Aller au contenu

GreGDurablement

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    15

  • Inscription

  • Dernière visite

  • Jours gagnés

    1

GreGDurablement a gagné pour la dernière fois le 1 février 2011

GreGDurablement a eu le contenu le plus aimé !

Contact Methods

  • Website URL
    http://gregprojetdurable.blog.ouestjob.com/

Profile Information

  • Sexe
    Male

GreGDurablement's Achievements

Junior Member

Junior Member (3/12)

1

Réputation sur la communauté

  1. GreGDurablement
    Ok, merci Lance_Yen (une référence à chtulu?) Je clos donc ce fil et en ouvre un nouveau dans software.
  2. GreGDurablement
    ...euh... Je l'avais précisé dès mon premier post, et j'avais justement posté dans le forum software/seven où l'on m'avait dit de venir dans cette section :$ Sinon, je ne sauvegardait pas effectivement le registre ni le mbr (c'est quoi?), je le ferais à l'avenir. Je ne connaissais pas non plis pc pitstop, merci. Pour le reste, ça fait déjà partie de ma routine d'entretien de l'ordi Sauf pour PSI qui a souvent des problèmes pour se connecter.
  3. GreGDurablement
    Bien, j'ai tout fait à part libérer de l'espace sur C (partition Vista que je n'utilise plus). Mais le démarrage de Seven est toujours aussi long (1 heure) et le son crachote toujours Quant à Vista, impossible de le démarrer, l'écran de chargement restant indéfiniment sur la barre verte. D'où l'impossibilité de libérer de l'espace mémoire. J'ai voulu formater cette partition avec l'utilitaire windows, mais celui-ci refuse de d'y toucher.
  4. GreGDurablement
    Voici le rapport OTL: OTL logfile created on: 22/11/2010 11:59:18 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = W:\Users\Deux Ex Machina\Desktop An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 62,00% Paging File free Paging file location(s): s:\pagefile.sys 220 2040 [binary data] %SystemDrive% = W: | %SystemRoot% = W:\Windows | %ProgramFiles% = W:\Program Files Drive C: | 48,75 Gb Total Space | 0,68 Gb Free Space | 1,40% Space Free | Partition Type: NTFS Drive D: | 51,57 Gb Total Space | 6,21 Gb Free Space | 12,04% Space Free | Partition Type: NTFS Drive G: | 979,03 Mb Total Space | 971,08 Mb Free Space | 99,19% Space Free | Partition Type: FAT32 Drive H: | 248,99 Mb Total Space | 238,48 Mb Free Space | 95,78% Space Free | Partition Type: FAT32 Drive K: | 465,76 Gb Total Space | 34,94 Gb Free Space | 7,50% Space Free | Partition Type: NTFS Drive S: | 1,99 Gb Total Space | 1,78 Gb Free Space | 89,21% Space Free | Partition Type: FAT32 Drive W: | 35,00 Gb Total Space | 17,37 Gb Free Space | 49,64% Space Free | Partition Type: NTFS Computer Name: THINKINGMACHINE | User Name: Deux Ex Machina | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010/11/22 09:44:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- W:\Users\Deux Ex Machina\Desktop\OTL.exe PRC - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) -- W:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2010/08/17 13:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- W:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) -- W:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2010/07/17 20:11:41 | 000,507,648 | ---- | M] (COMODO) -- W:\Program Files\COMODO\Firewall\cmdagent.exe PRC - [2010/07/17 20:11:40 | 001,773,312 | ---- | M] (COMODO) -- W:\Program Files\COMODO\Firewall\cfpupdat.exe PRC - [2010/07/16 06:34:00 | 000,092,160 | ---- | M] (IvoSoft) -- W:\Program Files\Classic Shell\ClassicStartMenu.exe PRC - [2010/07/13 09:45:40 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) -- W:\Program Files\Cobian Backup 10 - Sauvegarde Donnees\cbVSCService.exe PRC - [2010/01/14 22:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- W:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- W:\Program Files\Alcohol 52 Montage Image Disque\StarWind\StarWindServiceAE.exe PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- W:\Windows\explorer.exe PRC - [2009/10/26 13:46:54 | 001,458,176 | ---- | M] (Motorola Inc.) -- W:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\taskhost.exe PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\conhost.exe ========== Modules (SafeList) ========== MOD - [2010/11/22 09:44:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- W:\Users\Deux Ex Machina\Desktop\OTL.exe MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- W:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll MOD - [2010/07/17 20:11:41 | 000,139,008 | ---- | M] () -- W:\Windows\System32\guard32.dll MOD - [2009/07/14 02:16:19 | 000,156,160 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\winsta.dll MOD - [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\sspicli.dll MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\sechost.dll MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\profapi.dll MOD - [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\KernelBase.dll MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\dwmapi.dll MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\devobj.dll MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\cryptbase.dll MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\cfgmgr32.dll ========== Win32 Services (SafeList) ========== SRV - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- W:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- W:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- W:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010/07/17 20:11:41 | 000,507,648 | ---- | M] (COMODO) [Auto | Running] -- W:\Program Files\COMODO\Firewall\cmdagent.exe -- (cmdAgent) SRV - [2010/07/17 17:19:27 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- W:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108) SRV - [2010/07/13 09:45:40 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- W:\Program Files\Cobian Backup 10 - Sauvegarde Donnees\cbVSCService.exe -- (cbVSCService) SRV - [2010/05/04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) [Disabled | Stopped] -- W:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- W:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- W:\Program Files\Alcohol 52 Montage Image Disque\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) SRV - [2009/07/14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009/07/14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009/07/14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- W:\Windows\System32\umpo.dll -- (Power) SRV - [2009/07/14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- W:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009/07/14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2009/07/14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [unknown | Running] -- W:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- W:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- W:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009/07/14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- W:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009/07/14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2009/07/14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- W:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009/07/14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- W:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009/07/14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009/07/14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- W:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009/07/14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\AxInstSv.dll -- (AxInstSV) Programme d’installation ActiveX (AxInstSV) SRV - [2009/07/14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009/07/14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- W:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- W:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) ========== Driver Services (SafeList) ========== DRV - [2010/09/06 17:06:43 | 000,231,248 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- W:\Windows\System32\drivers\truecrypt.sys -- (truecrypt) DRV - [2010/08/17 13:39:11 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- W:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010/08/17 13:39:11 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- W:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010/07/18 18:38:13 | 000,697,328 | ---- | M] () [Kernel | Boot | Running] -- W:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2010/07/17 20:11:41 | 000,083,448 | ---- | M] (COMODO) [File_System | System | Running] -- W:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard) DRV - [2010/07/17 20:11:41 | 000,072,696 | ---- | M] (COMODO) [Kernel | On_Demand | Running] -- W:\Windows\System32\drivers\inspect.sys -- (Inspect) DRV - [2010/07/17 20:11:41 | 000,025,080 | ---- | M] (COMODO) [Kernel | System | Running] -- W:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2010/07/07 15:05:32 | 000,014,904 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- W:\Windows\System32\drivers\psi_mf.sys -- (PSI) DRV - [2010/06/23 08:10:54 | 000,275,048 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- W:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167) DRV - [2010/06/17 15:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- W:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2009/12/11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- W:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009/10/26 14:09:06 | 001,095,936 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- W:\Windows\System32\drivers\smserial.sys -- (smserial) DRV - [2009/09/23 18:18:14 | 004,808,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- W:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2009/07/14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009/07/14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009/07/14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009/07/14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009/07/14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009/07/14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009/07/14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009/07/14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009/07/14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- W:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009/07/14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009/07/14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009/07/14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009/07/14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009/07/14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009/07/14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009/07/14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009/07/14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009/07/14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009/07/14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- W:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009/07/14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009/07/14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009/07/14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009/07/14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- W:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009/07/14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009/07/14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus) DRV - [2009/07/14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009/07/14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- W:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt) DRV - [2009/07/14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- W:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009/07/14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc) DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- W:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009/07/14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009/07/14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009/07/14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- W:\Windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009/07/14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009/07/14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009/07/14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- W:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009/07/14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009/07/14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009/07/14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- W:\Windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009/07/14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009/07/14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- W:\Windows\System32\drivers\rdpbus.sys -- (rdpbus) DRV - [2009/07/14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- W:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009/07/14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- W:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009/07/14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- W:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009/07/14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009/07/14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009/07/14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci) DRV - [2009/07/14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\umpass.sys -- (UmPass) DRV - [2009/07/14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009/07/14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009/07/14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- W:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2009/07/14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\drivers\appid.sys -- (AppID) DRV - [2009/07/14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- W:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009/07/14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap) DRV - [2009/07/14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID) DRV - [2009/07/14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- W:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009/07/14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009/07/14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM) DRV - [2009/07/13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009/07/13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009/07/13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009/07/13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009/07/13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009/07/13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- W:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Pilote de carte de liaison WiFi sans fil Intel® DRV - [2009/07/13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009/07/13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009/07/13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2008/06/26 13:43:06 | 000,819,072 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\drivers\mod7700.sys -- (mod7700) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BC 64 70 64 83 26 CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.defaulturl: "http://fr.search.yahoo.com/" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://fr.mg40.mail.yahoo.com/dc/" FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.1.073 FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1 FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.4.7amo FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.3.7 FF - prefs.js..extensions.enabledItems: {fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3}:5.1.0.1 FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.29 FF - prefs.js..extensions.enabledItems: {B9C8BE50-7105-4ec6-8FB4-4935C0671648}:0.5.995 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {6005d9b1-d115-485a-a92a-3f6453ca3fe2}:1.1 FF - prefs.js..keyword.URL: "http://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=" FF - prefs.js..network.proxy.backup.ftp: "wwwcache.univ-lr.fr" FF - prefs.js..network.proxy.backup.ftp_port: 3128 FF - prefs.js..network.proxy.backup.gopher: "wwwcache.univ-lr.fr" FF - prefs.js..network.proxy.backup.gopher_port: 3128 FF - prefs.js..network.proxy.backup.socks: "wwwcache.univ-lr.fr" FF - prefs.js..network.proxy.backup.socks_port: 3128 FF - prefs.js..network.proxy.backup.ssl: "wwwcache.univ-lr.fr" FF - prefs.js..network.proxy.backup.ssl_port: 3128 FF - prefs.js..network.proxy.ftp: "wwwcache.univ-lr.fr" FF - prefs.js..network.proxy.ftp_port: 3128 FF - prefs.js..network.proxy.gopher: "wwwcache.univ-lr.fr" FF - prefs.js..network.proxy.gopher_port: 3128 FF - prefs.js..network.proxy.http: "wwwcache.univ-lr.fr" FF - prefs.js..network.proxy.http_port: 3128 FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, *.univ-lr.fr," FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "wwwcache.univ-lr.fr" FF - prefs.js..network.proxy.socks_port: 3128 FF - prefs.js..network.proxy.ssl: "wwwcache.univ-lr.fr" FF - prefs.js..network.proxy.ssl_port: 3128 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: W:\Program Files\Firefox - Navigateur internet\components [2010/11/20 11:52:05 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: W:\Program Files\Firefox - Navigateur internet\plugins [2010/11/18 17:24:29 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Components: W:\Program Files\Sunbird - Agenda\components [2010/09/19 09:00:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Plugins: W:\Program Files\Sunbird - Agenda\plugins FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: W:\Program Files\Thunderbird - Messagerie Mail\components [2010/11/14 13:17:33 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Plugins: W:\Program Files\Thunderbird - Messagerie Mail\plugins [2010/09/19 08:44:31 | 000,000,000 | ---D | M] -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Extensions [2010/09/19 08:44:31 | 000,000,000 | ---D | M] (No name found) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010/08/15 13:57:10 | 000,000,000 | ---D | M] -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions [2010/08/15 13:57:05 | 000,000,000 | ---D | M] (Screengrab) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2010/08/15 13:57:06 | 000,000,000 | ---D | M] (FlashGot) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2010/08/15 13:57:06 | 000,000,000 | ---D | M] (TwitterBar) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{1a0c9ebe-ddf9-4b76-b8a3-675c77874d37} [2010/08/15 13:57:06 | 000,000,000 | ---D | M] (No name found) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9} [2010/08/15 13:57:07 | 000,000,000 | ---D | M] (ScrapBook) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5} [2010/08/15 13:57:07 | 000,000,000 | ---D | M] (Readability) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{6005d9b1-d115-485a-a92a-3f6453ca3fe2} [2010/08/15 13:57:08 | 000,000,000 | ---D | M] (NoScript) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010/08/15 13:57:08 | 000,000,000 | ---D | M] (Password Exporter) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492} [2010/08/15 13:57:09 | 000,000,000 | ---D | M] (No name found) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{B9C8BE50-7105-4ec6-8FB4-4935C0671648} [2010/08/15 13:57:09 | 000,000,000 | ---D | M] (Update Scanner) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9} [2010/08/15 13:57:09 | 000,000,000 | ---D | M] (Adblock Plus) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010/08/15 13:57:10 | 000,000,000 | ---D | M] (flashget3 Extension) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A} [2010/08/15 13:57:10 | 000,000,000 | ---D | M] (Diigo Bookmarks and Web Annotations) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3} [2010/08/15 13:57:05 | 000,000,000 | ---D | M] -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\SkipScreen@SkipScreen [2010/08/15 13:57:05 | 000,000,000 | ---D | M] -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\VacuumPlaces@revertron.com [2010/08/12 20:45:56 | 000,002,533 | ---- | M] () -- W:\Users\Deux Ex Machina\AppData\Roaming\Mozilla\FireFox\Profiles\k1f5bc9p.default\searchplugins\diigo--google.xml O1 HOSTS File: ([2010/11/20 12:26:20 | 011,692,086 | R--- | M]) - W:\Windows\System32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 babe.the-killer.bz O1 - Hosts: 127.0.0.1 www.babe.the-killer.bz O1 - Hosts: 127.0.0.1 babe.k-lined.com O1 - Hosts: 127.0.0.1 www.babe.k-lined.com O1 - Hosts: 127.0.0.1 did.i-used.cc O1 - Hosts: 127.0.0.1 www.did.i-used.cc O1 - Hosts: 127.0.0.1 coolwwwsearch.com O1 - Hosts: 127.0.0.1 www.coolwwwsearch.com O1 - Hosts: 127.0.0.1 coolwebsearch.com O1 - Hosts: 127.0.0.1 www.coolwebsearch.com O1 - Hosts: 127.0.0.1 hi.studioaperto.net O1 - Hosts: 127.0.0.1 www.hi.studioaperto.net O1 - Hosts: 127.0.0.1 webbrowser.tv O1 - Hosts: 127.0.0.1 www.webbrowser.tv O1 - Hosts: 127.0.0.1 wazzupnet.com O1 - Hosts: 127.0.0.1 www.wazzupnet.com O1 - Hosts: 127.0.0.1 gueb.com O1 - Hosts: 127.0.0.1 www.gueb.com O1 - Hosts: 127.0.0.1 kabex.com O1 - Hosts: 127.0.0.1 www.kabex.com O1 - Hosts: 127.0.0.1 hityou.com O1 - Hosts: 127.0.0.1 www.hityou.com O1 - Hosts: 127.0.0.1 miosearch.com O1 - Hosts: 439905 more lines... O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - W:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - W:\Program Files\SpywareGuard - Protection\dlprotect.dll () O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - W:\PROGRA~1\SPYBOT~2\SDHelper.dll (Safer Networking Limited) O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - W:\Users\Erregior\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group) O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - W:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] W:\Program Files\Adobe Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] W:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Classic Start Menu] W:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft) O4 - HKLM..\Run: [COMODO Firewall Pro] W:\Program Files\COMODO\Firewall\cfp.exe (COMODO) O4 - HKLM..\Run: [Google Desktop Search] W:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [iTunesHelper] W:\Program Files\iTunes - Musique\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [sMSERIAL] W:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [spybotSnD] W:\Program Files\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited) O4 - HKCU..\Run: [spybotSD TeaTimer] W:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - W:\Windows\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: @W:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - W:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @W:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - W:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - W:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - W:\PROGRA~1\SPYBOT~2\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - W:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: localhost ([]http in Intranet local) O15 - HKCU\..Trusted Domains: secunia.com ([psi] https in Sites de confiance) O15 - HKCU\..Trusted Ranges: GD ([http] in Intranet local) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - W:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (W:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL) - W:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL (Google) O20 - AppInit_DLLs: (W:\Windows\system32\guard32.dll) - W:\Windows\System32\guard32.dll () O20 - HKLM Winlogon: Shell - (explorer.exe) - W:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - W:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - W:\Windows\System32\igfxdev.dll (Intel Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - W:\Program Files\SpywareGuard - Protection\spywareguard.dll () O30 - LSA: Security Packages - (pku2u) - W:\Windows\System32\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - W:\Windows\System32\livessp.dll (Microsoft Corp.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - W:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{163c23a8-9c95-11df-9932-00030d7844bb}\Shell - "" = AutoRun O33 - MountPoints2\{163c23a8-9c95-11df-9932-00030d7844bb}\Shell\AutoRun\command - "" = F:\Installer.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found NetSvcs: Themes - W:\Windows\System32\themeservice.dll (Microsoft Corporation) NetSvcs: BDESVC - W:\Windows\System32\bdesvc.dll (Microsoft Corporation) ========== Files/Folders - Created Within 30 Days ========== [2010/11/22 10:25:22 | 000,000,000 | ---D | C] -- D:\Responsable editorial LPO 30 11 [2010/11/22 09:43:01 | 000,575,488 | ---- | C] (OldTimer Tools) -- W:\Users\Deux Ex Machina\Desktop\OTL.exe [2010/11/21 17:55:13 | 000,000,000 | ---D | C] -- W:\Windows\Minidump [2010/11/21 17:00:53 | 001,339,480 | ---- | C] (Kaspersky Lab ZAO) -- W:\Users\Deux Ex Machina\Desktop\TDSSKiller.exe [2010/11/20 11:29:21 | 000,000,000 | ---D | C] -- W:\Users\Deux Ex Machina\AppData\Roaming\TrueCrypt [2010/11/18 17:20:39 | 000,000,000 | ---D | C] -- W:\Users\Deux Ex Machina\AppData\Roaming\Avira [2010/11/18 16:12:32 | 000,028,520 | ---- | C] (Avira GmbH) -- W:\Windows\System32\drivers\ssmdrv.sys [2010/11/18 16:12:02 | 000,126,856 | ---- | C] (Avira GmbH) -- W:\Windows\System32\drivers\avipbb.sys [2010/11/18 16:12:02 | 000,060,936 | ---- | C] (Avira GmbH) -- W:\Windows\System32\drivers\avgntflt.sys [2010/11/18 16:11:57 | 000,000,000 | ---D | C] -- W:\ProgramData\Avira [2010/11/18 16:11:57 | 000,000,000 | ---D | C] -- W:\Program Files\Avira [2010/11/18 16:04:19 | 000,000,000 | ---D | C] -- D:\Mes Google Gadgets [2010/11/18 00:47:24 | 000,000,000 | ---D | C] -- W:\Users\Deux Ex Machina\AppData\Local\Apple [2010/11/17 16:43:54 | 000,000,000 | ---D | C] -- W:\Program Files\ESET [2010/11/17 11:19:43 | 000,000,000 | ---D | C] -- W:\Users\Deux Ex Machina\AppData\Roaming\Malwarebytes [2010/11/17 11:17:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- W:\Windows\System32\drivers\mbamswissarmy.sys [2010/11/17 11:17:12 | 000,000,000 | ---D | C] -- W:\ProgramData\Malwarebytes [2010/11/17 11:17:06 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- W:\Windows\System32\drivers\mbam.sys [2010/11/17 11:17:06 | 000,000,000 | ---D | C] -- W:\Program Files\Malwarebytes' Anti-Malware [2010/11/15 12:48:53 | 003,887,480 | ---- | C] (Sysinternals - www.sysinternals.com) -- W:\Program Files\procexp.exe [2010/11/15 11:02:41 | 000,000,000 | ---D | C] -- W:\Users\Deux Ex Machina\AppData\Local\ElevatedDiagnostics [2010/11/14 15:25:41 | 000,000,000 | ---D | C] -- W:\Users\Deux Ex Machina\AppData\Roaming\InstallShield [2010/11/14 14:52:00 | 000,000,000 | ---D | C] -- W:\Intel [2010/11/14 14:47:09 | 000,000,000 | ---D | C] -- W:\Users\Deux Ex Machina\AppData\Roaming\vlc [2010/11/14 14:43:45 | 000,000,000 | ---D | C] -- W:\Program Files\Realtek [2010/11/08 10:47:41 | 000,000,000 | ---D | C] -- W:\Program Files\iPod [2010/10/27 12:21:08 | 000,000,000 | ---D | C] -- W:\Program Files\Bonjour [2010/10/27 10:28:31 | 000,000,000 | R--D | C] -- W:\Program Files\Skype [2010/10/27 10:28:28 | 000,000,000 | ---D | C] -- W:\Users\Deux Ex Machina\AppData\Roaming\Skype [2010/10/27 10:12:36 | 000,641,536 | ---- | C] (Microsoft Corporation) -- W:\Windows\System32\CPFilters.dll [2010/10/27 10:12:35 | 000,204,288 | ---- | C] (Microsoft Corporation) -- W:\Windows\System32\MSNP.ax [2010/10/27 10:12:35 | 000,199,680 | ---- | C] (Microsoft Corporation) -- W:\Windows\System32\mpg2splt.ax [2010/10/27 10:12:30 | 000,026,504 | ---- | C] (Microsoft Corporation) -- W:\Windows\System32\drivers\Diskdump.sys ========== Files - Modified Within 30 Days ========== [2010/11/22 11:58:55 | 000,681,976 | ---- | M] () -- W:\Windows\System32\perfh00C.dat [2010/11/22 11:58:55 | 000,594,964 | ---- | M] () -- W:\Windows\System32\perfh009.dat [2010/11/22 11:58:55 | 000,121,872 | ---- | M] () -- W:\Windows\System32\perfc00C.dat [2010/11/22 11:58:55 | 000,099,334 | ---- | M] () -- W:\Windows\System32\perfc009.dat [2010/11/22 11:31:00 | 000,001,088 | ---- | M] () -- W:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-689601093-2118000924-3733035549-1001UA.job [2010/11/22 10:55:04 | 000,092,672 | ---- | M] () -- D:\Projet CV.doc [2010/11/22 10:18:09 | 003,507,883 | ---- | M] () -- D:\Expertise et blog.pdf [2010/11/22 09:44:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- W:\Users\Deux Ex Machina\Desktop\OTL.exe [2010/11/22 09:42:50 | 000,122,866 | ---- | M] () -- W:\Users\Deux Ex Machina\Desktop\Desinfection 2.pdf [2010/11/22 08:32:39 | 000,067,584 | --S- | M] () -- W:\Windows\bootstat.dat [2010/11/21 18:38:42 | 000,000,356 | ---- | M] () -- W:\Windows\tasks\GlaryInitialize.job [2010/11/21 18:31:00 | 000,001,036 | ---- | M] () -- W:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-689601093-2118000924-3733035549-1001Core.job [2010/11/21 18:03:24 | 000,013,248 | -H-- | M] () -- W:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010/11/21 18:03:24 | 000,013,248 | -H-- | M] () -- W:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010/11/21 17:53:03 | 1603,084,288 | -HS- | M] () -- W:\hiberfil.sys [2010/11/21 14:24:44 | 000,080,384 | ---- | M] () -- W:\Users\Deux Ex Machina\Desktop\MBRCheck(2).exe [2010/11/21 14:18:56 | 000,260,919 | ---- | M] () -- W:\Users\Deux Ex Machina\Desktop\inqtruction desinfection.pdf [2010/11/21 13:12:01 | 000,000,162 | -H-- | M] () -- D:\~$ojet CV.doc [2010/11/21 13:09:32 | 000,088,064 | ---- | M] () -- D:\CV.doc [2010/11/21 13:09:32 | 000,000,162 | -H-- | M] () -- D:\~$ .doc [2010/11/21 13:01:10 | 000,000,162 | -H-- | M] () -- D:\~$ travail CDP .doc [2010/11/21 12:59:45 | 000,000,162 | -H-- | M] () -- D:\~$ .doc [2010/11/20 12:26:20 | 011,692,086 | R--- | M] () -- W:\Windows\System32\drivers\etc\HOSTS [2010/11/19 15:36:12 | 000,324,490 | ---- | M] () -- D:\Journaliste .pdf [2010/11/19 13:16:55 | 000,639,981 | ---- | M] () -- D:\calendrier FPT Charentes 2010-mai2010.pdf [2010/11/19 12:57:26 | 000,258,798 | ---- | M] () -- D:\Calendrier coucours FP territoriale.pdf [2010/11/18 16:13:22 | 000,002,020 | ---- | M] () -- W:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/11/17 11:18:10 | 000,000,987 | ---- | M] () -- W:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/11/17 07:24:22 | 001,339,480 | ---- | M] (Kaspersky Lab ZAO) -- W:\Users\Deux Ex Machina\Desktop\TDSSKiller.exe [2010/11/14 12:51:22 | 000,000,945 | ---- | M] () -- W:\Users\Deux Ex Machina\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2010/11/10 18:24:26 | 000,053,248 | ---- | M] () -- D:\CVe.doc [2010/11/10 18:04:37 | 000,084,992 | ---- | M] () -- D:\CV travail .doc [2010/11/10 10:45:27 | 011,690,974 | R--- | M] () -- W:\Windows\System32\drivers\etc\hosts.20101120-122620.backup [2010/11/09 16:08:06 | 011,689,504 | ---- | M] () -- W:\Windows\System32\drivers\etc\hosts.20101110-104527.backup [2010/11/09 16:08:06 | 011,689,504 | ---- | M] () -- D:\HOSTS [2010/11/04 18:30:46 | 000,045,568 | ---- | M] () -- D:\courrier en-tete .doc [2010/11/01 14:01:56 | 000,088,064 | ---- | M] () -- D:\CV .doc [2010/10/29 14:22:41 | 000,023,763 | ---- | M] () -- D:\CV_.pdf [2010/10/27 10:19:46 | 000,001,050 | ---- | M] () -- W:\Users\Deux Ex Machina\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk [2010/10/27 10:19:46 | 000,001,026 | ---- | M] () -- W:\Users\Deux Ex Machina\Desktop\Glary Utilities.lnk [2010/10/25 23:40:57 | 000,000,447 | ---- | M] () -- D:\ax_files.xml ========== Files Created - No Company Name ========== [2010/11/22 11:55:23 | 000,122,866 | ---- | C] () -- W:\Users\Deux Ex Machina\Desktop\Desinfection 2.pdf [2010/11/22 10:45:27 | 000,182,213 | ---- | C] () -- D:\Projet .pdf [2010/11/22 10:18:09 | 003,507,883 | ---- | C] () -- D:\Expertise et blog.pdf [2010/11/21 17:01:38 | 000,260,919 | ---- | C] () -- W:\Users\Deux Ex Machina\Desktop\inqtruction desinfection.pdf [2010/11/21 17:00:43 | 000,080,384 | ---- | C] () -- W:\Users\Deux Ex Machina\Desktop\MBRCheck(2).exe [2010/11/21 13:12:01 | 000,000,162 | -H-- | C] () -- D:\~$ojet CV .doc [2010/11/21 13:11:59 | 000,092,672 | ---- | C] () -- D:\Projet CV .doc [2010/11/21 13:09:32 | 000,000,162 | -H-- | C] () -- D:\~$ GM.doc [2010/11/21 13:09:28 | 000,088,064 | ---- | C] () -- D:\CV GM.doc [2010/11/21 13:01:10 | 000,000,162 | -H-- | C] () -- D:\~$ travail CDP .doc [2010/11/21 12:59:45 | 000,000,162 | -H-- | C] () -- D:\~$ GM.doc [2010/11/20 17:44:04 | 000,088,064 | ---- | C] () -- D:\CV GM.doc [2010/11/20 17:44:04 | 000,053,248 | ---- | C] () -- D:\CV GM.doc [2010/11/20 17:44:04 | 000,052,009 | ---- | C] () -- D:\dossier pedagogique fais ton journal.pdf [2010/11/20 17:44:04 | 000,045,568 | ---- | C] () -- D:\courrier en-tete .doc [2010/11/20 17:44:04 | 000,023,763 | ---- | C] () -- D:\CV_.pdf [2010/11/20 17:44:03 | 003,181,222 | ---- | C] () -- D:\flickr securisation.pdf [2010/11/20 17:44:03 | 001,288,788 | ---- | C] () -- D:\Tutoriel-logiciel-fais-ton-journal.pdf [2010/11/20 17:44:03 | 000,760,325 | ---- | C] () -- D:\aide_creation_index.pdf [2010/11/20 17:44:03 | 000,639,981 | ---- | C] () -- D:\calendrier FPT Charentes 2010-mai2010.pdf [2010/11/20 17:44:03 | 000,258,798 | ---- | C] () -- D:\Calendrier coucours FP territoriale.pdf [2010/11/20 17:44:03 | 000,060,928 | ---- | C] () -- D:\Pour securiser et mieux utiliser un ordinateur.doc [2010/11/20 17:44:03 | 000,016,022 | ---- | C] () -- D:\Notes sur min identite numerique.docx [2010/11/18 16:13:22 | 000,002,020 | ---- | C] () -- W:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/11/17 11:18:10 | 000,000,987 | ---- | C] () -- W:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010/11/09 16:08:05 | 011,689,504 | ---- | C] () -- D:\HOSTS [2010/10/07 10:36:42 | 000,001,928 | ---- | C] () -- W:\Program Files\Adobe Reader 9.lnk [2010/08/22 11:01:56 | 000,001,071 | ---- | C] () -- W:\Program Files\Picasa 3.lnk [2010/08/22 09:55:48 | 000,116,224 | ---- | C] () -- W:\Windows\System32\pdfcmnnt.dll [2010/08/16 21:42:50 | 000,001,149 | ---- | C] () -- W:\Program Files\Google Talk.lnk [2010/07/18 18:38:13 | 000,697,328 | ---- | C] () -- W:\Windows\System32\drivers\sptd.sys [2010/07/18 18:02:44 | 000,000,117 | ---- | C] () -- W:\Windows\SoftWriting.ini [2010/07/17 20:11:42 | 000,139,008 | ---- | C] () -- W:\Windows\System32\guard32.dll [2010/07/17 17:37:22 | 000,140,288 | ---- | C] () -- W:\Windows\System32\igfxtvcx.dll [2010/07/17 16:43:30 | 000,000,025 | ---- | C] () -- W:\Windows\libem.INI [2009/12/03 08:27:30 | 000,080,416 | ---- | C] () -- W:\Windows\System32\RtNicProp32.dll [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- W:\Windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- W:\Windows\System32\BWContextHandler.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () -- W:\autoexec.bat [2009/06/10 22:42:20 | 000,000,010 | ---- | M] () -- W:\config.sys [2010/11/21 17:53:03 | 1603,084,288 | -HS- | M] () -- W:\hiberfil.sys [2010/09/19 08:43:21 | 000,009,593 | ---- | M] () -- W:\JavaRa.log [2010/11/21 17:13:57 | 000,063,004 | ---- | M] () -- W:\TDSSKiller.2.4.8.0_21.11.2010_17.08.43_log.txt < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\drivers\*.sys /90 > [2010/08/27 04:31:30 | 000,310,784 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\drivers\srv.sys [2010/08/27 04:30:47 | 000,308,736 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\drivers\srv2.sys [2010/08/27 04:30:40 | 000,113,664 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\drivers\srvnet.sys [2010/09/06 17:06:43 | 000,231,248 | ---- | M] (TrueCrypt Foundation) -- W:\Windows\System32\drivers\truecrypt.sys ========== Alternate Data Streams ========== @Alternate Data Stream - 95 bytes -> W:\ProgramData\TEMP:5C321E34 < End of report > Et maintenant le rapport Extras: OTL Extras logfile created on: 22/11/2010 11:59:18 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = W:\Users\Deux Ex Machina\Desktop An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 62,00% Paging File free Paging file location(s): s:\pagefile.sys 220 2040 [binary data] %SystemDrive% = W: | %SystemRoot% = W:\Windows | %ProgramFiles% = W:\Program Files Drive C: | 48,75 Gb Total Space | 0,68 Gb Free Space | 1,40% Space Free | Partition Type: NTFS Drive D: | 51,57 Gb Total Space | 6,21 Gb Free Space | 12,04% Space Free | Partition Type: NTFS Drive G: | 979,03 Mb Total Space | 971,08 Mb Free Space | 99,19% Space Free | Partition Type: FAT32 Drive H: | 248,99 Mb Total Space | 238,48 Mb Free Space | 95,78% Space Free | Partition Type: FAT32 Drive K: | 465,76 Gb Total Space | 34,94 Gb Free Space | 7,50% Space Free | Partition Type: NTFS Drive S: | 1,99 Gb Total Space | 1,78 Gb Free Space | 89,21% Space Free | Partition Type: FAT32 Drive W: | 35,00 Gb Total Space | 17,37 Gb Free Space | 49,64% Space Free | Partition Type: NTFS Computer Name: THINKINGMACHINE | User Name: Deux Ex Machina | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- W:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- W:\Windows\winhlp32.exe (Microsoft Corporation) .reg [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- W:\Program Files\Firefox - Navigateur internet\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "W:\Program Files\VLC - Video\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [browse with &IrfanView] -- "W:\Program Files\IrfanView - Lecteur Images\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "W:\Program Files\VLC - Video\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "W:\Program Files\FlashGet 3 - Gestion telechargement\FlashGet3.exe" = W:\Program Files\FlashGet 3 - Gestion telechargement\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] ".sol Editor" = .sol Editor 1.1.0.1 "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control "{13CD417D-F1F1-4AC4-945D-FDDEB884756F}" = Microsoft Baseline Security Analyzer 2.2 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only) "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10 "{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2 "{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java 6 Update 22 "{2AD738DC-FC24-4342-A2DA-BB6DCCF6B048}" = Jing "{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM) "{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10 "{7F6291BF-6354-4D3F-8BF8-47D8DB46E45C}" = Classic Shell "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007 "{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007 "{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007 "{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007 "{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10 "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D3A80508-CD83-4CA3-8671-914A1BC78B61}" = Microsoft Sync Framework 2.0 Provider Services (x86) ENU "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{F7E1CA14-B39D-452A-960B-39423DDDD933}" = DriveImage XML (Private Edition) "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour "{FF63121D-91C6-42CC-B341-F1AA729728E7}" = Microsoft Sync Framework 2.0 Core Components (x86) ENU "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind "CCleaner" = CCleaner "CobBackup10" = Cobian Backup 10 "ENTERPRISE" = Microsoft Office Enterprise 2007 "ESET Online Scanner" = ESET Online Scanner v3 "Exifer_is1" = Exifer "FileHippo.com" = FileHippo.com Update Checker "FlashGet 3.5" = FlashGet 3.5 "Glary Utilities_is1" = Glary Utilities 2.29.0.1032 "Google Desktop" = Google Desktop "HDMI" = Intel® Graphics Media Accelerator Driver "hpHosts_is1" = hpHosts "ImgBurn" = ImgBurn "IrfanView" = IrfanView (remove only) "JDownloader" = JDownloader "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "MozBackup" = MozBackup 1.4.10 "Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12) "Mozilla Sunbird (0.9)" = Mozilla Sunbird (0.9) "Mozilla Thunderbird (3.1.6)" = Mozilla Thunderbird (3.1.6) "MyDefrag v4.3.1_is1" = MyDefrag v4.3.1 "Notepad++" = Notepad++ "OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français "Picasa 3" = Picasa 3 "Secunia PSI" = Secunia PSI "SimpleOCR 3.1" = SimpleOCR 3.1 "SMSERIAL" = Motorola SM56 Speakerphone Modem "SpywareBlaster_is1" = SpywareBlaster 4.4 "SpywareGuard_is1" = SpywareGuard v2.2 "TrueCrypt" = TrueCrypt "TVWiz" = Intel® TV Wizard "uTorrent" = µTorrent "VLC media player" = VLC media player 1.1.4 "WinGimp-2.0_is1" = GIMP 2.6.10 "WinLiveSuite" = Windows Live "XnView_is1" = XnView 1.97.6 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 21/11/2010 13:41:10 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Données non valides. . Error - 22/11/2010 03:43:58 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Données non valides. . Error - 22/11/2010 03:45:25 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Données non valides. . Error - 22/11/2010 04:58:23 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Données non valides. . Error - 22/11/2010 05:05:22 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Données non valides. . Error - 22/11/2010 05:06:05 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Données non valides. . Error - 22/11/2010 05:32:46 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Données non valides. . Error - 22/11/2010 05:32:46 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Données non valides. . Error - 22/11/2010 05:32:46 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Données non valides. . Error - 22/11/2010 05:32:47 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> avec l’erreur : Données non valides. . [ System Events ] Error - 20/11/2010 13:16:33 | Computer Name = ThinkingMachine | Source = Service Control Manager | ID = 7001 Description = Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : %%1068 Error - 20/11/2010 13:16:33 | Computer Name = ThinkingMachine | Source = Service Control Manager | ID = 7001 Description = Le service Service Liste des réseaux dépend du service Connaissance des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : %%1068 Error - 21/11/2010 10:05:27 | Computer Name = ThinkingMachine | Source = EventLog | ID = 6008 Description = L’arrêt système précédant à 14:15:04 le ?21/?11/?2010 n’était pas prévu. Error - 21/11/2010 10:06:21 | Computer Name = ThinkingMachine | Source = Service Control Manager | ID = 7009 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service SBSD Security Center Service. Error - 21/11/2010 10:06:21 | Computer Name = ThinkingMachine | Source = Service Control Manager | ID = 7000 Description = Le service SBSD Security Center Service n’a pas pu démarrer en raison de l’erreur : %%1053 Error - 21/11/2010 12:55:17 | Computer Name = ThinkingMachine | Source = EventLog | ID = 6008 Description = L’arrêt système précédant à 17:14:07 le ?21/?11/?2010 n’était pas prévu. Error - 21/11/2010 12:55:18 | Computer Name = THINKINGMACHINE | Source = BugCheck | ID = 1001 Description = Error - 21/11/2010 12:56:11 | Computer Name = ThinkingMachine | Source = Service Control Manager | ID = 7009 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service SBSD Security Center Service. Error - 21/11/2010 12:56:11 | Computer Name = ThinkingMachine | Source = Service Control Manager | ID = 7000 Description = Le service SBSD Security Center Service n’a pas pu démarrer en raison de l’erreur : %%1053 Error - 21/11/2010 18:44:07 | Computer Name = ThinkingMachine | Source = Service Control Manager | ID = 7011 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service ShellHWDetection. < End of report > Sinon, je n'ai pu brancher qu'un DD externe et 2 clefs USB. Je relance le logiciel avec les clefs restantes ?
  5. GreGDurablement
    Hum... j'ai plus de clefs USB utilisées récemment que je n'ai de ports. Comment je procède ?
  6. GreGDurablement
    Voici le rapport TDSSKiller: 2010/11/21 17:08:43.0836 TDSS rootkit removing tool 2.4.8.0 Nov 17 2010 07:23:12 2010/11/21 17:08:43.0836 ================================================================================ 2010/11/21 17:08:43.0836 SystemInfo: 2010/11/21 17:08:43.0836 2010/11/21 17:08:43.0836 OS Version: 6.1.7600 ServicePack: 0.0 2010/11/21 17:08:43.0836 Product type: Workstation 2010/11/21 17:08:43.0836 ComputerName: THINKINGMACHINE 2010/11/21 17:08:43.0836 UserName: Deux Ex Machina 2010/11/21 17:08:43.0836 Windows directory: W:\Windows 2010/11/21 17:08:43.0836 System windows directory: W:\Windows 2010/11/21 17:08:43.0836 Processor architecture: Intel x86 2010/11/21 17:08:43.0836 Number of processors: 2 2010/11/21 17:08:43.0836 Page size: 0x1000 2010/11/21 17:08:43.0836 Boot type: Normal boot 2010/11/21 17:08:43.0836 ================================================================================ 2010/11/21 17:08:52.0650 Initialize success 2010/11/21 17:08:58.0641 ================================================================================ 2010/11/21 17:08:58.0641 Scan started 2010/11/21 17:08:58.0641 Mode: Manual; 2010/11/21 17:08:58.0641 ================================================================================ 2010/11/21 17:09:02.0213 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) W:\Windows\system32\DRIVERS\1394ohci.sys 2010/11/21 17:09:02.0400 ACPI (f0e07d144c8685b8774bc32fc8da4df0) W:\Windows\system32\DRIVERS\ACPI.sys 2010/11/21 17:09:02.0556 AcpiPmi (98d81ca942d19f7d9153b095162ac013) W:\Windows\system32\DRIVERS\acpipmi.sys 2010/11/21 17:09:02.0790 adp94xx (21e785ebd7dc90a06391141aac7892fb) W:\Windows\system32\DRIVERS\adp94xx.sys 2010/11/21 17:09:02.0978 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) W:\Windows\system32\DRIVERS\adpahci.sys 2010/11/21 17:09:03.0165 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) W:\Windows\system32\DRIVERS\adpu320.sys 2010/11/21 17:09:03.0430 AFD (ddc040fdb01ef1712a6b13e52afb104c) W:\Windows\system32\drivers\afd.sys 2010/11/21 17:09:03.0555 agp440 (507812c3054c21cef746b6ee3d04dd6e) W:\Windows\system32\DRIVERS\agp440.sys 2010/11/21 17:09:03.0773 aic78xx (8b30250d573a8f6b4bd23195160d8707) W:\Windows\system32\DRIVERS\djsvs.sys 2010/11/21 17:09:03.0976 aliide (0d40bcf52ea90fc7df2aeab6503dea44) W:\Windows\system32\DRIVERS\aliide.sys 2010/11/21 17:09:04.0070 amdagp (3c6600a0696e90a463771c7422e23ab5) W:\Windows\system32\DRIVERS\amdagp.sys 2010/11/21 17:09:04.0210 amdide (cd5914170297126b6266860198d1d4f0) W:\Windows\system32\DRIVERS\amdide.sys 2010/11/21 17:09:04.0382 AmdK8 (00dda200d71bac534bf56a9db5dfd666) W:\Windows\system32\DRIVERS\amdk8.sys 2010/11/21 17:09:04.0522 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) W:\Windows\system32\DRIVERS\amdppm.sys 2010/11/21 17:09:04.0631 amdsata (2101a86c25c154f8314b24ef49d7fbc2) W:\Windows\system32\DRIVERS\amdsata.sys 2010/11/21 17:09:04.0772 amdsbs (ea43af0c423ff267355f74e7a53bdaba) W:\Windows\system32\DRIVERS\amdsbs.sys 2010/11/21 17:09:04.0928 amdxata (b81c2b5616f6420a9941ea093a92b150) W:\Windows\system32\DRIVERS\amdxata.sys 2010/11/21 17:09:05.0115 AppID (feb834c02ce1e84b6a38f953ca067706) W:\Windows\system32\drivers\appid.sys 2010/11/21 17:09:05.0442 arc (2932004f49677bd84dbc72edb754ffb3) W:\Windows\system32\DRIVERS\arc.sys 2010/11/21 17:09:05.0645 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) W:\Windows\system32\DRIVERS\arcsas.sys 2010/11/21 17:09:05.0832 AsyncMac (add2ade1c2b285ab8378d2daaf991481) W:\Windows\system32\DRIVERS\asyncmac.sys 2010/11/21 17:09:06.0066 atapi (338c86357871c167a96ab976519bf59e) W:\Windows\system32\DRIVERS\atapi.sys 2010/11/21 17:09:06.0238 avgntflt (1eb7d72a82f94f7e9496d363fce00b68) W:\Windows\system32\DRIVERS\avgntflt.sys 2010/11/21 17:09:06.0472 avipbb (f8c56231ed5ecf7d1b46b0330880ccef) W:\Windows\system32\DRIVERS\avipbb.sys 2010/11/21 17:09:06.0722 b06bdrv (1a231abec60fd316ec54c66715543cec) W:\Windows\system32\DRIVERS\bxvbdx.sys 2010/11/21 17:09:07.0002 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) W:\Windows\system32\DRIVERS\b57nd60x.sys 2010/11/21 17:09:07.0205 Beep (505506526a9d467307b3c393dedaf858) W:\Windows\system32\drivers\Beep.sys 2010/11/21 17:09:07.0502 blbdrive (2287078ed48fcfc477b05b20cf38f36f) W:\Windows\system32\DRIVERS\blbdrive.sys 2010/11/21 17:09:07.0829 bowser (fcafaef6798d7b51ff029f99a9898961) W:\Windows\system32\DRIVERS\bowser.sys 2010/11/21 17:09:08.0001 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) W:\Windows\system32\DRIVERS\BrFiltLo.sys 2010/11/21 17:09:08.0141 BrFiltUp (56801ad62213a41f6497f96dee83755a) W:\Windows\system32\DRIVERS\BrFiltUp.sys 2010/11/21 17:09:08.0328 Brserid (845b8ce732e67f3b4133164868c666ea) W:\Windows\System32\Drivers\Brserid.sys 2010/11/21 17:09:08.0484 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) W:\Windows\System32\Drivers\BrSerWdm.sys 2010/11/21 17:09:08.0578 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) W:\Windows\System32\Drivers\BrUsbMdm.sys 2010/11/21 17:09:08.0781 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) W:\Windows\System32\Drivers\BrUsbSer.sys 2010/11/21 17:09:08.0890 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) W:\Windows\system32\DRIVERS\bthmodem.sys 2010/11/21 17:09:09.0155 cdfs (77ea11b065e0a8ab902d78145ca51e10) W:\Windows\system32\DRIVERS\cdfs.sys 2010/11/21 17:09:09.0358 cdrom (ba6e70aa0e6091bc39de29477d866a77) W:\Windows\system32\DRIVERS\cdrom.sys 2010/11/21 17:09:09.0530 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) W:\Windows\system32\DRIVERS\circlass.sys 2010/11/21 17:09:09.0748 CLFS (635181e0e9bbf16871bf5380d71db02d) W:\Windows\system32\CLFS.sys 2010/11/21 17:09:10.0029 CmBatt (dea805815e587dad1dd2c502220b5616) W:\Windows\system32\DRIVERS\CmBatt.sys 2010/11/21 17:09:10.0247 cmdGuard (21fd53b014fd91f78c32fea3f7d0d448) W:\Windows\system32\DRIVERS\cmdguard.sys 2010/11/21 17:09:10.0434 cmdHlp (512862cc91ddf82cd2c826b64c713358) W:\Windows\system32\DRIVERS\cmdhlp.sys 2010/11/21 17:09:10.0559 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) W:\Windows\system32\DRIVERS\cmdide.sys 2010/11/21 17:09:10.0856 CNG (1b675691ed940766149c93e8f4488d68) W:\Windows\system32\Drivers\cng.sys 2010/11/21 17:09:11.0027 Compbatt (a6023d3823c37043986713f118a89bee) W:\Windows\system32\DRIVERS\compbatt.sys 2010/11/21 17:09:11.0261 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) W:\Windows\system32\DRIVERS\CompositeBus.sys 2010/11/21 17:09:11.0480 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) W:\Windows\system32\DRIVERS\crcdisk.sys 2010/11/21 17:09:11.0698 CSC (27c9490bdd0ae48911ab8cf1932591ed) W:\Windows\system32\drivers\csc.sys 2010/11/21 17:09:12.0119 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) W:\Windows\system32\Drivers\dfsc.sys 2010/11/21 17:09:12.0400 discache (1a050b0274bfb3890703d490f330c0da) W:\Windows\system32\drivers\discache.sys 2010/11/21 17:09:12.0603 Disk (565003f326f99802e68ca78f2a68e9ff) W:\Windows\system32\DRIVERS\disk.sys 2010/11/21 17:09:12.0852 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) W:\Windows\system32\drivers\drmkaud.sys 2010/11/21 17:09:13.0055 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) W:\Windows\System32\drivers\dxgkrnl.sys 2010/11/21 17:09:13.0508 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) W:\Windows\system32\DRIVERS\evbdx.sys 2010/11/21 17:09:13.0898 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) W:\Windows\system32\DRIVERS\elxstor.sys 2010/11/21 17:09:14.0038 ErrDev (8fc3208352dd3912c94367a206ab3f11) W:\Windows\system32\DRIVERS\errdev.sys 2010/11/21 17:09:14.0256 exfat (2dc9108d74081149cc8b651d3a26207f) W:\Windows\system32\drivers\exfat.sys 2010/11/21 17:09:14.0444 fastfat (7e0ab74553476622fb6ae36f73d97d35) W:\Windows\system32\drivers\fastfat.sys 2010/11/21 17:09:14.0615 fdc (e817a017f82df2a1f8cfdbda29388b29) W:\Windows\system32\DRIVERS\fdc.sys 2010/11/21 17:09:14.0787 FileInfo (6cf00369c97f3cf563be99be983d13d8) W:\Windows\system32\drivers\fileinfo.sys 2010/11/21 17:09:14.0880 Filetrace (42c51dc94c91da21cb9196eb64c45db9) W:\Windows\system32\drivers\filetrace.sys 2010/11/21 17:09:15.0036 flpydisk (87907aa70cb3c56600f1c2fb8841579b) W:\Windows\system32\DRIVERS\flpydisk.sys 2010/11/21 17:09:15.0161 FltMgr (7520ec808e0c35e0ee6f841294316653) W:\Windows\system32\drivers\fltmgr.sys 2010/11/21 17:09:15.0333 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) W:\Windows\system32\drivers\FsDepends.sys 2010/11/21 17:09:15.0442 Fs_Rec (a574b4360e438977038aae4bf60d79a2) W:\Windows\system32\drivers\Fs_Rec.sys 2010/11/21 17:09:15.0707 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) W:\Windows\system32\DRIVERS\fvevol.sys 2010/11/21 17:09:15.0879 gagp30kx (65ee0c7a58b65e74ae05637418153938) W:\Windows\system32\DRIVERS\gagp30kx.sys 2010/11/21 17:09:16.0035 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) W:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2010/11/21 17:09:16.0316 hcw85cir (c44e3c2bab6837db337ddee7544736db) W:\Windows\system32\drivers\hcw85cir.sys 2010/11/21 17:09:16.0503 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) W:\Windows\system32\drivers\HdAudio.sys 2010/11/21 17:09:16.0690 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) W:\Windows\system32\DRIVERS\HDAudBus.sys 2010/11/21 17:09:16.0924 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) W:\Windows\system32\DRIVERS\HidBatt.sys 2010/11/21 17:09:17.0033 HidBth (89448f40e6df260c206a193a4683ba78) W:\Windows\system32\DRIVERS\hidbth.sys 2010/11/21 17:09:17.0236 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) W:\Windows\system32\DRIVERS\hidir.sys 2010/11/21 17:09:17.0517 HidUsb (25072fb35ac90b25f9e4e3bacf774102) W:\Windows\system32\DRIVERS\hidusb.sys 2010/11/21 17:09:17.0813 HpSAMD (295fdc419039090eb8b49ffdbb374549) W:\Windows\system32\DRIVERS\HpSAMD.sys 2010/11/21 17:09:18.0032 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) W:\Windows\system32\drivers\HTTP.sys 2010/11/21 17:09:18.0250 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) W:\Windows\system32\drivers\hwpolicy.sys 2010/11/21 17:09:18.0500 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) W:\Windows\system32\DRIVERS\i8042prt.sys 2010/11/21 17:09:18.0687 iaStorV (934af4d7c5f457b9f0743f4299b77b67) W:\Windows\system32\DRIVERS\iaStorV.sys 2010/11/21 17:09:19.0170 igfx (9467514ea189475a6e7fdc5d7bde9d3f) W:\Windows\system32\DRIVERS\igdkmd32.sys 2010/11/21 17:09:19.0638 iirsp (4173ff5708f3236cf25195fecd742915) W:\Windows\system32\DRIVERS\iirsp.sys 2010/11/21 17:09:19.0841 Inspect (040f2142d21cbe036d35db56da877c30) W:\Windows\system32\DRIVERS\inspect.sys 2010/11/21 17:09:19.0966 intelide (a0f12f2c9ba6c72f3987ce780e77c130) W:\Windows\system32\DRIVERS\intelide.sys 2010/11/21 17:09:20.0138 intelppm (3b514d27bfc4accb4037bc6685f766e0) W:\Windows\system32\DRIVERS\intelppm.sys 2010/11/21 17:09:20.0309 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) W:\Windows\system32\DRIVERS\ipfltdrv.sys 2010/11/21 17:09:20.0512 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) W:\Windows\system32\DRIVERS\IPMIDrv.sys 2010/11/21 17:09:20.0699 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) W:\Windows\system32\drivers\ipnat.sys 2010/11/21 17:09:20.0886 IRENUM (42996cff20a3084a56017b7902307e9f) W:\Windows\system32\drivers\irenum.sys 2010/11/21 17:09:21.0089 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) W:\Windows\system32\DRIVERS\isapnp.sys 2010/11/21 17:09:21.0292 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) W:\Windows\system32\DRIVERS\msiscsi.sys 2010/11/21 17:09:21.0448 kbdclass (adef52ca1aeae82b50df86b56413107e) W:\Windows\system32\DRIVERS\kbdclass.sys 2010/11/21 17:09:21.0713 kbdhid (3d9f0ebf350edcfd6498057301455964) W:\Windows\system32\DRIVERS\kbdhid.sys 2010/11/21 17:09:21.0885 KSecDD (e36a061ec11b373826905b21be10948f) W:\Windows\system32\Drivers\ksecdd.sys 2010/11/21 17:09:22.0025 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) W:\Windows\system32\Drivers\ksecpkg.sys 2010/11/21 17:09:22.0337 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) W:\Windows\system32\DRIVERS\lltdio.sys 2010/11/21 17:09:22.0758 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) W:\Windows\system32\DRIVERS\lsi_fc.sys 2010/11/21 17:09:22.0946 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) W:\Windows\system32\DRIVERS\lsi_sas.sys 2010/11/21 17:09:23.0055 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) W:\Windows\system32\DRIVERS\lsi_sas2.sys 2010/11/21 17:09:23.0273 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) W:\Windows\system32\DRIVERS\lsi_scsi.sys 2010/11/21 17:09:23.0476 luafv (6703e366cc18d3b6e534f5cf7df39cee) W:\Windows\system32\drivers\luafv.sys 2010/11/21 17:09:23.0694 MBAMSwissArmy (c7dd7d9739785bd3a6b8499eec1dee7e) W:\Windows\system32\drivers\mbamswissarmy.sys 2010/11/21 17:09:23.0882 megasas (0fff5b045293002ab38eb1fd1fc2fb74) W:\Windows\system32\DRIVERS\megasas.sys 2010/11/21 17:09:24.0053 MegaSR (dcbab2920c75f390caf1d29f675d03d6) W:\Windows\system32\DRIVERS\MegaSR.sys 2010/11/21 17:09:24.0303 mod7700 (c4fee5e6c41b3c5a7257b33ad624bb10) W:\Windows\system32\Drivers\mod7700.sys 2010/11/21 17:09:24.0630 Modem (f001861e5700ee84e2d4e52c712f4964) W:\Windows\system32\drivers\modem.sys 2010/11/21 17:09:24.0786 MODEMCSA (25483f9d590d5f00bd951e1181453ec2) W:\Windows\system32\drivers\MODEMCSA.sys 2010/11/21 17:09:24.0927 monitor (79d10964de86b292320e9dfe02282a23) W:\Windows\system32\DRIVERS\monitor.sys 2010/11/21 17:09:25.0067 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) W:\Windows\system32\DRIVERS\mouclass.sys 2010/11/21 17:09:25.0270 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) W:\Windows\system32\DRIVERS\mouhid.sys 2010/11/21 17:09:25.0410 mountmgr (921c18727c5920d6c0300736646931c2) W:\Windows\system32\drivers\mountmgr.sys 2010/11/21 17:09:25.0535 mpio (2af5997438c55fb79d33d015c30e1974) W:\Windows\system32\DRIVERS\mpio.sys 2010/11/21 17:09:25.0691 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) W:\Windows\system32\drivers\mpsdrv.sys 2010/11/21 17:09:25.0847 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) W:\Windows\system32\drivers\mrxdav.sys 2010/11/21 17:09:26.0019 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) W:\Windows\system32\DRIVERS\mrxsmb.sys 2010/11/21 17:09:26.0128 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) W:\Windows\system32\DRIVERS\mrxsmb10.sys 2010/11/21 17:09:26.0284 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) W:\Windows\system32\DRIVERS\mrxsmb20.sys 2010/11/21 17:09:26.0471 msahci (4326d168944123f38dd3b2d9c37a0b12) W:\Windows\system32\DRIVERS\msahci.sys 2010/11/21 17:09:26.0580 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) W:\Windows\system32\DRIVERS\msdsm.sys 2010/11/21 17:09:26.0799 Msfs (daefb28e3af5a76abcc2c3078c07327f) W:\Windows\system32\drivers\Msfs.sys 2010/11/21 17:09:26.0955 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) W:\Windows\System32\drivers\mshidkmdf.sys 2010/11/21 17:09:27.0080 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) W:\Windows\system32\DRIVERS\msisadrv.sys 2010/11/21 17:09:27.0267 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) W:\Windows\system32\drivers\MSKSSRV.sys 2010/11/21 17:09:27.0423 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) W:\Windows\system32\drivers\MSPCLOCK.sys 2010/11/21 17:09:27.0594 MSPQM (f456e973590d663b1073e9c463b40932) W:\Windows\system32\drivers\MSPQM.sys 2010/11/21 17:09:27.0735 MsRPC (0e008fc4819d238c51d7c93e7b41e560) W:\Windows\system32\drivers\MsRPC.sys 2010/11/21 17:09:27.0922 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) W:\Windows\system32\DRIVERS\mssmbios.sys 2010/11/21 17:09:28.0094 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) W:\Windows\system32\drivers\MSTEE.sys 2010/11/21 17:09:28.0218 MTConfig (33599130f44e1f34631cea241de8ac84) W:\Windows\system32\DRIVERS\MTConfig.sys 2010/11/21 17:09:28.0343 Mup (159fad02f64e6381758c990f753bcc80) W:\Windows\system32\Drivers\mup.sys 2010/11/21 17:09:28.0593 NativeWifiP (26384429fcd85d83746f63e798ab1480) W:\Windows\system32\DRIVERS\nwifi.sys 2010/11/21 17:09:28.0842 NDIS (23759d175a0a9baaf04d05047bc135a8) W:\Windows\system32\drivers\ndis.sys 2010/11/21 17:09:29.0092 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) W:\Windows\system32\DRIVERS\ndiscap.sys 2010/11/21 17:09:29.0248 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) W:\Windows\system32\DRIVERS\ndistapi.sys 2010/11/21 17:09:29.0404 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) W:\Windows\system32\DRIVERS\ndisuio.sys 2010/11/21 17:09:29.0529 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) W:\Windows\system32\DRIVERS\ndiswan.sys 2010/11/21 17:09:29.0716 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) W:\Windows\system32\drivers\NDProxy.sys 2010/11/21 17:09:29.0841 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) W:\Windows\system32\DRIVERS\netbios.sys 2010/11/21 17:09:30.0106 NetBT (dd52a733bf4ca5af84562a5e2f963b91) W:\Windows\system32\DRIVERS\netbt.sys 2010/11/21 17:09:30.0590 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) W:\Windows\system32\DRIVERS\netw5v32.sys 2010/11/21 17:09:30.0917 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) W:\Windows\system32\DRIVERS\nfrd960.sys 2010/11/21 17:09:31.0120 Npfs (1db262a9f8c087e8153d89bef3d2235f) W:\Windows\system32\drivers\Npfs.sys 2010/11/21 17:09:31.0260 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) W:\Windows\system32\drivers\nsiproxy.sys 2010/11/21 17:09:31.0526 Ntfs (3795dcd21f740ee799fb7223234215af) W:\Windows\system32\drivers\Ntfs.sys 2010/11/21 17:09:31.0806 Null (f9756a98d69098dca8945d62858a812c) W:\Windows\system32\drivers\Null.sys 2010/11/21 17:09:31.0994 nvraid (3f3d04b1d08d43c16ea7963954ec768d) W:\Windows\system32\DRIVERS\nvraid.sys 2010/11/21 17:09:32.0165 nvstor (c99f251a5de63c6f129cf71933aced0f) W:\Windows\system32\DRIVERS\nvstor.sys 2010/11/21 17:09:32.0306 nv_agp (5a0983915f02bae73267cc2a041f717d) W:\Windows\system32\DRIVERS\nv_agp.sys 2010/11/21 17:09:32.0477 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) W:\Windows\system32\DRIVERS\ohci1394.sys 2010/11/21 17:09:32.0727 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) W:\Windows\system32\DRIVERS\parport.sys 2010/11/21 17:09:32.0852 partmgr (ff4218952b51de44fe910953a3e686b9) W:\Windows\system32\drivers\partmgr.sys 2010/11/21 17:09:32.0961 Parvdm (eb0a59f29c19b86479d36b35983daadc) W:\Windows\system32\DRIVERS\parvdm.sys 2010/11/21 17:09:33.0117 pci (c858cb77c577780ecc456a892e7e7d0f) W:\Windows\system32\DRIVERS\pci.sys 2010/11/21 17:09:33.0226 pciide (afe86f419014db4e5593f69ffe26ce0a) W:\Windows\system32\DRIVERS\pciide.sys 2010/11/21 17:09:33.0366 pcmcia (f396431b31693e71e8a80687ef523506) W:\Windows\system32\DRIVERS\pcmcia.sys 2010/11/21 17:09:33.0507 pcw (250f6b43d2b613172035c6747aeeb19f) W:\Windows\system32\drivers\pcw.sys 2010/11/21 17:09:33.0678 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) W:\Windows\system32\drivers\peauth.sys 2010/11/21 17:09:34.0178 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) W:\Windows\system32\DRIVERS\raspptp.sys 2010/11/21 17:09:34.0349 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) W:\Windows\system32\DRIVERS\processr.sys 2010/11/21 17:09:34.0614 Psched (6270ccae2a86de6d146529fe55b3246a) W:\Windows\system32\DRIVERS\pacer.sys 2010/11/21 17:09:34.0770 PSI (1df21f001f3a94eba4a2950c70cc358f) W:\Windows\system32\DRIVERS\psi_mf.sys 2010/11/21 17:09:34.0989 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) W:\Windows\system32\DRIVERS\ql2300.sys 2010/11/21 17:09:35.0176 ql40xx (b4dd51dd25182244b86737dc51af2270) W:\Windows\system32\DRIVERS\ql40xx.sys 2010/11/21 17:09:35.0348 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) W:\Windows\system32\drivers\qwavedrv.sys 2010/11/21 17:09:35.0472 RasAcd (30a81b53c766d0133bb86d234e5556ab) W:\Windows\system32\DRIVERS\rasacd.sys 2010/11/21 17:09:35.0613 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) W:\Windows\system32\DRIVERS\AgileVpn.sys 2010/11/21 17:09:35.0769 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) W:\Windows\system32\DRIVERS\rasl2tp.sys 2010/11/21 17:09:35.0987 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) W:\Windows\system32\DRIVERS\raspppoe.sys 2010/11/21 17:09:36.0096 RasSstp (44101f495a83ea6401d886e7fd70096b) W:\Windows\system32\DRIVERS\rassstp.sys 2010/11/21 17:09:36.0252 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) W:\Windows\system32\DRIVERS\rdbss.sys 2010/11/21 17:09:36.0408 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) W:\Windows\system32\DRIVERS\rdpbus.sys 2010/11/21 17:09:36.0533 RDPCDD (1e016846895b15a99f9a176a05029075) W:\Windows\system32\DRIVERS\RDPCDD.sys 2010/11/21 17:09:36.0736 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) W:\Windows\system32\drivers\rdpdr.sys 2010/11/21 17:09:36.0861 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) W:\Windows\system32\drivers\rdpencdd.sys 2010/11/21 17:09:36.0986 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) W:\Windows\system32\drivers\rdprefmp.sys 2010/11/21 17:09:37.0110 RDPWD (801371ba9782282892d00aadb08ee367) W:\Windows\system32\drivers\RDPWD.sys 2010/11/21 17:09:37.0251 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) W:\Windows\system32\drivers\rdyboost.sys 2010/11/21 17:09:37.0500 rspndr (032b0d36ad92b582d869879f5af5b928) W:\Windows\system32\DRIVERS\rspndr.sys 2010/11/21 17:09:37.0688 RTL8167 (d5ede44ca85899e0478208c8413c1c31) W:\Windows\system32\DRIVERS\Rt86win7.sys 2010/11/21 17:09:37.0890 s3cap (5423d8437051e89dd34749f242c98648) W:\Windows\system32\DRIVERS\vms3cap.sys 2010/11/21 17:09:38.0046 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) W:\Windows\system32\DRIVERS\sbp2port.sys 2010/11/21 17:09:38.0202 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) W:\Windows\system32\DRIVERS\scfilter.sys 2010/11/21 17:09:38.0405 secdrv (90a3935d05b494a5a39d37e71f09a677) W:\Windows\system32\drivers\secdrv.sys 2010/11/21 17:09:38.0655 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) W:\Windows\system32\DRIVERS\serenum.sys 2010/11/21 17:09:38.0733 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) W:\Windows\system32\DRIVERS\serial.sys 2010/11/21 17:09:38.0889 sermouse (79bffb520327ff916a582dfea17aa813) W:\Windows\system32\DRIVERS\sermouse.sys 2010/11/21 17:09:39.0138 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) W:\Windows\system32\DRIVERS\sffdisk.sys 2010/11/21 17:09:39.0279 sffp_mmc (932a68ee27833cfd57c1639d375f2731) W:\Windows\system32\DRIVERS\sffp_mmc.sys 2010/11/21 17:09:39.0404 sffp_sd (a0708bbd07d245c06ff9de549ca47185) W:\Windows\system32\DRIVERS\sffp_sd.sys 2010/11/21 17:09:39.0497 sfloppy (db96666cc8312ebc45032f30b007a547) W:\Windows\system32\DRIVERS\sfloppy.sys 2010/11/21 17:09:39.0669 sisagp (2565cac0dc9fe0371bdce60832582b2e) W:\Windows\system32\DRIVERS\sisagp.sys 2010/11/21 17:09:39.0825 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) W:\Windows\system32\DRIVERS\SiSRaid2.sys 2010/11/21 17:09:39.0965 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) W:\Windows\system32\DRIVERS\sisraid4.sys 2010/11/21 17:09:40.0137 Smb (3e21c083b8a01cb70ba1f09303010fce) W:\Windows\system32\DRIVERS\smb.sys 2010/11/21 17:09:40.0324 smserial (859e3adc59d1c89a66aa6492c14d379e) W:\Windows\system32\DRIVERS\smserial.sys 2010/11/21 17:09:40.0636 spldr (95cf1ae7527fb70f7816563cbc09d942) W:\Windows\system32\drivers\spldr.sys 2010/11/21 17:09:40.0870 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) W:\Windows\system32\Drivers\sptd.sys 2010/11/21 17:09:40.0870 Suspicious file (NoAccess): W:\Windows\system32\Drivers\sptd.sys. md5: c4bb8a12843d9cbb65f5ff617f389bbd 2010/11/21 17:09:40.0917 sptd - detected Locked file (1) 2010/11/21 17:09:41.0026 srv (2dbedfb1853f06110ec2aa7f3213c89f) W:\Windows\system32\DRIVERS\srv.sys 2010/11/21 17:09:41.0244 srv2 (db37131d1027c50ea7ee21c8bb4536aa) W:\Windows\system32\DRIVERS\srv2.sys 2010/11/21 17:09:41.0416 srvnet (f5980b74124db9233b33f86fc5ebbb4f) W:\Windows\system32\DRIVERS\srvnet.sys 2010/11/21 17:09:41.0588 ssmdrv (a36ee93698802cd899f98bfd553d8185) W:\Windows\system32\DRIVERS\ssmdrv.sys 2010/11/21 17:09:41.0868 stexstor (db32d325c192b801df274bfd12a7e72b) W:\Windows\system32\DRIVERS\stexstor.sys 2010/11/21 17:09:42.0056 storflt (957e346ca948668f2496a6ccf6ff82cc) W:\Windows\system32\DRIVERS\vmstorfl.sys 2010/11/21 17:09:42.0196 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) W:\Windows\system32\DRIVERS\storvsc.sys 2010/11/21 17:09:42.0352 swenum (e58c78a848add9610a4db6d214af5224) W:\Windows\system32\DRIVERS\swenum.sys 2010/11/21 17:09:42.0711 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) W:\Windows\system32\drivers\tcpip.sys 2010/11/21 17:09:43.0070 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) W:\Windows\system32\DRIVERS\tcpip.sys 2010/11/21 17:09:43.0226 tcpipreg (e64444523add154f86567c469bc0b17f) W:\Windows\system32\drivers\tcpipreg.sys 2010/11/21 17:09:43.0428 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) W:\Windows\system32\drivers\tdpipe.sys 2010/11/21 17:09:43.0553 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) W:\Windows\system32\drivers\tdtcp.sys 2010/11/21 17:09:43.0694 tdx (cb39e896a2a83702d1737bfd402b3542) W:\Windows\system32\DRIVERS\tdx.sys 2010/11/21 17:09:43.0881 TermDD (c36f41ee20e6999dbf4b0425963268a5) W:\Windows\system32\DRIVERS\termdd.sys 2010/11/21 17:09:44.0177 truecrypt (be45dad1c73a3216edc8c485916f6594) W:\Windows\system32\drivers\truecrypt.sys 2010/11/21 17:09:44.0489 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) W:\Windows\system32\DRIVERS\tssecsrv.sys 2010/11/21 17:09:44.0692 tunnel (3e461d890a97f9d4c168f5fda36e1d00) W:\Windows\system32\DRIVERS\tunnel.sys 2010/11/21 17:09:44.0832 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) W:\Windows\system32\DRIVERS\uagp35.sys 2010/11/21 17:09:45.0020 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) W:\Windows\system32\DRIVERS\udfs.sys 2010/11/21 17:09:45.0285 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) W:\Windows\system32\DRIVERS\uliagpkx.sys 2010/11/21 17:09:45.0456 umbus (049b3a50b3d646baeeee9eec9b0668dc) W:\Windows\system32\DRIVERS\umbus.sys 2010/11/21 17:09:45.0612 UmPass (7550ad0c6998ba1cb4843e920ee0feac) W:\Windows\system32\DRIVERS\umpass.sys 2010/11/21 17:09:45.0815 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) W:\Windows\system32\DRIVERS\usbccgp.sys 2010/11/21 17:09:45.0940 usbcir (04ec7cec62ec3b6d9354eee93327fc82) W:\Windows\system32\DRIVERS\usbcir.sys 2010/11/21 17:09:46.0190 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) W:\Windows\system32\DRIVERS\usbehci.sys 2010/11/21 17:09:46.0392 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) W:\Windows\system32\DRIVERS\usbhub.sys 2010/11/21 17:09:46.0548 usbohci (a6fb7957ea7afb1165991e54ce934b74) W:\Windows\system32\DRIVERS\usbohci.sys 2010/11/21 17:09:46.0673 usbprint (797d862fe0875e75c7cc4c1ad7b30252) W:\Windows\system32\DRIVERS\usbprint.sys 2010/11/21 17:09:46.0829 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) W:\Windows\system32\DRIVERS\usbscan.sys 2010/11/21 17:09:46.0985 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) W:\Windows\system32\DRIVERS\USBSTOR.SYS 2010/11/21 17:09:47.0157 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) W:\Windows\system32\DRIVERS\usbuhci.sys 2010/11/21 17:09:47.0328 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) W:\Windows\system32\DRIVERS\vdrvroot.sys 2010/11/21 17:09:47.0531 vga (17c408214ea61696cec9c66e388b14f3) W:\Windows\system32\DRIVERS\vgapnp.sys 2010/11/21 17:09:47.0640 VgaSave (8e38096ad5c8570a6f1570a61e251561) W:\Windows\System32\drivers\vga.sys 2010/11/21 17:09:47.0750 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) W:\Windows\system32\DRIVERS\vhdmp.sys 2010/11/21 17:09:47.0874 viaagp (c829317a37b4bea8f39735d4b076e923) W:\Windows\system32\DRIVERS\viaagp.sys 2010/11/21 17:09:47.0984 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) W:\Windows\system32\DRIVERS\viac7.sys 2010/11/21 17:09:48.0155 viaide (e43574f6a56a0ee11809b48c09e4fd3c) W:\Windows\system32\DRIVERS\viaide.sys 2010/11/21 17:09:48.0296 vmbus (379b349f65f453d2a6e75ea6b7448e49) W:\Windows\system32\DRIVERS\vmbus.sys 2010/11/21 17:09:48.0436 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) W:\Windows\system32\DRIVERS\VMBusHID.sys 2010/11/21 17:09:48.0545 volmgr (384e5a2aa49934295171e499f86ba6f3) W:\Windows\system32\DRIVERS\volmgr.sys 2010/11/21 17:09:48.0701 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) W:\Windows\system32\drivers\volmgrx.sys 2010/11/21 17:09:48.0873 volsnap (58df9d2481a56edde167e51b334d44fd) W:\Windows\system32\DRIVERS\volsnap.sys 2010/11/21 17:09:49.0107 vsmraid (9dfa0cc2f8855a04816729651175b631) W:\Windows\system32\DRIVERS\vsmraid.sys 2010/11/21 17:09:49.0310 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) W:\Windows\System32\drivers\vwifibus.sys 2010/11/21 17:09:49.0513 WacomPen (de3721e89c653aa281428c8a69745d90) W:\Windows\system32\DRIVERS\wacompen.sys 2010/11/21 17:09:49.0700 WANARP (692a712062146e96d28ba0b7d75de31b) W:\Windows\system32\DRIVERS\wanarp.sys 2010/11/21 17:09:49.0793 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) W:\Windows\system32\DRIVERS\wanarp.sys 2010/11/21 17:09:50.0043 Wd (1112a9badacb47b7c0bb0392e3158dff) W:\Windows\system32\DRIVERS\wd.sys 2010/11/21 17:09:50.0199 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) W:\Windows\system32\drivers\Wdf01000.sys 2010/11/21 17:09:50.0495 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) W:\Windows\system32\DRIVERS\wfplwf.sys 2010/11/21 17:09:50.0620 WIMMount (5cf95b35e59e2a38023836fff31be64c) W:\Windows\system32\drivers\wimmount.sys 2010/11/21 17:09:50.0979 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) W:\Windows\system32\DRIVERS\wmiacpi.sys 2010/11/21 17:09:51.0307 ws2ifsl (6db3276587b853bf886b69528fdb048c) W:\Windows\system32\drivers\ws2ifsl.sys 2010/11/21 17:09:51.0556 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) W:\Windows\system32\drivers\WudfPf.sys 2010/11/21 17:09:51.0712 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) W:\Windows\system32\DRIVERS\WUDFRd.sys 2010/11/21 17:09:51.0962 ================================================================================ 2010/11/21 17:09:51.0962 Scan finished 2010/11/21 17:09:51.0962 ================================================================================ 2010/11/21 17:09:52.0009 Detected object count: 1 2010/11/21 17:13:55.0931 Locked file(sptd) - User select action: Skip Et le rapport MBRCheck: MBRCheck, version 1.2.3 © 2010, AD Command-line: Windows Version: Windows 7 Professional Windows Information: (build 7600), 32-bit Base Board Manufacturer: FUJITSU SIEMENS BIOS Manufacturer: Phoenix Technologies LTD System Manufacturer: FUJITSU SIEMENS System Product Name: AMILO Pi 2515 Logical Drives Mask: 0x0044007c Kernel Drivers (total 197): 0x82A45000 \SystemRoot\system32\ntkrnlpa.exe 0x82A0E000 \SystemRoot\system32\halmacpi.dll 0x80BB4000 \SystemRoot\system32\kdcom.dll 0x88625000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x8869D000 \SystemRoot\system32\PSHED.dll 0x886AE000 \SystemRoot\system32\BOOTVID.dll 0x886B6000 \SystemRoot\system32\CLFS.SYS 0x886F8000 \SystemRoot\system32\CI.dll 0x8881D000 \SystemRoot\system32\drivers\Wdf01000.sys 0x8888E000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x8889C000 \SystemRoot\System32\Drivers\spev.sys 0x88995000 \SystemRoot\System32\Drivers\WMILIB.SYS 0x8899E000 \SystemRoot\System32\Drivers\SCSIPORT.SYS 0x887A3000 \SystemRoot\system32\DRIVERS\ACPI.sys 0x889C4000 \SystemRoot\system32\DRIVERS\msisadrv.sys 0x889CC000 \SystemRoot\system32\DRIVERS\vdrvroot.sys 0x88A06000 \SystemRoot\system32\DRIVERS\pci.sys 0x88A30000 \SystemRoot\System32\drivers\partmgr.sys 0x88A41000 \SystemRoot\system32\DRIVERS\compbatt.sys 0x88A49000 \SystemRoot\system32\DRIVERS\BATTC.SYS 0x88A54000 \SystemRoot\system32\DRIVERS\volmgr.sys 0x88A64000 \SystemRoot\System32\drivers\volmgrx.sys 0x88AAF000 \SystemRoot\system32\DRIVERS\intelide.sys 0x88AB6000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS 0x88AC4000 \SystemRoot\System32\drivers\mountmgr.sys 0x88ADA000 \SystemRoot\system32\DRIVERS\atapi.sys 0x88AE3000 \SystemRoot\system32\DRIVERS\ataport.SYS 0x88B06000 \SystemRoot\system32\DRIVERS\msahci.sys 0x88B10000 \SystemRoot\system32\DRIVERS\amdxata.sys 0x88B19000 \SystemRoot\system32\drivers\fltmgr.sys 0x88B4D000 \SystemRoot\system32\drivers\fileinfo.sys 0x88C0D000 \SystemRoot\System32\Drivers\Ntfs.sys 0x88D3C000 \SystemRoot\System32\Drivers\msrpc.sys 0x88D67000 \SystemRoot\System32\Drivers\ksecdd.sys 0x88D7A000 \SystemRoot\System32\Drivers\cng.sys 0x88DD7000 \SystemRoot\System32\drivers\pcw.sys 0x88DE5000 \SystemRoot\System32\Drivers\Fs_Rec.sys 0x88E1E000 \SystemRoot\system32\drivers\ndis.sys 0x88ED5000 \SystemRoot\system32\drivers\NETIO.SYS 0x88F13000 \SystemRoot\System32\Drivers\ksecpkg.sys 0x89011000 \SystemRoot\System32\drivers\tcpip.sys 0x8915A000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x8918B000 \SystemRoot\system32\DRIVERS\vmstorfl.sys 0x89194000 \SystemRoot\system32\DRIVERS\volsnap.sys 0x891D3000 \SystemRoot\System32\Drivers\spldr.sys 0x88F38000 \SystemRoot\System32\drivers\rdyboost.sys 0x891DB000 \SystemRoot\System32\Drivers\mup.sys 0x891EB000 \SystemRoot\System32\drivers\hwpolicy.sys 0x88F65000 \SystemRoot\System32\DRIVERS\fvevol.sys 0x89000000 \SystemRoot\system32\DRIVERS\disk.sys 0x88F97000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS 0x88FBC000 \SystemRoot\System32\Drivers\fastfat.SYS 0x88B5E000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x88B7D000 \SystemRoot\System32\DRIVERS\cmdguard.sys 0x88E11000 \SystemRoot\System32\Drivers\Null.SYS 0x88DEE000 \SystemRoot\System32\Drivers\Beep.SYS 0x88C00000 \SystemRoot\System32\drivers\vga.sys 0x88B93000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x88BB4000 \SystemRoot\System32\drivers\watchdog.sys 0x88DF5000 \SystemRoot\System32\DRIVERS\RDPCDD.sys 0x88BC1000 \SystemRoot\system32\drivers\rdpencdd.sys 0x88BC9000 \SystemRoot\system32\drivers\rdprefmp.sys 0x88BD1000 \SystemRoot\System32\Drivers\Msfs.SYS 0x88BDC000 \SystemRoot\System32\Drivers\Npfs.SYS 0x889D7000 \SystemRoot\system32\DRIVERS\tdx.sys 0x88BEA000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x88BF5000 \SystemRoot\System32\DRIVERS\cmdhlp.sys 0x8E801000 \SystemRoot\system32\drivers\afd.sys 0x8E85B000 \SystemRoot\System32\DRIVERS\netbt.sys 0x8E88D000 \SystemRoot\system32\DRIVERS\wfplwf.sys 0x8E894000 \SystemRoot\system32\DRIVERS\pacer.sys 0x8E8B3000 \SystemRoot\system32\DRIVERS\netbios.sys 0x8E8C1000 \SystemRoot\system32\DRIVERS\wanarp.sys 0x8E8D4000 \SystemRoot\System32\drivers\truecrypt.sys 0x8E90B000 \SystemRoot\system32\DRIVERS\termdd.sys 0x8E91B000 \SystemRoot\system32\DRIVERS\ssmdrv.sys 0x8E921000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x8E962000 \SystemRoot\system32\drivers\nsiproxy.sys 0x8E96C000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x8E976000 \SystemRoot\System32\drivers\discache.sys 0x8E982000 \SystemRoot\system32\drivers\csc.sys 0x8E9E6000 \SystemRoot\System32\Drivers\dfsc.sys 0x889EE000 \SystemRoot\system32\DRIVERS\blbdrive.sys 0x88600000 \SystemRoot\system32\DRIVERS\avipbb.sys 0x8FE02000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x8FE23000 \SystemRoot\system32\DRIVERS\intelppm.sys 0x90034000 \SystemRoot\system32\DRIVERS\igdkmd32.sys 0x9053D000 \SystemRoot\System32\drivers\dxgkrnl.sys 0x8FE35000 \SystemRoot\System32\drivers\dxgmms1.sys 0x905F4000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x8FE6E000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x90000000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x9000F000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x82031000 \SystemRoot\system32\DRIVERS\netw5v32.sys 0x82444000 \SystemRoot\system32\DRIVERS\Rt86win7.sys 0x82489000 \SystemRoot\system32\DRIVERS\CmBatt.sys 0x8248D000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0x824A5000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x824B2000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x824BF000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys 0x824C5000 \SystemRoot\System32\Drivers\a2hkqwyu.SYS 0x824FC000 \SystemRoot\system32\DRIVERS\CompositeBus.sys 0x82509000 \SystemRoot\system32\DRIVERS\AgileVpn.sys 0x8251B000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x82533000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x8253E000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x82560000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x82578000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x8258F000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x825A6000 \SystemRoot\system32\DRIVERS\inspect.sys 0x825BA000 \SystemRoot\system32\DRIVERS\rdpbus.sys 0x825C4000 \SystemRoot\system32\DRIVERS\swenum.sys 0x825C6000 \SystemRoot\system32\DRIVERS\ks.sys 0x82000000 \SystemRoot\system32\DRIVERS\umbus.sys 0x8FEB9000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x8200E000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x82612000 \SystemRoot\system32\DRIVERS\smserial.sys 0x8271E000 \SystemRoot\system32\drivers\modem.sys 0x8272B000 \SystemRoot\system32\drivers\HdAudio.sys 0x8277B000 \SystemRoot\system32\drivers\portcls.sys 0x827AA000 \SystemRoot\system32\drivers\drmk.sys 0x827C3000 \SystemRoot\system32\drivers\MODEMCSA.sys 0x827CD000 \SystemRoot\system32\DRIVERS\hidusb.sys 0x827D8000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS 0x827EB000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS 0x827F2000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x827F4000 \SystemRoot\system32\DRIVERS\mouhid.sys 0x82600000 \SystemRoot\System32\Drivers\crashdmp.sys 0x8201F000 \SystemRoot\System32\Drivers\dump_dumpata.sys 0x8FEFD000 \SystemRoot\System32\Drivers\dump_msahci.sys 0x8FF07000 \SystemRoot\System32\Drivers\dump_dumpfve.sys 0x96010000 \SystemRoot\System32\win32k.sys 0x8FF18000 \SystemRoot\System32\drivers\Dxapi.sys 0x8FF22000 \SystemRoot\system32\DRIVERS\monitor.sys 0x96270000 \SystemRoot\System32\TSDDD.dll 0x962A0000 \SystemRoot\System32\cdd.dll 0x8FF2D000 \SystemRoot\system32\drivers\luafv.sys 0x8FF48000 \SystemRoot\system32\DRIVERS\avgntflt.sys 0x8FF5D000 \SystemRoot\system32\drivers\WudfPf.sys 0x8FF77000 \SystemRoot\system32\DRIVERS\lltdio.sys 0x8FF87000 \SystemRoot\system32\DRIVERS\nwifi.sys 0x8FFCD000 \SystemRoot\system32\DRIVERS\ndisuio.sys 0x8FFDD000 \SystemRoot\system32\DRIVERS\rspndr.sys 0x98800000 \SystemRoot\system32\drivers\HTTP.sys 0x98885000 \SystemRoot\system32\DRIVERS\bowser.sys 0x9889E000 \SystemRoot\System32\drivers\mpsdrv.sys 0x988B0000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x988D3000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x9890E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x98941000 \SystemRoot\system32\drivers\peauth.sys 0x989D8000 \SystemRoot\System32\Drivers\secdrv.SYS 0xA9A2E000 \SystemRoot\System32\DRIVERS\srvnet.sys 0xA9A4F000 \SystemRoot\System32\drivers\tcpipreg.sys 0xA9A5C000 \SystemRoot\System32\DRIVERS\srv2.sys 0xA9AAB000 \SystemRoot\System32\DRIVERS\srv.sys 0xA9B66000 \SystemRoot\system32\DRIVERS\asyncmac.sys 0xA9B6F000 0x77970000 \Windows\System32\ntdll.dll 0x476F0000 \Windows\System32\smss.exe 0x77BB0000 \Windows\System32\apisetschema.dll 0x00BF0000 \Windows\System32\autochk.exe 0x77AF0000 \Windows\System32\rpcrt4.dll 0x778E0000 \Windows\System32\clbcatq.dll 0x77890000 \Windows\System32\gdi32.dll 0x777B0000 \Windows\System32\kernel32.dll 0x776E0000 \Windows\System32\msctf.dll 0x77580000 \Windows\System32\ole32.dll 0x77AD0000 \Windows\System32\sechost.dll 0x77440000 \Windows\System32\urlmon.dll 0x77AC0000 \Windows\System32\lpk.dll 0x77400000 \Windows\System32\ws2_32.dll 0x773A0000 \Windows\System32\difxapi.dll 0x772A0000 \Windows\System32\wininet.dll 0x77240000 \Windows\System32\shlwapi.dll 0x771A0000 \Windows\System32\usp10.dll 0x77000000 \Windows\System32\setupapi.dll 0x76E00000 \Windows\System32\iertutil.dll 0x77AB0000 \Windows\System32\normaliz.dll 0x76DF0000 \Windows\System32\psapi.dll 0x761A0000 \Windows\System32\shell32.dll 0x760D0000 \Windows\System32\user32.dll 0x76030000 \Windows\System32\advapi32.dll 0x75F80000 \Windows\System32\msvcrt.dll 0x75F00000 \Windows\System32\comdlg32.dll 0x75E70000 \Windows\System32\oleaut32.dll 0x75E40000 \Windows\System32\imagehlp.dll 0x75E30000 \Windows\System32\nsi.dll 0x75E10000 \Windows\System32\imm32.dll 0x75DC0000 \Windows\System32\Wldap32.dll 0x75CA0000 \Windows\System32\crypt32.dll 0x75C80000 \Windows\System32\devobj.dll 0x75C30000 \Windows\System32\KernelBase.dll 0x75C00000 \Windows\System32\cfgmgr32.dll 0x75B70000 \Windows\System32\comctl32.dll 0x75B40000 \Windows\System32\wintrust.dll 0x75B30000 \Windows\System32\msasn1.dll 0x10000000 \Program Files\Alcohol 52 Montage Image Disque\Alcoholx.dll Processes (total 47): 0 System Idle Process 4 System 312 W:\Windows\System32\smss.exe 416 csrss.exe 468 csrss.exe 476 W:\Windows\System32\wininit.exe 512 W:\Windows\System32\winlogon.exe 580 W:\Windows\System32\services.exe 596 W:\Windows\System32\lsass.exe 604 W:\Windows\System32\lsm.exe 724 W:\Windows\System32\svchost.exe 828 W:\Windows\System32\svchost.exe 928 W:\Windows\System32\svchost.exe 964 W:\Windows\System32\svchost.exe 992 W:\Windows\System32\svchost.exe 1180 W:\Windows\System32\svchost.exe 1472 W:\Windows\System32\spoolsv.exe 1512 W:\Program Files\Avira\AntiVir Desktop\sched.exe 1536 W:\Windows\System32\svchost.exe 1652 W:\Windows\System32\svchost.exe 1704 W:\Program Files\Avira\AntiVir Desktop\avguard.exe 1744 W:\Program Files\Cobian Backup 10 - Sauvegarde Donnees\cbVSCService.exe 1772 W:\Program Files\Avira\AntiVir Desktop\avshadow.exe 1780 W:\Windows\System32\conhost.exe 1824 W:\Program Files\COMODO\Firewall\cmdagent.exe 1872 W:\Windows\System32\svchost.exe 256 W:\Program Files\Alcohol 52 Montage Image Disque\StarWind\StarWindServiceAE.exe 744 W:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE 1272 W:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE 2256 W:\Windows\System32\svchost.exe 1888 W:\Windows\System32\taskhost.exe 388 W:\Windows\System32\dwm.exe 2208 W:\Windows\System32\taskeng.exe 2624 W:\Windows\explorer.exe 2360 W:\Windows\System32\hkcmd.exe 3004 W:\Windows\System32\igfxpers.exe 1880 W:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe 3024 W:\Program Files\Common Files\Java\Java Update\jusched.exe 2772 W:\Program Files\Classic Shell\ClassicStartMenu.exe 3320 W:\Windows\System32\audiodg.exe 3324 W:\Program Files\Avira\AntiVir Desktop\avgnt.exe 3272 W:\Program Files\Spybot - Search & Destroy\TeaTimer.exe 3252 W:\Windows\System32\igfxsrvc.exe 4088 W:\Windows\System32\svchost.exe 3040 W:\Users\Deux Ex Machina\Desktop\MBRCheck(2).exe 3296 W:\Windows\System32\conhost.exe 3260 W:\Windows\System32\dllhost.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`ee100000 (NTFS) \\.\D: --> \\.\PhysicalDrive0 at offset 0x00000018`5e700000 (NTFS) \\.\S: --> \\.\PhysicalDrive0 at offset 0x00000017`de600000 (FAT32) \\.\W: --> \\.\PhysicalDrive0 at offset 0x0000000f`1e500000 (NTFS) PhysicalDrive0 Model Number: FUJITSUMHW2160BH, Rev: 0000001C Size Device Name MBR Status -------------------------------------------- 149 GB \\.\PhysicalDrive0 Windows 7 MBR code detected SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79 Done!
  7. GreGDurablement
    ... parce que je ne l'avais pas encore fait et que je n'avais que ça à faire. Et l'ordi c'est éteint avant la fin (j'avais éteint la multiprise sans m'en rendre compte), donc un coup dans l'eau :$ Avant j'ai fait un scan antivir en mode sans échec qui n'a rien révélé de nouveau. Je viens d'utiliser TDSSkiller. L'examen s'est arrêté au bout d'une minute (?) en identifiant uniquement un fichier suspect (un .sptd, de mémoire) car "locked". je ne peut poster le rapport maintenant car en cliquant sur "close", j'ai eu un écran bleu avec du texte blanc disant qu'il y avait une erreur. Je n'ai put lire la suite, l'ordi a redémarrer et me proposait des modes sans échec et autres. Le temps que je rédige ce post, l'ordi s'est lancé dans un redémarrage. Il est donc indisponible pour l'heure à venir...
  8. GreGDurablement
    Bonjour Lance_Yen En ce moment, MBAM tourne sur mon PC en mode sans échec, et c'est très long... Dès que c'est terminé, je suit tes procédures. Merci encore de ton assistance.
  9. GreGDurablement
    Bonjour Je crains que mes posts successifs (pour expliciter mon problème) à mon interrogation ne m'aient fait disparaître des écrans radars... Si vous pouviez éclairer ma lanterne, c'est ici: http://forum.zebulon.fr/demarrage-windows-tres-long-impossible-t180984.html Merci pour tout. Durablement, GreG
  10. GreGDurablement
    Je viens de faire un scan ESET (10 h!) et rien n'a été trouvé: Scan-result: -------------- ESET Online Scanner No threats found Scanned files: 292628 Infected files: 0 Cleaned files: 0 Total scan time: 09:14:37 Scan status: Finished ---------------- Voici ce que donne le scan Checkup de securitycheck: ------------- Results of screen317's Security Check version 0.99.5 Windows 7 (UAC is disabled!) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: avast! Free Antivirus ESET Online Scanner v3 WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: MVPS Hosts File Malwarebytes' Anti-Malware CCleaner Java 6 Update 22 Out of date Java installed! Adobe Flash Player 10.1.102.64 Adobe Reader 9.4.0 - Français Mozilla Firefox (3.6.10) Firefox Out of Date! Mozilla Thunderbird (3.1.6) ```````````````````````````````` Process Check: objlist.exe by Laurent Spybot Teatimer.exe is disabled! Comodo Firewall cmdagent.exe Avast5 - AntiVirus AvastUI.exe ```````````````````````````````` DNS Vulnerability Check: Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?) ``````````End of Log```````````` ------------------ J'ai donc mis à jour Firefox, ce qui ne s'est pas fait sans mal, j'ai du le réinstaller. Et je remets l'UAC en marche. Par contre, ce matin j'ai eu une alerte spywarguard: il trouve un BHO lié à Windowslive sign-in: {9030D464-4C02-4ABF-8ECC-5164760863C6} Impossible de le supprimer, le message d'alerte revient immédiatement. Il est donc conservé. Autre chose, le son crachote depuis le début des ennuis, que ce soit avec itunes ou vlc et même en passant sur des haut-parleurs externes. Un problème de pilote ? Durablement,
  11. GreGDurablement
    Suite aux recommandations de Lance_Yien dans http://forum.zebulon.fr/pc-infecte-t180988.html, j'ai exécuté un scan approfondi avec MBAM et j'ai découvert un malware: Malware.Trace dans W:(équivalent de C)\Windows\System32\secushr.dat Voici le log: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 5132 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 17/11/2010 15:36:38 mbam-log-2010-11-17 (15-36-38).txt Type d'examen: Examen complet (C:\|D:\|S:\|W:\|) Elément(s) analysé(s): 425402 Temps écoulé: 3 heure(s), 17 minute(s), 45 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): W:\Windows\System32\secushr.dat (Malware.Trace) -> Quarantined and deleted successfully.
  12. GreGDurablement
    Merci pour le transfert, Dylav Durablement, GreG
  13. GreGDurablement
    Zut ! Merci pour l'info, Ticlou, je transfert le post. Durablement, GreG
  14. GreGDurablement
    Bonjour Ticlou et merci de me porter assistance Voici le rapport Hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 07:59:32, on 16/11/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16671) Boot mode: Normal Running processes: W:\Windows\system32\taskhost.exe W:\Windows\system32\taskeng.exe W:\Windows\system32\Dwm.exe W:\Program Files\Avast5 - AntiVirus\AvastUI.exe W:\Windows\System32\igfxtray.exe W:\Windows\System32\hkcmd.exe W:\Windows\System32\igfxpers.exe W:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe W:\Windows\system32\igfxsrvc.exe W:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe W:\Program Files\Secunia PSI - Gestion Mises a Jour\psi.exe W:\Program Files\COMODO\Firewall\cfp.exe W:\Program Files\Common Files\Java\Java Update\jusched.exe W:\Program Files\Classic Shell\ClassicStartMenu.exe W:\Program Files\Spybot - Search & Destroy\TeaTimer.exe W:\Windows\explorer.exe W:\Program Files\COMODO\Firewall\cfpupdat.exe W:\Windows\system32\NOTEPAD.EXE W:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O1 - Hosts: 000freexxx.com O1 - Hosts: 000info.com O1 - Hosts: 001.commercialpersonal.com O1 - Hosts: 007arcadegames.com O1 - Hosts: 007guard.com O1 - Hosts: 008i.com O1 - Hosts: 00fun.casalemedia.com O1 - Hosts: 00fun.com O1 - Hosts: 00hq.com O1 - Hosts: 00inkjets.com O1 - Hosts: 00pro.com O1 - Hosts: 00z70az77mnsa-00swj1zzprh.com O1 - Hosts: 01.sharedsource.org O1 - Hosts: 010402.com O1 - Hosts: 0123hardcore.com O1 - Hosts: 0190-dialers.com O1 - Hosts: 01sexe.com O1 - Hosts: 01smith.com O1 - Hosts: 0202search.com O1 - Hosts: 02kmky1xgzbmsdfx.com O1 - Hosts: 02pmnzy5eo29bfk4.com O1 - Hosts: 0-2u.com O1 - Hosts: 03.sharedsource.org O1 - Hosts: 030.com O1 - Hosts: 032439.com O1 - Hosts: 039068a.dialer-select.com O1 - Hosts: 05.sharedsource.org O1 - Hosts: 0-6e4332-5ox89w3-id53454s-id8ty3-8-u5o3984mjeo4094-g3ret567yr.com O1 - Hosts: 070.us O1 - Hosts: 077.us O1 - Hosts: 079.us O1 - Hosts: 07ic5do2myz3vzpk.com O1 - Hosts: 07-ladyluck.com O1 - Hosts: 08.185.87.0.liveadvert.com O1 - Hosts: 08.185.87.00.liveadvert.com O1 - Hosts: 08.185.87.01.liveadvert.com O1 - Hosts: 08.185.87.02.liveadvert.com O1 - Hosts: 08.185.87.03.liveadvert.com O1 - Hosts: 08.185.87.04.liveadvert.com O1 - Hosts: 08.185.87.05.liveadvert.com O1 - Hosts: 08.185.87.06.liveadvert.com O1 - Hosts: 08.185.87.07.liveadvert.com O1 - Hosts: 08.185.87.08.liveadvert.com O1 - Hosts: 08.185.87.09.liveadvert.com O1 - Hosts: 08.185.87.1.liveadvert.com O1 - Hosts: 08.185.87.10.liveadvert.com O1 - Hosts: 08.185.87.100.liveadvert.com O1 - Hosts: 08.185.87.101.liveadvert.com O1 - Hosts: 08.185.87.103.liveadvert.com O1 - Hosts: 08.185.87.104.liveadvert.com O1 - Hosts: 08.185.87.105.liveadvert.com O1 - Hosts: 08.185.87.106.liveadvert.com O1 - Hosts: 08.185.87.107.liveadvert.com O1 - Hosts: 08.185.87.108.liveadvert.com O1 - Hosts: 08.185.87.109.liveadvert.com O1 - Hosts: 08.185.87.11.liveadvert.com O1 - Hosts: 08.185.87.110.liveadvert.com O1 - Hosts: 08.185.87.111.liveadvert.com O1 - Hosts: 08.185.87.113.liveadvert.com O1 - Hosts: 08.185.87.114.liveadvert.com O1 - Hosts: 08.185.87.115.liveadvert.com O1 - Hosts: 08.185.87.116.liveadvert.com O1 - Hosts: 08.185.87.117.liveadvert.com O1 - Hosts: 08.185.87.118.liveadvert.com O1 - Hosts: 08.185.87.119.liveadvert.com O1 - Hosts: 08.185.87.13.liveadvert.com O1 - Hosts: 08.185.87.130.liveadvert.com O1 - Hosts: 08.185.87.131.liveadvert.com O1 - Hosts: 08.185.87.133.liveadvert.com O1 - Hosts: 08.185.87.134.liveadvert.com O1 - Hosts: 08.185.87.135.liveadvert.com O1 - Hosts: 08.185.87.136.liveadvert.com O1 - Hosts: 08.185.87.137.liveadvert.com O1 - Hosts: 08.185.87.138.liveadvert.com O1 - Hosts: 08.185.87.139.liveadvert.com O1 - Hosts: 08.185.87.14.liveadvert.com O1 - Hosts: 08.185.87.140.liveadvert.com O1 - Hosts: 08.185.87.141.liveadvert.com O1 - Hosts: 08.185.87.143.liveadvert.com O1 - Hosts: 08.185.87.144.liveadvert.com O1 - Hosts: 08.185.87.145.liveadvert.com O1 - Hosts: 08.185.87.146.liveadvert.com O1 - Hosts: 08.185.87.147.liveadvert.com O1 - Hosts: 08.185.87.148.liveadvert.com O1 - Hosts: 08.185.87.149.liveadvert.com O1 - Hosts: 08.185.87.15.liveadvert.com O1 - Hosts: 08.185.87.150.liveadvert.com O1 - Hosts: 08.185.87.151.liveadvert.com O1 - Hosts: 08.185.87.153.liveadvert.com O1 - Hosts: 08.185.87.154.liveadvert.com O1 - Hosts: 08.185.87.155.liveadvert.com O1 - Hosts: 08.185.87.156.liveadvert.com O1 - Hosts: 08.185.87.157.liveadvert.com O1 - Hosts: 08.185.87.158.liveadvert.com O1 - Hosts: 08.185.87.159.liveadvert.com O1 - Hosts: 08.185.87.16.liveadvert.com O1 - Hosts: 08.185.87.160.liveadvert.com O1 - Hosts: 08.185.87.161.liveadvert.com O1 - Hosts: 08.185.87.163.liveadvert.com O1 - Hosts: 08.185.87.164.liveadvert.com O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - W:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - W:\Program Files\Classic Shell\ClassicExplorer32.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - W:\Program Files\SpywareGuard - Protection\dlprotect.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - W:\PROGRA~1\SPYBOT~2\SDHelper.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - W:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - W:\Users\Erregior\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - W:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - W:\Program Files\Classic Shell\ClassicExplorer32.dll O4 - HKLM\..\Run: [avast5] "W:\Program Files\Avast5 - AntiVirus\avastUI.exe" /nogui O4 - HKLM\..\Run: [igfxTray] W:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] W:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] W:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [sMSERIAL] W:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe O4 - HKLM\..\Run: [Google Desktop Search] "W:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [COMODO Firewall Pro] "W:\Program Files\COMODO\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [sunJavaUpdateSched] "W:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Classic Start Menu] W:\Program Files\Classic Shell\ClassicStartMenu.exe O4 - HKLM\..\Run: [spybotSnD] "W:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" O4 - HKLM\..\Run: [iTunesHelper] "W:\Program Files\iTunes - Musique\iTunesHelper.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] W:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] W:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] W:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://W:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @W:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - W:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @W:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - W:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file) O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file) O9 - Extra button: (no name) - {64964764-1101-4bbd-8891-B56B1A53B9B3} - W:\Program Files\Classic Shell\ClassicExplorer32.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - W:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - W:\PROGRA~1\SPYBOT~2\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - W:\PROGRA~1\SPYBOT~2\SDHelper.dll O10 - Unknown file in Winsock LSP: w:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: w:\program files\common files\microsoft shared\windows live\wlidnsp.dll O20 - AppInit_DLLs: W:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL W:\Windows\system32\guard32.dll O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - W:\Windows\System32\alg.exe O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: avast! Antivirus - AVAST Software - W:\Program Files\Avast5 - AntiVirus\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - W:\Program Files\Avast5 - AntiVirus\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - W:\Program Files\Avast5 - AntiVirus\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - W:\Program Files\Cobian Backup 10 - Sauvegarde Donnees\cbVSCService.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - W:\Program Files\COMODO\Firewall\cmdagent.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - W:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: Google Updater Service (gusvc) - Google - W:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - W:\Program Files\ma-config.com\maconfservice.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - W:\Windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - W:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - W:\Windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - W:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - W:\Windows\System32\snmptrap.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - W:\Windows\System32\spoolsv.exe O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - W:\Windows\system32\sppsvc.exe O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - W:\Program Files\Alcohol 52 Montage Image Disque\StarWind\StarWindServiceAE.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - W:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - W:\Windows\system32\UI0Detect.exe O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - W:\Windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - W:\Windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - W:\Windows\system32\wbengine.exe O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - W:\Windows\system32\wbem\WmiApSrv.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - W:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - W:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - W:\Windows\system32\svchost.exe -- End of file - 24423 bytes PS: Pendant l'exécution, le logiciel me signal que mon fichier host est très important, ce qui est normal puisque je l'ai musclé sur les conseils du forum de malékal. Durablement,
  15. GreGDurablement
    Bonjour à tous Un petit appel à l'aide auprès de la communauté pour me sortir du pétrin. Comme l'indique le titre du post, je n'arrive plus à démarrer normalement mon ordinateur portable sous windows 7 ou Vista (je suis en dual boot): après le choix du système, l'écran de lancement de windows (drapeau ou barre verte) tournait très lentement avant d'aboutir (au bout de plus de 15 minutes) puis désormais n'aboutit plus. Voici la séquence des événements: Ordinateur portable Fujitsus-siemens amilo avec un dual boot seven-vista, plusieurs partitions: C:Vista, W:Seven, D: Données, S:Swap Session courante sans droit d'administrateur, parefeu Comodo, antivirus avast, antimalware spybot, spywareblaster et spyguard. Je ne sais pas s'il y a un rapport, mais juste avant que l'écran de démarrage ne devienne très lent (+ de 10 minutes), j'ai changé de batterie (fournisseur chinois) et il y a eu de l'orage avec des baisses de tension. La dernière mise à jour vista (pour defender je crois), se concluait aussi toujours par un échec. J'ai remarqué plus tard qu'une des pattes de connexion de la batterie à l'ordi était pliée. D'autre part, les logiciels (firefox, VLC, explorer) me semblaient être devenus très lents et "gelaient" plus souvent que de coutume. J'ai donc tenter un démarrage sous Vista, même problème. Pour corriger cela, j'ai mis à jour mes logiciels et, sur suggestion d'une discussion sur un forum, j'ai mis mes pilotes à jours(via ma-config.com). Je me suis fait une frayeur au passage puisque pendant une MaJ de pilote, l'ordi ma demandé de formater mon disque dur externe (avec toutes mes sauvegardes et photos!) et j'ai éteint ce dernier en catastrophe. Lors du dernier redémarrage, impossible de dépasser l'écran de lancement. Après extinction forcée, rebelote. Le mode restauration proposé puis le diagnostique de mémoire (?) lors du reboot durent indéfiniement et bloquent lors des redémarrages. Par contre, le démarrage en mode sans échec, bien que lent, fonctionne. Je ne sais pas quoi faire à ce niveau (à part sauvegarder mes derniers documents). Edit: j'ai réussi à lancer seven finalement, mais le temps de chargement est toujours supérieur à 15 minutes J'ai fait des vérif' de disque (chkdsk) sur toutes mes partitions, 0 problème, un scan antivirus rapide, RAS. Il n'y a pas de CD/DD/clef USB connecté quand je tente de démarrer. Auriez-vous des conseils ? Une piste ? Merci par avance PS: je n'ai pas de point de restauration antérieur au problème. Mon ordi est régulièrement entretenu (mise à jour système, nettoyage Ccleaner/glary, défragmentation myDefrag, Bureau vidé, logiciels lancés au démarrage réduits). GreG Durablement
×
×
  • Créer...