Aller au contenu

zool62

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    87

  • Inscription

  • Dernière visite

Tout ce qui a été posté par zool62

  1. zool62

    zool62

    zool62 a répondu à un(e) sujet de zool62 dans Sécurisation, prévention

    OTL logfile created on: 20/07/2010 12:14:34 - Run 3 OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\zooleric\Desktop Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 69,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 288,76 Gb Total Space | 139,89 Gb Free Space | 48,44% Space Free | Partition Type: NTFS Drive D: | 9,33 Gb Total Space | 1,62 Gb Free Space | 17,40% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PC-DE-ZOOLERIC Current User Name: zooleric Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2010/07/20 10:47:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\zooleric\Desktop\OTL.exe PRC - [2010/07/01 21:34:46 | 000,129,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtblfs.exe PRC - [2010/06/27 17:24:53 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe PRC - [2010/06/27 17:24:52 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010/03/23 14:53:06 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe PRC - [2010/03/23 14:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe PRC - [2009/11/12 10:30:32 | 000,486,216 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe PRC - [2009/11/12 10:28:40 | 001,021,256 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe PRC - [2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009/10/05 13:05:24 | 000,080,456 | ---- | M] (Online Media Technologies Ltd.) -- C:\Program Files\AVS4YOU\AVSFirewall\AVSFirewallService.exe PRC - [2009/09/26 01:30:56 | 001,488,128 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodag.exe PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009/03/02 18:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe PRC - [2008/04/27 22:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe PRC - [2008/04/26 01:15:26 | 000,361,808 | ---- | M] () -- C:\Windows\SMINST\BLService.exe PRC - [2008/03/12 19:24:52 | 000,699,456 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe PRC - [2008/03/12 19:24:52 | 000,302,144 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe PRC - [2007/07/12 12:43:50 | 000,226,904 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe ========== Modules (SafeList) ========== MOD - [2010/07/20 10:47:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\zooleric\Desktop\OTL.exe MOD - [2009/07/14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009/07/14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009/07/14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009/07/14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009/07/14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009/07/14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009/07/14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009/07/14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009/07/14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll MOD - [2008/03/12 19:24:50 | 000,461,888 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpoFeedb.dll ========== Win32 Services (SafeList) ========== SRV - [2010/07/01 21:39:08 | 000,357,096 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP) SRV - [2010/06/27 14:39:21 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) SRV - [2010/06/27 12:01:29 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010/03/23 14:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe -- (STacSV) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/11/12 10:28:40 | 001,021,256 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2009/11/12 10:25:24 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp) SRV - [2009/10/05 13:05:24 | 000,080,456 | ---- | M] (Online Media Technologies Ltd.) [Auto | Running] -- C:\Program Files\AVS4YOU\AVSFirewall\AVSFirewallService.exe -- (AVSFirewallService) SRV - [2009/09/26 01:30:56 | 001,488,128 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (O&O Defrag) SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2009/07/14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009/07/14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009/07/14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009/07/14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009/07/14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009/07/14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009/07/14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009/07/14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009/07/14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2009/07/14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009/07/14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/07/14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009/07/14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009/07/14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009/07/14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Programme d’installation ActiveX (AxInstSV) SRV - [2009/07/14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009/07/14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2009/03/02 18:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe -- (AESTFilters) SRV - [2008/04/27 22:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService) SRV - [2008/04/26 01:15:26 | 000,361,808 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008/03/12 19:24:52 | 000,302,144 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2008/02/03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Stopped] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc) ========== Driver Services (SafeList) ========== DRV - [2010/06/28 16:08:30 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2010/06/28 16:08:28 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2010/06/22 19:23:54 | 000,495,192 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF) DRV - [2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2) DRV - [2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1) DRV - [2010/04/22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6) DRV - [2010/03/23 14:53:06 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA) DRV - [2009/12/11 09:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009/11/11 17:26:54 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\point32k.sys -- (Point32) DRV - [2009/11/02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009/10/05 13:05:26 | 000,024,648 | ---- | M] (Online Media Technologies Ltd.) [Kernel | System | Running] -- C:\Program Files\AVS4YOU\AVSFirewall\AVSTDIFilterDrv.sys -- (AVSTDIFilterDrv) DRV - [2009/10/05 13:05:26 | 000,023,624 | ---- | M] (Online Media Technologies Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVSNDISIMDriver.sys -- (AVSNDISIMMP) DRV - [2009/10/05 13:05:26 | 000,023,624 | ---- | M] (Online Media Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVSNDISIMDriver.sys -- (AVSNDISIM) DRV - [2009/10/05 13:05:26 | 000,017,992 | ---- | M] (Online Media Technologies Ltd.) [Kernel | System | Running] -- C:\Program Files\AVS4YOU\AVSFirewall\AVSRegMonDrv.sys -- (AVSRegMonDrv) DRV - [2009/10/03 06:02:06 | 009,905,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009/07/14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009/07/14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009/07/14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009/07/14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009/07/14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009/07/14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009/07/14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009/07/14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009/07/14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009/07/14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009/07/14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009/07/14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009/07/14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009/07/14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009/07/14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009/07/14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009/07/14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009/07/14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009/07/14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009/07/14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009/07/14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009/07/14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009/07/14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009/07/14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009/07/14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009/07/14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009/07/14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009/07/14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009/07/14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009/07/14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009/07/14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009/07/14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009/07/14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009/07/14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009/07/14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009/07/14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009/07/14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009/07/14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009/07/14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009/07/14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus) DRV - [2009/07/14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009/07/14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009/07/14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009/07/14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009/07/14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009/07/14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci) DRV - [2009/07/14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass) DRV - [2009/07/14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009/07/14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009/07/14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2009/07/14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID) DRV - [2009/07/14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009/07/14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009/07/14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt) DRV - [2009/07/14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009/07/14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM) DRV - [2009/07/14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009/07/14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009/07/14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009/07/14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009/07/14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009/07/14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Pilote de carte de liaison WiFi sans fil Intel® DRV - [2009/07/14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009/07/14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009/07/14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2008/07/08 12:16:26 | 000,096,856 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR) DRV - [2008/05/24 21:09:10 | 000,073,728 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive) DRV - [2008/05/14 04:09:00 | 000,043,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2008/05/02 15:59:40 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2008/04/27 22:27:10 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x) DRV - [2008/03/27 12:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Stopped] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV - [2008/03/27 12:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer) DRV - [2008/01/24 15:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir) DRV - [2008/01/18 13:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=Pavilion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=Pavilion&pf=cnnb IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Orange : téléphones, forfaits mobiles, Internet, actualité, sport, video IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 57 C3 81 06 8A 1B CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http= ========== FireFox ========== FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.orange.fr" FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.0.232 FF - prefs.js..keyword.URL: "http://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=" FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/06/30 23:01:10 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/02 15:39:25 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/17 19:28:54 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\THBExt [2010/07/14 18:58:31 | 000,000,000 | ---D | M] [2010/06/26 14:53:43 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\mozilla\Extensions [2010/07/17 19:41:27 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\mozilla\Firefox\Profiles\07otfz62.default\extensions [2010/06/30 22:53:21 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\mozilla\Firefox\Profiles\07otfz62.default\extensions\menu_contextuel_orange@orange.fr [2010/07/02 15:40:37 | 000,001,819 | ---- | M] () -- C:\Users\zooleric\AppData\Roaming\Mozilla\FireFox\Profiles\07otfz62.default\searchplugins\bing.xml [2010/07/19 14:55:41 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2010/07/09 22:00:52 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru [2010/06/12 03:05:49 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2010/06/12 03:05:49 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/06/12 03:05:49 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2010/06/12 03:05:49 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/06/12 03:05:49 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [AVSFirewall] C:\Program Files\AVS4YOU\AVSFirewall\AVSFirewall.exe (Online Media Technologies Ltd.) O4 - HKLM..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe (DigitalPersona, Inc.) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [uCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKCU..\Run: [iSUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 24 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm () O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab ZAO) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Silhouette.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Silhouette.jpg O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (OODBS) - C:\Windows\System32\OODBS.exe (O&O Software GmbH) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/07/20 10:50:52 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Desktop\gmer [2010/07/20 10:50:20 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\zooleric\Desktop\OTL.exe [2010/07/17 20:10:57 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C} [2010/07/17 17:21:00 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Adobe [2010/07/14 18:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2010/07/14 18:20:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2010/07/14 18:19:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files [2010/07/14 17:10:59 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2010/07/14 16:45:19 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Windows Live Writer [2010/07/14 16:45:15 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Windows Live Writer [2010/07/09 21:12:06 | 000,061,512 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys [2010/07/09 21:12:05 | 000,033,480 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys [2010/07/09 21:11:58 | 000,040,904 | ---- | C] (G DATA Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys [2010/07/09 21:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA [2010/07/09 21:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\G Data [2010/07/09 21:09:32 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Downloaded Installations [2010/07/09 17:04:04 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Documents\ProcessExplorer [2010/07/09 14:16:39 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\AutoHideIP [2010/07/09 14:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\AutoHideIP [2010/07/06 19:40:40 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Spy Emergency [2010/07/06 19:40:31 | 000,000,000 | ---D | C] -- C:\ProgramData\NETGATE [2010/07/06 19:24:45 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\GlarySoft [2010/07/06 19:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities [2010/07/05 14:22:38 | 000,000,000 | ---D | C] -- C:\Program Files\Vidal [2010/07/04 19:52:29 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\VitySoft [2010/07/04 19:51:55 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Documents\FreeRAPID-0.83U1 [2010/07/04 16:28:47 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Documents\IDM5.19.3.1_Port [2010/07/04 15:47:34 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Documents\SoftMaker [2010/07/04 15:47:34 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\SoftMaker [2010/07/04 15:47:34 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo [2010/07/04 14:32:13 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\DMCache [2010/07/02 17:27:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\oodag [2010/07/02 17:23:28 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\O&O [2010/07/02 17:22:26 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software [2010/07/02 15:32:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2010/07/02 15:31:33 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive [2010/07/02 15:31:15 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2010/07/01 21:35:12 | 000,228,024 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\klogon.dll [2010/07/01 17:12:35 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Documents\hwmonitor_hwmonitor_1.16_portable_32_bits_anglais_192642 [2010/07/01 15:38:54 | 001,003,008 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\System32\libeay32.dll [2010/07/01 00:40:58 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\dvdcss [2010/06/30 23:11:41 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Tracing [2010/06/30 23:03:14 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2010/06/30 23:03:14 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2010/06/30 23:03:14 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2010/06/30 23:01:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010/06/30 23:01:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft [2010/06/30 23:00:45 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2010/06/30 23:00:45 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL [2010/06/30 23:00:45 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2010/06/30 22:59:34 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Windows Live [2010/06/30 22:39:20 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Orange [2010/06/30 22:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2010/06/30 20:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2010/06/30 20:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared [2010/06/30 19:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2010/06/30 19:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010/06/30 18:25:57 | 000,305,664 | ---- | C] (Inekman) -- C:\Users\zooleric\Documents\Xtremsplit.exe [2010/06/30 16:09:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2010/06/30 16:02:47 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2010/06/29 19:54:46 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2010/06/29 19:54:46 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2010/06/29 19:54:45 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2010/06/29 19:54:45 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2010/06/29 19:54:45 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2010/06/29 19:54:45 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2010/06/29 19:54:45 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2010/06/29 19:54:45 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2010/06/29 19:54:44 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2010/06/29 19:54:44 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2010/06/29 19:54:44 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2010/06/29 19:54:44 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2010/06/29 19:54:44 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2010/06/29 19:54:44 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2010/06/29 19:54:44 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2010/06/29 19:54:43 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2010/06/29 19:54:43 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2010/06/29 19:54:43 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2010/06/29 19:54:43 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2010/06/29 19:54:43 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2010/06/29 19:54:43 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2010/06/29 19:54:42 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2010/06/29 19:54:42 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2010/06/29 19:06:56 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2010/06/29 19:06:56 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2010/06/29 19:06:56 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2010/06/29 19:06:56 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2010/06/29 19:06:55 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2010/06/29 19:06:55 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2010/06/29 19:06:55 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2010/06/29 19:06:55 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2010/06/29 19:06:55 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2010/06/29 19:06:55 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2010/06/29 19:06:55 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2010/06/29 19:06:55 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2010/06/29 19:06:54 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2010/06/29 19:06:54 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2010/06/29 19:06:54 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2010/06/28 16:08:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Tages [2010/06/28 16:06:46 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2010/06/28 16:06:45 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2010/06/28 16:06:44 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2010/06/28 16:06:44 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2010/06/28 16:06:44 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2010/06/28 16:06:38 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2010/06/28 16:06:36 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2010/06/28 16:06:36 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2010/06/28 16:06:36 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2010/06/28 16:06:36 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2010/06/28 16:06:36 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2010/06/28 16:06:35 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll [2010/06/28 16:06:35 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2010/06/28 16:06:35 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2010/06/27 21:27:37 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\DivX [2010/06/27 21:26:55 | 000,000,000 | ---D | C] -- C:\Program Files\directx [2010/06/27 14:39:28 | 000,029,512 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2010/06/27 14:39:24 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [2010/06/27 14:39:24 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2010/06/27 14:39:10 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\TuneUp Software [2010/06/27 14:38:56 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010 [2010/06/27 14:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2010/06/27 14:38:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2010/06/27 14:37:12 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Malwarebytes [2010/06/27 14:36:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010/06/27 14:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010/06/27 14:36:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010/06/27 14:36:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/06/27 14:33:12 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Megaupload [2010/06/27 14:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\Megaupload [2010/06/27 14:03:44 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\RapidShare [2010/06/27 14:02:31 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Apps [2010/06/27 14:02:30 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Deployment [2010/06/27 12:04:41 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Microsoft Help [2010/06/27 12:01:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat [2010/06/26 19:43:16 | 000,000,000 | ---D | C] -- C:\Program Files\UltraISO [2010/06/26 19:43:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EZB Systems [2010/06/26 19:42:19 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Template [2010/06/26 18:52:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2010/06/26 18:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\Steam [2010/06/26 18:46:58 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\URSoft [2010/06/26 18:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2010/06/26 18:46:54 | 000,000,000 | ---D | C] -- C:\Program Files\Your Uninstaller 2010 [2010/06/26 18:43:27 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Uniblue [2010/06/26 18:34:44 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Documents\hjsplit [2010/06/26 18:28:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\custom matrices [2010/06/26 18:28:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\QuickTime [2010/06/26 18:28:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\C2MP [2010/06/26 18:25:15 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\vlc [2010/06/26 18:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2010/06/26 18:23:21 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010/06/26 18:19:12 | 000,000,000 | ---D | C] -- C:\Program Files\RegClean [2010/06/26 16:05:20 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Documents\Max Payne 2 Savegames [2010/06/26 15:46:29 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games [2010/06/26 15:37:08 | 000,023,624 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\drivers\AVSNDISIMDriver.sys [2010/06/26 15:35:09 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\AVS4YOU [2010/06/26 15:34:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia [2010/06/26 15:33:52 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GdiPlus.dll [2010/06/26 15:33:52 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70.dll [2010/06/26 15:33:52 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp70.dll [2010/06/26 15:33:52 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll [2010/06/26 15:33:52 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll [2010/06/26 15:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU [2010/06/26 15:33:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU [2010/06/26 15:22:13 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2010/06/26 15:12:33 | 000,056,816 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010/06/26 15:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\AntiVir PersonalEdition Classic [2010/06/26 14:59:39 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\WinRAR [2010/06/26 14:59:01 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2010/06/26 14:53:33 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Mozilla [2010/06/26 14:53:33 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Mozilla [2010/06/26 14:53:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2010/06/26 14:22:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\SRSLabs [2010/06/26 14:19:18 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2010/06/26 13:46:17 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010/06/26 13:46:17 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010/06/26 13:46:17 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2010/06/26 13:45:48 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2010/06/26 13:33:30 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll [2010/06/26 13:33:29 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe [2010/06/26 13:33:28 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010/06/26 13:33:28 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe [2010/06/26 13:33:26 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2010/06/26 13:33:26 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll [2010/06/26 13:33:26 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2010/06/26 13:33:23 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010/06/26 13:33:18 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll [2010/06/26 13:33:18 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys [2010/06/26 13:33:09 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010/06/26 13:33:08 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010/06/26 13:33:08 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010/06/26 13:33:07 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010/06/26 13:33:04 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2010/06/26 13:33:04 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2010/06/26 13:33:02 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2010/06/26 13:33:00 | 002,326,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010/06/26 13:32:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010/06/26 13:32:46 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2010/06/26 13:32:46 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010/06/26 13:32:41 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll [2010/06/26 13:32:40 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll [2010/06/26 13:32:40 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2010/06/26 13:32:39 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2010/06/26 13:32:39 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2010/06/26 13:32:39 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2010/06/26 13:32:38 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2010/06/26 13:32:37 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2010/06/26 13:32:37 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2010/06/26 13:32:37 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2010/06/26 13:32:37 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2010/06/26 13:32:37 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2010/06/26 13:32:37 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2010/06/26 13:32:37 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2010/06/26 13:30:13 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010/06/26 13:30:12 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010/06/26 13:30:12 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010/06/26 13:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET [2010/06/26 13:21:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint [2010/06/26 13:21:30 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010/06/26 13:20:50 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2010/06/26 13:20:14 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\zooleric\Documents\ATF-Cleaner.exe [2010/06/26 13:12:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010/06/26 13:12:23 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010/06/26 13:10:23 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~Q [2010/06/26 13:04:57 | 000,000,000 | -H-D | C] -- C:\$INPLACE.~TR [2010/06/26 13:01:40 | 000,000,000 | -H-D | C] -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\Recovery [2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles [2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos [2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images [2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer [2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique [2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs [2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoris [2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau [2010/06/26 12:26:41 | 000,000,000 | --SD | C] -- C:\Users\zooleric\AppData\Roaming\Microsoft [2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Videos [2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Saved Games [2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Pictures [2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Music [2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Links [2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Favorites [2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Downloads [2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Documents [2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Desktop [2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Voisinage réseau [2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Voisinage d'impression [2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\AppData\Local\Temporary Internet Files [2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\SendTo [2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Recent [2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Modèles [2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Documents\Mes vidéos [2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Documents\Mes images [2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Mes documents [2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Menu Démarrer [2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Documents\Ma musique [2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Local Settings [2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\AppData\Local\Historique [2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Cookies [2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Application Data [2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\AppData\Local\Application Data [2010/06/26 12:26:41 | 000,000,000 | -H-D | C] -- C:\Users\zooleric\AppData [2010/06/26 12:26:41 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Temp [2010/06/26 12:26:41 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Microsoft [2010/06/26 12:26:41 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Media Center Programs [2010/06/26 12:25:36 | 000,380,928 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll [2010/06/26 12:25:36 | 000,140,288 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll [2010/06/26 12:25:36 | 000,061,440 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll [2010/06/26 12:25:36 | 000,000,000 | ---D | C] -- C:\Program Files\IDT [2010/06/26 12:25:35 | 012,628,060 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtcpl.cpl [2010/06/26 12:25:35 | 003,354,624 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stlang.dll [2010/06/26 12:25:35 | 000,536,576 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtmini1.exe [2010/06/26 12:25:35 | 000,495,708 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray.exe [2010/06/26 12:25:35 | 000,086,016 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AESTCom.dll [2010/06/26 12:25:06 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics [2010/06/26 12:23:43 | 001,079,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpluir.dll [2010/06/26 12:23:43 | 000,313,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvexpbar.dll [2010/06/26 12:23:42 | 000,584,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe [2010/06/26 12:22:03 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2010/06/26 03:27:18 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2010/06/25 18:33:10 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010/06/25 18:24:05 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Symantec [2010/06/25 18:23:40 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\DigitalPersona [2010/06/25 18:23:40 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\DigitalPersona [2010/06/25 18:23:36 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Searches [2010/06/25 18:23:27 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Identities [2010/06/25 18:23:25 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Contacts [2010/06/25 18:22:34 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Macromedia [2010/06/25 18:22:21 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Adobe [2010/06/25 18:22:13 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Hewlett-Packard [2010/06/25 18:22:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Viewpoint [2010/06/25 18:22:09 | 000,000,000 | ---D | C] -- C:\Program Files\Viewpoint [2010/06/25 18:19:47 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Macrovision [2010/06/25 18:18:48 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\VirtualStore [2010/06/25 17:54:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2010/06/25 17:53:24 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink [2010/06/25 17:52:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\tr [2010/06/25 17:52:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\ru [2010/06/25 17:52:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\ko [2010/06/25 17:52:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\ja [2010/06/25 17:52:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\it [2010/06/25 17:52:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\es [2010/06/25 17:52:52 | 000,000,000 | ---D | C] -- C:\Windows\DPDrv [2010/06/25 17:52:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\de [2010/06/25 17:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision [2010/06/25 17:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\DigitalPersona [2010/06/25 17:49:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe [2010/06/25 17:42:49 | 000,110,080 | ---- | C] (JMicron Technology Corporation) -- C:\Windows\System32\JmCrIcon.dll [2010/06/25 17:42:49 | 000,000,000 | ---D | C] -- C:\Windows\JMCR_DIR [2010/06/25 17:42:10 | 000,000,000 | ---D | C] -- C:\Program Files\Validity Sensors, Inc [2010/06/25 17:41:44 | 000,196,784 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys [2010/06/25 17:41:44 | 000,147,456 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynTPAPI.dll [2010/06/25 17:41:44 | 000,110,592 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynTPCo4.dll [2010/06/25 17:41:43 | 000,196,608 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynCtrl.dll [2010/06/25 17:41:43 | 000,163,840 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynCOM.dll [2010/06/25 17:41:04 | 000,122,368 | ---- | C] (Realtek Corporation ) -- C:\Windows\System32\drivers\Rtlh86.sys [2010/06/25 17:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2010/06/25 17:40:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\HPMDP [2010/06/25 17:37:55 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll [2010/06/25 17:37:55 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2010/06/25 17:37:40 | 000,000,000 | ---D | C] -- C:\Intel [2010/06/25 17:33:21 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2010/06/22 19:23:54 | 000,495,192 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys ========== Files - Modified Within 30 Days ========== [2010/07/20 12:14:37 | 001,572,864 | ---- | M] () -- C:\Users\zooleric\NTUSER.DAT [2010/07/20 10:47:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\zooleric\Desktop\OTL.exe [2010/07/20 10:47:31 | 000,009,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010/07/20 10:47:31 | 000,009,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010/07/20 10:40:09 | 000,000,249 | ---- | M] () -- C:\ProgramData\hpqp.ini [2010/07/20 10:40:03 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2010/07/20 10:39:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/07/20 10:39:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/07/20 10:39:43 | 2413,531,136 | -HS- | M] () -- C:\hiberfil.sys [2010/07/20 10:39:42 | 000,082,940 | ---- | M] () -- C:\Windows\System32\oodbs.lor [2010/07/19 19:35:50 | 002,037,806 | -H-- | M] () -- C:\Users\zooleric\AppData\Local\IconCache.db [2010/07/17 19:26:47 | 000,524,288 | -HS- | M] () -- C:\Users\zooleric\NTUSER.DAT{4f3b6f19-9192-11df-83f0-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [2010/07/17 19:26:47 | 000,524,288 | -HS- | M] () -- C:\Users\zooleric\NTUSER.DAT{4f3b6f19-9192-11df-83f0-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2010/07/17 19:26:47 | 000,065,536 | -HS- | M] () -- C:\Users\zooleric\NTUSER.DAT{4f3b6f19-9192-11df-83f0-806e6f6e6963}.TM.blf [2010/07/17 17:28:58 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010/07/17 13:00:42 | 001,835,008 | -HS- | M] () -- C:\Users\zooleric\NTUSER.DAT_tureg_old [2010/07/15 14:50:47 | 001,549,700 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/07/15 14:50:47 | 000,704,480 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/07/15 14:50:47 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/07/15 14:50:47 | 000,130,754 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/07/15 14:50:47 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/07/14 18:21:58 | 000,113,933 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat [2010/07/14 18:21:58 | 000,097,549 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat [2010/07/11 18:07:24 | 000,002,449 | ---- | M] () -- C:\Users\Public\Desktop\RegClean.lnk [2010/07/09 21:12:06 | 000,061,512 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys [2010/07/09 21:12:05 | 000,033,480 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys [2010/07/09 21:11:58 | 000,040,904 | ---- | M] (G DATA Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys [2010/07/06 19:22:32 | 000,000,958 | ---- | M] () -- C:\Users\zooleric\Desktop\Glary Utilities.lnk [2010/07/05 18:26:35 | 000,000,208 | ---- | M] () -- C:\Users\zooleric\Desktop\Max Payne 2 The Fall of Max Payne.url [2010/07/05 14:25:12 | 000,001,107 | ---- | M] () -- C:\Users\Public\Desktop\Vidal Expert.lnk [2010/07/05 14:25:12 | 000,000,270 | ---- | M] () -- C:\Windows\win.ini [2010/07/04 17:20:16 | 000,088,240 | ---- | M] () -- C:\Users\zooleric\AppData\Local\GDIPFONTCACHEV1.DAT [2010/07/04 17:17:09 | 000,369,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/07/02 17:22:28 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\O&O Defrag.lnk [2010/07/02 15:58:32 | 000,001,992 | ---- | M] () -- C:\Users\zooleric\Desktop\Windows Live Messenger .lnk [2010/07/02 15:32:38 | 000,000,020 | ---- | M] () -- C:\Windows\löˆ [2010/07/01 21:35:12 | 000,228,024 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\klogon.dll [2010/07/01 17:40:47 | 000,000,754 | ---- | M] () -- C:\Users\zooleric\AppData\Roaming\wklnhst.dat [2010/07/01 15:39:16 | 000,001,192 | ---- | M] () -- C:\Users\zooleric\Desktop\AVS Cover Editor 2.lnk [2010/07/01 15:39:03 | 000,001,159 | ---- | M] () -- C:\Users\zooleric\Desktop\AVS Disc Creator.lnk [2010/06/30 23:06:25 | 000,000,020 | ---- | M] () -- C:\Windows\¸ùƒ [2010/06/30 18:26:04 | 000,305,664 | ---- | M] (Inekman) -- C:\Users\zooleric\Documents\Xtremsplit.exe [2010/06/30 15:48:11 | 000,001,207 | ---- | M] () -- C:\Users\zooleric\Desktop\AVS Registry Cleaner.lnk [2010/06/29 19:55:11 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010/06/29 19:55:11 | 000,022,328 | ---- | M] () -- C:\Users\zooleric\AppData\Roaming\PnkBstrK.sys [2010/06/29 19:54:50 | 000,682,280 | ---- | M] () -- C:\Windows\System32\pbsvc.exe [2010/06/29 18:47:01 | 000,000,213 | ---- | M] () -- C:\Users\zooleric\Desktop\Half-Life Deathmatch Source.url [2010/06/29 15:24:11 | 000,000,215 | ---- | M] () -- C:\Users\zooleric\Desktop\Red Faction.url [2010/06/29 13:22:21 | 000,000,188 | ---- | M] () -- C:\Users\zooleric\Desktop\Call of Duty 2.url [2010/06/28 17:47:56 | 000,000,215 | ---- | M] () -- C:\Users\zooleric\Desktop\Call of Duty World at War.url [2010/06/28 16:59:15 | 000,000,203 | ---- | M] () -- C:\Users\zooleric\Desktop\Call of Duty United Offensive.url [2010/06/28 16:08:30 | 000,281,760 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys [2010/06/28 16:08:28 | 000,025,888 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys [2010/06/27 22:09:37 | 000,000,186 | ---- | M] () -- C:\Users\zooleric\Desktop\Call of Duty.url [2010/06/27 17:33:49 | 000,000,214 | ---- | M] () -- C:\Users\zooleric\Desktop\Call of Duty 4 Modern Warfare.url [2010/06/27 14:39:21 | 000,002,155 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Maintenance en 1 clic.lnk [2010/06/27 14:39:21 | 000,002,103 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk [2010/06/27 14:36:54 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/06/27 14:33:11 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Mega Manager.lnk [2010/06/27 14:02:53 | 000,002,831 | ---- | M] () -- C:\Users\zooleric\Desktop\RapidShare Manager.lnk [2010/06/27 13:52:38 | 000,002,152 | ---- | M] () -- C:\Users\Public\Desktop\Max Payne 2.lnk [2010/06/27 13:51:11 | 000,001,735 | ---- | M] () -- C:\Users\zooleric\Desktop\MaxPayne2 -developper - Raccourci.lnk [2010/06/27 12:16:02 | 000,000,215 | ---- | M] () -- C:\Users\zooleric\Desktop\Chrome.url [2010/06/27 12:14:50 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2010/06/26 19:43:17 | 000,001,831 | ---- | M] () -- C:\Users\zooleric\Desktop\UltraISO.lnk [2010/06/26 18:46:57 | 000,001,044 | ---- | M] () -- C:\Users\zooleric\Desktop\Your Unin-staller!.lnk [2010/06/26 18:25:12 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2010/06/26 18:23:27 | 000,000,965 | ---- | M] () -- C:\Users\zooleric\Desktop\CCleaner.lnk [2010/06/26 17:27:46 | 000,001,429 | ---- | M] () -- C:\Users\zooleric\Desktop\Internet Explorer.lnk [2010/06/26 15:37:13 | 000,001,123 | ---- | M] () -- C:\Users\zooleric\Desktop\AVS Firewall.lnk [2010/06/26 15:35:02 | 000,001,251 | ---- | M] () -- C:\Users\zooleric\Desktop\AVS4YOU Software Navigator.lnk [2010/06/26 15:34:48 | 000,001,202 | ---- | M] () -- C:\Users\zooleric\Desktop\AVS Video Converter 6.lnk [2010/06/26 15:22:13 | 000,001,222 | ---- | M] () -- C:\Users\zooleric\Desktop\Revo Uninstaller.lnk [2010/06/26 14:59:36 | 000,001,027 | ---- | M] () -- C:\Users\zooleric\Desktop\WinRAR.lnk [2010/06/26 14:53:34 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat [2010/06/26 14:53:29 | 000,001,909 | ---- | M] () -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010/06/26 14:53:29 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010/06/26 14:06:24 | 000,028,124 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010/06/26 14:06:22 | 000,028,124 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010/06/26 13:42:13 | 000,001,304 | ---- | M] () -- C:\Users\zooleric\Desktop\Notepad.lnk [2010/06/26 13:21:56 | 000,002,661 | ---- | M] () -- C:\Users\Public\Desktop\Souris Microsoft.lnk [2010/06/26 13:21:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_point32k_01009.Wdf [2010/06/26 13:20:36 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2010/06/26 13:17:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010/06/26 13:12:17 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010/06/26 13:12:17 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010/06/26 13:12:17 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010/06/26 13:12:17 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010/06/26 13:01:41 | 000,001,423 | ---- | M] () -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010/06/26 13:01:32 | 000,000,020 | -HS- | M] () -- C:\Users\zooleric\ntuser.ini [2010/06/26 12:51:18 | 000,057,206 | ---- | M] () -- C:\Windows\System32\license.rtf [2010/06/26 12:46:14 | 000,021,680 | ---- | M] () -- C:\Windows\System32\emptyregdb.dat [2010/06/26 12:26:44 | 000,524,288 | -HS- | M] () -- C:\Users\zooleric\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2010/06/26 12:26:44 | 000,524,288 | -HS- | M] () -- C:\Users\zooleric\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2010/06/26 12:26:44 | 000,065,536 | -HS- | M] () -- C:\Users\zooleric\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2010/06/26 12:25:10 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf [2010/06/26 12:01:35 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/06/26 12:01:34 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/06/26 11:39:25 | 000,000,221 | -HS- | M] () -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini [2010/06/26 11:32:34 | 000,002,544 | ---- | M] () -- C:\Windows\diagwrn.xml [2010/06/26 11:32:31 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml [2010/06/25 18:38:11 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2010/06/25 18:23:17 | 000,000,044 | ---- | M] () -- C:\Windows\System\hpsysdrv.dat [2010/06/25 18:22:11 | 000,000,373 | -H-- | M] () -- C:\IPH.PH [2010/06/25 18:19:37 | 000,000,000 | RHS- | M] () -- C:\Windows\System32\drivers\103C_HP_cNB_Pavilion dv7 Notebook PC_Y5335KV_0U_QCND83254N4_E464632-052_4A_I30F4_SCompal_V99.55_F.0A_T080717_WV3-1_L40C_M3069_J320_7Intel_8676_92.27_#100625_N10EC8168;80864237_(FV084EA#ABF)_XMOBILE_CN10_Z_2F.0A.MRK [2010/06/25 17:49:12 | 000,588,472 | ---- | M] (EasyBits Software AS) -- C:\Windows\System32\ezsvc7x.dll [2010/06/25 17:44:53 | 000,000,125 | ---- | M] () -- C:\Windows\xUninstall.bat [2010/06/25 17:43:30 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2010/06/22 19:23:54 | 000,495,192 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys ========== Files Created - No Company Name ========== [2010/07/17 13:01:57 | 000,524,288 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT{4f3b6f19-9192-11df-83f0-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [2010/07/17 13:01:57 | 000,524,288 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT{4f3b6f19-9192-11df-83f0-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [2010/07/17 13:01:56 | 000,065,536 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT{4f3b6f19-9192-11df-83f0-806e6f6e6963}.TM.blf [2010/07/17 13:00:38 | 000,000,000 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT_tureg_new.LOG2 [2010/07/17 13:00:38 | 000,000,000 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT_tureg_new.LOG1 [2010/07/14 18:21:58 | 000,113,933 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat [2010/07/14 18:21:58 | 000,097,549 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat [2010/07/11 18:07:24 | 000,002,449 | ---- | C] () -- C:\Users\Public\Desktop\RegClean.lnk [2010/07/06 19:22:33 | 000,000,318 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job [2010/07/06 19:22:32 | 000,000,958 | ---- | C] () -- C:\Users\zooleric\Desktop\Glary Utilities.lnk [2010/07/05 18:26:35 | 000,000,208 | ---- | C] () -- C:\Users\zooleric\Desktop\Max Payne 2 The Fall of Max Payne.url [2010/07/05 14:25:12 | 000,001,107 | ---- | C] () -- C:\Users\Public\Desktop\Vidal Expert.lnk [2010/07/03 11:50:03 | 000,082,940 | ---- | C] () -- C:\Windows\System32\oodbs.lor [2010/07/02 17:22:28 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\O&O Defrag.lnk [2010/07/02 15:58:32 | 000,001,992 | ---- | C] () -- C:\Users\zooleric\Desktop\Windows Live Messenger .lnk [2010/07/02 15:32:38 | 000,000,020 | ---- | C] () -- C:\Windows\löˆ [2010/07/01 15:39:16 | 000,001,192 | ---- | C] () -- C:\Users\zooleric\Desktop\AVS Cover Editor 2.lnk [2010/07/01 15:39:03 | 000,001,159 | ---- | C] () -- C:\Users\zooleric\Desktop\AVS Disc Creator.lnk [2010/06/30 23:06:24 | 000,000,020 | ---- | C] () -- C:\Windows\¸ùƒ [2010/06/30 16:10:04 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010/06/30 15:48:11 | 000,001,207 | ---- | C] () -- C:\Users\zooleric\Desktop\AVS Registry Cleaner.lnk [2010/06/29 19:55:11 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010/06/29 19:55:11 | 000,022,328 | ---- | C] () -- C:\Users\zooleric\AppData\Roaming\PnkBstrK.sys [2010/06/29 19:54:52 | 000,107,832 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2010/06/29 19:54:50 | 000,682,280 | ---- | C] () -- C:\Windows\System32\pbsvc.exe [2010/06/29 19:54:50 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2010/06/29 18:47:01 | 000,000,213 | ---- | C] () -- C:\Users\zooleric\Desktop\Half-Life Deathmatch Source.url [2010/06/29 15:24:11 | 000,000,215 | ---- | C] () -- C:\Users\zooleric\Desktop\Red Faction.url [2010/06/29 13:22:21 | 000,000,188 | ---- | C] () -- C:\Users\zooleric\Desktop\Call of Duty 2.url [2010/06/28 17:47:56 | 000,000,215 | ---- | C] () -- C:\Users\zooleric\Desktop\Call of Duty World at War.url [2010/06/28 16:59:15 | 000,000,203 | ---- | C] () -- C:\Users\zooleric\Desktop\Call of Duty United Offensive.url [2010/06/28 16:08:30 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010/06/28 16:08:28 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010/06/27 17:17:55 | 000,000,214 | ---- | C] () -- C:\Users\zooleric\Desktop\Call of Duty 4 Modern Warfare.url [2010/06/27 14:39:21 | 000,002,155 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Maintenance en 1 clic.lnk [2010/06/27 14:39:21 | 000,002,103 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk [2010/06/27 14:36:54 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/06/27 14:33:11 | 000,001,973 | ---- | C] () -- C:\Users\Public\Desktop\Mega Manager.lnk [2010/06/27 14:30:38 | 000,000,186 | ---- | C] () -- C:\Users\zooleric\Desktop\Call of Duty.url [2010/06/27 14:02:53 | 000,002,831 | ---- | C] () -- C:\Users\zooleric\Desktop\RapidShare Manager.lnk [2010/06/27 12:16:02 | 000,000,215 | ---- | C] () -- C:\Users\zooleric\Desktop\Chrome.url [2010/06/26 19:43:17 | 000,001,831 | ---- | C] () -- C:\Users\zooleric\Desktop\UltraISO.lnk [2010/06/26 19:42:18 | 000,000,754 | ---- | C] () -- C:\Users\zooleric\AppData\Roaming\wklnhst.dat [2010/06/26 18:52:56 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2010/06/26 18:46:57 | 000,001,044 | ---- | C] () -- C:\Users\zooleric\Desktop\Your Unin-staller!.lnk [2010/06/26 18:25:12 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2010/06/26 18:23:27 | 000,000,965 | ---- | C] () -- C:\Users\zooleric\Desktop\CCleaner.lnk [2010/06/26 18:12:13 | 000,001,735 | ---- | C] () -- C:\Users\zooleric\Desktop\MaxPayne2 -developper - Raccourci.lnk [2010/06/26 17:27:46 | 000,001,429 | ---- | C] () -- C:\Users\zooleric\Desktop\Internet Explorer.lnk [2010/06/26 15:58:49 | 000,002,152 | ---- | C] () -- C:\Users\Public\Desktop\Max Payne 2.lnk [2010/06/26 15:37:13 | 000,001,123 | ---- | C] () -- C:\Users\zooleric\Desktop\AVS Firewall.lnk [2010/06/26 15:35:02 | 000,001,251 | ---- | C] () -- C:\Users\zooleric\Desktop\AVS4YOU Software Navigator.lnk [2010/06/26 15:34:48 | 000,001,202 | ---- | C] () -- C:\Users\zooleric\Desktop\AVS Video Converter 6.lnk [2010/06/26 15:22:13 | 000,001,222 | ---- | C] () -- C:\Users\zooleric\Desktop\Revo Uninstaller.lnk [2010/06/26 14:59:36 | 000,001,027 | ---- | C] () -- C:\Users\zooleric\Desktop\WinRAR.lnk [2010/06/26 14:53:34 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010/06/26 14:53:29 | 000,001,909 | ---- | C] () -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010/06/26 14:53:29 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010/06/26 13:42:13 | 000,001,304 | ---- | C] () -- C:\Users\zooleric\Desktop\Notepad.lnk [2010/06/26 13:21:56 | 000,002,661 | ---- | C] () -- C:\Users\Public\Desktop\Souris Microsoft.lnk [2010/06/26 13:21:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_point32k_01009.Wdf [2010/06/26 13:17:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010/06/26 13:01:52 | 000,000,249 | ---- | C] () -- C:\ProgramData\hpqp.ini [2010/06/26 13:01:35 | 000,028,124 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010/06/26 13:01:34 | 000,028,124 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010/06/26 13:01:32 | 000,000,020 | -HS- | C] () -- C:\Users\zooleric\ntuser.ini [2010/06/26 12:52:48 | 2413,531,136 | -HS- | C] () -- C:\hiberfil.sys [2010/06/26 12:46:15 | 000,021,680 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat [2010/06/26 12:26:42 | 000,524,288 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2010/06/26 12:26:41 | 001,835,008 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT_tureg_old [2010/06/26 12:26:41 | 001,572,864 | ---- | C] () -- C:\Users\zooleric\NTUSER.DAT [2010/06/26 12:26:41 | 000,524,288 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2010/06/26 12:26:41 | 000,262,144 | -HS- | C] () -- C:\Users\zooleric\ntuser.dat.LOG1 [2010/06/26 12:26:41 | 000,065,536 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2010/06/26 12:26:41 | 000,000,290 | ---- | C] () -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2010/06/26 12:26:41 | 000,000,272 | ---- | C] () -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2010/06/26 12:26:41 | 000,000,000 | -HS- | C] () -- C:\Users\zooleric\ntuser.dat.LOG2 [2010/06/26 12:25:36 | 000,015,222 | ---- | C] () -- C:\Windows\System32\nbspkrs.ico [2010/06/26 12:25:36 | 000,003,774 | ---- | C] () -- C:\Windows\System32\bltinmic.ico [2010/06/26 12:25:36 | 000,003,774 | ---- | C] () -- C:\Windows\System32\2hps.ico [2010/06/26 12:25:10 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf [2010/06/26 12:25:08 | 000,009,504 | -H-- | C] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010/06/26 12:25:08 | 000,009,504 | -H-- | C] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010/06/26 12:00:25 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2010/06/26 11:39:25 | 000,001,423 | ---- | C] () -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010/06/26 11:32:30 | 000,002,544 | ---- | C] () -- C:\Windows\diagwrn.xml [2010/06/26 11:32:30 | 000,001,890 | ---- | C] () -- C:\Windows\diagerr.xml [2010/06/25 18:23:17 | 000,000,044 | ---- | C] () -- C:\Windows\System\hpsysdrv.dat [2010/06/25 18:21:50 | 000,000,373 | -H-- | C] () -- C:\IPH.PH [2010/06/25 18:21:28 | 000,001,859 | ---- | C] () -- C:\Users\Public\Desktop\HP Total Care Advisor.lnk [2010/06/25 18:19:37 | 000,000,000 | RHS- | C] () -- C:\Windows\System32\drivers\103C_HP_cNB_Pavilion dv7 Notebook PC_Y5335KV_0U_QCND83254N4_E464632-052_4A_I30F4_SCompal_V99.55_F.0A_T080717_WV3-1_L40C_M3069_J320_7Intel_8676_92.27_#100625_N10EC8168;80864237_(FV084EA#ABF)_XMOBILE_CN10_Z_2F.0A.MRK [2010/06/25 18:18:44 | 000,000,221 | -HS- | C] () -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini [2010/06/25 17:53:17 | 000,037,916 | ---- | C] () -- C:\Windows\WMPrfFRA.prx [2010/06/25 17:44:53 | 000,000,125 | ---- | C] () -- C:\Windows\xUninstall.bat [2010/06/25 17:43:30 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf [2010/06/25 17:41:46 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2010/06/15 18:06:38 | 000,153,502 | ---- | C] () -- C:\Windows\System32\libmplayer.dll [2010/06/15 18:05:02 | 005,002,416 | ---- | C] () -- C:\Windows\System32\libavcodec.dll [2010/06/15 17:43:58 | 001,641,574 | ---- | C] () -- C:\Windows\System32\ffmpegmt.dll [2010/05/24 21:39:50 | 000,289,065 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll [2010/05/24 21:38:34 | 000,962,008 | ---- | C] () -- C:\Windows\System32\ff_x264.dll [2010/05/24 21:38:22 | 000,901,509 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010/05/19 22:59:20 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll [2010/05/19 22:59:10 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll [2010/05/19 22:59:02 | 000,141,824 | ---- | C] () -- C:\Windows\System32\mp4.dll [2010/05/19 22:58:52 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll [2010/05/19 22:58:18 | 000,154,112 | ---- | C] () -- C:\Windows\System32\ts.dll [2010/05/19 22:58:08 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll [2010/05/19 22:57:42 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll [2010/05/19 22:57:26 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll [2010/05/19 22:55:40 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll [2010/05/19 22:55:36 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll [2010/05/12 17:09:06 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010/05/11 23:26:52 | 000,324,096 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll [2010/05/11 23:22:22 | 000,100,864 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll [2010/05/11 00:10:04 | 000,178,688 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll [2010/05/11 00:09:50 | 000,257,024 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll [2010/05/11 00:09:42 | 000,142,848 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll [2010/05/11 00:09:30 | 000,484,864 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll [2010/05/11 00:07:24 | 001,556,992 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll [2010/05/11 00:05:28 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll [2010/05/11 00:05:06 | 000,113,152 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll [2010/05/11 00:03:56 | 000,163,328 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll [2010/01/06 12:50:12 | 000,086,016 | ---- | C] () -- C:\Windows\System32\vidalhelper.dll [2009/07/14 02:55:09 | 001,332,736 | ---- | C] () -- C:\Windows\System32\hpotiop1.dll [2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009/06/07 18:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009/01/11 00:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\mmfinfo.dll [2008/11/06 17:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2007/11/14 16:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll [2007/10/13 11:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\System32\Registration.ini ========== LOP Check ========== [2010/07/09 14:16:39 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\AutoHideIP [2010/06/26 12:42:03 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\DigitalPersona [2010/07/04 16:32:27 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\DMCache [2010/07/14 18:18:12 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\GlarySoft [2010/06/27 14:33:12 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\Megaupload [2010/06/30 22:53:25 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\Orange [2010/07/04 15:52:06 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\SoftMaker [2010/07/06 19:57:15 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\Spy Emergency [2010/06/26 19:42:19 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\Template [2010/06/27 14:39:10 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\TuneUp Software [2010/06/26 18:43:27 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\Uniblue [2010/06/26 18:46:58 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\URSoft [2010/07/04 19:52:29 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\VitySoft [2010/07/14 16:45:19 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\Windows Live Writer [2010/07/20 10:40:03 | 000,000,318 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job [2009/07/14 06:53:46 | 000,028,310 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 176 bytes -> C:\ProgramData\TEMP:1CE11B51 < End of report > GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover Rootkit scan 2010-07-20 12:39:55 Windows 6.1.7600 Running: zool.exe.exe; Driver: C:\Users\zooleric\AppData\Local\Temp\kfdyiuog.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0x8BB93528] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcConnectPort [0x8BB95752] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcCreatePort [0x8BB959CC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcSendWaitReceivePort [0x8BB95C3E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwClose [0x8BB93E30] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwConnectPort [0x8BB94C5C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateEvent [0x8BB951A6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateFile [0x8BB9410C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateMutant [0x8BB9508C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0x8BB93118] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreatePort [0x8BB94F60] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSection [0x8BB932C0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSemaphore [0x8BB952C6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThread [0x8BB93AB8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThreadEx [0x8BB93BB6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateUserProcess [0x8BB95E88] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateWaitablePort [0x8BB94FF6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDebugActiveProcess [0x8BB969A8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0x8BB9458E] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDuplicateObject [0x8BB97BBE] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwFsControlFile [0x8BB9439C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwLoadDriver [0x8BB96A9A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwMapViewOfSection [0x8BB9720A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenEvent [0x8BB9523C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenFile [0x8BB93EB2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenMutant [0x8BB9511C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenProcess [0x8BB93762] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSection [0x8BB96FA4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSemaphore [0x8BB9535C] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenThread [0x8BB93656] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryDirectoryObject [0x8BB95F42] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQuerySection [0x8BB97544] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueueApcThread [0x8BB96E36] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplaceKey [0x8BB91DD2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyPort [0x8BB956C0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0x8BB95586] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0x8BB96742] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRestoreKey [0x8BB9214A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwResumeThread [0x8BB97A60] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSaveKey [0x8BB91D6A] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSecureConnectPort [0x8BB949A6] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetContextThread [0x8BB93CD2] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetInformationToken [0x8BB95FE4] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSecurityObject [0x8BB96C38] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSystemInformation [0x8BB97694] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendProcess [0x8BB97786] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendThread [0x8BB978C0] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSystemDebugControl [0x8BB968CC] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateProcess [0x8BB93902] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateThread [0x8BB93858] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0x8BB973E8] SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0x8BB939EE] INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1FAF8 INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1F104 INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1F3F4 INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C07634 INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C07898 INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1F1DC INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1F958 INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1F6F8 INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1FF2C INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C201A8 ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82C7F599 1 Byte [06] .text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82CA3F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3} .text ntkrnlpa.exe!RtlSidHashLookup + 220 82CAB730 4 Bytes [28, 35, B9, 8B] .text ntkrnlpa.exe!RtlSidHashLookup + 248 82CAB758 8 Bytes [52, 57, B9, 8B, CC, 59, B9, ...] .text ntkrnlpa.exe!RtlSidHashLookup + 28C 82CAB79C 4 Bytes [3E, 5C, B9, 8B] .text ntkrnlpa.exe!RtlSidHashLookup + 2B8 82CAB7C8 4 Bytes [30, 3E, B9, 8B] .text ntkrnlpa.exe!RtlSidHashLookup + 2DC 82CAB7EC 4 Bytes [5C, 4C, B9, 8B] .text ... .text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0x9B7BC300, 0x3B6D8, 0xE8000020] .text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9B600300, 0x1BEE, 0xE8000020] .text peauth.sys 9D422C9D 28 Bytes [84, 1E, 46, 92, 64, CA, 31, ...] .text peauth.sys 9D422CC1 28 Bytes [84, 1E, 46, 92, 64, CA, 31, ...] PAGE peauth.sys 9D428B9B 72 Bytes [49, 68, D2, 09, 4E, A8, A1, ...] PAGE peauth.sys 9D428BEC 111 Bytes [99, 62, 7C, A1, B4, 4F, 9B, ...] PAGE peauth.sys 9D428E20 101 Bytes [89, DD, 35, 49, 32, 83, 2F, ...] PAGE ... ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Mozilla Firefox\plugin-container.exe[2184] USER32.dll!TrackPopupMenu 771D4B3B 5 Bytes JMP 652105FE C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) .text C:\Program Files\Mozilla Firefox\firefox.exe[5592] ntdll.dll!LdrLoadDll 7768F625 5 Bytes JMP 001113F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74052494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74035624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [740356E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [7405250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74048573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74044D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [740450CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [740451A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [740466D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [740482CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74048819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7404907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7404E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74044C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Runtime de l’infrastructure de pilotes en mode noyau/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Runtime de l’infrastructure de pilotes en mode noyau/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\tdx \Device\Tcp AVSTDIFilterDrv.sys AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation) AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation) Device \Driver\ACPI_HAL \Device\0000004e halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\tdx \Device\Udp AVSTDIFilterDrv.sys AttachedDevice \Driver\tdx \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO) AttachedDevice \Driver\tdx \Device\RawIp AVSTDIFilterDrv.sys ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\BTHPORT Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\HidBth Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\BTHPORT (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\HidBth (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings (not active ControlSet) Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG12.00.00.01PROFESSIONAL 0A5E5166DA3912F116AF0EDE195FFAB4B10F412C8E52F4E109D5BA394A6C602142C3A7BA11351608461E3A9D114E3C11DED62D05655F6D22A4449557699C3824B974805FDFD6DFA6D67B6679E51F779BA5EA6A52B7F6CD95F140E835C5982027A2F9DB6B1942274487AA0AA9861D6DB9F2A5038E332E77B22B3C7630ECDB3FD22483523EC77BF8598A322FAD9AF62DD6258918F73C7E2176FAD194FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794FEBC9E127BECC74C5D575E7D6A3B98081B0B674B0E2BBFB0BB858B32388941CAB2EAB67D5762CEA4D6D728A4E8AE3CFCAC725DF82145120BA5A83F11B80C850CEC4AE8823EED06A548E9FAE602A9D19404937835847128AE7451406E0653FC327F7C0891177848E942E7F663BF2E5E16394DC18BBAC759347F99DF7A3344968DA3F94D1EA4D33F147E465FF4B99AE21924B0A2594A53A1C863CFD134D739E8FBD5EC5671AFC7B85A79ACD946094208C864036B503D9422AA7EF6AF7511FDAAF355B5A3A5870D2886F479F0D94A6C17E4DBBECFF4A3019C31734574E87CD3BB00A5669CAAF8512178753C1583A0D380BFB01065A38EFEF9C1AA25028BBDEF99BC914908445CB75F20C4B9156C31A656C04C592A08176A475ACDB59B31FE7B6C5AA1D6940C0 ---- EOF - GMER 1.0.15 ----
  2. zool62

    zool62

    zool62 a répondu à un(e) sujet de zool62 dans Sécurisation, prévention

    re voici le résultat : Rapports de plantage envoyés Identifiant du rapport Date de soumission Aucun rapport de plantage n'a été envoyé. pour Kaspersky url advisor 11.0.0.232 non activé ou pas rien ne change. @+
  3. zool62

    zool62

    zool62 a répondu à un(e) sujet de zool62 dans Sécurisation, prévention

    suite a une mise a jour de l antivirus j"ai plus de problème donc pour moi c résolut merci encore pour ton aide bon désolé j'ai parlé trop vite sniff
  4. zool62

    zool62

    zool62 a répondu à un(e) sujet de zool62 dans Sécurisation, prévention

    re bon voila j'ai fermé l antivirus et la aucun problème donc ca merde sur KASPERSKY 2011 @+ re voila je viens de surfer et la aucun problème donc la je suis perdus.
  5. zool62

    zool62

    zool62 a répondu à un(e) sujet de zool62 dans Sécurisation, prévention

    bonjour WawaSeb voila j'ai fais comme tu ma dit mais non toujours le même problème avant j'avais nod32 version4 et je n'avait aucun souci donc ca viens bien de mon antivirus tan pis. @+ j'ai oublié j'ai un firefox qui ce termine pas donc j'ouvre a nouveaux firefox et j'en ai deux dans le gestionnaire des taches voici une capture :
  6. zool62

    zool62

    zool62 a répondu à un(e) sujet de zool62 dans Sécurisation, prévention

    bonjour je viens de faire comme tu ma dit et la ca marche merci
  7. zool62

    zool62

    zool62 a répondu à un(e) sujet de zool62 dans Sécurisation, prévention

    re toujours le même problème
  8. zool62

    zool62

    zool62 a répondu à un(e) sujet de zool62 dans Sécurisation, prévention

    Re alors voici ce que j’ai fais clic sur assistance de la une nouvelle version est a dl donc je fais comme dit puis installer sans toucher a votre version car tout ce fais auto déjà ca voila maintenant j’ai la nouvelle version de KASPERSKY 2011 :11.0.1.400 voila pour l infos mais je ne sais toujours pas si mon problème est résolu je vous tien au courant. Salutations.
  9. zool62

    zool62

    zool62 a répondu à un(e) sujet de zool62 dans Sécurisation, prévention

    bonjour est désolé pour avoir fais deux post alors comme extentions j'ai uniquement Kaspersky url advisor 11.0.0.232 et pour firefox 3.6.6
  10. zool62

    zool62

    zool62 a posté un sujet dans Sécurisation, prévention

    Bonjour a tous voici mon problème : j’ai acheter KASPERSKY antivirus 2011 et depuis quand j’ouvre firefox et que je navigue un peu puis je le ferme il est toujours présent dans le gestionnaire des taches donc je fais arrêter le processus mais ca me dit l’opérations n’a pas pu être terminée accès refusé je tiens a dire que j’ai fais un scan complet avec mon antivirus et Malwarebytes' Anti-Malware et rien trouvé je me demande si ce n’est pas kaspersky qu il bloque quelque chose ou je sais pas quoi. Merci d’avance de votre aide. ps:mon pc marche très bien.
  11. zool62
    bonjour Malwarebytes' Anti-Malware 1.46 a trouvé ca alors virus ou pas? merci d'avance. Fichier(s) infecté(s): C:\Windows\Installer\{048298C9-A4D3-490B-9FF9-AB023A9238F3}\Icon048298C92.url (Extension.Mismatch) -> Quarantined and deleted successfully.
×
×
  • Créer...