Edwardounet

Bonjour, J'ai fait une mise à jour des drivers de ma carte graphique ce matin, j'ai ensuite relancé le PC et suis tombé sur le problème lié en pièce jointe. Je n'avais pas ce problème avant et le PC se lançait correctement sans passer par cet écran. Pour le reste, le PC fonctionne une fois F2 appuyé, juste cet écran au démarrage qui m'embête. Merci par avance pour votre aide. Cordialement.

Re, L'uac est activé et les maj auto aussi. Niveau antivirus/firewall, j'ai Eset Smart Security. En ce qui concerne le navigateur, j'utilise Chrome Sinon j'ai bien exécuté toutes les actions recommandées. Merci beaucoup pour le temps que tu m'as consacré.

Bonjour lance_yien, Oui je connais ces programmes, et je les utilises quotidiennement. Je vais les garder en démarrage automatique. Je n'ai toujours pas eu de problème avec la ram. Cdlt.

OTL logfile created on: 04/05/2011 10:49:35 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Edward\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 73,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 48,83 Gb Total Space | 16,70 Gb Free Space | 34,20% Space Free | Partition Type: NTFS Drive D: | 208,53 Gb Total Space | 45,86 Gb Free Space | 21,99% Space Free | Partition Type: NTFS Drive F: | 931,51 Gb Total Space | 769,50 Gb Free Space | 82,61% Space Free | Partition Type: NTFS Drive J: | 1863,01 Gb Total Space | 1051,47 Gb Free Space | 56,44% Space Free | Partition Type: NTFS Computer Name: EDWARD-PC | User Name: Edward | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/05/02 09:13:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.exe PRC - [2011/04/29 13:36:45 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011/03/27 22:11:04 | 007,642,112 | ---- | M] (FileZilla Project) -- C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe PRC - [2011/03/14 21:08:26 | 013,816,960 | ---- | M] (Winstep Software Technologies) -- C:\Program Files (x86)\Winstep\Nexus.exe PRC - [2011/02/11 18:26:22 | 000,377,344 | ---- | M] (Winstep Software Technologies) -- C:\Program Files (x86)\Winstep\WsxService.exe PRC - [2011/02/11 08:27:59 | 000,213,745 | ---- | M] () -- C:\Portable Program Files\Gridy\Gridy.exe PRC - [2010/04/07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2009/08/06 07:51:20 | 000,065,536 | R--- | M] () -- C:\Windows\SysWOW64\XSrvSetup.exe PRC - [2007/02/23 23:49:58 | 001,115,136 | ---- | M] () -- C:\Program Files (x86)\FastStone Capture\FSCapture.exe ========== Modules (SafeList) ========== MOD - [2011/05/02 09:13:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.exe MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011/01/27 00:55:36 | 000,203,776 | ---- | M] (AMD) [On_Demand | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011/01/26 19:01:28 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Disabled | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2010/11/23 17:21:12 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2010/06/17 06:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Disabled | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager) SRV:64bit: - [2010/04/07 21:10:42 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV:64bit: - [2010/04/07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011/04/29 13:36:45 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011/04/12 10:11:26 | 000,311,744 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files (x86)\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2011/02/11 18:26:22 | 000,377,344 | ---- | M] (Winstep Software Technologies) [Auto | Running] -- C:\Program Files (x86)\Winstep\WsxService.exe -- (Winstep Xtreme Service) SRV - [2010/11/23 17:24:50 | 001,974,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2010/11/23 17:21:02 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2010/04/23 05:39:00 | 000,136,616 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010/01/22 21:57:08 | 000,395,824 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2010/01/22 21:56:44 | 000,334,384 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2010/01/22 21:56:28 | 000,113,200 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService) SRV - [2010/01/22 21:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService) SRV - [2009/08/24 14:38:06 | 000,068,136 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service) SRV - [2009/08/06 07:51:20 | 000,065,536 | R--- | M] () [Auto | Running] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X) SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/01/27 01:37:20 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011/01/27 00:13:32 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011/01/13 04:17:30 | 000,122,624 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\zghsmdm.sys -- (zghsmdm) DRV:64bit: - [2010/12/29 03:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010/12/16 10:23:14 | 000,126,464 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse) DRV:64bit: - [2010/12/10 14:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010/12/10 14:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010/11/23 16:38:53 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2010/11/23 16:38:52 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2010/11/06 23:24:34 | 000,024,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter) DRV:64bit: - [2010/10/18 07:24:46 | 000,038,424 | ---- | M] (Google Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb) DRV:64bit: - [2010/05/17 08:35:12 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2010/05/09 23:29:02 | 000,145,936 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010/04/07 21:08:30 | 000,050,600 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:64bit: - [2010/04/07 21:08:28 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis) DRV:64bit: - [2010/04/07 21:08:26 | 000,169,592 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:64bit: - [2010/04/07 21:07:10 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:64bit: - [2010/04/07 21:03:52 | 000,163,888 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:64bit: - [2010/03/30 23:35:04 | 000,020,968 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz133_x64.sys -- (cpuz133) DRV:64bit: - [2010/03/09 12:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2010/01/22 21:58:22 | 000,068,656 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:64bit: - [2010/01/22 21:58:20 | 000,029,744 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd) DRV:64bit: - [2010/01/22 21:58:16 | 000,080,944 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:64bit: - [2010/01/22 21:58:16 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:64bit: - [2010/01/22 21:00:44 | 000,038,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:64bit: - [2010/01/22 17:12:58 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:64bit: - [2009/12/18 00:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2009/11/06 07:42:06 | 000,293,416 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx) DRV:64bit: - [2009/10/07 13:26:24 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009/08/09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:64bit: - [2009/07/17 20:52:00 | 000,201,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/05/05 04:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2009/04/28 03:03:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009/04/28 03:03:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2005/08/15 10:02:18 | 000,126,848 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P0620Vid.sys -- (P0620VID) DRV - [2011/04/25 13:19:02 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2010/10/07 12:34:32 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2010/08/30 12:19:54 | 000,015,872 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64) DRV - [2010/06/04 00:51:00 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv) DRV - [2010/06/04 00:50:44 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2010/04/23 05:38:48 | 000,052,352 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver2) DRV - [2010/02/01 04:27:24 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64) DRV - [2009/02/23 00:21:54 | 000,014,904 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys -- (AODDriver) DRV - [2008/02/15 16:30:48 | 000,015,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 4\LU4\Flashsys64.sys -- (FLASHSYS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mail.google.com/mail/?shva=1#inbox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 42 D3 B3 E6 D7 B6 CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/05/12 22:18:47 | 000,000,000 | ---D | M] [2010/05/19 20:15:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edward\AppData\Roaming\mozilla\Extensions [2011/03/16 00:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edward\AppData\Roaming\mozilla\Firefox\Profiles\v12zbrtz.default\extensions File not found (No name found) -- [2011/01/10 12:00:24 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX 4.0 BETA 7\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/03/28 11:58:43 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX 4.0 BETA 7\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} () (No name found) -- C:\USERS\EDWARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V12ZBRTZ.DEFAULT\EXTENSIONS\{40A1F5D7-AFC2-498F-B264-02668D616FF6}.XPI () (No name found) -- C:\USERS\EDWARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V12ZBRTZ.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI O1 HOSTS File: ([2011/05/02 11:01:41 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKCU..\Run: [Nexus] C:\Program Files (x86)\Winstep\Nexus.exe (Winstep Software Technologies) O4 - Startup: C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk = C:\Program Files (x86)\FastStone Capture\FSCapture.exe () O4 - Startup: C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gridy.lnk = C:\Portable Program Files\Gridy\Gridy.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25) O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://service.futuremark.com/virtualmark/tc/FMSI.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab (Reg Error: Key error.) O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O27:64bit: - HKLM IFEO\acrord32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\steam.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software) O27:64bit: - HKLM IFEO\switchboard.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\acrord32.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" (TuneUp Software) O27 - HKLM IFEO\steam.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" (TuneUp Software) O27 - HKLM IFEO\switchboard.exe: Debugger - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe" (TuneUp Software) O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/05/04 07:17:13 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{0D6F0B07-497C-4287-AC9D-6F0926ABAD2C} [2011/05/03 19:16:50 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{F4046E5C-A022-4D84-A004-002D0126E22C} [2011/05/03 15:57:06 | 000,000,000 | ---D | C] -- C:\Portable Program Files [2011/05/03 15:57:06 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gridy [2011/05/03 12:11:45 | 000,000,000 | ---D | C] -- C:\Windows\temp [2011/05/03 10:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winstep [2011/05/03 10:05:56 | 001,347,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvbvm50.dll [2011/05/03 10:05:56 | 000,798,208 | ---- | C] (Winstep Software Technologies) -- C:\Windows\SysWow64\NextControls.ocx [2011/05/03 10:05:56 | 000,608,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comctl32.ocx [2011/05/03 10:05:56 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Winstep [2011/05/03 10:05:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winstep [2011/05/03 09:18:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\W7NBC [2011/05/03 08:52:25 | 000,000,000 | ---D | C] -- C:\Users\Edward\Desktop\26326-ToYcon [2011/05/03 07:49:11 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.backup.exe [2011/05/03 07:39:11 | 000,000,000 | ---D | C] -- C:\Windows\W7SOC [2011/05/03 07:29:15 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\replacer [2011/05/03 07:16:16 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{9C882DE8-C686-4B2B-A1A8-96464B48D64E} [2011/05/02 18:08:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2011/05/02 17:48:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{4A9C9FA3-325E-42E3-8C30-911972349F72} [2011/05/02 15:33:02 | 000,521,448 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll [2011/05/02 15:33:02 | 000,189,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe [2011/05/02 15:33:02 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe [2011/05/02 15:33:02 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe [2011/05/02 15:32:57 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2011/05/02 15:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011/05/02 15:32:20 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011/05/02 15:32:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011/05/02 15:32:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011/05/02 13:42:01 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\RadeonPro Benchmarks [2011/05/02 11:07:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2011/05/02 11:01:22 | 000,000,000 | ---D | C] -- C:\_OTL [2011/05/02 09:13:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.exe [2011/05/02 07:49:43 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011/05/02 05:48:09 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{44F78535-FC07-4112-AC61-D3DF67C1620D} [2011/05/01 19:11:39 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011/05/01 19:11:39 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011/05/01 19:11:39 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011/05/01 19:11:34 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011/05/01 19:11:18 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/05/01 17:47:33 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{48B43689-8499-457C-853A-91549C64F6DC} [2011/05/01 16:35:18 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Malwarebytes [2011/05/01 16:35:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011/05/01 16:35:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/05/01 16:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/05/01 16:35:09 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011/05/01 16:35:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/05/01 05:46:57 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{B4079414-E88B-495D-BF56-C9615E3FF241} [2011/04/30 08:58:18 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\Criterion Games [2011/04/29 14:12:00 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\My Cheat Tables [2011/04/29 13:37:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft [2011/04/29 13:36:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\PunkBuster [2011/04/29 03:43:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag [2011/04/28 12:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com [2011/04/28 12:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ma-config.com [2011/04/28 12:04:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ma-config.com [2011/04/28 09:54:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aero Tuner [2011/04/27 17:34:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\mkvtoolnix [2011/04/27 17:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVtoolnix [2011/04/27 17:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MKVtoolnix [2011/04/27 16:03:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirtualDubMOD [2011/04/27 16:03:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDubMOD [2011/04/27 14:56:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\FastStone [2011/04/27 14:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture [2011/04/27 14:56:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FastStone Capture [2011/04/27 14:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter [2011/04/27 03:38:20 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Front Mission Evolved [2011/04/26 14:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2011/04/26 14:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011/04/26 14:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011/04/26 05:44:03 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2011/04/26 05:44:02 | 000,036,160 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2011/04/26 05:44:02 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2011/04/26 05:44:02 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2011/04/26 05:44:02 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2011/04/26 05:44:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011 [2011/04/26 05:43:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2011 [2011/04/26 05:43:30 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} [2011/04/26 05:27:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Martau [2011/04/26 05:27:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Total Uninstall 5 [2011/04/26 04:21:27 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{F1AC0983-DF4C-4301-BD1D-AA56D55C5568} [2011/04/25 15:50:06 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{4A1E87C6-434A-4FDB-9C69-60BE832D50CB} [2011/04/25 00:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2011/04/25 00:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2011/04/25 00:53:55 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Criterion Games [2011/04/25 00:43:22 | 000,412,776 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2011/04/23 06:24:34 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations [2011/04/22 19:26:40 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Prototype [2011/04/22 00:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 5.5 [2011/04/22 00:15:21 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\SysWow64\D3DX81ab.dll [2011/04/22 00:15:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine [2011/04/21 21:41:53 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\CAPCOM [2011/04/21 21:39:36 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\CAPCOM [2011/04/21 20:46:22 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\SHIFT 2 UNLEASHED [2011/04/21 19:37:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2011/04/21 10:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories [2011/04/21 08:49:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Talk [2011/04/21 08:49:27 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk [2011/04/19 12:16:36 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Games for Windows - LIVE Demos [2011/04/18 13:32:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Rockstar Games [2011/04/18 13:28:56 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\Rockstar Games [2011/04/17 19:47:49 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\GTA3 User Files [2011/04/17 19:27:49 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\GTA Vice City User Files [2011/04/16 14:15:34 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{0790F134-1B6D-4244-8BA8-0E548E90EDCA} [2011/04/16 02:15:12 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{8EE75337-B10C-4D5B-8DA4-F61DDCC2F076} [2011/04/15 14:14:51 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{1F5F1E81-5B06-4763-911B-A2CC1E6EAF2C} [2011/04/15 08:38:06 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Google [2011/04/15 02:14:30 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{E533CB43-CA93-487C-81A9-9376A935411E} [2011/04/14 21:27:33 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake [2011/04/14 17:48:41 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Transmission Remote [2011/04/14 17:48:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission Remote [2011/04/14 17:48:41 | 000,000,000 | ---D | C] -- C:\Program Files\Transmission Remote [2011/04/14 14:13:49 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{CF197E79-8B4A-45FE-B979-552198BF8E52} [2011/04/14 02:13:21 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{2B02EDD7-4744-41BE-9B73-723C53F999F2} [2011/04/14 00:40:10 | 004,284,416 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr [2011/04/13 22:46:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aura [2011/04/13 16:18:01 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\vlc [2011/04/13 16:17:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011/04/13 13:35:28 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2011/04/13 13:35:28 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2011/04/13 13:35:28 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2011/04/13 13:35:28 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011/04/13 13:35:28 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011/04/13 13:35:28 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2011/04/13 13:35:28 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011/04/13 13:35:28 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll [2011/04/13 13:35:28 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011/04/13 13:35:28 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2011/04/13 13:35:28 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll [2011/04/13 13:35:28 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2011/04/13 13:35:28 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2011/04/13 13:35:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/04/13 13:35:28 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2011/04/13 13:35:28 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2011/04/13 13:35:28 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll [2011/04/13 13:35:28 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2011/04/13 13:35:28 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2011/04/13 13:35:28 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2011/04/13 13:35:28 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2011/04/13 13:35:28 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2011/04/13 13:35:28 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011/04/13 13:35:28 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2011/04/13 13:35:28 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2011/04/13 13:35:28 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2011/04/13 13:35:28 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2011/04/13 13:35:28 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2011/04/13 13:35:28 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2011/04/13 13:35:28 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2011/04/13 13:35:28 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2011/04/13 13:35:28 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2011/04/13 13:35:28 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/04/13 13:35:28 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2011/04/13 13:35:28 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2011/04/13 13:35:28 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2011/04/13 13:35:28 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2011/04/13 13:35:28 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll [2011/04/13 13:35:28 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2011/04/13 13:35:28 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011/04/13 13:35:28 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011/04/13 13:35:27 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2011/04/13 13:35:27 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011/04/13 13:35:27 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2011/04/13 13:35:27 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011/04/13 13:35:27 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011/04/13 13:35:27 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011/04/13 13:35:27 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2011/04/13 13:35:27 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2011/04/13 13:35:27 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011/04/13 13:35:27 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2011/04/13 13:35:27 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2011/04/13 13:35:27 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/04/13 13:35:27 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011/04/13 13:35:27 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2011/04/13 13:35:27 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2011/04/13 13:35:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2011/04/13 13:35:27 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2011/04/13 13:35:27 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2011/04/13 13:35:27 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2011/04/13 13:35:27 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011/04/13 13:35:27 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2011/04/13 13:35:27 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2011/04/13 13:35:27 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2011/04/13 13:35:27 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2011/04/13 13:35:27 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/04/13 13:35:27 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2011/04/13 13:35:27 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2011/04/13 13:35:27 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2011/04/13 13:35:27 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2011/04/13 13:35:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2011/04/13 13:35:27 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2011/04/13 13:35:27 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2011/04/13 13:35:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2011/04/13 13:35:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2011/04/13 13:35:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011/04/13 13:35:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2011/04/13 13:35:27 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011/04/13 09:44:05 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{48C1F504-3CD8-4A17-8AC4-1DF7B2FC3C76} [2011/04/13 06:13:12 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2011/04/13 06:13:12 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2011/04/13 06:13:12 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2011/04/13 06:13:12 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2011/04/13 06:13:02 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011/04/13 06:13:02 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011/04/13 06:13:02 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011/04/13 06:13:02 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011/04/13 06:13:00 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2011/04/13 06:13:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2011/04/13 06:13:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2011/04/13 06:12:56 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2011/04/13 06:12:56 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2011/04/13 06:12:56 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2011/04/13 06:12:56 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2011/04/13 06:12:56 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2011/04/13 06:12:56 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2011/04/13 06:12:56 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2011/04/13 06:12:56 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2011/04/12 21:43:33 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{42961CEB-E159-4114-8247-E77E6F2C9D60} [2011/04/12 09:43:11 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{A1BCA28A-8955-4A95-8CE9-506DF5B9C79A} [2011/04/11 21:42:49 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{5EFBB873-73EF-4D9E-A911-79651780C8BF} [2011/04/11 20:44:07 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\.minecraft [2011/04/11 13:06:46 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\RIFT [2011/04/11 13:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIFT [2011/04/11 09:42:25 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{D2690FE8-C4CA-4F45-910E-D3FEBCC5D3E2} [2011/04/10 21:41:53 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{506E6767-4A76-4BAB-BF5F-D1F6FA702504} [2011/04/10 09:41:18 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{BD0A9067-0151-4766-84AD-CB3B43EAEB6C} [2011/04/09 21:40:55 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{05E55B70-E11A-486E-9E4F-618A50489BE5} [2011/04/09 09:40:34 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{A53CBD7F-E1B2-4CE6-B3CD-06C3BD337672} [2011/04/08 21:40:02 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{0A8E679F-4212-4119-A6A6-225FBC872BFC} [2011/04/08 09:39:26 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{F2B98D48-6A50-4222-A436-BF3DB9FD5D37} [2011/04/07 21:39:05 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{03A39ACE-1C7B-44C3-99DD-448BCD24B815} [2011/04/07 09:38:43 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{337F9800-9614-48CB-BE1D-C1AAE1E823BA} [2011/04/07 02:19:18 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Audacity [2011/04/07 02:19:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity 1.3 Beta [2011/04/06 21:38:22 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{6E2BFB79-109B-4414-8FE4-DDF45DEEC754} [2011/04/06 09:39:27 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{21511F99-4D3C-4B5A-8051-0C02B092FEF5} [2011/04/05 21:39:05 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{ADAC6C94-632D-4F73-9C86-AEB6B8BF5655} [2011/04/05 09:38:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{B0D6435D-212E-4BFA-A6DA-8427DAA7E56F} [2011/04/04 21:38:22 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{476E36A3-BFE1-4111-9431-B4B19744146F} ========== Files - Modified Within 30 Days ========== [2011/05/04 08:44:31 | 000,002,534 | ---- | M] () -- C:\Users\Edward\Desktop\ruTorrent v3.lnk [2011/05/03 16:22:48 | 001,657,292 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/05/03 16:22:48 | 000,743,526 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/05/03 16:22:48 | 000,650,638 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/05/03 16:22:48 | 000,147,862 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/05/03 16:22:48 | 000,120,294 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/05/03 16:18:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/05/03 16:17:25 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/05/03 16:17:25 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/05/03 15:57:06 | 000,000,834 | ---- | M] () -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gridy.lnk [2011/05/03 15:23:07 | 000,001,456 | ---- | M] () -- C:\Users\Edward\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2011/05/03 14:19:51 | 000,002,631 | ---- | M] () -- C:\Users\Edward\Desktop\Gmail.lnk [2011/05/03 12:35:31 | 004,894,104 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/05/03 10:05:59 | 000,001,049 | ---- | M] () -- C:\Users\Edward\Documents\Winstep.lnk [2011/05/03 10:05:59 | 000,000,982 | ---- | M] () -- C:\Users\Edward\Desktop\Nexus.lnk [2011/05/03 08:51:57 | 000,254,618 | ---- | M] () -- C:\Users\Edward\Desktop\26326-ToYcon.zip [2011/05/03 07:46:30 | 000,925,184 | ---- | M] () -- C:\Windows\expstart.exe [2011/05/02 15:32:58 | 000,521,448 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll [2011/05/02 15:32:58 | 000,189,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe [2011/05/02 15:32:58 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe [2011/05/02 15:32:58 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe [2011/05/02 15:32:14 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011/05/02 15:32:14 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011/05/02 15:32:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011/05/02 15:32:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011/05/02 11:01:41 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts [2011/05/02 09:16:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/05/02 09:13:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.exe [2011/05/01 19:10:16 | 004,334,469 | R--- | M] () -- C:\Users\Edward\Desktop\ComboFix.exe [2011/05/01 19:03:51 | 000,050,477 | ---- | M] () -- C:\Users\Edward\Desktop\Defogger.exe [2011/05/01 16:35:34 | 000,879,028 | ---- | M] () -- C:\Users\Edward\Desktop\SecurityCheck.exe [2011/05/01 16:35:13 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/04/29 13:36:45 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/04/29 03:45:12 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2011/04/27 14:58:20 | 000,001,168 | ---- | M] () -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk [2011/04/26 21:07:07 | 000,020,602 | ---- | M] () -- C:\Users\Edward\Documents\FF7.aimppl [2011/04/26 14:38:09 | 000,001,278 | ---- | M] () -- C:\Users\Edward\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011/04/26 09:57:34 | 000,173,052 | ---- | M] () -- C:\Users\Edward\Documents\cc_20110426_095725.reg [2011/04/26 07:36:05 | 000,021,598 | ---- | M] () -- C:\Windows\SysNative\oemlogo.bmp [2011/04/25 13:19:02 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\Windows\gdrv.sys [2011/04/21 09:54:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2011/04/16 07:29:26 | 001,634,222 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/04/14 00:40:10 | 004,284,416 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr [2011/04/13 13:49:34 | 000,001,449 | ---- | M] () -- C:\Users\Edward\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011/04/13 13:35:28 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2011/04/13 13:35:28 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2011/04/13 13:35:28 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2011/04/13 13:35:28 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011/04/13 13:35:28 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011/04/13 13:35:28 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2011/04/13 13:35:28 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011/04/13 13:35:28 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll [2011/04/13 13:35:28 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011/04/13 13:35:28 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2011/04/13 13:35:28 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll [2011/04/13 13:35:28 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2011/04/13 13:35:28 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2011/04/13 13:35:28 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/04/13 13:35:28 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2011/04/13 13:35:28 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2011/04/13 13:35:28 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll [2011/04/13 13:35:28 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2011/04/13 13:35:28 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2011/04/13 13:35:28 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2011/04/13 13:35:28 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2011/04/13 13:35:28 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2011/04/13 13:35:28 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011/04/13 13:35:28 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2011/04/13 13:35:28 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2011/04/13 13:35:28 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2011/04/13 13:35:28 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2011/04/13 13:35:28 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2011/04/13 13:35:28 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2011/04/13 13:35:28 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2011/04/13 13:35:28 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2011/04/13 13:35:28 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2011/04/13 13:35:28 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/04/13 13:35:28 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2011/04/13 13:35:28 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2011/04/13 13:35:28 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2011/04/13 13:35:28 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2011/04/13 13:35:28 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll [2011/04/13 13:35:28 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2011/04/13 13:35:28 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011/04/13 13:35:28 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011/04/13 13:35:27 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2011/04/13 13:35:27 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011/04/13 13:35:27 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2011/04/13 13:35:27 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011/04/13 13:35:27 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011/04/13 13:35:27 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011/04/13 13:35:27 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2011/04/13 13:35:27 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2011/04/13 13:35:27 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011/04/13 13:35:27 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2011/04/13 13:35:27 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2011/04/13 13:35:27 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/04/13 13:35:27 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011/04/13 13:35:27 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2011/04/13 13:35:27 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2011/04/13 13:35:27 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2011/04/13 13:35:27 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2011/04/13 13:35:27 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2011/04/13 13:35:27 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2011/04/13 13:35:27 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011/04/13 13:35:27 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2011/04/13 13:35:27 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2011/04/13 13:35:27 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2011/04/13 13:35:27 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2011/04/13 13:35:27 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/04/13 13:35:27 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2011/04/13 13:35:27 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2011/04/13 13:35:27 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2011/04/13 13:35:27 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2011/04/13 13:35:27 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2011/04/13 13:35:27 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2011/04/13 13:35:27 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2011/04/13 13:35:27 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2011/04/13 13:35:27 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2011/04/13 13:35:27 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011/04/13 13:35:27 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2011/04/13 13:35:27 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011/04/12 17:53:04 | 001,866,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.del.dll [2011/04/12 17:53:04 | 001,865,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll ========== Files Created - No Company Name ========== [2011/05/03 15:57:06 | 000,000,834 | ---- | C] () -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gridy.lnk [2011/05/03 13:45:45 | 000,002,534 | ---- | C] () -- C:\Users\Edward\Desktop\ruTorrent v3.lnk [2011/05/03 13:44:54 | 000,002,631 | ---- | C] () -- C:\Users\Edward\Desktop\Gmail.lnk [2011/05/03 10:05:59 | 000,001,049 | ---- | C] () -- C:\Users\Edward\Documents\Winstep.lnk [2011/05/03 10:05:59 | 000,000,982 | ---- | C] () -- C:\Users\Edward\Desktop\Nexus.lnk [2011/05/03 08:51:56 | 000,254,618 | ---- | C] () -- C:\Users\Edward\Desktop\26326-ToYcon.zip [2011/05/03 07:39:29 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe [2011/05/02 09:16:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/05/01 19:11:39 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2011/05/01 19:11:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011/05/01 19:11:39 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2011/05/01 19:11:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011/05/01 19:11:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011/05/01 19:08:12 | 004,334,469 | R--- | C] () -- C:\Users\Edward\Desktop\ComboFix.exe [2011/05/01 19:03:52 | 000,050,477 | ---- | C] () -- C:\Users\Edward\Desktop\Defogger.exe [2011/05/01 16:35:34 | 000,879,028 | ---- | C] () -- C:\Users\Edward\Desktop\SecurityCheck.exe [2011/05/01 16:35:13 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/04/30 16:25:21 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011/04/29 13:36:45 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/04/27 14:58:20 | 000,001,168 | ---- | C] () -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk [2011/04/26 21:07:07 | 000,020,602 | ---- | C] () -- C:\Users\Edward\Documents\FF7.aimppl [2011/04/26 14:38:09 | 000,001,278 | ---- | C] () -- C:\Users\Edward\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011/04/26 09:57:28 | 000,173,052 | ---- | C] () -- C:\Users\Edward\Documents\cc_20110426_095725.reg [2011/04/26 07:36:05 | 000,021,598 | ---- | C] () -- C:\Windows\SysNative\oemlogo.bmp [2011/04/26 05:44:01 | 000,002,197 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk [2011/04/26 05:27:31 | 000,001,042 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Uninstall 5.lnk [2011/04/25 00:43:22 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2011/04/22 00:15:21 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll [2011/04/21 09:54:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2011/04/07 02:19:15 | 000,001,000 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta.lnk [2011/03/16 15:53:15 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL [2010/12/21 04:27:20 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010/10/27 16:07:54 | 000,000,132 | ---- | C] () -- C:\Users\Edward\AppData\Roaming\Adobe Targa Format CS5 Prefs [2010/10/14 02:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010/05/28 15:32:44 | 000,003,235 | ---- | C] () -- C:\Users\Edward\AppData\Local\Temp11.html [2010/05/22 19:56:53 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys [2010/05/18 11:44:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/05/17 22:58:14 | 000,000,315 | ---- | C] () -- C:\Windows\game.ini [2010/05/16 23:25:43 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI [2010/05/16 22:11:15 | 000,001,456 | ---- | C] () -- C:\Users\Edward\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2010/05/15 11:27:41 | 000,005,925 | ---- | C] () -- C:\Users\Edward\AppData\Local\Temp14.html [2010/05/14 21:53:40 | 000,065,536 | R--- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe [2010/05/14 21:47:18 | 000,005,977 | ---- | C] () -- C:\Users\Edward\AppData\Local\Temp25.html [2010/05/14 21:04:38 | 000,000,778 | ---- | C] () -- C:\Users\Edward\AppData\Local\Temp1.html [2010/05/14 18:33:37 | 001,634,222 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/05/13 14:04:01 | 000,000,306 | ---- | C] () -- C:\Windows\lgfwup.ini [2010/05/13 00:08:05 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010/05/13 00:08:04 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010/05/13 00:07:56 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010/05/13 00:07:56 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010/05/13 00:07:52 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010/05/12 23:38:31 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2010/05/12 22:33:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009/08/27 09:04:12 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe [2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2002/09/18 01:45:00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe < End of report >

Bonjour, J'ai lancé Combofix en glissant le fichier texte dessus, il a fait ce qu'il avait à faire sans redémarrer automatiquement, je l'ai alors fait manuellement. A la connexion de mon compte, il y a eu deux fenêtres m'indiquant que des programmes n'avaient pas pu démarrer, FScapture.exe et un autre dont j'ai oublié le nom. Il y avait aussi quelques "bugs" comme l'impossibilité d'afficher les propriétés système en faisait clique droit sur Ordinateur etc... J'ai donc relancé une restauration du système. Quoiqu'il en soit depuis hier après la restauration, je n'ai pas noté de pic dans l'utilisation de la mémoire. Par contre, même si je pense que ça n'a rien à voir, j'ai noté une baisse de mon débit internet après l'utilisation de combofix. La capacité de ma ligne étant d'environ 650Ko/s, elle est passé à ~510Ko/s. De même que les téléchargements en provenance de deviantart sont de l'ordre de 30Ko/s alors que quelques minutes avant ils étaient proche de la capacité maximum de la ligne. Voici tout de même le log. ComboFix 11-04-30.06 - Edward 03/05/2011 12:07:16.2.4 - x64 Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.4094.2969 [GMT 2:00] Lancé depuis: c:\users\Edward\Desktop\ComboFix.exe Commutateurs utilisés :: c:\users\Edward\Desktop\CFScript.txt AV: ESET Smart Security 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} FW: Pare-feu personnel d'ESET *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE} SP: ESET Smart Security 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\macromed\Flash\Flash10k.ocx c:\windows\system32\macromed\Flash\Flash10l.ocx c:\windows\system32\macromed\Flash\FlashInstall.log c:\windows\system32\macromed\Flash\flashplayer.xpt c:\windows\system32\macromed\Flash\FlashPlayerTrust\AdobeXMPFileInfoCS5.cfg c:\windows\system32\macromed\Flash\FlashUtil10l_ActiveX.dll c:\windows\system32\macromed\Flash\FlashUtil10l_ActiveX.exe c:\windows\system32\macromed\Flash\FlashUtil10p_Plugin.exe c:\windows\system32\macromed\Flash\NPSWF32.dll . ---- Exécution préalable ------- . c:\windows\system32\macromed\Flash\Flash10k.ocx c:\windows\system32\macromed\Flash\Flash10l.ocx c:\windows\system32\macromed\Flash\FlashInstall.log c:\windows\system32\macromed\Flash\flashplayer.xpt c:\windows\system32\macromed\Flash\FlashPlayerTrust\AdobeXMPFileInfoCS5.cfg c:\windows\system32\macromed\Flash\FlashUtil10l_ActiveX.dll c:\windows\system32\macromed\Flash\FlashUtil10l_ActiveX.exe c:\windows\system32\macromed\Flash\FlashUtil10p_Plugin.exe c:\windows\system32\macromed\Flash\NPSWF32.dll . . --------------- FCopy --------------- . c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll --> c:\windows\system32\user32.dll c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll --> c:\windows\SysWOW64\user32.dll c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe --> c:\windows\explorer.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_AMDKMDAG -------\Legacy_CPUZ133 -------\Legacy_EAMONM -------\Legacy_EHDRV -------\Legacy_EPFWWFP -------\Legacy_MV91XX -------\Legacy_VMCI -------\Service_amdiox64 -------\Service_amdkmdag -------\Service_amdkmdap -------\Service_androidusb -------\Service_cpuz133 -------\Service_eamonm -------\Service_ehdrv -------\Service_epfwwfp -------\Service_mv91xx -------\Service_nusb3hub -------\Service_nusb3xhc -------\Service_P0620VID -------\Service_RTL8167 -------\Service_RzSynapse -------\Service_USBAAPL64 -------\Service_VBoxNetAdp -------\Service_VBoxNetFlt -------\Service_vmci -------\Service_WatAdminSvc -------\Service_zghsmdm . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-04-03 au 2011-05-03 )))))))))))))))))))))))))))))))))))) . . 2011-05-03 10:10 . 2011-05-03 10:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-05-03 08:05 . 2011-05-03 08:05 -------- d-----w- c:\program files (x86)\Winstep 2011-05-03 08:05 . 2008-02-05 12:36 798208 ----a-w- c:\windows\SysWow64\NextControls.ocx 2011-05-03 08:05 . 2000-05-22 14:58 608448 ----a-w- c:\windows\SysWow64\comctl32.ocx 2011-05-03 08:05 . 1997-07-19 13:55 1347344 ----a-w- c:\windows\SysWow64\msvbvm50.dll 2011-05-03 07:18 . 2011-05-03 07:21 -------- d-----w- c:\windows\system32\W7NBC 2011-05-03 05:49 . 2010-02-25 20:12 2870272 ----a-w- c:\windows\explorer.backup.exe 2011-05-03 05:39 . 2011-05-03 05:46 925184 ----a-w- c:\windows\expstart.exe 2011-05-03 05:39 . 2011-05-03 06:03 -------- d-----w- c:\windows\W7SOC 2011-05-03 05:29 . 2011-05-03 05:29 -------- d-----w- c:\users\Edward\AppData\Roaming\replacer 2011-05-03 05:16 . 2011-05-03 05:16 -------- d-----w- c:\users\Edward\AppData\Local\{9C882DE8-C686-4B2B-A1A8-96464B48D64E} 2011-05-03 00:27 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{85DACA78-BF58-4AF1-A57C-BEC33BDAC560}\mpengine.dll 2011-05-02 15:48 . 2011-05-02 15:48 -------- d-----w- c:\users\Edward\AppData\Local\{4A9C9FA3-325E-42E3-8C30-911972349F72} 2011-05-02 13:33 . 2011-05-02 13:32 521448 ----a-w- c:\windows\system32\deployJava1.dll 2011-05-02 13:32 . 2011-05-02 13:32 -------- d-----w- c:\program files\Java 2011-05-02 13:32 . 2011-05-02 13:32 -------- d-----w- c:\program files (x86)\Common Files\Java 2011-05-02 11:39 . 2011-05-02 13:30 -------- d-----w- c:\program files (x86)\RadeonPro 2011-05-02 09:07 . 2011-05-02 16:36 -------- d-----w- c:\program files (x86)\ESET 2011-05-02 09:01 . 2011-05-02 09:01 -------- d-----w- C:\_OTL 2011-05-02 07:16 . 2011-05-02 07:16 512 ----a-w- C:\PhysicalMBR.bin 2011-05-02 03:48 . 2011-05-02 03:48 -------- d-----w- c:\users\Edward\AppData\Local\{44F78535-FC07-4112-AC61-D3DF67C1620D} 2011-05-01 15:47 . 2011-05-01 15:47 -------- d-----w- c:\users\Edward\AppData\Local\{48B43689-8499-457C-853A-91549C64F6DC} 2011-05-01 14:35 . 2011-05-01 14:35 -------- d-----w- c:\users\Edward\AppData\Roaming\Malwarebytes 2011-05-01 14:35 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-05-01 14:35 . 2011-05-01 14:35 -------- d-----w- c:\programdata\Malwarebytes 2011-05-01 14:35 . 2011-05-01 14:35 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-05-01 14:35 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-01 03:46 . 2011-05-01 03:47 -------- d-----w- c:\users\Edward\AppData\Local\{B4079414-E88B-495D-BF56-C9615E3FF241} 2011-04-30 06:58 . 2011-04-30 06:58 -------- d-----w- c:\users\Edward\AppData\Local\Criterion Games 2011-04-29 11:37 . 2011-04-29 11:37 -------- d-----w- c:\programdata\Ubisoft 2011-04-29 11:36 . 2011-04-29 11:36 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2011-04-29 11:36 . 2011-04-29 11:36 -------- d-----w- c:\users\Edward\AppData\Roaming\PunkBuster 2011-04-29 01:43 . 2011-04-29 01:45 -------- d-----w- c:\program files (x86)\ZHPDiag 2011-04-28 10:04 . 2011-04-28 10:04 -------- d-----w- c:\program files (x86)\ma-config.com 2011-04-28 10:04 . 2011-04-28 10:04 -------- d-----w- c:\programdata\ma-config.com 2011-04-28 07:54 . 2011-04-28 07:54 -------- d-----w- c:\program files (x86)\Aero Tuner 2011-04-27 15:34 . 2011-04-27 15:34 -------- d-----w- c:\users\Edward\AppData\Roaming\mkvtoolnix 2011-04-27 15:34 . 2011-04-27 15:34 -------- d-----w- c:\program files (x86)\MKVtoolnix 2011-04-27 14:03 . 2011-04-27 14:03 -------- d-----w- c:\program files (x86)\VirtualDubMOD 2011-04-27 12:56 . 2011-04-27 12:56 -------- d-----w- c:\users\Edward\AppData\Roaming\FastStone 2011-04-27 12:56 . 2011-04-27 12:56 -------- d-----w- c:\program files (x86)\FastStone Capture 2011-04-27 12:28 . 2011-04-28 07:53 -------- d-----w- c:\program files\Rainmeter 2011-04-26 12:33 . 2011-04-26 12:42 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2011-04-26 12:33 . 2011-04-26 12:39 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-04-26 03:44 . 2010-11-23 15:25 34624 ----a-w- c:\windows\system32\TURegOpt.exe 2011-04-26 03:44 . 2010-11-23 15:21 25920 ----a-w- c:\windows\system32\authuitu.dll 2011-04-26 03:44 . 2010-11-23 15:21 21312 ----a-w- c:\windows\SysWow64\authuitu.dll 2011-04-26 03:44 . 2010-11-23 15:21 36160 ----a-w- c:\windows\system32\uxtuneup.dll 2011-04-26 03:44 . 2010-11-23 15:21 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll 2011-04-26 03:43 . 2011-04-26 03:44 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2011 2011-04-26 03:43 . 2011-04-26 03:43 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} 2011-04-26 03:27 . 2011-04-26 03:27 -------- d-----w- c:\programdata\Martau 2011-04-26 03:27 . 2011-04-26 03:27 -------- d-----w- c:\program files (x86)\Total Uninstall 5 2011-04-26 02:21 . 2011-04-26 02:21 -------- d-----w- c:\users\Edward\AppData\Local\{F1AC0983-DF4C-4301-BD1D-AA56D55C5568} 2011-04-25 13:50 . 2011-04-25 13:50 -------- d-----w- c:\users\Edward\AppData\Local\{4A1E87C6-434A-4FDB-9C69-60BE832D50CB} 2011-04-24 22:54 . 2011-04-24 22:54 -------- d-----w- c:\programdata\Electronic Arts 2011-04-24 22:54 . 2011-04-24 22:54 -------- d-----w- c:\programdata\EA Core 2011-04-24 22:43 . 2010-12-29 01:45 74272 ----a-w- c:\windows\system32\RtNicProp64.dll 2011-04-24 22:43 . 2010-12-29 01:45 412776 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2011-04-23 04:24 . 2011-04-26 03:21 -------- d-----w- c:\program files\BOINC 2011-04-23 04:24 . 2011-04-26 02:21 -------- d-----w- c:\programdata\BOINC 2011-04-23 04:24 . 2011-04-23 04:24 -------- d-----w- c:\windows\Downloaded Installations 2011-04-21 22:15 . 2011-04-21 22:27 -------- d-----w- c:\program files (x86)\Cheat Engine 2011-04-21 22:15 . 2007-12-26 15:30 679936 ----a-w- c:\windows\SysWow64\D3DX81ab.dll 2011-04-21 22:15 . 2007-12-26 15:30 1970176 ----a-w- c:\windows\SysWow64\d3dx9.dll 2011-04-21 19:39 . 2011-05-01 06:13 -------- d-----w- c:\users\Edward\AppData\Local\CAPCOM 2011-04-21 17:37 . 2011-04-21 17:37 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2011-04-21 08:44 . 2011-04-21 08:44 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories 2011-04-18 11:28 . 2011-04-18 11:29 -------- d-----w- c:\users\Edward\AppData\Local\Rockstar Games 2011-04-16 12:15 . 2011-04-16 12:15 -------- d-----w- c:\users\Edward\AppData\Local\{0790F134-1B6D-4244-8BA8-0E548E90EDCA} 2011-04-16 00:15 . 2011-04-16 00:15 -------- d-----w- c:\users\Edward\AppData\Local\{8EE75337-B10C-4D5B-8DA4-F61DDCC2F076} 2011-04-15 12:14 . 2011-04-15 12:15 -------- d-----w- c:\users\Edward\AppData\Local\{1F5F1E81-5B06-4763-911B-A2CC1E6EAF2C} 2011-04-15 00:14 . 2011-04-15 00:14 -------- d-----w- c:\users\Edward\AppData\Local\{E533CB43-CA93-487C-81A9-9376A935411E} 2011-04-14 15:48 . 2011-04-14 15:48 -------- d-----w- c:\program files\Transmission Remote 2011-04-14 12:13 . 2011-04-14 12:14 -------- d-----w- c:\users\Edward\AppData\Local\{CF197E79-8B4A-45FE-B979-552198BF8E52} 2011-04-14 00:13 . 2011-04-14 00:13 -------- d-----w- c:\users\Edward\AppData\Local\{2B02EDD7-4744-41BE-9B73-723C53F999F2} 2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr 2011-04-13 20:46 . 2011-04-13 20:51 -------- d-----w- c:\program files (x86)\Aura 2011-04-13 14:18 . 2011-04-29 03:16 -------- d-----w- c:\users\Edward\AppData\Roaming\vlc 2011-04-13 07:44 . 2011-04-13 07:44 -------- d-----w- c:\users\Edward\AppData\Local\{48C1F504-3CD8-4A17-8AC4-1DF7B2FC3C76} 2011-04-13 04:12 . 2011-03-08 06:14 976896 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-12 19:43 . 2011-04-12 19:43 -------- d-----w- c:\users\Edward\AppData\Local\{42961CEB-E159-4114-8247-E77E6F2C9D60} 2011-04-12 07:43 . 2011-04-12 07:43 -------- d-----w- c:\users\Edward\AppData\Local\{A1BCA28A-8955-4A95-8CE9-506DF5B9C79A} 2011-04-11 19:42 . 2011-04-11 19:43 -------- d-----w- c:\users\Edward\AppData\Local\{5EFBB873-73EF-4D9E-A911-79651780C8BF} 2011-04-11 18:44 . 2011-04-21 22:13 -------- d-----w- c:\users\Edward\AppData\Roaming\.minecraft 2011-04-11 11:06 . 2011-04-15 18:20 -------- d-----w- c:\users\Edward\AppData\Roaming\RIFT 2011-04-11 07:42 . 2011-04-11 07:42 -------- d-----w- c:\users\Edward\AppData\Local\{D2690FE8-C4CA-4F45-910E-D3FEBCC5D3E2} 2011-04-10 19:41 . 2011-04-10 19:42 -------- d-----w- c:\users\Edward\AppData\Local\{506E6767-4A76-4BAB-BF5F-D1F6FA702504} 2011-04-10 07:41 . 2011-04-10 07:41 -------- d-----w- c:\users\Edward\AppData\Local\{BD0A9067-0151-4766-84AD-CB3B43EAEB6C} 2011-04-09 19:40 . 2011-04-09 19:41 -------- d-----w- c:\users\Edward\AppData\Local\{05E55B70-E11A-486E-9E4F-618A50489BE5} 2011-04-09 07:40 . 2011-04-09 07:40 -------- d-----w- c:\users\Edward\AppData\Local\{A53CBD7F-E1B2-4CE6-B3CD-06C3BD337672} 2011-04-08 19:40 . 2011-04-08 19:40 -------- d-----w- c:\users\Edward\AppData\Local\{0A8E679F-4212-4119-A6A6-225FBC872BFC} 2011-04-08 07:39 . 2011-04-08 07:39 -------- d-----w- c:\users\Edward\AppData\Local\{F2B98D48-6A50-4222-A436-BF3DB9FD5D37} 2011-04-07 19:39 . 2011-04-07 19:39 -------- d-----w- c:\users\Edward\AppData\Local\{03A39ACE-1C7B-44C3-99DD-448BCD24B815} 2011-04-07 07:38 . 2011-04-07 07:38 -------- d-----w- c:\users\Edward\AppData\Local\{337F9800-9614-48CB-BE1D-C1AAE1E823BA} 2011-04-07 00:19 . 2011-04-07 00:27 -------- d-----w- c:\users\Edward\AppData\Roaming\Audacity 2011-04-07 00:19 . 2011-04-07 00:19 -------- d-----w- c:\program files (x86)\Audacity 1.3 Beta 2011-04-06 19:38 . 2011-04-06 19:38 -------- d-----w- c:\users\Edward\AppData\Local\{6E2BFB79-109B-4414-8FE4-DDF45DEEC754} 2011-04-06 07:39 . 2011-04-06 07:39 -------- d-----w- c:\users\Edward\AppData\Local\{21511F99-4D3C-4B5A-8051-0C02B092FEF5} 2011-04-05 19:39 . 2011-04-05 19:39 -------- d-----w- c:\users\Edward\AppData\Local\{ADAC6C94-632D-4F73-9C86-AEB6B8BF5655} 2011-04-05 07:38 . 2011-04-05 07:38 -------- d-----w- c:\users\Edward\AppData\Local\{B0D6435D-212E-4BFA-A6DA-8427DAA7E56F} 2011-04-04 19:38 . 2011-04-04 19:38 -------- d-----w- c:\users\Edward\AppData\Local\{476E36A3-BFE1-4111-9431-B4B19744146F} . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-05-02 13:32 . 2010-05-12 20:22 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2011-04-25 11:19 . 2010-05-23 17:37 25640 ----a-w- c:\windows\gdrv.sys 2011-04-12 15:53 . 2010-11-14 08:25 1866240 ----a-w- c:\windows\system32\ExplorerFrame.del.dll 2011-04-12 15:53 . 2010-11-14 08:25 1865728 ----a-w- c:\windows\system32\ExplorerFrame.dll 2011-03-29 18:00 . 2010-11-07 11:15 92672 ----a-w- c:\windows\system32\ff_vfw.dll 2011-03-09 03:45 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-03-02 10:43 . 2010-11-07 11:15 203264 ----a-w- c:\windows\system32\unrar.dll 2011-02-17 09:59 . 2011-02-17 09:59 428416 ----a-w- c:\windows\SysWow64\RzMwApi.dll 2011-02-17 02:36 . 2010-11-14 08:25 1863680 ----a-w- c:\windows\system32\explorerframe.dll.11111111 2011-02-17 02:36 . 2010-11-14 08:25 1863168 ----a-w- c:\windows\system32\explorerframe.dll.BAK . . ((((((((((((((((((((((((((((( SnapShot@2011-05-01_17.25.10 ))))))))))))))))))))))))))))))))))))))))) . + 2010-05-12 19:48 . 2011-05-03 07:47 48760 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-05-03 07:47 34732 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-05-12 19:39 . 2011-05-03 07:47 10050 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-298173471-2318884327-37262993-1001_UserData.bin - 2010-05-12 19:32 . 2011-04-19 04:27 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-05-12 19:32 . 2011-05-03 04:07 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2010-05-12 19:32 . 2011-04-19 04:27 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-05-02 09:07 . 2011-05-03 04:07 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-04-19 04:27 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-05-03 04:07 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-05-03 07:46 . 2011-05-03 07:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-05-01 17:05 . 2011-05-01 17:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-05-01 17:05 . 2011-05-01 17:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-05-03 07:46 . 2011-05-03 07:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-05-03 05:46 . 2011-05-03 06:03 925184 c:\windows\W7SOC\expstart.exe + 2011-05-03 05:39 . 2011-05-03 06:03 377344 c:\windows\W7SOC\bru.exe + 2011-05-02 13:32 . 2011-05-02 13:32 157472 c:\windows\SysWOW64\javaws.exe - 2011-01-10 10:00 . 2011-02-02 19:40 157472 c:\windows\SysWOW64\javaws.exe + 2011-05-02 13:32 . 2011-05-02 13:32 145184 c:\windows\SysWOW64\javaw.exe - 2011-01-10 10:00 . 2011-02-02 19:40 145184 c:\windows\SysWOW64\javaw.exe - 2011-01-10 10:00 . 2011-02-02 19:40 145184 c:\windows\SysWOW64\java.exe + 2011-05-02 13:32 . 2011-05-02 13:32 145184 c:\windows\SysWOW64\java.exe + 2011-05-03 07:18 . 2011-05-03 07:18 377344 c:\windows\system32\W7NBC\exe.exe - 2009-07-14 15:24 . 2011-05-01 17:10 743526 c:\windows\system32\perfh00C.dat + 2009-07-14 15:24 . 2011-05-03 07:50 743526 c:\windows\system32\perfh00C.dat + 2009-07-14 02:36 . 2011-05-03 07:50 650638 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2011-05-01 17:10 650638 c:\windows\system32\perfh009.dat + 2009-07-14 15:24 . 2011-05-03 07:50 147862 c:\windows\system32\perfc00C.dat - 2009-07-14 15:24 . 2011-05-01 17:10 147862 c:\windows\system32\perfc00C.dat + 2009-07-14 02:36 . 2011-05-03 07:50 120294 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2011-05-01 17:10 120294 c:\windows\system32\perfc009.dat + 2011-05-02 13:33 . 2011-05-02 13:32 189728 c:\windows\system32\javaws.exe + 2011-05-02 13:33 . 2011-05-02 13:32 171808 c:\windows\system32\javaw.exe + 2011-05-02 13:33 . 2011-05-02 13:32 171808 c:\windows\system32\java.exe + 2009-07-14 05:38 . 2011-05-02 16:36 262144 c:\windows\system32\config\systemprofile\ntuser.dat - 2009-07-14 05:38 . 2010-05-23 11:55 262144 c:\windows\system32\config\systemprofile\ntuser.dat - 2009-07-14 05:12 . 2010-09-09 09:48 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2009-07-14 05:12 . 2011-05-03 04:07 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2009-07-14 05:01 . 2011-05-03 07:44 394396 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-05-03 05:18 . 2009-04-22 08:00 350720 c:\windows\Resources\Themes\Win7-Katharos Top\Shell\NormalColor\shellstyle.dll + 2011-05-03 07:09 . 2009-10-31 08:37 349184 c:\windows\Resources\Themes\leaf_by_dpcdpc11_top_s_f_R\Shell\NormalColor\shellstyle.dll + 2011-05-03 07:09 . 2009-10-31 08:37 349184 c:\windows\Resources\Themes\leaf_by_dpcdpc11_top_R\Shell\NormalColor\shellstyle.dll + 2011-05-03 05:33 . 2009-07-14 06:03 350720 c:\windows\Resources\Themes\emerald\Shell\NormalColor\shellstyle.dll + 2011-05-02 13:32 . 2011-05-02 13:32 682496 c:\windows\Installer\f3a6cc.msi + 2011-05-02 13:32 . 2011-05-02 13:32 183808 c:\windows\Installer\f3a6c7.msi + 2011-05-02 13:31 . 2011-05-02 13:31 681984 c:\windows\Installer\f3a6bf.msi + 2011-05-03 06:03 . 2010-02-25 20:12 2870272 c:\windows\W7SOC\explorer.exe + 2011-05-03 07:21 . 2011-04-12 15:53 1865728 c:\windows\system32\W7NBC\ExplorerFrame.dll + 2009-07-14 04:45 . 2011-05-03 07:46 4893992 c:\windows\system32\FNTCACHE.DAT + 2010-05-16 21:21 . 2011-05-03 07:44 3737712 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2011-03-16 12:14 . 2010-02-25 20:12 2870272 c:\windows\explorer.bakbakbak.exe + 2011-03-16 12:14 . 2010-02-25 20:12 2870272 c:\windows\explorer.BAK.exe + 2009-07-13 23:42 . 2009-07-14 01:06 20268032 c:\windows\SysWOW64\imageres.dll + 2009-07-14 02:34 . 2011-05-03 08:50 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat - 2009-07-14 02:34 . 2011-05-01 15:36 10485760 c:\windows\system32\SMI\Store\Machine\schema.dat + 2009-07-13 23:57 . 2009-07-14 01:28 20268032 c:\windows\system32\imageres.dll + 2010-09-09 08:40 . 2011-05-03 07:44 19046596 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-298173471-2318884327-37262993-1001-8192.dat + 2010-09-17 10:57 . 2011-05-02 16:14 13290860 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-298173471-2318884327-37262993-1001-12288.dat - 2010-09-17 10:57 . 2011-05-01 17:04 13290860 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-298173471-2318884327-37262993-1001-12288.dat . -- Instantané actualisé -- . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Nexus"="c:\program files (x86)\Winstep\Nexus.exe" [2011-03-14 13816960] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672] . c:\users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ FastStone Capture.lnk - c:\program files (x86)\FastStone Capture\FSCapture.exe [2007-2-23 1115136] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" "VMware hqtray"="c:\program files (x86)\VMware\VMware Player\hqtray.exe" "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "LGODDFU"="c:\program files (x86)\lg_fwupdate\fwupdate.exe" blrun "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime "JMB36X IDE Setup"=c:\windows\RaidTool\xInsIDE.exe "K3805"="c:\program files (x86)\Alchemy Elixir\control.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AppleSyncNotifier"=c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "Razer Naga Driver"=c:\program files (x86)\Razer\Naga\RazerNagaSysTray.exe "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2009-08-06 65536] R3 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] R3 AODDriver;AODDriver;c:\program files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [2009-02-22 14904] R3 AODDriver2;AODDriver2;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-04-23 52352] R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-08-30 15872] R3 etdrv;etdrv;c:\windows\etdrv.sys [2010-06-03 25640] R3 FLASHSYS;FLASHSYS;c:\program files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [2008-02-15 15192] R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2010-06-03 30528] R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [2011-04-12 311744] R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x] R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [2010-11-06 24176] R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys [2010-02-01 14648] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x] R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-26 354304] R4 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496] R4 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-04-23 136616] R4 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136] R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R4 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-01-22 563760] S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x] S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x64.sys [x] S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x] S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2010-04-07 810120] S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-11-23 1974080] S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x] S2 Winstep Xtreme Service;Winstep Xtreme Service;c:\program files (x86)\Winstep\WsxService [x] S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 P0620VID;Creative WebCam Instant;c:\windows\system32\DRIVERS\P0620Vid.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [x] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856] S3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [x] . . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-04-07 2839840] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = https://mail.google....l/?shva=1#inbox mLocal Page = c:\windows\SysWOW64\blank.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - f:\progra~1\Office14\EXCEL.EXE/3000 IE: Liens de téléchargement avec Mega Manager... - c:\program files (x86)\Megaupload\Mega Manager\mm_file.htm LSP: c:\program files (x86)\VMware\VMware Player\vsocklib.dll . - - - - ORPHELINS SUPPRIMES - - - - . AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\Edward\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winstep Xtreme Service] "ImagePath"="c:\program files (x86)\Winstep\WsxService" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-298173471-2318884327-37262993-1001\Software\SecuROM\License information*] "datasecu"=hex:c6,fb,8b,0a,27,5c,e0,bf,19,04,85,06,5e,a1,ae,75,65,c1,bc,6e,a9, 1c,67,ad,40,9d,9f,02,e6,13,3c,e4,44,f8,ee,cd,ed,4a,84,c9,3c,6a,bd,2e,6f,20,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_10_2_161_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_10_2_161_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Heure de fin: 2011-05-03 12:11:43 ComboFix-quarantined-files.txt 2011-05-03 10:11 ComboFix2.txt 2011-05-01 17:30 . Avant-CF: 16 616 034 304 octets libres Après-CF: 16 839 884 800 octets libres . - - End Of File - - 76F34865289E96C0DD802D7DAD9A62F8

Tout se passe bien jusqu'au redémarrage de Windows. Le système reboot donc en mode 640x480 avec un tas d'erreur type: swreg.cfxxe n'a pas démarré correctement, la souris ne fonctionnant pas, tout comme internet. J'ai laissé tel quel jusqu'à ce que la fenêtre de combot fix se ferme d'elle même. J'ai attendu quelque minute puis j'ai redémarré manuellement. J'étais toujours en 640x480 avec les erreurs et la souris ne fonctionnant pas, j'ai alors restauré le système.

Bonjour lance_yien, Merci encore de t'occuper de mon cas. Le problème persiste oui, mais j'ai aussi quelques informations en plus à fournir. J'ai remarqué ce matin que le pic d'utilisation mémoire se faisait de façon progressif. Il y a un battement de quelques secondes (environ 5 à 10) avant de passer d'un pallier à l'autre, ce n'est pas brusque, ça ne passe pas de 19% à 95% d'un coup. (La ré actualisation est de 1seconde dans le gestionnaire de tâche, ce n'est donc pas ça qui provoque le battement) Autre chose, il me semble que le problème apparaisse uniquement lorsque l'explorateur est sollicité. Par exemple en ouvrant une fenêtre ou lorsqu'un programme en fait apparaître une.

All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ED0E8CA5-42FB-4B18-997B-769E0408E79D} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED0E8CA5-42FB-4B18-997B-769E0408E79D}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MSIAfterburner deleted successfully. C:\Program Files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{5DE316A0-7613-4D69-B647-D3C8B9E7026C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5DE316A0-7613-4D69-B647-D3C8B9E7026C}\ not found. ADS C:\ProgramData\Temp:010ADD2C deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== C:\WINDOWS\tasks\GlaryInitialize.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-298173471-2318884327-37262993-1001Core.job moved successfully. C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-298173471-2318884327-37262993-1001UA.job moved successfully. File\Folder C:\*.sqm not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes ->Flash cache emptied: 41620 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Edward ->Temp folder emptied: 6687 bytes ->Temporary Internet Files folder emptied: 4341661 bytes ->Java cache emptied: 14889242 bytes ->FireFox cache emptied: 49129655 bytes ->Google Chrome cache emptied: 267172579 bytes ->Opera cache emptied: 517967 bytes ->Flash cache emptied: 1130597 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 3704 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50540 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 322,00 mb [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Edward ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.22.3 log created on 05022011_110122 Files\Folders moved on Reboot... C:\Users\Edward\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot... Le scan eset en ligne n'a rien trouvé.

OTL logfile created on: 02/05/2011 09:15:41 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Edward\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 48,83 Gb Total Space | 16,37 Gb Free Space | 33,53% Space Free | Partition Type: NTFS Drive D: | 208,53 Gb Total Space | 45,86 Gb Free Space | 21,99% Space Free | Partition Type: NTFS Drive F: | 931,51 Gb Total Space | 804,79 Gb Free Space | 86,40% Space Free | Partition Type: NTFS Drive J: | 1863,01 Gb Total Space | 1051,47 Gb Free Space | 56,44% Space Free | Partition Type: NTFS Computer Name: EDWARD-PC | User Name: Edward | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/05/02 09:13:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.exe PRC - [2011/04/29 13:36:45 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2010/04/07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe PRC - [2010/02/01 04:27:02 | 000,339,256 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe PRC - [2009/08/06 07:51:20 | 000,065,536 | R--- | M] () -- C:\Windows\SysWOW64\XSrvSetup.exe PRC - [2007/02/23 23:49:58 | 001,115,136 | ---- | M] () -- C:\Program Files (x86)\FastStone Capture\FSCapture.exe ========== Modules (SafeList) ========== MOD - [2011/05/02 09:13:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.exe MOD - [2010/08/21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011/01/27 00:55:36 | 000,203,776 | ---- | M] (AMD) [On_Demand | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011/01/26 19:01:28 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Disabled | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2010/11/23 17:21:12 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2010/06/17 06:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Disabled | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager) SRV:64bit: - [2010/04/07 21:10:42 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv) SRV:64bit: - [2010/04/07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011/04/29 13:36:45 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011/04/12 10:11:26 | 000,311,744 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files (x86)\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2010/11/23 17:24:50 | 001,974,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2010/11/23 17:21:02 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2010/04/23 05:39:00 | 000,136,616 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010/01/22 21:57:08 | 000,395,824 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service) SRV - [2010/01/22 21:56:44 | 000,334,384 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP) SRV - [2010/01/22 21:56:28 | 000,113,200 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService) SRV - [2010/01/22 21:00:48 | 000,563,760 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService) SRV - [2009/08/24 14:38:06 | 000,068,136 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service) SRV - [2009/08/06 07:51:20 | 000,065,536 | R--- | M] () [Auto | Running] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X) SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/01/27 01:37:20 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011/01/27 00:13:32 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011/01/13 04:17:30 | 000,122,624 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\zghsmdm.sys -- (zghsmdm) DRV:64bit: - [2010/12/29 03:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010/12/16 10:23:14 | 000,126,464 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzSynapse.sys -- (RzSynapse) DRV:64bit: - [2010/12/10 14:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010/12/10 14:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010/11/23 16:38:53 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2010/11/23 16:38:52 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2010/11/06 23:24:34 | 000,024,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter) DRV:64bit: - [2010/10/18 07:24:46 | 000,038,424 | ---- | M] (Google Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb) DRV:64bit: - [2010/05/17 08:35:12 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2010/05/09 23:29:02 | 000,145,936 | ---- | M] (Sun Microsystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010/04/07 21:08:30 | 000,050,600 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp) DRV:64bit: - [2010/04/07 21:08:28 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis) DRV:64bit: - [2010/04/07 21:08:26 | 000,169,592 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw) DRV:64bit: - [2010/04/07 21:07:10 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv) DRV:64bit: - [2010/04/07 21:03:52 | 000,163,888 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm) DRV:64bit: - [2010/03/30 23:35:04 | 000,020,968 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz133_x64.sys -- (cpuz133) DRV:64bit: - [2010/03/09 12:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2010/01/22 21:58:22 | 000,068,656 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86) DRV:64bit: - [2010/01/22 21:58:20 | 000,029,744 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd) DRV:64bit: - [2010/01/22 21:58:16 | 000,080,944 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci) DRV:64bit: - [2010/01/22 21:58:16 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif) DRV:64bit: - [2010/01/22 21:00:44 | 000,038,960 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon) DRV:64bit: - [2010/01/22 17:12:58 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter) DRV:64bit: - [2009/12/18 00:25:17 | 000,034,472 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2009/11/06 07:42:06 | 000,293,416 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx) DRV:64bit: - [2009/10/07 13:26:24 | 000,115,312 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:64bit: - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009/08/09 23:25:45 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone) DRV:64bit: - [2009/07/17 20:52:00 | 000,201,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/05/05 04:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2009/04/28 03:03:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009/04/28 03:03:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2005/08/15 10:02:18 | 000,126,848 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\P0620Vid.sys -- (P0620VID) DRV - [2011/04/25 13:19:02 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2010/10/07 12:34:32 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2010/08/30 12:19:54 | 000,015,872 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64) DRV - [2010/06/04 00:51:00 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv) DRV - [2010/06/04 00:50:44 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2010/04/23 05:38:48 | 000,052,352 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver2) DRV - [2010/02/01 04:27:24 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64) DRV - [2009/02/23 00:21:54 | 000,014,904 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys -- (AODDriver) DRV - [2008/02/15 16:30:48 | 000,015,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\MSI\Live Update 4\LU4\Flashsys64.sys -- (FLASHSYS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://mail.google....l/?shva=1#inbox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 42 D3 B3 E6 D7 B6 CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/05/12 22:18:47 | 000,000,000 | ---D | M] [2010/05/19 20:15:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edward\AppData\Roaming\mozilla\Extensions [2011/03/16 00:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Edward\AppData\Roaming\mozilla\Firefox\Profiles\v12zbrtz.default\extensions File not found (No name found) -- [2011/01/10 12:00:24 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX 4.0 BETA 7\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/03/28 11:58:43 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX 4.0 BETA 7\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} () (No name found) -- C:\USERS\EDWARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V12ZBRTZ.DEFAULT\EXTENSIONS\{40A1F5D7-AFC2-498F-B264-02668D616FF6}.XPI () (No name found) -- C:\USERS\EDWARD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\V12ZBRTZ.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI O1 HOSTS File: ([2011/05/01 19:24:30 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (no name) - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - No CLSID value found. O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [MSIAfterburner] C:\Program Files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe () O4 - Startup: C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk = C:\Program Files (x86)\FastStone Capture\FSCapture.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9 - Extra Button: FreshDownload - {5DE316A0-7613-4D69-B647-D3C8B9E7026C} - File not found O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.giga...bject/Dldrv.ocx (Dldrv2 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://service.futur...ark/tc/FMSI.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.syste...yri_4.3.1.0.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: VIDC.FFDS - ff_vfw.dll () Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L) Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (www) Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll () Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L) Drivers32: VIDC.VMnc - C:\Windows\SysWow64\vmnc.dll (VMware, Inc.) Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll () Drivers32: VIDC.YV12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/05/02 09:13:49 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.exe [2011/05/02 07:49:43 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2011/05/02 05:48:09 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{44F78535-FC07-4112-AC61-D3DF67C1620D} [2011/05/01 19:11:39 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011/05/01 19:11:39 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011/05/01 19:11:39 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011/05/01 19:11:34 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011/05/01 19:11:18 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/05/01 19:11:04 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2011/05/01 17:47:33 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{48B43689-8499-457C-853A-91549C64F6DC} [2011/05/01 16:35:18 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Malwarebytes [2011/05/01 16:35:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011/05/01 16:35:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/05/01 16:35:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/05/01 16:35:09 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011/05/01 16:35:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/05/01 05:46:57 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{B4079414-E88B-495D-BF56-C9615E3FF241} [2011/04/30 08:58:18 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\Criterion Games [2011/04/29 14:12:00 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\My Cheat Tables [2011/04/29 13:37:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft [2011/04/29 13:36:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\PunkBuster [2011/04/29 03:43:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag [2011/04/28 12:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com [2011/04/28 12:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ma-config.com [2011/04/28 12:04:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ma-config.com [2011/04/28 09:54:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aero Tuner [2011/04/27 17:34:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\mkvtoolnix [2011/04/27 17:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVtoolnix [2011/04/27 17:34:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MKVtoolnix [2011/04/27 16:03:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirtualDubMOD [2011/04/27 16:03:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDubMOD [2011/04/27 14:56:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\FastStone [2011/04/27 14:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture [2011/04/27 14:56:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FastStone Capture [2011/04/27 14:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter [2011/04/27 03:38:20 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Front Mission Evolved [2011/04/26 14:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2011/04/26 14:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011/04/26 14:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011/04/26 05:44:03 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2011/04/26 05:44:02 | 000,036,160 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll [2011/04/26 05:44:02 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll [2011/04/26 05:44:02 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2011/04/26 05:44:02 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2011/04/26 05:44:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011 [2011/04/26 05:43:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2011 [2011/04/26 05:43:30 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} [2011/04/26 05:27:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Martau [2011/04/26 05:27:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Total Uninstall 5 [2011/04/26 04:21:27 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{F1AC0983-DF4C-4301-BD1D-AA56D55C5568} [2011/04/25 15:50:06 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{4A1E87C6-434A-4FDB-9C69-60BE832D50CB} [2011/04/25 00:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2011/04/25 00:54:12 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2011/04/25 00:53:55 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Criterion Games [2011/04/25 00:43:22 | 000,412,776 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2011/04/23 06:24:59 | 000,000,000 | ---D | C] -- C:\ProgramData\BOINC [2011/04/23 06:24:59 | 000,000,000 | ---D | C] -- C:\Program Files\BOINC [2011/04/23 06:24:34 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations [2011/04/22 19:26:40 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Prototype [2011/04/22 00:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 5.5 [2011/04/22 00:15:21 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\SysWow64\D3DX81ab.dll [2011/04/22 00:15:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine [2011/04/21 21:41:53 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\CAPCOM [2011/04/21 21:39:36 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\CAPCOM [2011/04/21 20:46:22 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\SHIFT 2 UNLEASHED [2011/04/21 19:37:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2011/04/21 10:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories [2011/04/21 08:49:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Talk [2011/04/21 08:49:27 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk [2011/04/19 12:16:36 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Games for Windows - LIVE Demos [2011/04/18 13:32:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\Rockstar Games [2011/04/18 13:28:56 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\Rockstar Games [2011/04/17 19:47:49 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\GTA3 User Files [2011/04/17 19:27:49 | 000,000,000 | ---D | C] -- C:\Users\Edward\Documents\GTA Vice City User Files [2011/04/16 14:15:34 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{0790F134-1B6D-4244-8BA8-0E548E90EDCA} [2011/04/16 02:15:12 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{8EE75337-B10C-4D5B-8DA4-F61DDCC2F076} [2011/04/15 14:14:51 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{1F5F1E81-5B06-4763-911B-A2CC1E6EAF2C} [2011/04/15 08:38:06 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Google [2011/04/15 02:14:30 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{E533CB43-CA93-487C-81A9-9376A935411E} [2011/04/14 21:27:33 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake [2011/04/14 17:48:41 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Transmission Remote [2011/04/14 17:48:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission Remote [2011/04/14 17:48:41 | 000,000,000 | ---D | C] -- C:\Program Files\Transmission Remote [2011/04/14 14:13:49 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{CF197E79-8B4A-45FE-B979-552198BF8E52} [2011/04/14 02:13:21 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{2B02EDD7-4744-41BE-9B73-723C53F999F2} [2011/04/14 00:40:10 | 004,284,416 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr [2011/04/13 22:46:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aura [2011/04/13 16:18:01 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\vlc [2011/04/13 16:17:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011/04/13 13:35:28 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2011/04/13 13:35:28 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2011/04/13 13:35:28 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2011/04/13 13:35:28 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011/04/13 13:35:28 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011/04/13 13:35:28 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2011/04/13 13:35:28 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011/04/13 13:35:28 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll [2011/04/13 13:35:28 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011/04/13 13:35:28 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2011/04/13 13:35:28 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll [2011/04/13 13:35:28 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2011/04/13 13:35:28 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2011/04/13 13:35:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/04/13 13:35:28 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2011/04/13 13:35:28 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2011/04/13 13:35:28 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll [2011/04/13 13:35:28 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2011/04/13 13:35:28 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2011/04/13 13:35:28 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2011/04/13 13:35:28 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2011/04/13 13:35:28 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2011/04/13 13:35:28 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011/04/13 13:35:28 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2011/04/13 13:35:28 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2011/04/13 13:35:28 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2011/04/13 13:35:28 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2011/04/13 13:35:28 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2011/04/13 13:35:28 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2011/04/13 13:35:28 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2011/04/13 13:35:28 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2011/04/13 13:35:28 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2011/04/13 13:35:28 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/04/13 13:35:28 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2011/04/13 13:35:28 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2011/04/13 13:35:28 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2011/04/13 13:35:28 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2011/04/13 13:35:28 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll [2011/04/13 13:35:28 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2011/04/13 13:35:28 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011/04/13 13:35:28 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011/04/13 13:35:27 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2011/04/13 13:35:27 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011/04/13 13:35:27 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2011/04/13 13:35:27 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011/04/13 13:35:27 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011/04/13 13:35:27 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011/04/13 13:35:27 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2011/04/13 13:35:27 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2011/04/13 13:35:27 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011/04/13 13:35:27 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2011/04/13 13:35:27 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2011/04/13 13:35:27 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/04/13 13:35:27 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011/04/13 13:35:27 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2011/04/13 13:35:27 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2011/04/13 13:35:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2011/04/13 13:35:27 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2011/04/13 13:35:27 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2011/04/13 13:35:27 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2011/04/13 13:35:27 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011/04/13 13:35:27 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2011/04/13 13:35:27 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2011/04/13 13:35:27 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2011/04/13 13:35:27 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2011/04/13 13:35:27 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/04/13 13:35:27 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2011/04/13 13:35:27 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2011/04/13 13:35:27 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2011/04/13 13:35:27 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2011/04/13 13:35:27 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2011/04/13 13:35:27 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2011/04/13 13:35:27 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2011/04/13 13:35:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2011/04/13 13:35:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2011/04/13 13:35:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011/04/13 13:35:27 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2011/04/13 13:35:27 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011/04/13 09:44:05 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{48C1F504-3CD8-4A17-8AC4-1DF7B2FC3C76} [2011/04/13 06:13:12 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2011/04/13 06:13:12 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2011/04/13 06:13:12 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2011/04/13 06:13:12 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2011/04/13 06:13:02 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011/04/13 06:13:02 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011/04/13 06:13:02 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011/04/13 06:13:02 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011/04/13 06:13:00 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2011/04/13 06:13:00 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2011/04/13 06:13:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2011/04/13 06:12:56 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2011/04/13 06:12:56 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2011/04/13 06:12:56 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2011/04/13 06:12:56 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2011/04/13 06:12:56 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2011/04/13 06:12:56 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2011/04/13 06:12:56 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2011/04/13 06:12:56 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2011/04/12 21:43:33 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{42961CEB-E159-4114-8247-E77E6F2C9D60} [2011/04/12 09:43:11 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{A1BCA28A-8955-4A95-8CE9-506DF5B9C79A} [2011/04/11 21:42:49 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{5EFBB873-73EF-4D9E-A911-79651780C8BF} [2011/04/11 20:44:07 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\.minecraft [2011/04/11 13:06:46 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\RIFT [2011/04/11 13:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIFT [2011/04/11 09:42:25 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{D2690FE8-C4CA-4F45-910E-D3FEBCC5D3E2} [2011/04/10 21:41:53 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{506E6767-4A76-4BAB-BF5F-D1F6FA702504} [2011/04/10 09:41:18 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{BD0A9067-0151-4766-84AD-CB3B43EAEB6C} [2011/04/09 21:40:55 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{05E55B70-E11A-486E-9E4F-618A50489BE5} [2011/04/09 09:40:34 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{A53CBD7F-E1B2-4CE6-B3CD-06C3BD337672} [2011/04/08 21:40:02 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{0A8E679F-4212-4119-A6A6-225FBC872BFC} [2011/04/08 09:39:26 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{F2B98D48-6A50-4222-A436-BF3DB9FD5D37} [2011/04/07 21:39:05 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{03A39ACE-1C7B-44C3-99DD-448BCD24B815} [2011/04/07 09:38:43 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{337F9800-9614-48CB-BE1D-C1AAE1E823BA} [2011/04/07 02:19:18 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Roaming\Audacity [2011/04/07 02:19:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity 1.3 Beta [2011/04/06 21:38:22 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{6E2BFB79-109B-4414-8FE4-DDF45DEEC754} [2011/04/06 09:39:27 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{21511F99-4D3C-4B5A-8051-0C02B092FEF5} [2011/04/05 21:39:05 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{ADAC6C94-632D-4F73-9C86-AEB6B8BF5655} [2011/04/05 09:38:44 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{B0D6435D-212E-4BFA-A6DA-8427DAA7E56F} [2011/04/04 21:38:22 | 000,000,000 | ---D | C] -- C:\Users\Edward\AppData\Local\{476E36A3-BFE1-4111-9431-B4B19744146F} ========== Files - Modified Within 30 Days ========== [2011/05/02 09:16:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/05/02 09:13:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Edward\Desktop\OTL.exe [2011/05/02 07:53:45 | 001,657,292 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/05/02 07:53:45 | 000,743,526 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/05/02 07:53:45 | 000,650,638 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/05/02 07:53:45 | 000,147,862 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/05/02 07:53:45 | 000,120,294 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/05/02 07:49:41 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2011/05/02 07:49:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/05/01 19:24:30 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011/05/01 19:10:16 | 004,334,469 | R--- | M] () -- C:\Users\Edward\Desktop\ComboFix.exe [2011/05/01 19:03:51 | 000,050,477 | ---- | M] () -- C:\Users\Edward\Desktop\Defogger.exe [2011/05/01 16:49:03 | 004,885,384 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/05/01 16:47:45 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/05/01 16:47:44 | 000,009,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/05/01 16:35:34 | 000,879,028 | ---- | M] () -- C:\Users\Edward\Desktop\SecurityCheck.exe [2011/05/01 16:35:13 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/05/01 06:40:03 | 000,001,456 | ---- | M] () -- C:\Users\Edward\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2011/04/29 13:36:45 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/04/29 03:45:12 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2011/04/27 14:58:20 | 000,001,168 | ---- | M] () -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk [2011/04/27 13:15:04 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-298173471-2318884327-37262993-1001UA.job [2011/04/27 13:15:04 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-298173471-2318884327-37262993-1001Core.job [2011/04/26 21:07:07 | 000,020,602 | ---- | M] () -- C:\Users\Edward\Documents\FF7.aimppl [2011/04/26 14:38:09 | 000,001,278 | ---- | M] () -- C:\Users\Edward\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011/04/26 09:57:34 | 000,173,052 | ---- | M] () -- C:\Users\Edward\Documents\cc_20110426_095725.reg [2011/04/26 07:36:05 | 000,021,598 | ---- | M] () -- C:\Windows\SysNative\oemlogo.bmp [2011/04/25 13:19:02 | 000,025,640 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\Windows\gdrv.sys [2011/04/21 09:54:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2011/04/16 07:29:26 | 001,634,222 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/04/14 00:40:10 | 004,284,416 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr [2011/04/13 13:49:34 | 000,001,449 | ---- | M] () -- C:\Users\Edward\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2011/04/13 13:35:28 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2011/04/13 13:35:28 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2011/04/13 13:35:28 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2011/04/13 13:35:28 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011/04/13 13:35:28 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011/04/13 13:35:28 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2011/04/13 13:35:28 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011/04/13 13:35:28 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll [2011/04/13 13:35:28 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011/04/13 13:35:28 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2011/04/13 13:35:28 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll [2011/04/13 13:35:28 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2011/04/13 13:35:28 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2011/04/13 13:35:28 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/04/13 13:35:28 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2011/04/13 13:35:28 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2011/04/13 13:35:28 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll [2011/04/13 13:35:28 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2011/04/13 13:35:28 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2011/04/13 13:35:28 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2011/04/13 13:35:28 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2011/04/13 13:35:28 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2011/04/13 13:35:28 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011/04/13 13:35:28 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2011/04/13 13:35:28 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2011/04/13 13:35:28 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2011/04/13 13:35:28 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2011/04/13 13:35:28 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2011/04/13 13:35:28 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2011/04/13 13:35:28 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2011/04/13 13:35:28 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2011/04/13 13:35:28 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2011/04/13 13:35:28 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/04/13 13:35:28 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2011/04/13 13:35:28 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2011/04/13 13:35:28 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2011/04/13 13:35:28 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2011/04/13 13:35:28 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll [2011/04/13 13:35:28 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2011/04/13 13:35:28 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011/04/13 13:35:28 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011/04/13 13:35:27 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2011/04/13 13:35:27 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011/04/13 13:35:27 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2011/04/13 13:35:27 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011/04/13 13:35:27 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011/04/13 13:35:27 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011/04/13 13:35:27 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2011/04/13 13:35:27 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2011/04/13 13:35:27 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011/04/13 13:35:27 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2011/04/13 13:35:27 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2011/04/13 13:35:27 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/04/13 13:35:27 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011/04/13 13:35:27 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2011/04/13 13:35:27 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2011/04/13 13:35:27 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2011/04/13 13:35:27 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2011/04/13 13:35:27 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2011/04/13 13:35:27 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2011/04/13 13:35:27 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011/04/13 13:35:27 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2011/04/13 13:35:27 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2011/04/13 13:35:27 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2011/04/13 13:35:27 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2011/04/13 13:35:27 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/04/13 13:35:27 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2011/04/13 13:35:27 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2011/04/13 13:35:27 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2011/04/13 13:35:27 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2011/04/13 13:35:27 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2011/04/13 13:35:27 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2011/04/13 13:35:27 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2011/04/13 13:35:27 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2011/04/13 13:35:27 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2011/04/13 13:35:27 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011/04/13 13:35:27 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2011/04/13 13:35:27 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe ========== Files Created - No Company Name ========== [2011/05/02 09:16:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/05/01 19:11:39 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2011/05/01 19:11:39 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011/05/01 19:11:39 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe [2011/05/01 19:11:39 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011/05/01 19:11:39 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011/05/01 19:08:12 | 004,334,469 | R--- | C] () -- C:\Users\Edward\Desktop\ComboFix.exe [2011/05/01 19:03:52 | 000,050,477 | ---- | C] () -- C:\Users\Edward\Desktop\Defogger.exe [2011/05/01 16:35:34 | 000,879,028 | ---- | C] () -- C:\Users\Edward\Desktop\SecurityCheck.exe [2011/05/01 16:35:13 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/04/30 16:25:21 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011/04/29 13:36:45 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/04/27 14:58:20 | 000,001,168 | ---- | C] () -- C:\Users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk [2011/04/26 21:07:07 | 000,020,602 | ---- | C] () -- C:\Users\Edward\Documents\FF7.aimppl [2011/04/26 14:38:09 | 000,001,278 | ---- | C] () -- C:\Users\Edward\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk [2011/04/26 09:57:28 | 000,173,052 | ---- | C] () -- C:\Users\Edward\Documents\cc_20110426_095725.reg [2011/04/26 07:36:05 | 000,021,598 | ---- | C] () -- C:\Windows\SysNative\oemlogo.bmp [2011/04/26 05:44:01 | 000,002,197 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk [2011/04/26 05:27:31 | 000,001,042 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Uninstall 5.lnk [2011/04/25 00:43:22 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2011/04/22 00:15:21 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll [2011/04/21 09:54:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2011/04/07 02:19:15 | 000,001,000 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta.lnk [2011/03/16 15:53:15 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL [2010/12/21 04:27:20 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010/10/27 16:07:54 | 000,000,132 | ---- | C] () -- C:\Users\Edward\AppData\Roaming\Adobe Targa Format CS5 Prefs [2010/10/14 02:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010/05/28 15:32:44 | 000,003,235 | ---- | C] () -- C:\Users\Edward\AppData\Local\Temp11.html [2010/05/22 19:56:53 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys [2010/05/18 11:44:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/05/17 22:58:14 | 000,000,315 | ---- | C] () -- C:\Windows\game.ini [2010/05/16 23:25:43 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI [2010/05/16 22:11:15 | 000,001,456 | ---- | C] () -- C:\Users\Edward\AppData\Local\Adobe Enregistrer pour le Web 12.0 Prefs [2010/05/15 11:27:41 | 000,005,925 | ---- | C] () -- C:\Users\Edward\AppData\Local\Temp14.html [2010/05/14 21:53:40 | 000,065,536 | R--- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe [2010/05/14 21:47:18 | 000,005,977 | ---- | C] () -- C:\Users\Edward\AppData\Local\Temp25.html [2010/05/14 21:04:38 | 000,000,778 | ---- | C] () -- C:\Users\Edward\AppData\Local\Temp1.html [2010/05/14 18:33:37 | 001,634,222 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/05/13 14:04:01 | 000,000,306 | ---- | C] () -- C:\Windows\lgfwup.ini [2010/05/13 00:08:05 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2010/05/13 00:08:04 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2010/05/13 00:07:56 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2010/05/13 00:07:56 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2010/05/13 00:07:52 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2010/05/12 23:38:31 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2010/05/12 22:33:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2009/08/27 09:04:12 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe [2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2002/09/18 01:45:00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2010/05/14 18:33:39 | 000,001,024 | ---- | M] () -- C:\.rnd [2009/07/14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr [2010/05/12 22:24:20 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2011/05/01 19:30:12 | 000,027,456 | ---- | M] () -- C:\ComboFix.txt [2010/05/14 21:53:52 | 000,000,199 | ---- | M] () -- C:\csb.log [2010/05/20 22:00:31 | 000,014,885 | ---- | M] () -- C:\LU4.log [2011/05/02 07:49:26 | 4293,386,240 | -HS- | M] () -- C:\pagefile.sys [2011/03/16 16:36:10 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET [2011/04/29 03:45:12 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2011/05/02 09:16:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2010/05/14 21:50:53 | 000,003,308 | ---- | M] () -- C:\RHDSetup.log [2011/04/26 06:04:56 | 000,000,291 | ---- | M] () -- C:\service.log < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\drivers\*.sys /90 > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > ========== Alternate Data Streams ========== @Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:010ADD2C < End of report > OTL Extras logfile created on: 02/05/2011 09:15:41 - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Edward\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 48,83 Gb Total Space | 16,37 Gb Free Space | 33,53% Space Free | Partition Type: NTFS Drive D: | 208,53 Gb Total Space | 45,86 Gb Free Space | 21,99% Space Free | Partition Type: NTFS Drive F: | 931,51 Gb Total Space | 804,79 Gb Free Space | 86,40% Space Free | Partition Type: NTFS Drive J: | 1863,01 Gb Total Space | 1051,47 Gb Free Space | 56,44% Space Free | Partition Type: NTFS Computer Name: EDWARD-PC | User Name: Edward | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [takeownership] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [takeownership] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518) "{0A3ED604-E1DD-4F50-9FF0-AACD8A66FA22}" = ESET Smart Security "{0C682623-8F66-46A8-B9B3-93FE1E66A001}" = iTunes "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer "{235B7B98-EAC3-4953-AE2C-EABCE1CD65C9}_is1" = GBoost "{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.5.0.2827 x64 "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{45CD67FD-3218-4207-A0A2-BC41245189E3}" = Microsoft Xbox 360 Accessories 1.2 "{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{503640E5-B2ED-3173-D109-D4D03153471A}" = AMD Drag and Drop Transcoding "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{7B475B52-8C5B-16F9-20A0-A01DCD1A6EF2}" = ATI AVIVO64 Codecs "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2010 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support "{A39AE3AE-9808-39D2-AB7B-FF5F0335095E}" = Microsoft .NET Framework 4 Extended FRA Language Pack "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{AE0D971F-5430-8874-B09E-3F1C76E2F8FF}" = WMV9/VC-1 Video Playback "{AE57C044-8912-A181-A0E4-BC2DAB3A092A}" = ATI Catalyst Install Manager "{B2C5B378-546F-75A7-7757-C1EAAFAF9E33}" = ccc-utility64 "{BBA7005D-8C56-FFD3-81AE-D0481829BC70}" = AMD Fuel "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit "CCleaner" = CCleaner "CPUID CPU-Z_is1" = CPUID CPU-Z 1.54 "CPUID HWMonitor_is1" = CPUID HWMonitor 1.15 "Creative PD0620" = Creative WebCam Instant Driver (2.00.04.0825) "CustoPackTools" = CustoPackTools "Defraggler" = Defraggler "KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v4.6.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA "Speccy" = Speccy "TeamSpeak 3 Client" = TeamSpeak 3 Client "WinRAR archiver" = Logiciel d'archivage WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{04077D50-954B-4365-84BF-02DE4702BA00}" = Alchemy Elixir "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.0904.1 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools "{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only) "{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011 "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 24 "{33899F97-411C-4759-BDAA-26ECAE715B9C}" = TuneUp Utilities Language Pack (fr-FR) "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Cinfigurer "{3CAC9760-14F6-4539-A75F-F240EC55FEE9}" = Ma-Config.com "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX "{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.0427.1 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B09.1008.1 "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI "{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8302}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8303}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000B8304}" = Grand Theft Auto IV "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = Mise à jour automatique du Firmware pour ODD LG "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{664D6E1D-2A6C-D54D-31A5-B6BC30CEB0C6}" = CCC Help English "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FB248E-690D-434F-94A7-248D5F1ECD70}" = AMD OverDrive "{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{7B0A8F0E-3672-4DA5-9540-A8D0171C38D8}" = TuneUp Utilities Language Pack (fr-FR) "{7B9F5775-8C8C-2A4E-0CAB-74EA7AF5CB09}" = ccc-core-static "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed Hot Pursuit "{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout Paradise The Ultimate Box "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA945C94-285E-DE48-A30F-70105C6580DE}" = Catalyst Control Center Graphics Previews Common "{AC76BA86-7AD7-1036-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Français "{B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1" = VirtualDubMOD 1.5.10.3 Fr "{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles "{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS Ver.2.06 "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}" = DarksidersInstaller "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CC29B835-95A5-3CD9-087B-F94D7B9ECC9B}" = Catalyst Control Center InstallProxy "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D4E5A687-797D-44B1-8F96-4FD7A24166A9}" = DEVIL MAY CRY 4 "{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1 "{E76FCE6B-9999-4250-8C75-B2DA4AD41268}" = Face_Wizard B10.0408.01 "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™ "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{ED4108A9-60FD-4F18-AF42-122219977773}" = Razer Naga "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Afterburner" = MSI Afterburner 1.5.1 "AIMP3" = AIMP3 "Audacity 1.3 Beta_is1" = Audacity 1.3.12 "CamStudio" = CamStudio "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "Cheat Engine 5.5_is1" = Cheat Engine 5.5 "DivX Setup.divx.com" = Configuration DivX "Downloader Qobuz" = Downloader Qobuz "FastStone Capture" = FastStone Capture 5.3 (French) "FileZilla Client" = FileZilla Client 3.4.0 "Fraps" = Fraps (remove only) "Free Text Pad" = Free Text Pad "Glary Utilities_is1" = Glary Utilities 2.33.0.1158 "HandBrake" = HandBrake 0.9.5 "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools "InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B10.0427.1 "InstallShield_{4E25C468-7745-4051-8B37-4A2C6635BA8B}" = Update Manager B09.1008.1 "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype "InstallShield_{D7A0A22A-C132-4B6F-8D68-67B95117DE93}" = RIFT "KLiteCodecPack_is1" = K-Lite Codec Pack 5.9.0 (Full) "Liveupdate4_is1" = Liveupdate4 "MagniDriver" = marvell 91xx driver "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Messenger Plus! Live" = Messenger Plus! Live "MKVtoolnix" = MKVtoolnix 4.7.0 "MSI Kombustor_is1" = MSI Kombustor v1.0.0 "OCCT_is1" = OCCT Perestroika 3.1.0 "OpenAL" = OpenAL "Opera 11.10.2048" = Opera 11.10 beta build 2048 "Opera 11.10.2092" = Opera 11.10 "Picasa 3" = Picasa 3 "PunkBusterSvc" = PunkBuster Services "Steam App 12210" = Grand Theft Auto IV "Steam App 12220" = Grand Theft Auto: Episodes from Liberty City "Steam App 50620" = Darksiders "Steam App 550" = Left 4 Dead 2 "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "Total Uninstall 5_is1" = Total Uninstall 5.9.3 "Transmission Remote" = Transmission Remote "TuneUp Utilities 2011" = TuneUp Utilities 2011 "uTorrent" = µTorrent "VirtualCloneDrive" = VirtualCloneDrive "VLC media player" = VLC media player 1.1.9 "Winamp" = Winamp "WinLiveSuite" = Windows Live "World of Warcraft" = World of Warcraft "ZHPDiag_is1" = ZHPDiag 1.27 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "090215de958f1060" = Curse Client "Google Chrome" = Google Chrome "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player "Winamp Detect" = Détection de l'application Winamp ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >

J'ai eu un pic d'utilisation mémoire juste avant de lancer tes nouvelles instructions. Voilà le log: ComboFix 11-04-30.06 - Edward 01/05/2011 19:13:10.1.4 - x64 Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.4094.1035 [GMT 2:00] Lancé depuis: c:\users\Edward\Desktop\ComboFix.exe AV: ESET Smart Security 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5} FW: Pare-feu personnel d'ESET *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE} SP: ESET Smart Security 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Un nouveau point de restauration a été créé . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\ntuser.dat c:\windows\system32\macromed\Flash\Flash10k.ocx c:\windows\system32\macromed\Flash\Flash10l.ocx c:\windows\system32\macromed\Flash\FlashInstall.log c:\windows\system32\macromed\Flash\flashplayer.xpt c:\windows\system32\macromed\Flash\FlashPlayerTrust\AdobeXMPFileInfoCS5.cfg c:\windows\system32\macromed\Flash\FlashUtil10l_ActiveX.dll c:\windows\system32\macromed\Flash\FlashUtil10l_ActiveX.exe c:\windows\system32\macromed\Flash\FlashUtil10p_Plugin.exe c:\windows\system32\macromed\Flash\NPSWF32.dll . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-04-01 au 2011-05-01 )))))))))))))))))))))))))))))))))))) . . 2011-05-01 15:47 . 2011-05-01 15:47 -------- d-----w- c:\users\Edward\AppData\Local\{48B43689-8499-457C-853A-91549C64F6DC} 2011-05-01 14:35 . 2011-05-01 14:35 -------- d-----w- c:\users\Edward\AppData\Roaming\Malwarebytes 2011-05-01 14:35 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-05-01 14:35 . 2011-05-01 14:35 -------- d-----w- c:\programdata\Malwarebytes 2011-05-01 14:35 . 2011-05-01 14:35 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2011-05-01 14:35 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-01 03:46 . 2011-05-01 03:47 -------- d-----w- c:\users\Edward\AppData\Local\{B4079414-E88B-495D-BF56-C9615E3FF241} 2011-04-30 06:58 . 2011-04-30 06:58 -------- d-----w- c:\users\Edward\AppData\Local\Criterion Games 2011-04-29 11:37 . 2011-04-29 11:37 -------- d-----w- c:\programdata\Ubisoft 2011-04-29 11:36 . 2011-04-29 11:36 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2011-04-29 11:36 . 2011-04-29 11:36 -------- d-----w- c:\users\Edward\AppData\Roaming\PunkBuster 2011-04-29 01:43 . 2011-04-29 01:45 -------- d-----w- c:\program files (x86)\ZHPDiag 2011-04-28 10:04 . 2011-04-28 10:04 -------- d-----w- c:\program files (x86)\ma-config.com 2011-04-28 10:04 . 2011-04-28 10:04 -------- d-----w- c:\programdata\ma-config.com 2011-04-28 07:54 . 2011-04-28 07:54 -------- d-----w- c:\program files (x86)\Aero Tuner 2011-04-27 15:34 . 2011-04-27 15:34 -------- d-----w- c:\users\Edward\AppData\Roaming\mkvtoolnix 2011-04-27 15:34 . 2011-04-27 15:34 -------- d-----w- c:\program files (x86)\MKVtoolnix 2011-04-27 14:03 . 2011-04-27 14:03 -------- d-----w- c:\program files (x86)\VirtualDubMOD 2011-04-27 12:56 . 2011-04-27 12:56 -------- d-----w- c:\users\Edward\AppData\Roaming\FastStone 2011-04-27 12:56 . 2011-04-27 12:56 -------- d-----w- c:\program files (x86)\FastStone Capture 2011-04-27 12:28 . 2011-04-28 07:53 -------- d-----w- c:\program files\Rainmeter 2011-04-26 12:33 . 2011-04-26 12:42 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2011-04-26 12:33 . 2011-04-26 12:39 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-04-26 03:44 . 2010-11-23 15:25 34624 ----a-w- c:\windows\system32\TURegOpt.exe 2011-04-26 03:44 . 2010-11-23 15:21 25920 ----a-w- c:\windows\system32\authuitu.dll 2011-04-26 03:44 . 2010-11-23 15:21 21312 ----a-w- c:\windows\SysWow64\authuitu.dll 2011-04-26 03:44 . 2010-11-23 15:21 36160 ----a-w- c:\windows\system32\uxtuneup.dll 2011-04-26 03:44 . 2010-11-23 15:21 29504 ----a-w- c:\windows\SysWow64\uxtuneup.dll 2011-04-26 03:43 . 2011-04-26 03:44 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2011 2011-04-26 03:43 . 2011-04-26 03:43 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} 2011-04-26 03:27 . 2011-04-26 03:27 -------- d-----w- c:\programdata\Martau 2011-04-26 03:27 . 2011-04-26 03:27 -------- d-----w- c:\program files (x86)\Total Uninstall 5 2011-04-26 02:21 . 2011-04-26 02:21 -------- d-----w- c:\users\Edward\AppData\Local\{F1AC0983-DF4C-4301-BD1D-AA56D55C5568} 2011-04-25 13:50 . 2011-04-25 13:50 -------- d-----w- c:\users\Edward\AppData\Local\{4A1E87C6-434A-4FDB-9C69-60BE832D50CB} 2011-04-24 22:54 . 2011-04-24 22:54 -------- d-----w- c:\programdata\Electronic Arts 2011-04-24 22:54 . 2011-04-24 22:54 -------- d-----w- c:\programdata\EA Core 2011-04-24 22:43 . 2010-12-29 01:45 74272 ----a-w- c:\windows\system32\RtNicProp64.dll 2011-04-24 22:43 . 2010-12-29 01:45 412776 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2011-04-23 04:24 . 2011-04-26 03:21 -------- d-----w- c:\program files\BOINC 2011-04-23 04:24 . 2011-04-26 02:21 -------- d-----w- c:\programdata\BOINC 2011-04-23 04:24 . 2011-04-23 04:24 -------- d-----w- c:\windows\Downloaded Installations 2011-04-21 22:15 . 2011-04-21 22:27 -------- d-----w- c:\program files (x86)\Cheat Engine 2011-04-21 22:15 . 2007-12-26 15:30 679936 ----a-w- c:\windows\SysWow64\D3DX81ab.dll 2011-04-21 22:15 . 2007-12-26 15:30 1970176 ----a-w- c:\windows\SysWow64\d3dx9.dll 2011-04-21 19:39 . 2011-05-01 06:13 -------- d-----w- c:\users\Edward\AppData\Local\CAPCOM 2011-04-21 17:37 . 2011-04-21 17:37 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2011-04-21 08:44 . 2011-04-21 08:44 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories 2011-04-19 03:30 . 2011-04-11 08:21 8802128 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{743020B9-F768-4C12-B758-39A4325002F1}\mpengine.dll 2011-04-18 11:28 . 2011-04-18 11:29 -------- d-----w- c:\users\Edward\AppData\Local\Rockstar Games 2011-04-16 12:15 . 2011-04-16 12:15 -------- d-----w- c:\users\Edward\AppData\Local\{0790F134-1B6D-4244-8BA8-0E548E90EDCA} 2011-04-16 00:15 . 2011-04-16 00:15 -------- d-----w- c:\users\Edward\AppData\Local\{8EE75337-B10C-4D5B-8DA4-F61DDCC2F076} 2011-04-15 12:14 . 2011-04-15 12:15 -------- d-----w- c:\users\Edward\AppData\Local\{1F5F1E81-5B06-4763-911B-A2CC1E6EAF2C} 2011-04-15 00:14 . 2011-04-15 00:14 -------- d-----w- c:\users\Edward\AppData\Local\{E533CB43-CA93-487C-81A9-9376A935411E} 2011-04-14 15:48 . 2011-04-14 15:48 -------- d-----w- c:\program files\Transmission Remote 2011-04-14 12:13 . 2011-04-14 12:14 -------- d-----w- c:\users\Edward\AppData\Local\{CF197E79-8B4A-45FE-B979-552198BF8E52} 2011-04-14 00:13 . 2011-04-14 00:13 -------- d-----w- c:\users\Edward\AppData\Local\{2B02EDD7-4744-41BE-9B73-723C53F999F2} 2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr 2011-04-13 20:46 . 2011-04-13 20:51 -------- d-----w- c:\program files (x86)\Aura 2011-04-13 14:18 . 2011-04-29 03:16 -------- d-----w- c:\users\Edward\AppData\Roaming\vlc 2011-04-13 07:44 . 2011-04-13 07:44 -------- d-----w- c:\users\Edward\AppData\Local\{48C1F504-3CD8-4A17-8AC4-1DF7B2FC3C76} 2011-04-13 04:12 . 2011-03-08 06:14 976896 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-12 19:43 . 2011-04-12 19:43 -------- d-----w- c:\users\Edward\AppData\Local\{42961CEB-E159-4114-8247-E77E6F2C9D60} 2011-04-12 07:43 . 2011-04-12 07:43 -------- d-----w- c:\users\Edward\AppData\Local\{A1BCA28A-8955-4A95-8CE9-506DF5B9C79A} 2011-04-11 19:42 . 2011-04-11 19:43 -------- d-----w- c:\users\Edward\AppData\Local\{5EFBB873-73EF-4D9E-A911-79651780C8BF} 2011-04-11 18:44 . 2011-04-21 22:13 -------- d-----w- c:\users\Edward\AppData\Roaming\.minecraft 2011-04-11 11:06 . 2011-04-15 18:20 -------- d-----w- c:\users\Edward\AppData\Roaming\RIFT 2011-04-11 07:42 . 2011-04-11 07:42 -------- d-----w- c:\users\Edward\AppData\Local\{D2690FE8-C4CA-4F45-910E-D3FEBCC5D3E2} 2011-04-10 19:41 . 2011-04-10 19:42 -------- d-----w- c:\users\Edward\AppData\Local\{506E6767-4A76-4BAB-BF5F-D1F6FA702504} 2011-04-10 07:41 . 2011-04-10 07:41 -------- d-----w- c:\users\Edward\AppData\Local\{BD0A9067-0151-4766-84AD-CB3B43EAEB6C} 2011-04-09 19:40 . 2011-04-09 19:41 -------- d-----w- c:\users\Edward\AppData\Local\{05E55B70-E11A-486E-9E4F-618A50489BE5} 2011-04-09 07:40 . 2011-04-09 07:40 -------- d-----w- c:\users\Edward\AppData\Local\{A53CBD7F-E1B2-4CE6-B3CD-06C3BD337672} 2011-04-08 19:40 . 2011-04-08 19:40 -------- d-----w- c:\users\Edward\AppData\Local\{0A8E679F-4212-4119-A6A6-225FBC872BFC} 2011-04-08 07:39 . 2011-04-08 07:39 -------- d-----w- c:\users\Edward\AppData\Local\{F2B98D48-6A50-4222-A436-BF3DB9FD5D37} 2011-04-07 19:39 . 2011-04-07 19:39 -------- d-----w- c:\users\Edward\AppData\Local\{03A39ACE-1C7B-44C3-99DD-448BCD24B815} 2011-04-07 07:38 . 2011-04-07 07:38 -------- d-----w- c:\users\Edward\AppData\Local\{337F9800-9614-48CB-BE1D-C1AAE1E823BA} 2011-04-07 00:19 . 2011-04-07 00:27 -------- d-----w- c:\users\Edward\AppData\Roaming\Audacity 2011-04-07 00:19 . 2011-04-07 00:19 -------- d-----w- c:\program files (x86)\Audacity 1.3 Beta 2011-04-06 19:38 . 2011-04-06 19:38 -------- d-----w- c:\users\Edward\AppData\Local\{6E2BFB79-109B-4414-8FE4-DDF45DEEC754} 2011-04-06 07:39 . 2011-04-06 07:39 -------- d-----w- c:\users\Edward\AppData\Local\{21511F99-4D3C-4B5A-8051-0C02B092FEF5} 2011-04-05 19:39 . 2011-04-05 19:39 -------- d-----w- c:\users\Edward\AppData\Local\{ADAC6C94-632D-4F73-9C86-AEB6B8BF5655} 2011-04-05 07:38 . 2011-04-05 07:38 -------- d-----w- c:\users\Edward\AppData\Local\{B0D6435D-212E-4BFA-A6DA-8427DAA7E56F} 2011-04-04 19:38 . 2011-04-04 19:38 -------- d-----w- c:\users\Edward\AppData\Local\{476E36A3-BFE1-4111-9431-B4B19744146F} . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-25 11:19 . 2010-05-23 17:37 25640 ----a-w- c:\windows\gdrv.sys 2011-03-29 18:00 . 2010-11-07 11:15 92672 ----a-w- c:\windows\system32\ff_vfw.dll 2011-03-09 03:45 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-03-02 10:43 . 2010-11-07 11:15 203264 ----a-w- c:\windows\system32\unrar.dll 2011-02-17 09:59 . 2011-02-17 09:59 428416 ----a-w- c:\windows\SysWow64\RzMwApi.dll 2011-02-17 02:36 . 2010-11-14 08:25 1863680 ----a-w- c:\windows\system32\explorerframe.dll 2011-02-17 02:36 . 2010-11-14 08:25 1863168 ----a-w- c:\windows\system32\explorerframe.dll.bkpcpt 2011-02-17 02:36 . 2010-11-14 08:25 1863168 ----a-w- c:\windows\system32\explorerframe.dll.0.oldcpt 2011-02-02 19:40 . 2010-05-12 20:22 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll . . ------- Sigcheck ------- . [7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [-] 2010-05-12 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll . [-] 2010-05-12 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll [7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll . [-] 2010-02-25 . 70A251A967B4CC6F6F4D06F943D0A8FD . 2425344 . . [6.1.7600.16385] .. c:\windows\explorer.exe [7] 2009-10-31 . B8EC4BD49CE8F6FC457721BFC210B67F . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [7] 2009-10-31 . 9AAAEC8DAC27AA17B053E6352AD233AE . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [7] 2009-08-03 . 700073016DAC1C3D2E7E2CE4223334B6 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [7] 2009-08-03 . F170B4A061C9E026437B193B4D571799 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe [7] 2009-07-14 . C235A51CB740E45FFA0EBFB9BAFCDA64 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160] "MSIAfterburner"="c:\program files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe" [2010-02-01 44344] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288] . c:\users\Edward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ FastStone Capture.lnk - c:\program files (x86)\FastStone Capture\FSCapture.exe [2007-2-23 1115136] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" "VMware hqtray"="c:\program files (x86)\VMware\VMware Player\hqtray.exe" "MSIAfterburner"="c:\program files (x86)\MSI Afterburner\MSIAfterburnerWrapper.exe" /s "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "LGODDFU"="c:\program files (x86)\lg_fwupdate\fwupdate.exe" blrun . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime "JMB36X IDE Setup"=c:\windows\RaidTool\xInsIDE.exe "K3805"="c:\program files (x86)\Alchemy Elixir\control.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AppleSyncNotifier"=c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "Razer Naga Driver"=c:\program files (x86)\Razer\Naga\RazerNagaSysTray.exe "NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2009-08-06 65536] R3 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] R3 AODDriver;AODDriver;c:\program files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [2009-02-22 14904] R3 AODDriver2;AODDriver2;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-04-23 52352] R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-08-30 15872] R3 etdrv;etdrv;c:\windows\etdrv.sys [2010-06-03 25640] R3 FLASHSYS;FLASHSYS;c:\program files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [2008-02-15 15192] R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2010-06-03 30528] R3 maconfservice;Ma-Config Service;c:\program files (x86)\ma-config.com\maconfservice.exe [2011-04-12 311744] R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [x] R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [2010-11-06 24176] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x] R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-26 354304] R4 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496] R4 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-04-23 136616] R4 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136] R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] R4 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-01-22 563760] S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys [x] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x] S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x64.sys [x] S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x] S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2010-04-07 810120] S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-11-23 1974080] S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x] S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 P0620VID;Creative WebCam Instant;c:\windows\system32\DRIVERS\P0620Vid.sys [x] S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys [2010-02-01 14648] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [x] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856] S3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [x] . . Contenu du dossier 'Tâches planifiées' . 2011-05-01 c:\windows\Tasks\GlaryInitialize.job - c:\program files (x86)\Glary Utilities\initialize.exe [2010-05-16 16:24] . 2011-04-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-298173471-2318884327-37262993-1001Core.job - c:\users\Edward\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-12 19:39] . 2011-04-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-298173471-2318884327-37262993-1001UA.job - c:\users\Edward\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-12 19:39] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-04-07 2839840] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = https://mail.google....l/?shva=1#inbox mLocal Page = c:\windows\SysWOW64\blank.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporter vers Microsoft Excel - f:\progra~1\Office14\EXCEL.EXE/3000 IE: Liens de téléchargement avec Mega Manager... - c:\program files (x86)\Megaupload\Mega Manager\mm_file.htm IE: {{5DE316A0-7613-4D69-B647-D3C8B9E7026C} - c:\program files (x86)\FreshDevices\FreshDownload\fd.exe LSP: c:\program files (x86)\VMware\VMware Player\vsocklib.dll TCP: {9CD156DF-1EDB-4A87-ADBC-A744FDBF4502} = 192.168.1.1,8.8.4.4 . - - - - ORPHELINS SUPPRIMES - - - - . AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-World of Logs Client - c:\windows\system32\javaws.exe . . . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-298173471-2318884327-37262993-1001\Software\SecuROM\License information*] "datasecu"=hex:c6,fb,8b,0a,27,5c,e0,bf,19,04,85,06,5e,a1,ae,75,65,c1,bc,6e,a9, 1c,67,ad,40,9d,9f,02,e6,13,3c,e4,44,f8,ee,cd,ed,4a,84,c9,3c,6a,bd,2e,6f,20,\ "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_10_2_161_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_10_2_161_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Heure de fin: 2011-05-01 19:30:11 ComboFix-quarantined-files.txt 2011-05-01 17:30 . Avant-CF: 17 951 784 960 octets libres Après-CF: 17 696 460 800 octets libres . - - End Of File - - 0DB5048D5DCF82E1C8CBB32474C8AE8F

Bonjour lance-yien et merci de t'occuper de moi. ---------------------------------------------------------------------------------------------- Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 6483 Windows 6.1.7600 Internet Explorer 9.0.8112.16421 01/05/2011 16:39:06 mbam-log-2011-05-01 (16-39-06).txt Type d'examen: Examen rapide Elément(s) analysé(s): 152322 Temps écoulé: 2 minute(s), 0 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\itunes.exe (Security.Hijack) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\Windows\System32\explorer.exe.bkpcpt (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. c:\Windows\SysWOW64\explorer.exe.bkpcpt (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. Results of screen317's Security Check version 0.99.7 Windows 7 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: MVPS Hosts File Malwarebytes' Anti-Malware TuneUp Utilities 2011 TuneUp Utilities Language Pack (fr-FR) Java™ 6 Update 24 Out of date Java installed! Adobe Flash Player 10.2.159.1 Adobe Reader X (10.0.1) - Français ```````````````````````````````` Process Check: objlist.exe by Laurent ``````````End of Log````````````

Bonjour, Merci beaucoup de l'aide fournie Tonton.

Bonjour, Suite à un message dans une autre partie du forum pour demander de l'aide sur des pics de consommation de la ram, Tonton57 m'a suggéré de faire un ZHPdiag, et à la vue des résultats m'a redirigé vers cette partie du forum. Mon sujet initial. Résultat du ZHPdiag. Pour résumer, la mémoire de mon pc est utilisée de façon aléatoire jusqu'à 95/96% de sa capacité alors que rien dans le gestionnaire de tâche ne le laisse présager. Aucun process n'appairait comme gourmand mais la mémoire occupé est bien de 95/96%. Le problème se résout de lui même au bout de quelques minutes ou si je tue le process explorer.exe et que je le relance. J'ai fait une analyse complète via Smart security ainsi qu'un coup de ccleaner et une recherche de malware via spybot mais tout semble normal. Tonton57 m'a orienté ici car mon ZHPdiag contient vraisemblablement des infections et fait ressortir quelques problèmes. Merci par avance de l'aide apporté. Cdlt.

Bonsoir Tonton, Merci d'avoir pris le temps de me répondre. J'ai bien suivi les étapes décrites dans ton message et je fais parvenir le fichier résultant de l'analyse. ZHPdiag Cdlt.

Bonjour, Depuis quelques jours et de façon aléatoire, l'utilisation mémoire de mon pc monte à 95/96% pendant quelques minutes sans crier gare puis redescend. J'ai cherché ce qui pouvait provoquer cette monté d'occupation de rame en ouvrant le gestionnaire de tâche lorsque le phénomène se manifeste mais rien de vraiment extraordinaire n'en ressort. J'entend par là qu'aucun process ne semble trop gourmand, enfin, pas de là à monopoliser 3 gigots. J'ai pris l'habitude de tuer "explorer.exe" quand ça arrive, apparement c'est lié à lui, bien que la plupart du temps il utilise une plage correcte de mémoire, mais j'aimerais bien ne plus avoir à le faire. J'ai fais une recherche mais rien de vraiment probant n'apparaît, on notifie souvent un problème presque identique mais sans y apporter de solution. J'ai fait un coup de ccleaner, de spybot et une recherche de virus approfondie via eset smart security mais rien n'en ressort, le pc semble propre. Je vous fais tout de même parvenir une capture d'écran. Merci par avance de l'aide qui pourrait m'être apporter et du temps que je vous vole. Cdlt.

Bonjour, Je me permet de remonter le sujet afin d'obtenir des avis et conseils. Une alimentation 300W à l'air assez juste apparemment... Mais je n'ai pas le budget pour changer et l'alim et la carte... y'a t'il possibilité toute fois detrouver une care graphique utilisable sur ce type d'alimentation ? Deplus, y'a t'il des trucs à savoir pour optimiser la consommation du pc, comme n'utiliser qu'un écran au lieu de deux, ne rien brancher dessus comme périphérique. Avant que la carte me lâche, j'avais pour habitude d'utiliser deux écrans et d'avoir connecté en permanence sur le pc mon ipod, une clé usb lamba, une webcam et un récepteur infrarouge pour télécommande. L'utilisation d'un seul écran et ne laisser que la webcam comme périphérique permettrait-il d'avoir une consommation vraiment réduite ? Je vous remercie par avance de vos conseils.

Bonjour à tous, Après quelques déboires de carte graphique (voir ce thread) je passe demander conseil pour l'acquisition d'une nouvelle carte graphique. Pour résumer rapidement mon pc: Carte mère SMBios version 2.4 ASUSTek Computer INC. Basswood 1.01 Bios: Phoenix Technologies, LTD 3.08 09/18/2006 taille: 1024Kb Chipset Northbridge: Intel P965/G965 Southbridge: Intel 82801HH (ICH8DH) Processeur Intel Core 2 Duo E6300 Conroe Socket 775 LGA (@65 nm) 1866 Mhz ( L1I: 2 x 32 Ko, L1D: 2 x 32 Ko, L2: 2048 Ko ) Mémoire Mémoire physique totale: 2048 Mo, Type: DDR2, @333.3MHz, 5.0-5-5-13-2T DDR2 Samsung M3 78T6553CZ3-CE6 512 Mo PC2-5300 (333 Mhz) (5.0-5-5-13) DDR2 Samsung M3 78T6553CZ3-CE6 512 Mo PC2-5300 (333 Mhz) (5.0-5-5-13) DDR2 Samsung M3 78T6553CZ3-CE6 512 Mo PC2-5300 (333 Mhz) (5.0-5-5-13) DDR2 Samsung M3 78T6553CZ3-CE6 512 Mo PC2-5300 (333 Mhz) (5.0-5-5-13) Carte Graphique nVidia Corporation G72 [GeForce 7500 LE] (256 Mo) Péripheriques IDE MAXTOR STM3250310AS 3.AAC (SATA, 232.89 Go, tampon: 8 Mo) Lecteurs CD/DVD HL-DT-STDVDRRW GSA-H30L S544 (DVD-RAM Recorder) J'utilise principalement le pc pour internet, vidéo, musique, pao et jouer. Je joue principalement à World of Warcraft. J'aimerais si possible une carte permettant donc de faire tout cela dans les meilleurs conditions et qualité (voire tester les prochains MMO plus gourmands que Wow) à bas prix qui plus est, 70 euro max, mais moins cher serait vraiment bienvenu. (exigence et pas de sous ^^") Je joue en 1440x900. Si possible j'aimerais pouvoir mettre tous les détails graphiques au maximums à part l'antialiasing dont je me fous un peu. Niveau proc et ram c'est un peu modeste je conviens, mais y a t'il possibilité de faire quelque chose de bien en changeant juste la carte graphique ? Mon alimentation à l'air d'être une 300W (HP MédiaCenter datant de 2007 seul le disque dur a été changé entre temps). Et autant vous le dire de suite, il n'y a pas beaucoup de place dans ma tour. Tout est compacté, je n'ai accès pratiquement qu'à la carte graphique. Je me suis un peu renseigné et je suis tombé sur cette carte. Dans la tranche la plus élevé de prix que je puisse mettre. Sinon l'ATI Radeon – Asus Extreme EAH4550 DI/512MD3 et bien plus dans mes moyens ou encore celle-ci. Mais je ne sais pas ce qui est exigé comme configuration à coté pour fonctionner correctement, si l'alimentation est suffisante et si ça me permettrait de combler mes attentes. Je vous remercie par avance de l'aide apportée.

En tout cas merci de l'aide apportée. Je vais effectivement récupérer quelques info de mon pc et faire un petit tour dans la rubrique conseil pour le matériel. Pour info, les barres bleues ou jaunes (selon l'heure sans doute ;p) persiste maintenant après reboot et le carte est reconnu comme carte vga de base.

Bonsoir, Je viens avec une très grosse nouveauté. Comme conseillé sur le forum de wow partie technique, j'ai tenté de lancer le jeu avec une option désactivant certaines améliorations apportées par les cartes graphiques. Outre une perte de fps monstre, le problème s'est représenté et a figé mon ordinateur de façon totale. Aucun signal vidéo sur les écrans (ce genre de freeze était déjà arrivé). Je profite de ce freeze totale pour insérer mon cd de windows cp, tout prçt a le réinstaller et là un écran bleu apparait avec des colonnes de couleur magenta... L'ordinateur reboot seul et sur la page d'initialisation pas mal de "bordel" en vue. Des lettres manquantes, des couleurs qui ne devraient pas y être et un des écrans qui n'affiche rien. J'ai donc coupé l'alimentation, retiré la carte graphique (et dieu que c'est dur dans des tours HP sans aucun espace) pour la nettoyer en profondeur. Je retire la poussière accumulé dans le ventilo, souffle un peu et m'assure qu'elle soit bien propre, je la ré-enfiche. Je n'ai par contre connecté qu'un écran sur la prise de base. Je relance et le problème graphique n'est plus là. Je suis venu poster avant de tester en jeu voir si celà a changé ou pas le problème. A noter que je suis passé à 59/60 de température du gpu. (Mes premières conclusion face à ce problème de couleur et bande serait que la carte soit vraiment en bout de course, mais je n'y connais rien dans ce domaine, j'aimerais me tromper...) Je vais de ce pas tester sur wow. Edition: Test effectué sur Wow. Plantage après 15 secondes passé sur le page d'identification. (Avant il fallait être en jeu pour que le plantage apparaisse) Freeze total du pc, reboot forcé donc. Et maintenant j'ai de belles barres bleues sur toutes l'écran (on dirait un costume de bagnard). Je dois être approximativement en 3 couleurs. C'est donc bel et bien un problème de carte graphique ?

Merci des réponses, je vais essayer de répondre à toutes. Alors, je suis actuellement sous Seven en ayant fait une installation propre, donc formatage de la partition qui contenait Vista. Ma carte n'est pas overclockée. Ses fréquences sont celles de base 550 pour le core et 800 pour la ram. Par contre, en underclockant à 450 pour le core et 540 pour la ram le problème se présente toujours. Pour la propreté, oui elle l'est, dépoussiérée et le panneau est ouvert. Pour les témpératures, 65 en repos (sous windows aero) et monte jusque 90/92 en jeu. Je vais donc teste en désactivant aéro, et si le problème persiste, j'installe xp et teste avec. Je vous tiens au courant, et encore merci des pistes apportées. Edition: Aero désactivé, le problème se représente.

Non je ne peux pas. Je pense à installer xp sur une partition pour voir si le problème migrera aussi.

Merci de ta réponse Christine33, Je vais essayer cette option. Mais j'ai bien peur que ce ne soit pas la solution étant donné que le problème a migré en passant sur Seven en ayant fait une nouvelle installation. Je teste tout de même et vous tiens au courant. Edition: Comme conseillé par Christine33 j'ai fais une reinstallation propre des derniers drivers et le problème persiste.

Merci encore de ta réponse Popup, Si je comprend bien, il me suffirait donc d'utiliser la clé "TDR_DEBUG_MODE_IGNORE_TIMEOUT" pour que le problème ne se pose plus. J'ai bien envie de tester, par contre j'ai peur de faire une connerie en touchant au registre. Je ne suis pas du tout certain de comment mettre ces clées dans le registre. HKLM\System\CurrentControlSet\Control\GraphicsDrivers se présente comme ça pour ma part: DxgKrnlVersion REG_DWORD 0x00002006 (8197) TdrDelay REG_DWORD 0x0000003c (60) Je devrais donc rajouter si je ne me trompe pas TdrDebugMode REG_WORD *et là je bloque* Dois-je simplement mettre "1" comme valeur ? Ce qui donnerait TdrDebugMode REG_WORD (1) Edition: J'ai rajouté cette valeur dans le registre TdrLevel REG_DWORD 0x00000000 (0) Mais le problème persiste. Dois-je aussi mettre la clé... TdrDebugMode REG_DWORD 1 ...pour ne plus avoir ce problème ? Edition2: J'ai donc testé la clé TdrDebugMode sur 1, mais rien ne change, le problème est toujours là. D'ailleurs j'ai l'impression que les nouvelles valeurs ne change rien du tout, que ce soit en bien ou en mal, je crois qu'elles sont juste sans effet. Est-ce risqué de faire cette manipulation ? Deplus je ne comprend toujours pas pourquoi le pilote est relancé ainsi depuis quelques jours et que cela persiste en ayant changé d'OS alors que ça ne le faisait pas avant.

Merci pour ta réponse Popup, Comme tu me l'as conseillé, je suis allé faire un tour dans l'observateur d'événements et j'ai trouvé cette cause: Nom du journal :System Source : Display Date : 30/08/2009 02:37:47 ID de l’événement :4101 Catégorie de la tâche :Aucun Niveau : Avertissement Mots clés : Classique Utilisateur : N/A Ordinateur : Edward-PC Description : Le pilote d’affichage nvlddmkm ne répondait plus. Sur le site de Microsoft, il est dit que lorsque que le gpu met trop de temps à exécuter une tache, celui ci est relancé. C'est certainement ce qui m'arrive, mais j'aimerais savoir pourquoi ça ne le faisait pas avant et que maintenant c'est récurent plusieurs fois par jour. :/ Est-ce possible que la carte soit morte, ou en tout cas en bout de course ? Serait-ce un autre problème ? J'ai installé Everest et je vois que la température de mon gpu est à 63 au repos (sous windows) et que ça peut monter jusque 92 en jeu. Est-ce des températures "normales" ?

Bonjour, Depuis quelques jours maintenant lorsque je joue à World of Warcraft mon écran devient noir, scintille et réapparait (parfois non), une icone dans la barre des tâches me signale alors que "Le pilote d'affichage ne fonctionnait plus et a été récupéré.". Ce problème arrive après une minute (environ) passé en jeu et continue de façon aléatoire, tant que je suis connecté, à se produire. J'étais sous Windows vista, je suis passé sous Seven pour voir si le problème persisté (d'après des gens, passer sous Seven faisait disparaitre le problème) et il persiste. J'ai cherché un peu sur internet une façon de résoudre le problème. J'ai donc tenté plusieurs drivers, décompresser moi même le fichier sys en cause, underclocker avec Rivatuner, et enfin changé d'os mais rien n'y fait. Le pilote continue toujours de planter. Je ne joue qu'à World of Warcraft, et n'avais jamais eu de problème similaire. C'est apparu comme ça d'un seul coup. Je me demande donc s'il était possible que ce soit la carte graphique qui pousse ses derniers soupires. :/ Voici un résumé de ma configuration: Version du plugin 3.5.1 build 0 Version de la base 10 Date de la détection 29/08/2009 23:11 Nom de la machine Edward-PC Système d'exploitation Windows 7 Edition Intégrale (build 7100) Navigateur web par défaut: Google Chrome Client e-mail par défaut: Carte mère SMBios version 2.4 ASUSTek Computer INC. Basswood 1.01 Bios: Phoenix Technologies, LTD 3.08 09/18/2006 taille: 1024Kb Chipset Northbridge: Intel P965/G965 Southbridge: Intel 82801HH (ICH8DH) Processeur Intel Core 2 Duo E6300 Conroe Socket 775 LGA (@65 nm) 1866 Mhz ( L1I: 2 x 32 Ko, L1D: 2 x 32 Ko, L2: 2048 Ko ) Mémoire Mémoire physique totale: 2048 Mo, Type: DDR2, @333.3MHz, 5.0-5-5-13-2T DDR2 Samsung M3 78T6553CZ3-CE6 512 Mo PC2-5300 (333 Mhz) (5.0-5-5-13) DDR2 Samsung M3 78T6553CZ3-CE6 512 Mo PC2-5300 (333 Mhz) (5.0-5-5-13) DDR2 Samsung M3 78T6553CZ3-CE6 512 Mo PC2-5300 (333 Mhz) (5.0-5-5-13) DDR2 Samsung M3 78T6553CZ3-CE6 512 Mo PC2-5300 (333 Mhz) (5.0-5-5-13) Carte Graphique nVidia Corporation G72 [GeForce 7500 LE] (256 Mo) Péripheriques IDE MAXTOR STM3250310AS 3.AAC (SATA, 232.89 Go, tampon: 8 Mo) Lecteurs CD/DVD HL-DT-STDVDRRW GSA-H30L S544 (DVD-RAM Recorder) Disque dur Generic USB SD Reader USB Device (232.88Go) Generic USB SM Reader USB Device HP Photosmart 2570 USB Device MAXTOR STM3250310AS Generic USB CF Reader USB Device Generic USB MS Reader USB Device Cartes PCI/AGP Stockage Intel Corporation:82801 SATA RAID Controller Réseau Intel Corporation:82562V 10/100 Network Connection Atheros Communications Inc.:AR5413 802.11abg NIC Affichage nVidia Corporation:G72 [GeForce 7500 LE] Multimedia Intel Corporation:82801H (ICH8 Family) HD Audio Controller Philips Semiconductors:SAA7131/SAA7133/SAA7135 Video Broadcast Decoder Ponts Intel Corporation:82P965/G965 Memory Controller Hub Intel Corporation:82P965/G965 PCI Express Root Port: 82P965/G965 PCI Express Root Port Intel Corporation:82801H (ICH8 Family) PCI Express Port 1: 82801H (ICH8 Family) PCI Express Port 1 Intel Corporation:82801 PCI Bridge: 82801 PCI Bridge Intel Corporation:82801HH (ICH8DH) LPC Interface Controller Bus Series Intel Corporation:82801H (ICH8 Family) USB UHCI Controller #4 Intel Corporation:82801H (ICH8 Family) USB UHCI Controller #5 Intel Corporation:82801H (ICH8 Family) USB2 EHCI Controller #2 Intel Corporation:82801H (ICH8 Family) USB UHCI Controller #1 Intel Corporation:82801H (ICH8 Family) USB UHCI Controller #2 Intel Corporation:82801H (ICH8 Family) USB UHCI Controller #3 Intel Corporation:82801H (ICH8 Family) USB2 EHCI Controller #1 Intel Corporation:82801H (ICH8 Family) SMBus Controller Agere Systems:FW322/323 Périphérique USB Hewlett-Packard PhotoSmart 2570 series (Périphérique USB composite) Hewlett-Packard PhotoSmart 2570 series (HP Photosmart 2570) Hewlett-Packard PhotoSmart 2570 series (Prise en charge dimpression USB) Hewlett-Packard PhotoSmart 2570 series (HP Photosmart 2570 Series (DOT4USB)) Hewlett-Packard PhotoSmart 2570 series (Périphérique de stockage de masse USB) Creative Technology, Ltd Webcam Instant (Creative WebCam Instant) Alcor Micro Corp. Hi-Speed 21-in-1 Flash Card Reader/Writer (Internal/External) (Périphérique de stockage de masse USB) Clavier Clavier standard PS/2 Souris Souris compatible PS/2 Ecran(s) Moniteur Plug-and-Play générique(Hewlett Packard HP w19b/w19e) Moniteur Plug-and-Play générique(COMPAQ Computer Corp. COMPAQ FP7317)