22 | 000,412,776 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2011/04/23 06:24:34 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations [2011/04/22 19:26:40 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Prototype [2011/04/22 00:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 5.5 [2011/04/22 00:15:21 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\SysWow64\D3DX81ab.dll [2011/04/22 00:15:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine [2011/04/21 21:41:53 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\CAPCOM [2011/04/21 21:39:36 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\CAPCOM [2011/04/21 20:46:22 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\SHIFT 2 UNLEASHED [2011/04/21 19:37:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2011/04/21 10:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories [2011/04/21 08:49:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Talk [2011/04/21 08:49:27 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk [2011/04/19 12:16:36 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Games for Windows - LIVE Demos [2011/04/18 13:32:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Rockstar Games [2011/04/18 13:28:56 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\Rockstar Games [2011/04/17 19:47:49 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\GTA3 User Files [2011/04/17 19:27:49 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\GTA Vice City User Files [2011/04/16 14:15:34 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{0790F134-1B6D-4244-8BA8-0E548E90EDCA} [2011/04/16 02:15:12 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{8EE75337-B10C-4D5B-8DA4-F61DDCC2F076} [2011/04/15 14:14:51 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{1F5F1E81-5B06-4763-911B-A2CC1E6EAF2C} [2011/04/15 08:38:06 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Google [2011/04/15 02:14:30 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{E533CB43-CA93-487C-81A9-9376A935411E} [2011/04/14 21:27:33 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake [2011/04/14 17:48:41 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Transmission Remote [2011/04/14 17:48:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission Remote [2011/04/14 17:48:41 | 000,000,000 | ---D | C] -- C:\Program Files\Transmission Remote [2011/04/14 14:13:49 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{CF197E79-8B4A-45FE-B979-552198BF8E52} [2011/04/14 02:13:21 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{2B02EDD7-4744-41BE-9B73-723C53F999F2} [2011/04/14 00:40:10 | 004,284,416 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr [2011/04/13 22:46:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aura [2011/04/13 16:18:01 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\vlc [2011/04/13 16:17:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011/04/13 13:35:28 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2011/04/13 13:35:28 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2011/04/13 13:35:28 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2011/04/13 13:35:28 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011/04/13 13:35:28 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011/04/13 13:35:28 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2011/04/13 13:35:28 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011/04/13 13:35:28 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll [2011/04/13 13:35:28 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011/04/13 13:35:28 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2011/04/13 13:35:28 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll [2011/04/13 13:35:28 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2011/04/13 13:35:28 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2011/04/13 13:35:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/04/13 13:35:28 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2011/04/13 13:35:28 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2011/04/13 13:35:28 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll [2011/04/13 13:35:28 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2011/04/13 13:35:28 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2011/04/13 13:35:28 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2011/04/13 13:35:28 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2011/04/13 13:35:28 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2011/04/13 13:35:28 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011/04/13 13:35:28 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2011/04/13 13:35:28 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2011/04/13 13:35:28 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2011/04/13 13:35:28 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2011/04/13 13:35:28 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2011/04/13 13:35:28 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2011/04/13 13:35:28 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2011/04/13 13:35:28 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2011/04/13 13:35:28 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2011/04/13 13:35:28 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/04/13 13:35:28 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2011/04/13 13:35:28 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2011/04/13 13:35:28 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2011/04/13 13:35:28 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2011/04/13 13:35:28 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll [2011/04/13 13:35:28 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2011/04/13 13:35:28 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011/04/13 13:35:28 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011/04/13 13:35:27 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2011/04/13 13:35:27 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011/04/13 13:35:27 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2011/04/13 13:35:27 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011/04/13 13:35:27 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011/04/13 13:35:27 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011/04/13 13:35:27 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2011/04/13 13:35:27 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2011/04/13 13:35:27 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011/04/13 13:35:27 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2011/04/13 13:35:27 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2011/04/13 13:35:27 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/04/13 13:35:27 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011/04/13 13:35:27 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2011/04/13 13:35:27 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2011/04/13 13:35:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2011/04/13 13:35:27 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2011/04/13 13:35:27 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2011/04/13 13:35:27 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2011/04/13 13:35:27 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011/04/13 13:35:27 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2011/04/13 13:35:27 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2011/04/13 13:35:27 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2011/04/13 13:35:27 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2011/04/13 13:35:27 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/04/13 13:35:27 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2011/04/13 13:35:27 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2011/04/13 13:35:27 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2011/04/13 13:35:27 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2011/04/13 13:35:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2011/04/13 13:35:27 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2011/04/13 13:35:27 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2011/04/13 13:35:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2011/04/13 13:35:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2011/04/13 13:35:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011/04/13 13:35:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2011/04/13 13:35:27 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011/04/13 09:44:05 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{48C1F504-3CD8-4A17-8AC4-1DF7B2FC3C76} [2011/04/13 06:13:12 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2011/04/13 06:13:12 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2011/04/13 06:13:12 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2011/04/13 06:13:12 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2011/04/13 06:13:02 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011/04/13 06:13:02 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011/04/13 06:13:02 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011/04/13 06:13:02 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011/04/13 06:13:00 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2011/04/13 06:13:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2011/04/13 06:13:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2011/04/13 06:12:56 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2011/04/13 06:12:56 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2011/04/13 06:12:56 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2011/04/13 06:12:56 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2011/04/13 06:12:56 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2011/04/13 06:12:56 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2011/04/13 06:12:56 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2011/04/13 06:12:56 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2011/04/12 21:43:33 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{42961CEB-E159-4114-8247-E77E6F2C9D60} [2011/04/12 09:43:11 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{A1BCA28A-8955-4A95-8CE9-506DF5B9C79A} [2011/04/11 21:42:49 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{5EFBB873-73EF-4D9E-A911-79651780C8BF} [2011/04/11 20:44:07 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\.minecraft [2011/04/11 13:06:46 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\RIFT [2011/04/11 13:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIFT [2011/04/11 09:42:25 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{D2690FE8-C4CA-4F45-910E-D3FEBCC5D3E2} [2011/04/10 21:41:53 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{506E6767-4A76-4BAB-BF5F-D1F6FA702504} [2011/04/10 09:41:18 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{BD0A9067-0151-4766-84AD-CB3B43EAEB6C} [2011/04/09 21:40:55 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{05E55B70-E11A-486E-9E4F-618A50489BE5} [2011/04/09 09:40:34 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{A53CBD7F-E1B2-4CE6-B3CD-06C3BD337672} [2011/04/08 21:40:02 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{0A8E679F-4212-4119-A6A6-225FBC872BFC} [2011/04/08 09:39:26 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{F2B98D48-6A50-4222-A436-BF3DB9FD5D37} [2011/04/07 21:39:05 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{03A39ACE-1C7B-44C3-99DD-448BCD24B815} [2011/04/07 09:38:43 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{337F9800-9614-48CB-BE1D-C1AAE1E823BA} [2011/04/07 02:19:18 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Audacity [2011/04/07 02:19:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity 1.3 Beta [2011/04/06 21:38:22 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{6E2BFB79-109B-4414-8FE4-DDF45DEEC754} [2011/04/06 09:39:27 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{21511F99-4D3C-4B5A-8051-0C02B092FEF5} [2011/04/05 21:39:05 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{ADAC6C94-632D-4F73-9C86-AEB6B8BF5655} [2011/04/05 09:38:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{B0D6435D-212E-4BFA-A6DA-8427DAA7E56F} [2011/04/04 21:38:22 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{476E36A3-BFE1-4111-9431-B4B19744146F} ========== Files - Modified Within 30 Days ========== [2011/05/04 08:44:31 | 000,002,534 | ---- | M] () -- C:\Users\Edward\Desktop\ruTorrent v3.lnk [2011/05/03 16:22:48 | 001,657,292 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/05/03 16:22:48 | 000,743,526 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/05/03 16:22:48 | 000,650,638 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/05/03 16:22:48 | 000,147,862 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/05/03 16:22:48 | 000,120,294 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/05/03 16:18:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/05/03 16:17:25 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/05/03 16:17:25 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/05/03 15:57:06 | 000,000,834 | ---- | M] () -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gridy.lnk [2011/05/03 15:23:07 | 000,001,456 | ---- | M] () -- C:\Users\Edward\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2011/05/03 14:19:51 | 000,002,631 | ---- | M] () -- C:\Users\Edward\Desktop\Gmail.lnk [2011/05/03 12:35:31 | 004,894,104 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/05/03 10:05:59 | 000,001,049 | ---- | M] () -- C:\Users\Edward\Documents\Winstep.lnk [2011/05/03 10:05:59 | 000,000,982 | ---- | M] () -- C:\Users\Edward\Desktop\Nexus.lnk [2011/05/03 08:51:57 | 000,254,618 | ---- | M] () -- C:\Users\Edward\Desktop\26326-ToYcon.zip [2011/05/03 07:46:30 | 000,925,184 | ---- | M] () -- C:\Windows\expstart.exe [2011/05/02 15:32:58 | 000,521,448 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll [2011/05/02 15:32:58 | 000,189,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe [2011/05/02 15:32:58 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe [2011/05/02 15:32:58 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe [2011/05/02 15:32:14 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011/05/02 15:32:14 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011/05/02 15:32:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011/05/02 15:32:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011/05/02 11:01:41 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2011/05/02 09:16:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/05/02 09:13:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.exe [2011/05/01 19:10:16 | 004,334,469 | R--- | M] () -- C:\Users\Edward\Desktop\ComboFix.exe [2011/05/01 19:03:51 | 000,050,477 | ---- | M] () -- C:\Users\Edward\Desktop\Defogger.exe [2011/05/01 16:35:34 | 000,879,028 | ---- | M] () -- C:\Users\Edward\Desktop\SecurityCheck.exe [2011/05/01 16:35:13 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/04/29 13:36:45 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/04/29 03:45:12 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2011/04/27 14:58:20 | 000,001,168 | ---- | M] () -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk [2011/04/26 21:07:07 | 000,020,602 | ---- | M] () -- C:\Users\Edward\Documents\FF7.aimppl [2011/04/26 14:38:09 | 000,001,278 | ---- | M] () -- C:\Users\Edward\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011/04/26 09:57:34 | 000,173,052 | ---- | M] () -- C:\Users\Edward\Documents\cc_20110426_095725.reg [2011/04/26 07:36:05 | 000,021,598 | ---- | M] () -- C:\Windows\SysNative\oemlogo.bmp [2011/04/25 13:19:02 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\Windows\gdrv.sys [2011/04/21 09:54:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2011/04/16 07:29:26 | 001,634,222 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/04/14 00:40:10 | 004,284,416 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr [2011/04/13 13:49:34 | 000,001,449 | ---- | M] () -- C:\Users\Edward\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011/04/13 13:35:28 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2011/04/13 13:35:28 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2011/04/13 13:35:28 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2011/04/13 13:35:28 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011/04/13 13:35:28 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011/04/13 13:35:28 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2011/04/13 13:35:28 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011/04/13 13:35:28 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll [2011/04/13 13:35:28 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011/04/13 13:35:28 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2011/04/13 13:35:28 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll [2011/04/13 13:35:28 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2011/04/13 13:35:28 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2011/04/13 13:35:28 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/04/13 13:35:28 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2011/04/13 13:35:28 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2011/04/13 13:35:28 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll [2011/04/13 13:35:28 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2011/04/13 13:35:28 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2011/04/13 13:35:28 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2011/04/13 13:35:28 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2011/04/13 13:35:28 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2011/04/13 13:35:28 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011/04/13 13:35:28 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2011/04/13 13:35:28 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2011/04/13 13:35:28 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2011/04/13 13:35:28 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2011/04/13 13:35:28 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2011/04/13 13:35:28 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2011/04/13 13:35:28 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2011/04/13 13:35:28 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2011/04/13 13:35:28 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2011/04/13 13:35:28 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/04/13 13:35:28 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2011/04/13 13:35:28 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2011/04/13 13:35:28 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2011/04/13 13:35:28 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2011/04/13 13:35:28 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll [2011/04/13 13:35:28 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2011/04/13 13:35:28 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011/04/13 13:35:28 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011/04/13 13:35:27 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2011/04/13 13:35:27 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011/04/13 13:35:27 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2011/04/13 13:35:27 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011/04/13 13:35:27 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011/04/13 13:35:27 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011/04/13 13:35:27 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2011/04/13 13:35:27 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2011/04/13 13:35:27 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011/04/13 13:35:27 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2011/04/13 13:35:27 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2011/04/13 13:35:27 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/04/13 13:35:27 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011/04/13 13:35:27 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2011/04/13 13:35:27 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2011/04/13 13:35:27 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2011/04/13 13:35:27 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2011/04/13 13:35:27 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2011/04/13 13:35:27 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2011/04/13 13:35:27 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011/04/13 13:35:27 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2011/04/13 13:35:27 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2011/04/13 13:35:27 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2011/04/13 13:35:27 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2011/04/13 13:35:27 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/04/13 13:35:27 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2011/04/13 13:35:27 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2011/04/13 13:35:27 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2011/04/13 13:35:27 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2011/04/13 13:35:27 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2011/04/13 13:35:27 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2011/04/13 13:35:27 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2011/04/13 13:35:27 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2011/04/13 13:35:27 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2011/04/13 13:35:27 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011/04/13 13:35:27 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2011/04/13 13:35:27 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011/04/12 17:53:04 | 001,866,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.del.dll [2011/04/12 17:53:04 | 001,865,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll ========== Files Created - No Company Name ========== [2011/05/03 15:57:06 | 000,000,834 | ---- | C] () -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gridy.lnk [2011/05/03 13:45:45 | 000,002,534 | ---- | C] () -- C:\Users\Edward\Desktop\ruTorrent v3.lnk [2011/05/03 13:44:54 | 000,002,631 | ---- | C] () -- C:\Users\Edward\Desktop\Gmail.lnk [2011/05/03 10:05:59 | 000,001,049 | ---- | C] () -- C:\Users\Edward\Documents\Winstep.lnk [2011/05/03 10:05:59 | 000,000,982 | ---- | C] () -- C:\Users\Edward\Desktop\Nexus.lnk [2011/05/03 08:51:56 | 000,254,618 | ---- | C] () -- C:\Users\Edward\Desktop\26326-ToYcon.zip [2011/05/03 07:39:29 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe [2011/05/02 09:16:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/05/01 19:11:39 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2011/05/01 19:11:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011/05/01 19:11:39 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2011/05/01 19:11:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011/05/01 19:11:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011/05/01 19:08:12 | 004,334,469 | R--- | C] () -- C:\Users\Edward\Desktop\ComboFix.exe [2011/05/01 19:03:52 | 000,050,477 | ---- | C] () -- C:\Users\Edward\Desktop\Defogger.exe [2011/05/01 16:35:34 | 000,879,028 | ---- | C] () -- C:\Users\Edward\Desktop\SecurityCheck.exe [2011/05/01 16:35:13 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/04/30 16:25:21 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011/04/29 13:36:45 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/04/27 14:58:20 | 000,001,168 | ---- | C] () -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk [2011/04/26 21:07:07 | 000,020,602 | ---- | C] () -- C:\Users\Edward\Documents\FF7.aimppl [2011/04/26 14:38:09 | 000,001,278 | ---- | C] () -- C:\Users\Edward\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011/04/26 09:57:28 | 000,173,052 | ---- | C] () -- C:\Users\Edward\Documents\cc_20110426_095725.reg [2011/04/26 07:36:05 | 000,021,598 | ---- | C] () -- C:\Windows\SysNative\oemlogo.bmp [2011/04/26 05:44:01 | 000,002,197 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk [2011/04/26 05:27:31 | 000,001,042 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Uninstall 5.lnk [2011/04/25 00:43:22 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2011/04/22 00:15:21 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll [2011/04/21 09:54:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2011/04/07 02:19:15 | 000,001,000 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta.lnk [2011/03/16 15:53:15 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL [2010/12/21 04:27:20 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010/10/27 16:07:54 | 000,000,132 | ---- | C] () -- C:\Users\Edward\AppData\Roaming\Adobe Targa Format CS5 Prefs [2010/10/14 02:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010/05/28 15:32:44 | 000,003,235 | ---- | C] () -- C:\Users\Edward\AppData\Local\Temp11.html [2010/05/22 19:56:53 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys [2010/05/18 11:44:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/05/17 22:58:14 | 000,000,315 | ---- | C] () -- C:\Windows\game.ini [2010/05/16 23:25:43 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI [2010/05/16 22:11:15 | 000,001,456 | ---- | C] () -- C:\Users\Edward\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2010/05/15 11:27:41 | 000,005,925 | ---- | C] () -- C:\Users\Edward\AppData\Local\Temp14.html [2010/05/14 21:53:40 | 000,065,536 | R--- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe [2010/05/14 21:47:18 | 000,005,977 | ---- | C] () -- C:\Users\Edward\AppData\Local\Temp25.html [2010/05/14 21:04:38 | 000,000,778 | ---- | C] () -- C:\Users\Edward\AppData\Local\Temp1.html [2010/05/14 18:33:37 | 001,634,222 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/05/13 14:04:01 | 000,000,306 | ---- | C] () -- C:\Windows\lgfwup.ini [2010/05/13 00:08:05 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010/05/13 00:08:04 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010/05/13 00:07:56 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010/05/13 00:07:56 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010/05/13 00:07:52 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010/05/12 23:38:31 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2010/05/12 22:33:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009/08/27 09:04:12 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe [2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2002/09/18 01:45:00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe < End of report >

Bonjour, J'ai lancé Combofix en glissant le fichier texte dessus, il a fait ce qu'il avait à faire sans redémarrer automatiquement, je l'ai alors fait manuellement. A la connexion de mon compte, il y a eu deux fenêtres m'indiquant que des programmes n'avaient pas pu démarrer, FScapture.exe et un autre dont j'ai oublié le nom. Il y avait aussi quelques "bugs" comme l'impossibilité d'afficher les propriétés système en faisait clique droit sur Ordinateur etc... J'ai donc relancé une restauration du système. Quoiqu'il en soit depuis hier après la restauration, je n'ai pas noté de pic dans l'utilisation de la mémoire. Par contre, même si je pense que ça n'a rien à voir, j'ai noté une baisse de mon débit internet après l'utilisation de combofix. La capacité de ma ligne étant d'environ 650Ko/s, elle est passé à ~510Ko/s. De même que les téléchargements en provenance de deviantart sont de l'ordre de 30Ko/s alors que quelques minutes avant ils étaient proche de la capacité maximum de la ligne. Voici tout de même le log. ComboFix 11-04-30.06 - Edward 03/05/2011 12:07:16.2.4 - x64 Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.4094.2969 [GMT 2:00] Lancé depuis: c:\users\Edward\Desktop\ComboFix.exe Commutateurs utilisés :: c:\users\Edward\Desktop\CFScript.txt AV: ESET Smart Security 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} FW: Pare-feu personnel d'ESET *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE} SP: ESET Smart Security 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\macromed\Flash\Flash10k.ocx c:\windows\system32\macromed\Flash\Flash10l.ocx c:\windows\system32\macromed\Flash\FlashInstall.log c:\windows\system32\macromed\Flash\flashplayer.xpt c:\windows\system32\macromed\Flash\FlashPlayerTrust\AdobeXMPFileInfoCS5.cfg c:\windows\system32\macromed\Flash\FlashUtil10l_ActiveX.dll c:\windows\system32\macromed\Flash\FlashUtil10l_ActiveX.exe c:\windows\system32\macromed\Flash\FlashUtil10p_Plugin.exe c:\windows\system32\macromed\Flash\NPSWF32.dll . ---- Exécution préalable ------- . c:\windows\system32\macromed\Flash\Flash10k.ocx c:\windows\system32\macromed\Flash\Flash10l.ocx c:\windows\system32\macromed\Flash\FlashInstall.log c:\windows\system32\macromed\Flash\flashplayer.xpt c:\windows\system32\macromed\Flash\FlashPlayerTrust\AdobeXMPFileInfoCS5.cfg c:\windows\system32\macromed\Flash\FlashUtil10l_ActiveX.dll c:\windows\system32\macromed\Flash\FlashUtil10l_ActiveX.exe c:\windows\system32\macromed\Flash\FlashUtil10p_Plugin.exe c:\windows\system32\macromed\Flash\NPSWF32.dll . . --------------- FCopy --------------- . c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll --> c:\windows\system32\user32.dll c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll --> c:\windows\SysWOW64\user32.dll c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe --> c:\windows\explorer.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_AMDKMDAG -------\Legacy_CPUZ133 -------\Legacy_EAMONM -------\Legacy_EHDRV -------\Legacy_EPFWWFP -------\Legacy_MV91XX -------\Legacy_VMCI -------\Service_amdiox64 -------\Service_amdkmdag -------\Service_amdkmdap -------\Service_androidusb -------\Service_cpuz133 -------\Service_eamonm -------\Service_ehdrv -------\Service_epfwwfp -------\Service_mv91xx -------\Service_nusb3hub -------\Service_nusb3xhc -------\Service_P0620VID -------\Service_RTL8167 -------\Service_RzSynapse -------\Service_USBAAPL64 -------\Service_VBoxNetAdp -------\Service_VBoxNetFlt -------\Service_vmci -------\Service_WatAdminSvc -------\Service_zghsmdm . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-04-03 au 2011-05-03 )))))))))))))))))))))))))))))))))))) . . 2011-05-03 10:10 . 2011-05-03 10:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-05-03 08:05 . 2011-05-03 08:05 -------- d-----w- c:\program files (x86)\Winstep 2011-05-03 08:05 . 2008-02-05 12:36 798208 ----a-w- c:\windows\SysWow64\NextControls.ocx 2011-05-03 08:05 . 2000-05-22 14:58 608448 ----a-w- c:\windows\SysWow64\comctl32.ocx 2011-05-03 08:05 . 1997-07-19 13:55 1347344 ----a-w- c:\windows\SysWow64\msvbvm50.dll 2011-05-03 07:18 . 2011-05-03 07:21 -------- d-----w- c:\windows\system32\W7NBC 2011-05-03 05:49 . 2010-02-25 20:12 2870272 ----a-w- c:\windows\explorer.backup.exe 2011-05-03 05:39 . 2011-05-03 05:46 925184 ----a-w- c:\windows\expstart.exe 2011-05-03 05:39 . 2011-05-03 06:03 -------- d-----w- c:\windows\W7SOC 2011-05-03 05:29 . 2011-05-03 05:29 -------- d-----w- c:\users\Edward\AppData\Roaming\replacer 2011-05-03 05:16 . 2011-05-03 05:16 -------- d-----w- c:\users\Edward\AppData\Local\{9C882DE8-C686-4B2B-A1A8-96464B48D64E} 2011-05-03 00:27 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{85DACA78-BF58-4AF1-A57C-BEC33BDAC560}\mpengine.dll 2011-05-02 15:48 . 2011-05-02 15:48 -------- d-----w- c:\users\Edward\AppData\Local\{4A9C9FA3-325E-42E3-8C30-911972349F72} 2011-05-02 13:33 . 2011-05-02 13:32 521448 ----a-w- c:\windows\system32\deployJava1.dll 2011-05-02 13:32 . 2011-05-02 13:32 -------- d-----w- c:\program files\Java 2011-05-02 13:32 . 2011-05-02 13:32 -------- d-----w- c:\program files (x86)\Common Files\Java 2011-05-02 11:39 . 2011-05-02 13:30 -------- d-----w- c:\program files (x86)\RadeonPro 2011-05-02 09:07 . 2011-05-02 16:36 -------- d-----w- c:\program files (x86)\ESET 2011-05-02 09:01 . 2011-05-02 09:01 -------- d-----w- C:\_OTL 2011-05-02 07:16 . 2011-05-02 07:16 512 ----a-w- C:\PhysicalMBR.bin 2011-05-02 03:48 . 2011-05-02 03:48 -------- d-----w- c:\users\Edward\AppData\Local\{44F78535-FC07-4112-AC61-D3DF67C1620D} 2011-05-01 15:47 . 2011-05-01 15:47 -------- d-----w- c:\users\Edward\AppData\Local\{48B43689-8499-457C-853A-91549C64F6DC} 2011-05-01 14:35 . 2011-05-01 14:35 -------- d-----w- c:\users\Edward\AppData\Roaming\Malwarebytes 2011-05-01 14:35 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-05-01 14:35 . 2011-05-01 14:35 -------- d-----w- c:\programdata\Malwarebytes 2011-05-01 14:35 . 2011-05-01 14:35 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-05-01 14:35 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-01 03:46 . 2011-05-01 03:47 -------- d-----w- c:\users\Edward\AppData\Local\{B4079414-E88B-495D-BF56-C9615E3FF241} 2011-04-30 06:58 . 2011-04-30 06:58 -------- d-----w- c:\users\Edward\AppData\Local\Criterion Games 2011-04-29 11:37 . 2011-04-29 11:37 -------- d-----w- c:\programdata\Ubisoft 2011-04-29 11:36 . 2011-04-29 11:36 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2011-04-29 11:36 . 2011-04-29 11:36 -------- d-----w- c:\users\Edward\AppData\Roaming\PunkBuster 2011-04-29 01:43 . 2011-04-29 01:45 -------- d-----w- c:\program files (x86)\ZHPDiag 2011-04-28 10:04 . 2011-04-28 10:04 -------- d-----w- c:\program files (x86)\ma-config.com 2011-04-28 10:04 . 2011-04-28 10:04 -------- d-----w- c:\programdata\ma-config.com 2011-04-28 07:54 . 2011-04-28 07:54 -------- d-----w- c:\program files (x86)\Aero Tuner 2011-04-27 15:34 . 2011-04-27 15:34 -------- d-----w- c:\users\Edward\AppData\Roaming\mkvtoolnix 2011-04-27 15:34 . 2011-04-27 15:34 -------- d-----w- c:\program files (x86)\MKVtoolnix 2011-04-27 14:03 . 2011-04-27 14:03 -------- d-----w- c:\program files (x86)\VirtualDubMOD 2011-04-27 12:56 . 2011-04-27 12:56 -------- d-----w- c:\users\Edward\AppData\Roaming\FastStone 2011-04-27 12:56 . 2011-04-27 12:56 -------- d-----w- c:\program files (x86)\FastStone Capture 2011-04-27 12:28 . 2011-04-28 07:53 -------- d-----w- c:\program files\Rainmeter 2011-04-26 12:33 . 2011-04-26 12:42 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2011-04-26 12:33 . 2011-04-26 12:39 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-04-26 03:44 . 2010-11-23 15:25 34624 ----a-w- c:\windows\system32\TURegOpt.exe 2011-04-26 03:44 . 2010-11-23 15:21 25920 ----a-w- c:\windows\system32\authuitu.dll 2011-04-26 03:44 . 2010-11-23 15:21 21312 ----a-w- c:\windows\SysWow64\authuitu.dll 2011-04-26 03:44 . 2010-11-23 15:21 36160 ----a-w- c:\windows\system32\uxtuneup.dll 2011-04-26 03:44 . 2010-11-23 15:21 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll 2011-04-26 03:43 . 2011-04-26 03:44 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2011 2011-04-26 03:43 . 2011-04-26 03:43 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} 2011-04-26 03:27 . 2011-04-26 03:27 -------- d-----w- c:\programdata\Martau 2011-04-26 03:27 . 2011-04-26 03:27 -------- d-----w- c:\program files (x86)\Total Uninstall 5 2011-04-26 02:21 . 2011-04-26 02:21 -------- d-----w- c:\users\Edward\AppData\Local\{F1AC0983-DF4C-4301-BD1D-AA56D55C5568} 2011-04-25 13:50 . 2011-04-25 13:50 -------- d-----w- c:\users\Edward\AppData\Local\{4A1E87C6-434A-4FDB-9C69-60BE832D50CB} 2011-04-24 22:54 . 2011-04-24 22:54 -------- d-----w- c:\programdata\Electronic Arts 2011-04-24 22:54 . 2011-04-24 22:54 -------- d-----w- c:\programdata\EA Core 2011-04-24 22:43 . 2010-12-29 01:45 74272 ----a-w- c:\windows\system32\RtNicProp64.dll 2011-04-24 22:43 . 2010-12-29 01:45 412776 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2011-04-23 04:24 . 2011-04-26 03:21 -------- d-----w- c:\program files\BOINC 2011-04-23 04:24 . 2011-04-26 02:21 -------- d-----w- c:\programdata\BOINC 2011-04-23 04:24 . 2011-04-23 04:24 -------- d-----w- c:\windows\Downloaded Installations 2011-04-21 22:15 . 2011-04-21 22:27 -------- d-----w- c:\program files (x86)\Cheat Engine 2011-04-21 22:15 . 2007-12-26 15:30 679936 ----a-w- c:\windows\SysWow64\D3DX81ab.dll 2011-04-21 22:15 . 2007-12-26 15:30 1970176 ----a-w- c:\windows\SysWow64\d3dx9.dll 2011-04-21 19:39 . 2011-05-01 06:13 -------- d-----w- c:\users\Edward\AppData\Local\CAPCOM 2011-04-21 17:37 . 2011-04-21 17:37 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2011-04-21 08:44 . 2011-04-21 08:44 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories 2011-04-18 11:28 . 2011-04-18 11:29 -------- d-----w- c:\users\Edward\AppData\Local\Rockstar Games 2011-04-16 12:15 . 2011-04-16 12:15 -------- d-----w- c:\users\Edward\AppData\Local\{0790F134-1B6D-4244-8BA8-0E548E90EDCA} 2011-04-16 00:15 . 2011-04-16 00:15 -------- d-----w- c:\users\Edward\AppData\Local\{8EE75337-B10C-4D5B-8DA4-F61DDCC2F076} 2011-04-15 12:14 . 2011-04-15 12:15 -------- d-----w- c:\users\Edward\AppData\Local\{1F5F1E81-5B06-4763-911B-A2CC1E6EAF2C} 2011-04-15 00:14 . 2011-04-15 00:14 -------- d-----w- c:\users\Edward\AppData\Local\{E533CB43-CA93-487C-81A9-9376A935411E} 2011-04-14 15:48 . 2011-04-14 15:48 -------- d-----w- c:\program files\Transmission Remote 2011-04-14 12:13 . 2011-04-14 12:14 -------- d-----w- c:\users\Edward\AppData\Local\{CF197E79-8B4A-45FE-B979-552198BF8E52} 2011-04-14 00:13 . 2011-04-14 00:13 -------- d-----w- c:\users\Edward\AppData\Local\{2B02EDD7-4744-41BE-9B73-723C53F999F2} 2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr 2011-04-13 20:46 . 2011-04-13 20:51 -------- d-----w- c:\program files (x86)\Aura 2011-04-13 14:18 . 2011-04-29 03:16 -------- d-----w- c:\users\Edward\AppData\Roaming\vlc 2011-04-13 07:44 . 2011-04-13 07:44 -------- d-----w- c:\users\Edward\AppData\Local\{48C1F504-3CD8-4A17-8AC4-1DF7B2FC3C76} 2011-04-13 04:12 . 2011-03-08 06:14 976896 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-12 19:43 . 2011-04-12 19:43 -------- d-----w- c:\users\Edward\AppData\Local\{42961CEB-E159-4114-8247-E77E6F2C9D60} 2011-04-12 07:43 . 2011-04-12 07:43 -------- d-----w- c:\users\Edward\AppData\Local\{A1BCA28A-8955-4A95-8CE9-506DF5B9C79A} 2011-04-11 19:42 . 2011-04-11 19:43 -------- d-----w- c:\users\Edward\AppData\Local\{5EFBB873-73EF-4D9E-A911-79651780C8BF} 2011-04-11 18:44 . 2011-04-21 22:13 -------- d-----w- c:\users\Edward\AppData\Roaming\.minecraft 2011-04-11 11:06 . 2011-04-15 18:20 -------- d-----w- c:\users\Edward\AppData\Roaming\RIFT 2011-04-11 07:42 . 2011-04-11 07:42 -------- d-----w- c:\users\Edward\AppData\Local\{D2690FE8-C4CA-4F45-910E-D3FEBCC5D3E2} 2011-04-10 19:41 . 2011-04-10 19:42 -------- d-----w- c:\users\Edward\AppData\Local\{506E6767-4A76-4BAB-BF5F-D1F6FA702504} 2011-04-10 07:41 . 2011-04-10 07:41 -------- d-----w- c:\users\Edward\AppData\Local\{BD0A9067-0151-4766-84AD-CB3B43EAEB6C} 2011-04-09 19:40 . 2011-04-09 19:41 -------- d-----w- c:\users\Edward\AppData\Local\{05E55B70-E11A-486E-9E4F-618A50489BE5} 2011-04-09 07:40 . 2011-04-09 07:40 -------- d-----w- c:\users\Edward\AppData\Local\{A53CBD7F-E1B2-4CE6-B3CD-06C3BD337672} 2011-04-08 19:40 . 2011-04-08 19:40 -------- d-----w- c:\users\Edward\AppData\Local\{0A8E679F-4212-4119-A6A6-225FBC872BFC} 2011-04-08 07:39 . 2011-04-08 07:39 -------- d-----w- c:\users\Edward\AppData\Local\{F2B98D48-6A50-4222-A436-BF3DB9FD5D37} 2011-04-07 19:39 . 2011-04-07 19:39 -------- d-----w- c:\users\Edward\AppData\Local\{03A39ACE-1C7B-44C3-99DD-448BCD24B815} 2011-04-07 07:38 . 2011-04-07 07:38 -------- d-----w- c:\users\Edward\AppData\Local\{337F9800-9614-48CB-BE1D-C1AAE1E823BA} 2011-04-07 00:19 . 2011-04-07 00:27 -------- d-----w- c:\users\Edward\AppData\Roaming\Audacity 2011-04-07 00:19 . 2011-04-07 00:19 -------- d-----w- c:\program files (x86)\Audacity 1.3 Beta 2011-04-06 19:38 . 2011-04-06 19:38 -------- d-----w- c:\users\Edward\AppData\Local\{6E2BFB79-109B-4414-8FE4-DDF45DEEC754} 2011-04-06 07:39 . 2011-04-06 07:39 -------- d-----w- c:\users\Edward\AppData\Local\{21511F99-4D3C-4B5A-8051-0C02B092FEF5} 2011-04-05 19:39 . 2011-04-05 19:39 -------- d-----w- c:\users\Edward\AppData\Local\{ADAC6C94-632D-4F73-9C86-AEB6B8BF5655} 2011-04-05 07:38 . 2011-04-05 07:38 -------- d-----w- c:\users\Edward\AppData\Local\{B0D6435D-212E-4BFA-A6DA-8427DAA7E56F} 2011-04-04 19:38 . 2011-04-04 19:38 -------- d-----w- c:\users\Edward\AppData\Local\{476E36A3-BFE1-4111-9431-B4B19744146F} . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-02 13:32 . 2010-05-12 20:22 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-04-25 11:19 . 2010-05-23 17:37 25640 ----a-w- c:\windows\gdrv.sys 2011-04-12 15:53 . 2010-11-14 08:25 1866240 ----a-w- c:\windows\system32\ExplorerFrame.del.dll 2011-04-12 15:53 . 2010-11-14 08:25 1865728 ----a-w- c:\windows\system32\ExplorerFrame.dll 2011-03-29 18:00 . 2010-11-07 11:15 92672 ----a-w- c:\windows\system32\ff_vfw.dll 2011-03-09 03:45 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-03-02 10:43 . 2010-11-07 11:15 203264 ----a-w- c:\windows\system32\unrar.dll 2011-02-17 09:59 . 2011-02-17 09:59 428416 ----a-w- c:\windows\SysWow64\RzMwApi.dll 2011-02-17 02:36 . 2010-11-14 08:25 1863680 ----a-w- c:\windows\system32\explorerframe.dll.11111111 2011-02-17 02:36 . 2010-11-14 08:25 1863168 ----a-w- c:\windows\system32\explorerframe.dll.BAK . . ((((((((((((((((((((((((((((( SnapShot@2011-05-01_17.25.10 ))))))))))))))))))))))))))))))))))))))))) . + 2010-05-12 19:48 . 2011-05-03 07:47 48760 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-05-03 07:47 34732 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-05-12 19:39 . 2011-05-03 07:47 10050 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-298173471-2318884327-37262993-1001_UserData.bin - 2010-05-12 19:32 . 2011-04-19 04:27 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-05-12 19:32 . 2011-05-03 04:07 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-05-12 19:32 . 2011-04-19 04:27 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-05-02 09:07 . 2011-05-03 04:07 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-04-19 04:27 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-05-03 04:07 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-05-03 07:46 . 2011-05-03 07:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-05-01 17:05 . 2011-05-01 17:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-05-01 17:05 . 2011-05-01 17:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-05-03 07:46 . 2011-05-03 07:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-05-03 05:46 . 2011-05-03 06:03 925184 c:\windows\W7SOC\expstart.exe + 2011-05-03 05:39 . 2011-05-03 06:03 377344 c:\windows\W7SOC\bru.exe + 2011-05-02 13:32 . 2011-05-02 13:32 157472 c:\windows\SysWOW64\javaws.exe - 2011-01-10 10:00 . 2011-02-02 19:40 157472 c:\windows\SysWOW64\javaws.exe + 2011-05-02 13:32 . 2011-05-02 13:32 145184 c:\windows\SysWOW64\javaw.exe - 2011-01-10 10:00 . 2011-02-02 19:40 145184 c:\windows\SysWOW64\javaw.exe - 2011-01-10 10:00 . 2011-02-02 19:40 145184 c:\windows\SysWOW64\java.exe + 2011-05-02 13:32 . 2011-05-02 13:32 145184 c:\windows\SysWOW64\java.exe + 2011-05-03 07:18 . 2011-05-03 07:18 377344 c:\windows\system32\W7NBC\exe.exe - 2009-07-14 15:24 . 2011-05-01 17:10 743526 c:\windows\system32\perfh00C.dat + 2009-07-14 15:24 . 2011-05-03 07:50 743526 c:\windows\system32\perfh00C.dat + 2009-07-14 02:36 . 2011-05-03 07:50 650638 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2011-05-01 17:10 650638 c:\windows\system32\perfh009.dat + 2009-07-14 15:24 . 2011-05-03 07:50 147862 c:\windows\system32\perfc00C.dat - 2009-07-14 15:24 . 2011-05-01 17:10 147862 c:\windows\system32\perfc00C.dat + 2009-07-14 02:36 . 2011-05-03 07:50 120294 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2011-05-01 17:10 120294 c:\windows\system32\perfc009.dat + 2011-05-02 13:33 . 2011-05-02 13:32 189728 c:\windows\system32\javaws.exe + 2011-05-02 13:33 . 2011-05-02 13:32 171808 c:\windows\system32\javaw.exe + 2011-05-02 13:33 . 2011-05-02 13:32 171808 c:\windows\system32\java.exe + 2009-07-14 05:38 . 2011-05-02 16:36 262144 c:\windows\system32\config\systemprofile\ntuser.dat - 2009-07-14 05:38 . 2010-05-23 11:55 262144 c:\windows\system32\config\systemprofile\ntuser.dat - 2009-07-14 05:12 . 2010-09-09 09:48 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2009-07-14 05:12 . 2011-05-03 04:07 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2009-07-14 05:01 . 2011-05-03 07:44 394396 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-05-03 05:18 . 2009-04-22 08:00 350720 c:\windows\Resources\Themes\Win7-Katharos Top\Shell\NormalColor\shellstyle.dll + 2011-05-03 07:09 . 2009-10-31 08:37 349184 c:\windows\Resources\Themes\leaf_by_dpcdpc11_top_s_f_R\Shell\NormalColor\shellstyle.dll + 2011-05-03 07:09 . 2009-10-31 08:37 349184 c:\windows\Resources\Themes\leaf_by_dpcdpc11_top_R\Shell\NormalColor\shellstyle.dll + 2011-05-03 05:33 . 2009-07-14 06:03 350720 c:\windows\Resources\Themes\emerald\Shell\NormalColor\shellstyle.dll + 2011-05-02 13:32 . 2011-05-02 13:32 682496 c:\windows\Installer\f3a6cc.msi + 2011-05-02 13:32 . 2011-05-02 13:32 183808 c:\windows\Installer\f3a6c7.msi + 2011-05-02 13:31 . 2011-05-02 13:31 681984 c:\windows\Installer\f3a6bf.msi + 2011-05-03 06:03 . 2010-02-25 20:12 2870272 c:\windows\W7SOC\explorer.exe + 2011-05-03 07:21 . 2011-04-12 15:53 1865728 c:\windows\system32\W7NBC\ExplorerFrame.dll + 2009-07-14 04:45 . 2011-05-03 07:46 4893992 c:\windows\system32\FNTCACHE.DAT + 2010-05-16 21:21 . 2011-05-03 07:44 3737712 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2011-03-16 12:14 . 2010-02-25 20:12 2870272 c:\windows\explorer.bakbakbak.exe + 2011-03-16 12:14 . 2010-02-25 20:12 2870272 c:\windows\explorer.BAK.exe + 2009-07-13 23:42 . 2009-07-14 01:06 20268032 c:\windows\SysWOW64\imageres.dll + 2009-07-14 02:34 . 2011-05-03 08:50 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat - 2009-07-14 02:34 . 2011-05-01 15:36 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat + 2009-07-13 23:57 . 2009-07-14 01:28 20268032 c:\windows\system32\imageres.dll + 2010-09-09 08:40 . 2011-05-03 07:44 19046596 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-298173471-2318884327-37262993-1001-8192.dat + 2010-09-17 10:57 . 2011-05-02 16:14 13290860 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-298173471-2318884327-37262993-1001-12288.dat - 2010-09-17 10:57 . 2011-05-01 17:04 13290860 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-298173471-2318884327-37262993-1001-12288.dat . -- Instantané actualisé -- . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Nexus"="c:\program files (x86)\Winstep\Nexus.exe" [2011-03-14 13816960] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672] . c:\users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ FastStone Capture.lnk - c:\program files (x86)\FastStone Capture\FSCapture.exe [2007-2-23 1115136] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" "VMware hqtray"="c:\program files (x86)\VMware\VMware Player\hqtray.exe" "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "LGODDFU"="c:\program files (x86)\lg_fwupdate\fwupdate.exe" blrun "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime "JMB36X IDE Setup"=c:\windows\RaidTool\xInsIDE.exe "K3805"="c:\program files (x86)\Alchemy Elixir\control.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AppleSyncNotifier"=c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "Razer Naga Driver"=c:\program files (x86)\Razer\Naga\RazerNagaSysTray.exe "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2009-08-06 65536] R3 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] R3 AODDriver;AODDriver;c:\program files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [2009-02-22 14904] R3 AODDriver2;AODDriver2;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-04-23 52352] R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-08-30 15872] R3 etdrv;etdrv;c:\windows\etdrv.sys [2010-06-03 25640] R3 FLASHSYS;FLASHSYS;c:\program files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [2008-02-15 15192] R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2010-06-03 30528] R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [2011-04-12 311744] R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x] R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [2010-11-06 24176] R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys [2010-02-01 14648] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x] R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-26 354304] R4 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496] R4 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-04-23 136616] R4 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136] R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R4 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-01-22 563760] S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x] S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x64.sys [x] S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x] S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2010-04-07 810120] S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-11-23 1974080] S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x] S2 Winstep Xtreme Service;Winstep Xtreme Service;c:\program files (x86)\Winstep\WsxService [x] S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 P0620VID;Creative WebCam Instant;c:\windows\system32\DRIVERS\P0620Vid.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [x] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856] S3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [x] . . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-04-07 2839840] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = https://mail.google....l/?shva=1#inbox mLocal Page = c:\windows\SysWOW64\blank.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - f:\progra~1\Office14\EXCEL.EXE/3000 IE: Liens de téléchargement avec Mega Manager... - c:\program files (x86)\Megaupload\Mega Manager\mm_file.htm LSP: c:\program files (x86)\VMware\VMware Player\vsocklib.dll . - - - - ORPHELINS SUPPRIMES - - - - . AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\Edward\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winstep Xtreme Service] "ImagePath"="c:\program files (x86)\Winstep\WsxService" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-298173471-2318884327-37262993-1001\Software\SecuROM\License information*] "datasecu"=hex:c6,fb,8b,0a,27,5c,e0,bf,19,04,85,06,5e,a1,ae,75,65,c1,bc,6e,a9, 1c,67,ad,40,9d,9f,02,e6,13,3c,e4,44,f8,ee,cd,ed,4a,84,c9,3c,6a,bd,2e,6f,20,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_10_2_161_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_10_2_161_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Heure de fin: 2011-05-03 12:11:43 ComboFix-quarantined-files.txt 2011-05-03 10:11 ComboFix2.txt 2011-05-01 17:30 . Avant-CF: 16 616 034 304 octets libres Après-CF: 16 839 884 800 octets libres . - - End Of File - - 76F34865289E96C0DD802D7DAD9A62F8

Tout se passe bien jusqu'au redémarrage de Windows. Le système reboot donc en mode 640x480 avec un tas d'erreur type: swreg.cfxxe n'a pas démarré correctement, la souris ne fonctionnant pas, tout comme internet. J'ai laissé tel quel jusqu'à ce que la fenêtre de combot fix se ferme d'elle même. J'ai attendu quelque minute puis j'ai redémarré manuellement. J'étais toujours en 640x480 avec les erreurs et la souris ne fonctionnant pas, j'ai alors restauré le système.

Bonjour lance_yien, Merci encore de t'occuper de mon cas. Le problème persiste oui, mais j'ai aussi quelques informations en plus à fournir. J'ai remarqué ce matin que le pic d'utilisation mémoire se faisait de façon progressif. Il y a un battement de quelques secondes (environ 5 à 10) avant de passer d'un pallier à l'autre, ce n'est pas brusque, ça ne passe pas de 19% à 95% d'un coup. (La ré actualisation est de 1seconde dans le gestionnaire de tâche, ce n'est donc pas ça qui provoque le battement) Autre chose, il me semble que le problème apparaisse uniquement lorsque l'explorateur est sollicité. Par exemple en ouvrant une fenêtre ou lorsqu'un programme en fait apparaître une.

All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ED0E8CA5-42FB-4B18-997B-769E0408E79D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED0E8CA5-42FB-4B18-997B-769E0408E79D}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MSIAfterburner deleted successfully. C:\Program Files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{5DE316A0-7613-4D69-B647-D3C8B9E7026C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5DE316A0-7613-4D69-B647-D3C8B9E7026C}\ not found. ADS C:\ProgramData\Temp:010ADD2C deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== C:\WINDOWS\tasks\GlaryInitialize.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-298173471-2318884327-37262993-1001Core.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-298173471-2318884327-37262993-1001UA.job moved successfully. File\Folder C:\*.sqm not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 41620 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Edward ->Temp folder emptied: 6687 bytes ->Temporary Internet Files folder emptied: 4341661 bytes ->Java cache emptied: 14889242 bytes ->FireFox cache emptied: 49129655 bytes ->Google Chrome cache emptied: 267172579 bytes ->Opera cache emptied: 517967 bytes ->Flash cache emptied: 1130597 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 3704 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50540 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 322,00 mb [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Edward ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.22.3 log created on 05022011_110122 Files\Folders moved on Reboot... C:\Users\Edward\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot... Le scan eset en ligne n'a rien trouvé.

OTL logfile created on: 02/05/2011 09:15:41 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Edward\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 48,83 Gb Total Space | 16,37 Gb Free Space | 33,53% Space Free | Partition Type: NTFS Drive D: | 208,53 Gb Total Space | 45,86 Gb Free Space | 21,99% Space Free | Partition Type: NTFS Drive F: | 931,51 Gb Total Space | 804,79 Gb Free Space | 86,40% Space Free | Partition Type: NTFS Drive J: | 1863,01 Gb Total Space | 1051,47 Gb Free Space | 56,44% Space Free | Partition Type: NTFS Computer Name: EDWARD-PC | User Name: Edward | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/05/02 09:13:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.exe PRC - [2011/04/29 13:36:45 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2010/04/07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2010/02/01 04:27:02 | 000,339,256 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe PRC - [2009/08/06 07:51:20 | 000,065,536 | R--- | M] () -- C:\Windows\SysWOW64\XSrvSetup.exe PRC - [2007/02/23 23:49:58 | 001,115,136 | ---- | M] () -- C:\Program Files (x86)\FastStone Capture\FSCapture.exe ========== Modules (SafeList) ========== MOD - [2011/05/02 09:13:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.exe MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011/01/27 00:55:36 | 000,203,776 | ---- | M] (AMD) [On_Demand | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011/01/26 19:01:28 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Disabled | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2010/11/23 17:21:12 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2010/06/17 06:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Disabled | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager) SRV:64bit: - [2010/04/07 21:10:42 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV:64bit: - [2010/04/07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011/04/29 13:36:45 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011/04/12 10:11:26 | 000,311,744 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files (x86)\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2010/11/23 17:24:50 | 001,974,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2010/11/23 17:21:02 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2010/04/23 05:39:00 | 000,136,616 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010/01/22 21:57:08 | 000,395,824 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2010/01/22 21:56:44 | 000,334,384 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2010/01/22 21:56:28 | 000,113,200 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService) SRV - [2010/01/22 21:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService) SRV - [2009/08/24 14:38:06 | 000,068,136 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service) SRV - [2009/08/06 07:51:20 | 000,065,536 | R--- | M] () [Auto | Running] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X) SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/01/27 01:37:20 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011/01/27 00:13:32 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011/01/13 04:17:30 | 000,122,624 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\zghsmdm.sys -- (zghsmdm) DRV:64bit: - [2010/12/29 03:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010/12/16 10:23:14 | 000,126,464 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse) DRV:64bit: - [2010/12/10 14:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010/12/10 14:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010/11/23 16:38:53 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2010/11/23 16:38:52 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2010/11/06 23:24:34 | 000,024,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter) DRV:64bit: - [2010/10/18 07:24:46 | 000,038,424 | ---- | M] (Google Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb) DRV:64bit: - [2010/05/17 08:35:12 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2010/05/09 23:29:02 | 000,145,936 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010/04/07 21:08:30 | 000,050,600 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:64bit: - [2010/04/07 21:08:28 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis) DRV:64bit: - [2010/04/07 21:08:26 | 000,169,592 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:64bit: - [2010/04/07 21:07:10 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:64bit: - [2010/04/07 21:03:52 | 000,163,888 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:64bit: - [2010/03/30 23:35:04 | 000,020,968 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz133_x64.sys -- (cpuz133) DRV:64bit: - [2010/03/09 12:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2010/01/22 21:58:22 | 000,068,656 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:64bit: - [2010/01/22 21:58:20 | 000,029,744 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd) DRV:64bit: - [2010/01/22 21:58:16 | 000,080,944 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:64bit: - [2010/01/22 21:58:16 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:64bit: - [2010/01/22 21:00:44 | 000,038,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:64bit: - [2010/01/22 17:12:58 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:64bit: - [2009/12/18 00:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2009/11/06 07:42:06 | 000,293,416 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx) DRV:64bit: - [2009/10/07 13:26:24 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009/08/09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:64bit: - [2009/07/17 20:52:00 | 000,201,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/05/05 04:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2009/04/28 03:03:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009/04/28 03:03:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2005/08/15 10:02:18 | 000,126,848 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P0620Vid.sys -- (P0620VID) DRV - [2011/04/25 13:19:02 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2010/10/07 12:34:32 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2010/08/30 12:19:54 | 000,015,872 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64) DRV - [2010/06/04 00:51:00 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv) DRV - [2010/06/04 00:50:44 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2010/04/23 05:38:48 | 000,052,352 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver2) DRV - [2010/02/01 04:27:24 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64) DRV - [2009/02/23 00:21:54 | 000,014,904 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys -- (AODDriver) DRV - [2008/02/15 16:30:48 | 000,015,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 4\LU4\Flashsys64.sys -- (FLASHSYS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mail.google....l/?shva=1#inbox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 42 D3 B3 E6 D7 B6 CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/05/12 22:18:47 | 000,000,000 | ---D | M] [2010/05/19 20:15:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edward\AppData\Roaming\mozilla\Extensions [2011/03/16 00:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edward\AppData\Roaming\mozilla\Firefox\Profiles\v12zbrtz.default\extensions File not found (No name found) -- [2011/01/10 12:00:24 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX 4.0 BETA 7\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/03/28 11:58:43 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX 4.0 BETA 7\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} () (No name found) -- C:\USERS\EDWARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V12ZBRTZ.DEFAULT\EXTENSIONS\{40A1F5D7-AFC2-498F-B264-02668D616FF6}.XPI () (No name found) -- C:\USERS\EDWARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V12ZBRTZ.DEFAULT\EXTENSIONS\[email protected] O1 HOSTS File: ([2011/05/01 19:24:30 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (no name) - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - No CLSID value found. O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [MSIAfterburner] C:\Program Files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe () O4 - Startup: C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk = C:\Program Files (x86)\FastStone Capture\FSCapture.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9 - Extra Button: FreshDownload - {5DE316A0-7613-4D69-B647-D3C8B9E7026C} - File not found O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.giga...bject/Dldrv.ocx (Dldrv2 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://service.futur...ark/tc/FMSI.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...yri_4.3.1.0.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: VIDC.FFDS - ff_vfw.dll () Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L) Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (www) Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll () Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L) Drivers32: VIDC.VMnc - C:\Windows\SysWow64\vmnc.dll (VMware, Inc.) Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll () Drivers32: VIDC.YV12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/05/02 09:13:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.exe [2011/05/02 07:49:43 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011/05/02 05:48:09 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{44F78535-FC07-4112-AC61-D3DF67C1620D} [2011/05/01 19:11:39 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011/05/01 19:11:39 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011/05/01 19:11:39 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011/05/01 19:11:34 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011/05/01 19:11:18 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/05/01 19:11:04 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2011/05/01 17:47:33 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{48B43689-8499-457C-853A-91549C64F6DC} [2011/05/01 16:35:18 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Malwarebytes [2011/05/01 16:35:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011/05/01 16:35:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/05/01 16:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/05/01 16:35:09 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011/05/01 16:35:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/05/01 05:46:57 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{B4079414-E88B-495D-BF56-C9615E3FF241} [2011/04/30 08:58:18 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\Criterion Games [2011/04/29 14:12:00 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\My Cheat Tables [2011/04/29 13:37:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft [2011/04/29 13:36:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\PunkBuster [2011/04/29 03:43:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag [2011/04/28 12:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com [2011/04/28 12:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ma-config.com [2011/04/28 12:04:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ma-config.com [2011/04/28 09:54:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aero Tuner [2011/04/27 17:34:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\mkvtoolnix [2011/04/27 17:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVtoolnix [2011/04/27 17:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MKVtoolnix [2011/04/27 16:03:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirtualDubMOD [2011/04/27 16:03:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDubMOD [2011/04/27 14:56:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\FastStone [2011/04/27 14:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture [2011/04/27 14:56:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FastStone Capture [2011/04/27 14:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter [2011/04/27 03:38:20 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Front Mission Evolved [2011/04/26 14:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2011/04/26 14:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011/04/26 14:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011/04/26 05:44:03 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2011/04/26 05:44:02 | 000,036,160 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2011/04/26 05:44:02 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2011/04/26 05:44:02 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2011/04/26 05:44:02 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2011/04/26 05:44:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011 [2011/04/26 05:43:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2011 [2011/04/26 05:43:30 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} [2011/04/26 05:27:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Martau [2011/04/26 05:27:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Total Uninstall 5 [2011/04/26 04:21:27 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{F1AC0983-DF4C-4301-BD1D-AA56D55C5568} [2011/04/25 15:50:06 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{4A1E87C6-434A-4FDB-9C69-60BE832D50CB} [2011/04/25 00:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2011/04/25 00:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2011/04/25 00:53:55 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Criterion Games [2011/04/25 00:43:22 | 000,412,776 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2011/04/23 06:24:59 | 000,000,000 | ---D | C] -- C:\ProgramData\BOINC [2011/04/23 06:24:59 | 000,000,000 | ---D | C] -- C:\Program Files\BOINC [2011/04/23 06:24:34 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations [2011/04/22 19:26:40 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Prototype [2011/04/22 00:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 5.5 [2011/04/22 00:15:21 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\SysWow64\D3DX81ab.dll [2011/04/22 00:15:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine [2011/04/21 21:41:53 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\CAPCOM [2011/04/21 21:39:36 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\CAPCOM [2011/04/21 20:46:22 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\SHIFT 2 UNLEASHED [2011/04/21 19:37:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2011/04/21 10:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories [2011/04/21 08:49:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Talk [2011/04/21 08:49:27 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk [2011/04/19 12:16:36 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Games for Windows - LIVE Demos [2011/04/18 13:32:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Rockstar Games [2011/04/18 13:28:56 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\Rockstar Games [2011/04/17 19:47:49 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\GTA3 User Files [2011/04/17 19:27:49 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\GTA Vice City User Files [2011/04/16 14:15:34 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{0790F134-1B6D-4244-8BA8-0E548E90EDCA} [2011/04/16 02:15:12 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{8EE75337-B10C-4D5B-8DA4-F61DDCC2F076} [2011/04/15 14:14:51 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{1F5F1E81-5B06-4763-911B-A2CC1E6EAF2C} [2011/04/15 08:38:06 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Google [2011/04/15 02:14:30 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{E533CB43-CA93-487C-81A9-9376A935411E} [2011/04/14 21:27:33 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake [2011/04/14 17:48:41 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Transmission Remote [2011/04/14 17:48:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission Remote [2011/04/14 17:48:41 | 000,000,000 | ---D | C] -- C:\Program Files\Transmission Remote [2011/04/14 14:13:49 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{CF197E79-8B4A-45FE-B979-552198BF8E52} [2011/04/14 02:13:21 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{2B02EDD7-4744-41BE-9B73-723C53F999F2} [2011/04/14 00:40:10 | 004,284,416 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr [2011/04/13 22:46:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aura [2011/04/13 16:18:01 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\vlc [2011/04/13 16:17:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011/04/13 13:35:28 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2011/04/13 13:35:28 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2011/04/13 13:35:28 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2011/04/13 13:35:28 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011/04/13 13:35:28 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011/04/13 13:35:28 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2011/04/13 13:35:28 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011/04/13 13:35:28 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll [2011/04/13 13:35:28 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011/04/13 13:35:28 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2011/04/13 13:35:28 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll [2011/04/13 13:35:28 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2011/04/13 13:35:28 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2011/04/13 13:35:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/04/13 13:35:28 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2011/04/13 13:35:28 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2011/04/13 13:35:28 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll [2011/04/13 13:35:28 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2011/04/13 13:35:28 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2011/04/13 13:35:28 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2011/04/13 13:35:28 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2011/04/13 13:35:28 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2011/04/13 13:35:28 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011/04/13 13:35:28 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2011/04/13 13:35:28 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2011/04/13 13:35:28 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2011/04/13 13:35:28 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2011/04/13 13:35:28 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2011/04/13 13:35:28 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2011/04/13 13:35:28 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2011/04/13 13:35:28 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2011/04/13 13:35:28 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2011/04/13 13:35:28 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/04/13 13:35:28 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2011/04/13 13:35:28 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2011/04/13 13:35:28 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2011/04/13 13:35:28 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2011/04/13 13:35:28 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll [2011/04/13 13:35:28 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2011/04/13 13:35:28 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011/04/13 13:35:28 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011/04/13 13:35:27 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2011/04/13 13:35:27 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011/04/13 13:35:27 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2011/04/13 13:35:27 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011/04/13 13:35:27 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011/04/13 13:35:27 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011/04/13 13:35:27 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2011/04/13 13:35:27 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2011/04/13 13:35:27 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011/04/13 13:35:27 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2011/04/13 13:35:27 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2011/04/13 13:35:27 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/04/13 13:35:27 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011/04/13 13:35:27 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2011/04/13 13:35:27 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2011/04/13 13:35:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2011/04/13 13:35:27 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2011/04/13 13:35:27 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2011/04/13 13:35:27 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2011/04/13 13:35:27 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011/04/13 13:35:27 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2011/04/13 13:35:27 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2011/04/13 13:35:27 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2011/04/13 13:35:27 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2011/04/13 13:35:27 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/04/13 13:35:27 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2011/04/13 13:35:27 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2011/04/13 13:35:27 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2011/04/13 13:35:27 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2011/04/13 13:35:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2011/04/13 13:35:27 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2011/04/13 13:35:27 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2011/04/13 13:35:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2011/04/13 13:35:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2011/04/13 13:35:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011/04/13 13:35:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2011/04/13 13:35:27 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011/04/13 09:44:05 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{48C1F504-3CD8-4A17-8AC4-1DF7B2FC3C76} [2011/04/13 06:13:12 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2011/04/13 06:13:12 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2011/04/13 06:13:12 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2011/04/13 06:13:12 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2011/04/13 06:13:02 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011/04/13 06:13:02 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011/04/13 06:13:02 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011/04/13 06:13:02 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011/04/13 06:13:00 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2011/04/13 06:13:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2011/04/13 06:13:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2011/04/13 06:12:56 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2011/04/13 06:12:56 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2011/04/13 06:12:56 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2011/04/13 06:12:56 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2011/04/13 06:12:56 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2011/04/13 06:12:56 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2011/04/13 06:12:56 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2011/04/13 06:12:56 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2011/04/12 21:43:33 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{42961CEB-E159-4114-8247-E77E6F2C9D60} [2011/04/12 09:43:11 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{A1BCA28A-8955-4A95-8CE9-506DF5B9C79A} [2011/04/11 21:42:49 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{5EFBB873-73EF-4D9E-A911-79651780C8BF} [2011/04/11 20:44:07 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\.minecraft [2011/04/11 13:06:46 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\RIFT [2011/04/11 13:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIFT [2011/04/11 09:42:25 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{D2690FE8-C4CA-4F45-910E-D3FEBCC5D3E2} [2011/04/10 21:41:53 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{506E6767-4A76-4BAB-BF5F-D1F6FA702504} [2011/04/10 09:41:18 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{BD0A9067-0151-4766-84AD-CB3B43EAEB6C} [2011/04/09 21:40:55 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{05E55B70-E11A-486E-9E4F-618A50489BE5} [2011/04/09 09:40:34 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{A53CBD7F-E1B2-4CE6-B3CD-06C3BD337672} [2011/04/08 21:40:02 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{0A8E679F-4212-4119-A6A6-225FBC872BFC} [2011/04/08 09:39:26 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{F2B98D48-6A50-4222-A436-BF3DB9FD5D37} [2011/04/07 21:39:05 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{03A39ACE-1C7B-44C3-99DD-448BCD24B815} [2011/04/07 09:38:43 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{337F9800-9614-48CB-BE1D-C1AAE1E823BA} [2011/04/07 02:19:18 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Audacity [2011/04/07 02:19:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity 1.3 Beta [2011/04/06 21:38:22 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{6E2BFB79-109B-4414-8FE4-DDF45DEEC754} [2011/04/06 09:39:27 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{21511F99-4D3C-4B5A-8051-0C02B092FEF5} [2011/04/05 21:39:05 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{ADAC6C94-632D-4F73-9C86-AEB6B8BF5655} [2011/04/05 09:38:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{B0D6435D-212E-4BFA-A6DA-8427DAA7E56F} [2011/04/04 21:38:22 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{476E36A3-BFE1-4111-9431-B4B19744146F} ========== Files - Modified Within 30 Days ========== [2011/05/02 09:16:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/05/02 09:13:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.exe [2011/05/02 07:53:45 | 001,657,292 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/05/02 07:53:45 | 000,743,526 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/05/02 07:53:45 | 000,650,638 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/05/02 07:53:45 | 000,147,862 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/05/02 07:53:45 | 000,120,294 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/05/02 07:49:41 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2011/05/02 07:49:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/05/01 19:24:30 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011/05/01 19:10:16 | 004,334,469 | R--- | M] () -- C:\Users\Edward\Desktop\ComboFix.exe [2011/05/01 19:03:51 | 000,050,477 | ---- | M] () -- C:\Users\Edward\Desktop\Defogger.exe [2011/05/01 16:49:03 | 004,885,384 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/05/01 16:47:45 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/05/01 16:47:44 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/05/01 16:35:34 | 000,879,028 | ---- | M] () -- C:\Users\Edward\Desktop\SecurityCheck.exe [2011/05/01 16:35:13 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/05/01 06:40:03 | 000,001,456 | ---- | M] () -- C:\Users\Edward\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2011/04/29 13:36:45 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/04/29 03:45:12 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2011/04/27 14:58:20 | 000,001,168 | ---- | M] () -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk [2011/04/27 13:15:04 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-298173471-2318884327-37262993-1001UA.job [2011/04/27 13:15:04 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-298173471-2318884327-37262993-1001Core.job [2011/04/26 21:07:07 | 000,020,602 | ---- | M] () -- C:\Users\Edward\Documents\FF7.aimppl [2011/04/26 14:38:09 | 000,001,278 | ---- | M] () -- C:\Users\Edward\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011/04/26 09:57:34 | 000,173,052 | ---- | M] () -- C:\Users\Edward\Documents\cc_20110426_095725.reg [2011/04/26 07:36:05 | 000,021,598 | ---- | M] () -- C:\Windows\SysNative\oemlogo.bmp [2011/04/25 13:19:02 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\Windows\gdrv.sys [2011/04/21 09:54:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2011/04/16 07:29:26 | 001,634,222 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/04/14 00:40:10 | 004,284,416 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr [2011/04/13 13:49:34 | 000,001,449 | ---- | M] () -- C:\Users\Edward\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011/04/13 13:35:28 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2011/04/13 13:35:28 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2011/04/13 13:35:28 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2011/04/13 13:35:28 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011/04/13 13:35:28 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011/04/13 13:35:28 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2011/04/13 13:35:28 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011/04/13 13:35:28 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll [2011/04/13 13:35:28 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011/04/13 13:35:28 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2011/04/13 13:35:28 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll [2011/04/13 13:35:28 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2011/04/13 13:35:28 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2011/04/13 13:35:28 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/04/13 13:35:28 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2011/04/13 13:35:28 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2011/04/13 13:35:28 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll [2011/04/13 13:35:28 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2011/04/13 13:35:28 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2011/04/13 13:35:28 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2011/04/13 13:35:28 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2011/04/13 13:35:28 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2011/04/13 13:35:28 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011/04/13 13:35:28 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2011/04/13 13:35:28 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2011/04/13 13:35:28 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2011/04/13 13:35:28 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2011/04/13 13:35:28 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2011/04/13 13:35:28 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2011/04/13 13:35:28 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2011/04/13 13:35:28 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2011/04/13 13:35:28 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2011/04/13 13:35:28 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/04/13 13:35:28 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2011/04/13 13:35:28 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2011/04/13 13:35:28 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2011/04/13 13:35:28 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2011/04/13 13:35:28 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll [2011/04/13 13:35:28 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2011/04/13 13:35:28 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011/04/13 13:35:28 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011/04/13 13:35:27 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2011/04/13 13:35:27 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011/04/13 13:35:27 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2011/04/13 13:35:27 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011/04/13 13:35:27 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011/04/13 13:35:27 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011/04/13 13:35:27 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2011/04/13 13:35:27 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2011/04/13 13:35:27 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011/04/13 13:35:27 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2011/04/13 13:35:27 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2011/04/13 13:35:27 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/04/13 13:35:27 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011/04/13 13:35:27 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2011/04/13 13:35:27 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2011/04/13 13:35:27 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2011/04/13 13:35:27 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2011/04/13 13:35:27 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2011/04/13 13:35:27 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2011/04/13 13:35:27 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011/04/13 13:35:27 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2011/04/13 13:35:27 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2011/04/13 13:35:27 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2011/04/13 13:35:27 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2011/04/13 13:35:27 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/04/13 13:35:27 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2011/04/13 13:35:27 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2011/04/13 13:35:27 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2011/04/13 13:35:27 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2011/04/13 13:35:27 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2011/04/13 13:35:27 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2011/04/13 13:35:27 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2011/04/13 13:35:27 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2011/04/13 13:35:27 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2011/04/13 13:35:27 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011/04/13 13:35:27 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2011/04/13 13:35:27 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe ========== Files Created - No Company Name ========== [2011/05/02 09:16:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/05/01 19:11:39 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2011/05/01 19:11:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011/05/01 19:11:39 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2011/05/01 19:11:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011/05/01 19:11:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011/05/01 19:08:12 | 004,334,469 | R--- | C] () -- C:\Users\Edward\Desktop\ComboFix.exe [2011/05/01 19:03:52 | 000,050,477 | ---- | C] () -- C:\Users\Edward\Desktop\Defogger.exe [2011/05/01 16:35:34 | 000,879,028 | ---- | C] () -- C:\Users\Edward\Desktop\SecurityCheck.exe [2011/05/01 16:35:13 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/04/30 16:25:21 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011/04/29 13:36:45 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/04/27 14:58:20 | 000,001,168 | ---- | C] () -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk [2011/04/26 21:07:07 | 000,020,602 | ---- | C] () -- C:\Users\Edward\Documents\FF7.aimppl [2011/04/26 14:38:09 | 000,001,278 | ---- | C] () -- C:\Users\Edward\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011/04/26 09:57:28 | 000,173,052 | ---- | C] () -- C:\Users\Edward\Documents\cc_20110426_095725.reg [2011/04/26 07:36:05 | 000,021,598 | ---- | C] () -- C:\Windows\SysNative\oemlogo.bmp [2011/04/26 05:44:01 | 000,002,197 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk [2011/04/26 05:27:31 | 000,001,042 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Uninstall 5.lnk [2011/04/25 00:43:22 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2011/04/22 00:15:21 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll [2011/04/21 09:54:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2011/04/07 02:19:15 | 000,001,000 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta.lnk [2011/03/16 15:53:15 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL [2010/12/21 04:27:20 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010/10/27 16:07:54 | 000,000,132 | ---- | C] () -- C:\Users\Edward\AppData\Roaming\Adobe Targa Format CS5 Prefs [2010/10/14 02:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010/05/28 15:32:44 | 000,003,235 | ---- | C] () -- C:\Users\Edward\AppData\Local\Temp11.html [2010/05/22 19:56:53 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys [2010/05/18 11:44:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/05/17 22:58:14 | 000,000,315 | ---- | C] () -- C:\Windows\game.ini [2010/05/16 23:25:43 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI [2010/05/16 22:11:15 | 000,001,456 | ---- | C] () -- C:\Users\Edward\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2010/05/15 11:27:41 | 000,005,925 | ---- | C] () -- C:\Users\Edward\AppData\Local\Temp14.html [2010/05/14 21:53:40 | 000,065,536 | R--- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe [2010/05/14 21:47:18 | 000,005,977 | ---- | C] () -- C:\Users\Edward\AppData\Local\Temp25.html [2010/05/14 21:04:38 | 000,000,778 | ---- | C] () -- C:\Users\Edward\AppData\Local\Temp1.html [2010/05/14 18:33:37 | 001,634,222 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/05/13 14:04:01 | 000,000,306 | ---- | C] () -- C:\Windows\lgfwup.ini [2010/05/13 00:08:05 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010/05/13 00:08:04 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010/05/13 00:07:56 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010/05/13 00:07:56 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010/05/13 00:07:52 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010/05/12 23:38:31 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2010/05/12 22:33:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009/08/27 09:04:12 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe [2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2002/09/18 01:45:00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2010/05/14 18:33:39 | 000,001,024 | ---- | M] () -- C:\.rnd [2009/07/14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2010/05/12 22:24:20 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2011/05/01 19:30:12 | 000,027,456 | ---- | M] () -- C:\ComboFix.txt [2010/05/14 21:53:52 | 000,000,199 | ---- | M] () -- C:\csb.log [2010/05/20 22:00:31 | 000,014,885 | ---- | M] () -- C:\LU4.log [2011/05/02 07:49:26 | 4293,386,240 | -HS- | M] () -- C:\pagefile.sys [2011/03/16 16:36:10 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET [2011/04/29 03:45:12 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2011/05/02 09:16:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2010/05/14 21:50:53 | 000,003,308 | ---- | M] () -- C:\RHDSetup.log [2011/04/26 06:04:56 | 000,000,291 | ---- | M] () -- C:\service.log < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\drivers\*.sys /90 > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > ========== Alternate Data Streams ========== @Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:010ADD2C < End of report > OTL Extras logfile created on: 02/05/2011 09:15:41 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Edward\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 48,83 Gb Total Space | 16,37 Gb Free Space | 33,53% Space Free | Partition Type: NTFS Drive D: | 208,53 Gb Total Space | 45,86 Gb Free Space | 21,99% Space Free | Partition Type: NTFS Drive F: | 931,51 Gb Total Space | 804,79 Gb Free Space | 86,40% Space Free | Partition Type: NTFS Drive J: | 1863,01 Gb Total Space | 1051,47 Gb Free Space | 56,44% Space Free | Partition Type: NTFS Computer Name: EDWARD-PC | User Name: Edward | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [takeownership] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [takeownership] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518) "{0A3ED604-E1DD-4F50-9FF0-AACD8A66FA22}" = ESET Smart Security "{0C682623-8F66-46A8-B9B3-93FE1E66A001}" = iTunes "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer "{235B7B98-EAC3-4953-AE2C-EABCE1CD65C9}_is1" = GBoost "{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.5.0.2827 x64 "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{45CD67FD-3218-4207-A0A2-BC41245189E3}" = Microsoft Xbox 360 Accessories 1.2 "{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{503640E5-B2ED-3173-D109-D4D03153471A}" = AMD Drag and Drop Transcoding "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{7B475B52-8C5B-16F9-20A0-A01DCD1A6EF2}" = ATI AVIVO64 Codecs "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2010 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support "{A39AE3AE-9808-39D2-AB7B-FF5F0335095E}" = Microsoft .NET Framework 4 Extended FRA Language Pack "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{AE0D971F-5430-8874-B09E-3F1C76E2F8FF}" = WMV9/VC-1 Video Playback "{AE57C044-8912-A181-A0E4-BC2DAB3A092A}" = ATI Catalyst Install Manager "{B2C5B378-546F-75A7-7757-C1EAAFAF9E33}" = ccc-utility64 "{BBA7005D-8C56-FFD3-81AE-D0481829BC70}" = AMD Fuel "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit "CCleaner" = CCleaner "CPUID CPU-Z_is1" = CPUID CPU-Z 1.54 "CPUID HWMonitor_is1" = CPUID HWMonitor 1.15 "Creative PD0620" = Creative WebCam Instant Driver (2.00.04.0825) "CustoPackTools" = CustoPackTools "Defraggler" = Defraggler "KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v4.6.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA "Speccy" = Speccy "TeamSpeak 3 Client" = TeamSpeak 3 Client "WinRAR archiver" = Logiciel d'archivage WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{04077D50-954B-4365-84BF-02DE4702BA00}" = Alchemy Elixir "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.0904.1 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools "{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only) "{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011 "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 24 "{33899F97-411C-4759-BDAA-26ECAE715B9C}" = TuneUp Utilities Language Pack (fr-FR) "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Cinfigurer "{3CAC9760-14F6-4539-A75F-F240EC55FEE9}" = Ma-Config.com "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX "{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.0427.1 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B09.1008.1 "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI "{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8302}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8303}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8304}" = Grand Theft Auto IV "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = Mise à jour automatique du Firmware pour ODD LG "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{664D6E1D-2A6C-D54D-31A5-B6BC30CEB0C6}" = CCC Help English "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FB248E-690D-434F-94A7-248D5F1ECD70}" = AMD OverDrive "{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7B0A8F0E-3672-4DA5-9540-A8D0171C38D8}" = TuneUp Utilities Language Pack (fr-FR) "{7B9F5775-8C8C-2A4E-0CAB-74EA7AF5CB09}" = ccc-core-static "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed Hot Pursuit "{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout Paradise The Ultimate Box "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA945C94-285E-DE48-A30F-70105C6580DE}" = Catalyst Control Center Graphics Previews Common "{AC76BA86-7AD7-1036-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Français "{B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1" = VirtualDubMOD 1.5.10.3 Fr "{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles "{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS Ver.2.06 "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}" = DarksidersInstaller "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CC29B835-95A5-3CD9-087B-F94D7B9ECC9B}" = Catalyst Control Center InstallProxy "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4 "{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{E76FCE6B-9999-4250-8C75-B2DA4AD41268}" = Face_Wizard B10.0408.01 "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™ "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{ED4108A9-60FD-4F18-AF42-122219977773}" = Razer Naga "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Afterburner" = MSI Afterburner 1.5.1 "AIMP3" = AIMP3 "Audacity 1.3 Beta_is1" = Audacity 1.3.12 "CamStudio" = CamStudio "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "Cheat Engine 5.5_is1" = Cheat Engine 5.5 "DivX Setup.divx.com" = Configuration DivX "Downloader Qobuz" = Downloader Qobuz "FastStone Capture" = FastStone Capture 5.3 (French) "FileZilla Client" = FileZilla Client 3.4.0 "Fraps" = Fraps (remove only) "Free Text Pad" = Free Text Pad "Glary Utilities_is1" = Glary Utilities 2.33.0.1158 "HandBrake" = HandBrake 0.9.5 "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools "InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.0427.1 "InstallShield_{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B09.1008.1 "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype "InstallShield_{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT "KLiteCodecPack_is1" = K-Lite Codec Pack 5.9.0 (Full) "Liveupdate4_is1" = Liveupdate4 "MagniDriver" = marvell 91xx driver "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Messenger Plus! Live" = Messenger Plus! Live "MKVtoolnix" = MKVtoolnix 4.7.0 "MSI Kombustor_is1" = MSI Kombustor v1.0.0 "OCCT_is1" = OCCT Perestroika 3.1.0 "OpenAL" = OpenAL "Opera 11.10.2048" = Opera 11.10 beta build 2048 "Opera 11.10.2092" = Opera 11.10 "Picasa 3" = Picasa 3 "PunkBusterSvc" = PunkBuster Services "Steam App 12210" = Grand Theft Auto IV "Steam App 12220" = Grand Theft Auto: Episodes from Liberty City "Steam App 50620" = Darksiders "Steam App 550" = Left 4 Dead 2 "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "Total Uninstall 5_is1" = Total Uninstall 5.9.3 "Transmission Remote" = Transmission Remote "TuneUp Utilities 2011" = TuneUp Utilities 2011 "uTorrent" = µTorrent "VirtualCloneDrive" = VirtualCloneDrive "VLC media player" = VLC media player 1.1.9 "Winamp" = Winamp "WinLiveSuite" = Windows Live "World of Warcraft" = World of Warcraft "ZHPDiag_is1" = ZHPDiag 1.27 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "090215de958f1060" = Curse Client "Google Chrome" = Google Chrome "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player "Winamp Detect" = Détection de l'application Winamp ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >

J'ai eu un pic d'utilisation mémoire juste avant de lancer tes nouvelles instructions. Voilà le log: ComboFix 11-04-30.06 - Edward 01/05/2011 19:13:10.1.4 - x64 Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.4094.1035 [GMT 2:00] Lancé depuis: c:\users\Edward\Desktop\ComboFix.exe AV: ESET Smart Security 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} FW: Pare-feu personnel d'ESET *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE} SP: ESET Smart Security 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Un nouveau point de restauration a été créé . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\ntuser.dat c:\windows\system32\macromed\Flash\Flash10k.ocx c:\windows\system32\macromed\Flash\Flash10l.ocx c:\windows\system32\macromed\Flash\FlashInstall.log c:\windows\system32\macromed\Flash\flashplayer.xpt c:\windows\system32\macromed\Flash\FlashPlayerTrust\AdobeXMPFileInfoCS5.cfg c:\windows\system32\macromed\Flash\FlashUtil10l_ActiveX.dll c:\windows\system32\macromed\Flash\FlashUtil10l_ActiveX.exe c:\windows\system32\macromed\Flash\FlashUtil10p_Plugin.exe c:\windows\system32\macromed\Flash\NPSWF32.dll . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-04-01 au 2011-05-01 )))))))))))))))))))))))))))))))))))) . . 2011-05-01 15:47 . 2011-05-01 15:47 -------- d-----w- c:\users\Edward\AppData\Local\{48B43689-8499-457C-853A-91549C64F6DC} 2011-05-01 14:35 . 2011-05-01 14:35 -------- d-----w- c:\users\Edward\AppData\Roaming\Malwarebytes 2011-05-01 14:35 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-05-01 14:35 . 2011-05-01 14:35 -------- d-----w- c:\programdata\Malwarebytes 2011-05-01 14:35 . 2011-05-01 14:35 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-05-01 14:35 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-01 03:46 . 2011-05-01 03:47 -------- d-----w- c:\users\Edward\AppData\Local\{B4079414-E88B-495D-BF56-C9615E3FF241} 2011-04-30 06:58 . 2011-04-30 06:58 -------- d-----w- c:\users\Edward\AppData\Local\Criterion Games 2011-04-29 11:37 . 2011-04-29 11:37 -------- d-----w- c:\programdata\Ubisoft 2011-04-29 11:36 . 2011-04-29 11:36 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2011-04-29 11:36 . 2011-04-29 11:36 -------- d-----w- c:\users\Edward\AppData\Roaming\PunkBuster 2011-04-29 01:43 . 2011-04-29 01:45 -------- d-----w- c:\program files (x86)\ZHPDiag 2011-04-28 10:04 . 2011-04-28 10:04 -------- d-----w- c:\program files (x86)\ma-config.com 2011-04-28 10:04 . 2011-04-28 10:04 -------- d-----w- c:\programdata\ma-config.com 2011-04-28 07:54 . 2011-04-28 07:54 -------- d-----w- c:\program files (x86)\Aero Tuner 2011-04-27 15:34 . 2011-04-27 15:34 -------- d-----w- c:\users\Edward\AppData\Roaming\mkvtoolnix 2011-04-27 15:34 . 2011-04-27 15:34 -------- d-----w- c:\program files (x86)\MKVtoolnix 2011-04-27 14:03 . 2011-04-27 14:03 -------- d-----w- c:\program files (x86)\VirtualDubMOD 2011-04-27 12:56 . 2011-04-27 12:56 -------- d-----w- c:\users\Edward\AppData\Roaming\FastStone 2011-04-27 12:56 . 2011-04-27 12:56 -------- d-----w- c:\program files (x86)\FastStone Capture 2011-04-27 12:28 . 2011-04-28 07:53 -------- d-----w- c:\program files\Rainmeter 2011-04-26 12:33 . 2011-04-26 12:42 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2011-04-26 12:33 . 2011-04-26 12:39 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-04-26 03:44 . 2010-11-23 15:25 34624 ----a-w- c:\windows\system32\TURegOpt.exe 2011-04-26 03:44 . 2010-11-23 15:21 25920 ----a-w- c:\windows\system32\authuitu.dll 2011-04-26 03:44 . 2010-11-23 15:21 21312 ----a-w- c:\windows\SysWow64\authuitu.dll 2011-04-26 03:44 . 2010-11-23 15:21 36160 ----a-w- c:\windows\system32\uxtuneup.dll 2011-04-26 03:44 . 2010-11-23 15:21 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll 2011-04-26 03:43 . 2011-04-26 03:44 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2011 2011-04-26 03:43 . 2011-04-26 03:43 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} 2011-04-26 03:27 . 2011-04-26 03:27 -------- d-----w- c:\programdata\Martau 2011-04-26 03:27 . 2011-04-26 03:27 -------- d-----w- c:\program files (x86)\Total Uninstall 5 2011-04-26 02:21 . 2011-04-26 02:21 -------- d-----w- c:\users\Edward\AppData\Local\{F1AC0983-DF4C-4301-BD1D-AA56D55C5568} 2011-04-25 13:50 . 2011-04-25 13:50 -------- d-----w- c:\users\Edward\AppData\Local\{4A1E87C6-434A-4FDB-9C69-60BE832D50CB} 2011-04-24 22:54 . 2011-04-24 22:54 -------- d-----w- c:\programdata\Electronic Arts 2011-04-24 22:54 . 2011-04-24 22:54 -------- d-----w- c:\programdata\EA Core 2011-04-24 22:43 . 2010-12-29 01:45 74272 ----a-w- c:\windows\system32\RtNicProp64.dll 2011-04-24 22:43 . 2010-12-29 01:45 412776 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2011-04-23 04:24 . 2011-04-26 03:21 -------- d-----w- c:\program files\BOINC 2011-04-23 04:24 . 2011-04-26 02:21 -------- d-----w- c:\programdata\BOINC 2011-04-23 04:24 . 2011-04-23 04:24 -------- d-----w- c:\windows\Downloaded Installations 2011-04-21 22:15 . 2011-04-21 22:27 -------- d-----w- c:\program files (x86)\Cheat Engine 2011-04-21 22:15 . 2007-12-26 15:30 679936 ----a-w- c:\windows\SysWow64\D3DX81ab.dll 2011-04-21 22:15 . 2007-12-26 15:30 1970176 ----a-w- c:\windows\SysWow64\d3dx9.dll 2011-04-21 19:39 . 2011-05-01 06:13 -------- d-----w- c:\users\Edward\AppData\Local\CAPCOM 2011-04-21 17:37 . 2011-04-21 17:37 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2011-04-21 08:44 . 2011-04-21 08:44 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories 2011-04-19 03:30 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{743020B9-F768-4C12-B758-39A4325002F1}\mpengine.dll 2011-04-18 11:28 . 2011-04-18 11:29 -------- d-----w- c:\users\Edward\AppData\Local\Rockstar Games 2011-04-16 12:15 . 2011-04-16 12:15 -------- d-----w- c:\users\Edward\AppData\Local\{0790F134-1B6D-4244-8BA8-0E548E90EDCA} 2011-04-16 00:15 . 2011-04-16 00:15 -------- d-----w- c:\users\Edward\AppData\Local\{8EE75337-B10C-4D5B-8DA4-F61DDCC2F076} 2011-04-15 12:14 . 2011-04-15 12:15 -------- d-----w- c:\users\Edward\AppData\Local\{1F5F1E81-5B06-4763-911B-A2CC1E6EAF2C} 2011-04-15 00:14 . 2011-04-15 00:14 -------- d-----w- c:\users\Edward\AppData\Local\{E533CB43-CA93-487C-81A9-9376A935411E} 2011-04-14 15:48 . 2011-04-14 15:48 -------- d-----w- c:\program files\Transmission Remote 2011-04-14 12:13 . 2011-04-14 12:14 -------- d-----w- c:\users\Edward\AppData\Local\{CF197E79-8B4A-45FE-B979-552198BF8E52} 2011-04-14 00:13 . 2011-04-14 00:13 -------- d-----w- c:\users\Edward\AppData\Local\{2B02EDD7-4744-41BE-9B73-723C53F999F2} 2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr 2011-04-13 20:46 . 2011-04-13 20:51 -------- d-----w- c:\program files (x86)\Aura 2011-04-13 14:18 . 2011-04-29 03:16 -------- d-----w- c:\users\Edward\AppData\Roaming\vlc 2011-04-13 07:44 . 2011-04-13 07:44 -------- d-----w- c:\users\Edward\AppData\Local\{48C1F504-3CD8-4A17-8AC4-1DF7B2FC3C76} 2011-04-13 04:12 . 2011-03-08 06:14 976896 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-12 19:43 . 2011-04-12 19:43 -------- d-----w- c:\users\Edward\AppData\Local\{42961CEB-E159-4114-8247-E77E6F2C9D60} 2011-04-12 07:43 . 2011-04-12 07:43 -------- d-----w- c:\users\Edward\AppData\Local\{A1BCA28A-8955-4A95-8CE9-506DF5B9C79A} 2011-04-11 19:42 . 2011-04-11 19:43 -------- d-----w- c:\users\Edward\AppData\Local\{5EFBB873-73EF-4D9E-A911-79651780C8BF} 2011-04-11 18:44 . 2011-04-21 22:13 -------- d-----w- c:\users\Edward\AppData\Roaming\.minecraft 2011-04-11 11:06 . 2011-04-15 18:20 -------- d-----w- c:\users\Edward\AppData\Roaming\RIFT 2011-04-11 07:42 . 2011-04-11 07:42 -------- d-----w- c:\users\Edward\AppData\Local\{D2690FE8-C4CA-4F45-910E-D3FEBCC5D3E2} 2011-04-10 19:41 . 2011-04-10 19:42 -------- d-----w- c:\users\Edward\AppData\Local\{506E6767-4A76-4BAB-BF5F-D1F6FA702504} 2011-04-10 07:41 . 2011-04-10 07:41 -------- d-----w- c:\users\Edward\AppData\Local\{BD0A9067-0151-4766-84AD-CB3B43EAEB6C} 2011-04-09 19:40 . 2011-04-09 19:41 -------- d-----w- c:\users\Edward\AppData\Local\{05E55B70-E11A-486E-9E4F-618A50489BE5} 2011-04-09 07:40 . 2011-04-09 07:40 -------- d-----w- c:\users\Edward\AppData\Local\{A53CBD7F-E1B2-4CE6-B3CD-06C3BD337672} 2011-04-08 19:40 . 2011-04-08 19:40 -------- d-----w- c:\users\Edward\AppData\Local\{0A8E679F-4212-4119-A6A6-225FBC872BFC} 2011-04-08 07:39 . 2011-04-08 07:39 -------- d-----w- c:\users\Edward\AppData\Local\{F2B98D48-6A50-4222-A436-BF3DB9FD5D37} 2011-04-07 19:39 . 2011-04-07 19:39 -------- d-----w- c:\users\Edward\AppData\Local\{03A39ACE-1C7B-44C3-99DD-448BCD24B815} 2011-04-07 07:38 . 2011-04-07 07:38 -------- d-----w- c:\users\Edward\AppData\Local\{337F9800-9614-48CB-BE1D-C1AAE1E823BA} 2011-04-07 00:19 . 2011-04-07 00:27 -------- d-----w- c:\users\Edward\AppData\Roaming\Audacity 2011-04-07 00:19 . 2011-04-07 00:19 -------- d-----w- c:\program files (x86)\Audacity 1.3 Beta 2011-04-06 19:38 . 2011-04-06 19:38 -------- d-----w- c:\users\Edward\AppData\Local\{6E2BFB79-109B-4414-8FE4-DDF45DEEC754} 2011-04-06 07:39 . 2011-04-06 07:39 -------- d-----w- c:\users\Edward\AppData\Local\{21511F99-4D3C-4B5A-8051-0C02B092FEF5} 2011-04-05 19:39 . 2011-04-05 19:39 -------- d-----w- c:\users\Edward\AppData\Local\{ADAC6C94-632D-4F73-9C86-AEB6B8BF5655} 2011-04-05 07:38 . 2011-04-05 07:38 -------- d-----w- c:\users\Edward\AppData\Local\{B0D6435D-212E-4BFA-A6DA-8427DAA7E56F} 2011-04-04 19:38 . 2011-04-04 19:38 -------- d-----w- c:\users\Edward\AppData\Local\{476E36A3-BFE1-4111-9431-B4B19744146F} . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-25 11:19 . 2010-05-23 17:37 25640 ----a-w- c:\windows\gdrv.sys 2011-03-29 18:00 . 2010-11-07 11:15 92672 ----a-w- c:\windows\system32\ff_vfw.dll 2011-03-09 03:45 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-03-02 10:43 . 2010-11-07 11:15 203264 ----a-w- c:\windows\system32\unrar.dll 2011-02-17 09:59 . 2011-02-17 09:59 428416 ----a-w- c:\windows\SysWow64\RzMwApi.dll 2011-02-17 02:36 . 2010-11-14 08:25 1863680 ----a-w- c:\windows\system32\explorerframe.dll 2011-02-17 02:36 . 2010-11-14 08:25 1863168 ----a-w- c:\windows\system32\explorerframe.dll.bkpcpt 2011-02-17 02:36 . 2010-11-14 08:25 1863168 ----a-w- c:\windows\system32\explorerframe.dll.0.oldcpt 2011-02-02 19:40 . 2010-05-12 20:22 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll . . ------- Sigcheck ------- . [7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [-] 2010-05-12 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll . [-] 2010-05-12 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll [7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll . [-] 2010-02-25 . 70A251A967B4CC6F6F4D06F943D0A8FD . 2425344 . . [6.1.7600.16385] .. c:\windows\explorer.exe [7] 2009-10-31 . B8EC4BD49CE8F6FC457721BFC210B67F . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [7] 2009-10-31 . 9AAAEC8DAC27AA17B053E6352AD233AE . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [7] 2009-08-03 . 700073016DAC1C3D2E7E2CE4223334B6 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [7] 2009-08-03 . F170B4A061C9E026437B193B4D571799 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe [7] 2009-07-14 . C235A51CB740E45FFA0EBFB9BAFCDA64 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160] "MSIAfterburner"="c:\program files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe" [2010-02-01 44344] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288] . c:\users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ FastStone Capture.lnk - c:\program files (x86)\FastStone Capture\FSCapture.exe [2007-2-23 1115136] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" "VMware hqtray"="c:\program files (x86)\VMware\VMware Player\hqtray.exe" "MSIAfterburner"="c:\program files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe" /s "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "LGODDFU"="c:\program files (x86)\lg_fwupdate\fwupdate.exe" blrun . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime "JMB36X IDE Setup"=c:\windows\RaidTool\xInsIDE.exe "K3805"="c:\program files (x86)\Alchemy Elixir\control.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AppleSyncNotifier"=c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "Razer Naga Driver"=c:\program files (x86)\Razer\Naga\RazerNagaSysTray.exe "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2009-08-06 65536] R3 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] R3 AODDriver;AODDriver;c:\program files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [2009-02-22 14904] R3 AODDriver2;AODDriver2;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-04-23 52352] R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-08-30 15872] R3 etdrv;etdrv;c:\windows\etdrv.sys [2010-06-03 25640] R3 FLASHSYS;FLASHSYS;c:\program files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [2008-02-15 15192] R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2010-06-03 30528] R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [2011-04-12 311744] R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x] R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [2010-11-06 24176] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x] R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-26 354304] R4 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496] R4 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-04-23 136616] R4 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136] R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] R4 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-01-22 563760] S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [x] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x] S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x64.sys [x] S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x] S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2010-04-07 810120] S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-11-23 1974080] S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x] S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 P0620VID;Creative WebCam Instant;c:\windows\system32\DRIVERS\P0620Vid.sys [x] S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys [2010-02-01 14648] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [x] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856] S3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [x] . . Contenu du dossier 'Tâches planifiées' . 2011-05-01 c:\windows\Tasks\GlaryInitialize.job - c:\program files (x86)\Glary Utilities\initialize.exe [2010-05-16 16:24] . 2011-04-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-298173471-2318884327-37262993-1001Core.job - c:\users\Edward\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-12 19:39] . 2011-04-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-298173471-2318884327-37262993-1001UA.job - c:\users\Edward\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-12 19:39] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-04-07 2839840] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = https://mail.google....l/?shva=1#inbox mLocal Page = c:\windows\SysWOW64\blank.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - f:\progra~1\Office14\EXCEL.EXE/3000 IE: Liens de téléchargement avec Mega Manager... - c:\program files (x86)\Megaupload\Mega Manager\mm_file.htm IE: {{5DE316A0-7613-4D69-B647-D3C8B9E7026C} - c:\program files (x86)\FreshDevices\FreshDownload\fd.exe LSP: c:\program files (x86)\VMware\VMware Player\vsocklib.dll TCP: {9CD156DF-1EDB-4A87-ADBC-A744FDBF4502} = 192.168.1.1,8.8.4.4 . - - - - ORPHELINS SUPPRIMES - - - - . AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-World of Logs Client - c:\windows\system32\javaws.exe . . . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-298173471-2318884327-37262993-1001\Software\SecuROM\License information*] "datasecu"=hex:c6,fb,8b,0a,27,5c,e0,bf,19,04,85,06,5e,a1,ae,75,65,c1,bc,6e,a9, 1c,67,ad,40,9d,9f,02,e6,13,3c,e4,44,f8,ee,cd,ed,4a,84,c9,3c,6a,bd,2e,6f,20,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_10_2_161_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_10_2_161_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Heure de fin: 2011-05-01 19:30:11 ComboFix-quarantined-files.txt 2011-05-01 17:30 . Avant-CF: 17 951 784 960 octets libres Après-CF: 17 696 460 800 octets libres . - - End Of File - - 0DB5048D5DCF82E1C8CBB32474C8AE8F

Bonjour lance-yien et merci de t'occuper de moi. ---------------------------------------------------------------------------------------------- Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 6483 Windows 6.1.7600 Internet Explorer 9.0.8112.16421 01/05/2011 16:39:06 mbam-log-2011-05-01 (16-39-06).txt Type d'examen: Examen rapide Elément(s) analysé(s): 152322 Temps écoulé: 2 minute(s), 0 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\itunes.exe (Security.Hijack) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\Windows\System32\explorer.exe.bkpcpt (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. c:\Windows\SysWOW64\explorer.exe.bkpcpt (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. Results of screen317's Security Check version 0.99.7 Windows 7 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: MVPS Hosts File Malwarebytes' Anti-Malware TuneUp Utilities 2011 TuneUp Utilities Language Pack (fr-FR) Java™ 6 Update 24 Out of date Java installed! Adobe Flash Player 10.2.159.1 Adobe Reader X (10.0.1) - Français ```````````````````````````````` Process Check: objlist.exe by Laurent ``````````End of Log````````````

Bonjour, Merci beaucoup de l'aide fournie Tonton.

Bonjour, Suite à un message dans une autre partie du forum pour demander de l'aide sur des pics de consommation de la ram, Tonton57 m'a suggéré de faire un ZHPdiag, et à la vue des résultats m'a redirigé vers cette partie du forum. Mon sujet initial. Résultat du ZHPdiag. Pour résumer, la mémoire de mon pc est utilisée de façon aléatoire jusqu'à 95/96% de sa capacité alors que rien dans le gestionnaire de tâche ne le laisse présager. Aucun process n'appairait comme gourmand mais la mémoire occupé est bien de 95/96%. Le problème se résout de lui même au bout de quelques minutes ou si je tue le process explorer.exe et que je le relance. J'ai fait une analyse complète via Smart security ainsi qu'un coup de ccleaner et une recherche de malware via spybot mais tout semble normal. Tonton57 m'a orienté ici car mon ZHPdiag contient vraisemblablement des infections et fait ressortir quelques problèmes. Merci par avance de l'aide apporté. Cdlt.

Bonsoir Tonton, Merci d'avoir pris le temps de me répondre. J'ai bien suivi les étapes décrites dans ton message et je fais parvenir le fichier résultant de l'analyse. ZHPdiag Cdlt.

Bonjour, Depuis quelques jours et de façon aléatoire, l'utilisation mémoire de mon pc monte à 95/96% pendant quelques minutes sans crier gare puis redescend. J'ai cherché ce qui pouvait provoquer cette monté d'occupation de rame en ouvrant le gestionnaire de tâche lorsque le phénomène se manifeste mais rien de vraiment extraordinaire n'en ressort. J'entend par là qu'aucun process ne semble trop gourmand, enfin, pas de là à monopoliser 3 gigots. J'ai pris l'habitude de tuer "explorer.exe" quand ça arrive, apparement c'est lié à lui, bien que la plupart du temps il utilise une plage correcte de mémoire, mais j'aimerais bien ne plus avoir à le faire. J'ai fais une recherche mais rien de vraiment probant n'apparaît, on notifie souvent un problème presque identique mais sans y apporter de solution. J'ai fait un coup de ccleaner, de spybot et une recherche de virus approfondie via eset smart security mais rien n'en ressort, le pc semble propre. Je vous fais tout de même parvenir une capture d'écran. Merci par avance de l'aide qui pourrait m'être apporter et du temps que je vous vole. Cdlt.