Aller au contenu

gazagelle

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    15

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    français, anglais

gazagelle's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. gazagelle
    Ca n'avait rien donné non plus....et j'en ai eu marre, j'ai tenté le tout pour le tout et réinstallé les paramètres d'usine en croisant les doigts -> MIRACLE L'outil HP Total Care (inclus dans le pc) a tout fait tout seul comme un grand, je n'ai même pas eu besoin d'insérer mes DVD de récupération, et j'ai récupéré un pc tout propre en parfait état de fonctionnement ! C'était donc sans doute quand même un virus ou autre crasse qui a échappé aux programmes de nettoyage (à cause du mode sans échec peut être ?) En tout cas ça m'a servi de leçon, je vais faire un peu plus attention à ce qui transite sur mon ordi. Je vous remercie de toute l'aide que vous m'avez apportée avec tant de patience, j'ai appris pas mal de choses avec tous ces logiciels l'air de rien
  2. gazagelle
    C'est l'outil système de démarrage windows ^^ Je pense que c'est exactement ce qui correspond sur xp au mode de démarrage "revenir à la dernière configuration correcte", sauf qu'ici il ne me laisse pas vraiment le choix quand il plante au démarrage. Et combo fix et OTL disparus :s Dites moi pas qu'il faut tout recommencer sniffff. Je m'attaque à la suite en attendant mais... j'ai déjà tout enlevé sauf souris et écran, ça ne change rien. j'ai lancé un memtest cet après midi, j'ai laissé tourné jusqu'à 117% (plus d'une heure)et pas d'erreurs de ce côté là
  3. gazagelle
    Et le second, ultra rapide et négatif également: MBRCheck, version 1.2.3 © 2010, AD Command-line: Windows Version: Windows Vista Home Premium Edition Windows Information: Service Pack 2 (build 6002), 32-bit Base Board Manufacturer: ASUSTeK Computer INC. BIOS Manufacturer: American Megatrends Inc. System Manufacturer: HP-Pavilion System Product Name: KP233AA-ABF a6422.fr Logical Drives Mask: 0x000001fc Kernel Drivers (total 102): 0x81E37000 \SystemRoot\system32\ntkrnlpa.exe 0x81E04000 \SystemRoot\system32\hal.dll 0x8040C000 \SystemRoot\system32\kdcom.dll 0x80413000 \SystemRoot\system32\mcupdate_GenuineIntel.dll 0x80483000 \SystemRoot\system32\PSHED.dll 0x80494000 \SystemRoot\system32\BOOTVID.dll 0x8049C000 \SystemRoot\system32\CLFS.SYS 0x804DD000 \SystemRoot\system32\CI.dll 0x8060F000 \SystemRoot\system32\drivers\Wdf01000.sys 0x8068B000 \SystemRoot\system32\drivers\WDFLDR.SYS 0x80698000 \SystemRoot\system32\drivers\acpi.sys 0x806DE000 \SystemRoot\system32\drivers\WMILIB.SYS 0x806E7000 \SystemRoot\system32\drivers\msisadrv.sys 0x806EF000 \SystemRoot\system32\drivers\pci.sys 0x80716000 \SystemRoot\System32\drivers\partmgr.sys 0x80725000 \SystemRoot\system32\drivers\volmgr.sys 0x80734000 \SystemRoot\System32\drivers\volmgrx.sys 0x8077E000 \SystemRoot\System32\drivers\mountmgr.sys 0x8A00D000 \SystemRoot\system32\drivers\iastor.sys 0x8A0E7000 \SystemRoot\system32\drivers\fltmgr.sys 0x8A119000 \SystemRoot\system32\drivers\fileinfo.sys 0x8A129000 \SystemRoot\system32\DRIVERS\Lbd.sys 0x8A138000 \SystemRoot\System32\Drivers\ksecdd.sys 0x8A208000 \SystemRoot\system32\drivers\ndis.sys 0x8A313000 \SystemRoot\system32\drivers\msrpc.sys 0x8A33E000 \SystemRoot\system32\drivers\NETIO.SYS 0x8A40F000 \SystemRoot\System32\drivers\tcpip.sys 0x8A4F9000 \SystemRoot\System32\drivers\fwpkclnt.sys 0x8A603000 \SystemRoot\System32\Drivers\Ntfs.sys 0x8A713000 \SystemRoot\system32\drivers\volsnap.sys 0x8A754000 \SystemRoot\System32\Drivers\mup.sys 0x8A763000 \SystemRoot\System32\drivers\ecache.sys 0x8A78A000 \SystemRoot\system32\drivers\disk.sys 0x8A79B000 \SystemRoot\system32\drivers\CLASSPNP.SYS 0x8A7BC000 \SystemRoot\system32\drivers\crcdisk.sys 0x8A7D2000 \SystemRoot\system32\DRIVERS\tunnel.sys 0x8A7DD000 \SystemRoot\system32\DRIVERS\tunmp.sys 0x8A7E6000 \SystemRoot\system32\DRIVERS\usbuhci.sys 0x8A379000 \SystemRoot\system32\DRIVERS\USBPORT.SYS 0x8A7F1000 \SystemRoot\system32\DRIVERS\usbehci.sys 0x8E602000 \SystemRoot\system32\DRIVERS\HDAudBus.sys 0x8E68F000 \SystemRoot\system32\DRIVERS\Rtlh86.sys 0x8E6AB000 \SystemRoot\system32\DRIVERS\ohci1394.sys 0x8E6BB000 \SystemRoot\system32\DRIVERS\1394BUS.SYS 0x8E6C9000 \SystemRoot\system32\DRIVERS\i8042prt.sys 0x8E6DC000 \SystemRoot\system32\DRIVERS\PS2.sys 0x8E6E1000 \SystemRoot\system32\DRIVERS\kbdclass.sys 0x8E6EC000 \SystemRoot\system32\DRIVERS\mouclass.sys 0x8E6F7000 \SystemRoot\system32\DRIVERS\cdrom.sys 0x8E70F000 \SystemRoot\system32\DRIVERS\msiscsi.sys 0x8E73E000 \SystemRoot\system32\DRIVERS\storport.sys 0x8E77F000 \SystemRoot\system32\DRIVERS\TDI.SYS 0x8E78A000 \SystemRoot\system32\DRIVERS\rasl2tp.sys 0x8E7A1000 \SystemRoot\system32\DRIVERS\ndistapi.sys 0x8E7AC000 \SystemRoot\system32\DRIVERS\ndiswan.sys 0x8E7CF000 \SystemRoot\system32\DRIVERS\raspppoe.sys 0x8E7DE000 \SystemRoot\system32\DRIVERS\raspptp.sys 0x8A3B7000 \SystemRoot\system32\DRIVERS\rassstp.sys 0x8A5EE000 \SystemRoot\system32\DRIVERS\termdd.sys 0x8E7F2000 \SystemRoot\system32\DRIVERS\swenum.sys 0x8A3CC000 \SystemRoot\system32\DRIVERS\ks.sys 0x8E7F4000 \SystemRoot\system32\DRIVERS\mssmbios.sys 0x8A400000 \SystemRoot\system32\DRIVERS\umbus.sys 0x8A1A9000 \SystemRoot\system32\DRIVERS\usbhub.sys 0x8A1DE000 \SystemRoot\System32\Drivers\NDProxy.SYS 0x8A3F6000 \SystemRoot\System32\Drivers\Fs_Rec.SYS 0x8A74C000 \SystemRoot\System32\Drivers\Null.SYS 0x8A200000 \SystemRoot\System32\Drivers\Beep.SYS 0x8A1EF000 \SystemRoot\System32\drivers\vga.sys 0x8078E000 \SystemRoot\System32\drivers\VIDEOPRT.SYS 0x8A000000 \SystemRoot\System32\drivers\watchdog.sys 0x807AF000 \SystemRoot\system32\drivers\rdpencdd.sys 0x807B7000 \SystemRoot\System32\Drivers\Msfs.SYS 0x807C2000 \SystemRoot\System32\Drivers\Npfs.SYS 0x807D0000 \SystemRoot\System32\DRIVERS\rasacd.sys 0x807D9000 \SystemRoot\system32\DRIVERS\tdx.sys 0x805BD000 \SystemRoot\system32\DRIVERS\smb.sys 0x807EF000 \SystemRoot\System32\Drivers\aswTdi.SYS 0x8EA09000 \SystemRoot\system32\drivers\afd.sys 0x8EA51000 \SystemRoot\System32\Drivers\aswRdr.SYS 0x8EA55000 \SystemRoot\System32\DRIVERS\netbt.sys 0x8EA87000 \SystemRoot\system32\DRIVERS\pacer.sys 0x8EA9D000 \SystemRoot\system32\DRIVERS\netbios.sys 0x8EAAB000 \SystemRoot\system32\DRIVERS\rdbss.sys 0x8EAE7000 \SystemRoot\system32\drivers\nsiproxy.sys 0x8EAF1000 \SystemRoot\System32\Drivers\dfsc.sys 0x8EB08000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS 0x8EB1D000 \SystemRoot\system32\DRIVERS\USBD.SYS 0x8EB1F000 \SystemRoot\system32\DRIVERS\cdfs.sys 0x8EB35000 \SystemRoot\System32\Drivers\crashdmp.sys 0x8A514000 \SystemRoot\System32\Drivers\dump_iaStor.sys 0x91840000 \SystemRoot\System32\win32k.sys 0x8EB42000 \SystemRoot\System32\drivers\Dxapi.sys 0x91A50000 \SystemRoot\System32\drivers\dxg.sys 0x91A80000 \SystemRoot\System32\TSDDD.dll 0x91B00000 \SystemRoot\System32\framebuf.dll 0x8EB4C000 \SystemRoot\system32\DRIVERS\bowser.sys 0x8EB65000 \SystemRoot\System32\drivers\mpsdrv.sys 0x8EB7A000 \SystemRoot\system32\DRIVERS\mrxsmb.sys 0x8EB99000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys 0x8EBD2000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys 0x774A0000 \Windows\System32\ntdll.dll Processes (total 25): 0 System Idle Process 4 System 392 C:\Windows\System32\smss.exe 460 csrss.exe 496 csrss.exe 504 C:\Windows\System32\wininit.exe 548 C:\Windows\System32\winlogon.exe 580 C:\Windows\System32\services.exe 592 C:\Windows\System32\lsass.exe 600 C:\Windows\System32\lsm.exe 736 C:\Windows\System32\svchost.exe 792 C:\Windows\System32\svchost.exe 912 C:\Windows\System32\svchost.exe 948 C:\Windows\System32\svchost.exe 980 C:\Windows\System32\svchost.exe 1020 C:\Windows\System32\svchost.exe 1036 C:\Windows\System32\svchost.exe 1128 C:\Windows\System32\svchost.exe 1368 C:\Windows\explorer.exe 1400 C:\Windows\System32\svchost.exe 1828 C:\Program Files\Windows Media Player\wmpnscfg.exe 400 C:\Program Files\Mozilla Firefox\firefox.exe 1012 C:\Program Files\Mozilla Firefox\plugin-container.exe 1236 WmiPrvSE.exe 1360 C:\Users\Nous\Desktop\MBRCheck.exe \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS) \\.\D: --> \\.\PhysicalDrive0 at offset 0x00000051`48501600 (NTFS) PhysicalDrive0 Model Number: ST3360320AS, Rev: 3.CHN Size Device Name MBR Status -------------------------------------------- 335 GB \\.\PhysicalDrive0 Unknown MBR code SHA1: CEFD837A02A1F4445A136688B10013AE4399C2CF Found non-standard or infected MBR. Enter 'Y' and hit ENTER for more options, or 'N' to exit: Done!
  4. gazagelle
    Premier rapport négatif: 2010/11/20 14:25:38.0048 TDSS rootkit removing tool 2.4.8.0 Nov 17 2010 07:23:12 2010/11/20 14:25:38.0048 ================================================================================ 2010/11/20 14:25:38.0048 SystemInfo: 2010/11/20 14:25:38.0048 2010/11/20 14:25:38.0048 OS Version: 6.0.6002 ServicePack: 2.0 2010/11/20 14:25:38.0048 Product type: Workstation 2010/11/20 14:25:38.0048 ComputerName: SWEETHOME 2010/11/20 14:25:38.0048 UserName: Nous 2010/11/20 14:25:38.0048 Windows directory: C:\Windows 2010/11/20 14:25:38.0048 System windows directory: C:\Windows 2010/11/20 14:25:38.0048 Processor architecture: Intel x86 2010/11/20 14:25:38.0048 Number of processors: 2 2010/11/20 14:25:38.0048 Page size: 0x1000 2010/11/20 14:25:38.0048 Boot type: Safe boot with network 2010/11/20 14:25:38.0048 ================================================================================ 2010/11/20 14:25:38.0322 Initialize success 2010/11/20 14:25:42.0943 ================================================================================ 2010/11/20 14:25:42.0943 Scan started 2010/11/20 14:25:42.0943 Mode: Manual; 2010/11/20 14:25:42.0943 ================================================================================ 2010/11/20 14:25:43.0592 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 2010/11/20 14:25:43.0671 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 2010/11/20 14:25:43.0731 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 2010/11/20 14:25:43.0767 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 2010/11/20 14:25:43.0794 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 2010/11/20 14:25:43.0927 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys 2010/11/20 14:25:43.0988 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys 2010/11/20 14:25:44.0021 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 2010/11/20 14:25:44.0097 aliide (c392b591746961b60f89fe1cbca7b4fb) C:\Windows\system32\drivers\aliide.sys 2010/11/20 14:25:44.0151 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys 2010/11/20 14:25:44.0171 amdide (f5f8d2885d1df33c74764ea2c06c0028) C:\Windows\system32\drivers\amdide.sys 2010/11/20 14:25:44.0219 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 2010/11/20 14:25:44.0245 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 2010/11/20 14:25:44.0307 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 2010/11/20 14:25:44.0359 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 2010/11/20 14:25:44.0410 aswFsBlk (b4079a98f294a3e262872cb76f4849f0) C:\Windows\system32\DRIVERS\aswFsBlk.sys 2010/11/20 14:25:44.0436 aswMonFlt (e2851cb7dbb831888eaea46c55c05e44) C:\Windows\system32\DRIVERS\aswMonFlt.sys 2010/11/20 14:25:44.0477 aswRdr (8080d683489c99cbace813f6fa4069cc) C:\Windows\system32\drivers\aswRdr.sys 2010/11/20 14:25:44.0589 aswSP (2e5a2ad5004b55df39b7606130a88142) C:\Windows\system32\drivers\aswSP.sys 2010/11/20 14:25:44.0618 aswTdi (d4c83a37efadfa2c398362e0776e3773) C:\Windows\system32\drivers\aswTdi.sys 2010/11/20 14:25:44.0683 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 2010/11/20 14:25:44.0720 atapi (bfd3df48c9ed81934fe21e8e3cfc2496) C:\Windows\system32\drivers\atapi.sys 2010/11/20 14:25:44.0839 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 2010/11/20 14:25:44.0987 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys 2010/11/20 14:25:45.0070 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 2010/11/20 14:25:45.0099 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 2010/11/20 14:25:45.0186 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 2010/11/20 14:25:45.0213 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 2010/11/20 14:25:45.0261 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 2010/11/20 14:25:45.0299 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 2010/11/20 14:25:45.0365 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 2010/11/20 14:25:45.0456 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 2010/11/20 14:25:45.0515 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 2010/11/20 14:25:45.0580 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 2010/11/20 14:25:45.0624 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 2010/11/20 14:25:45.0756 cmdide (78d56fe738f63d7fefcc7b396c5dcb67) C:\Windows\system32\drivers\cmdide.sys 2010/11/20 14:25:45.0779 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys 2010/11/20 14:25:45.0810 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 2010/11/20 14:25:45.0854 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 2010/11/20 14:25:45.0959 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys 2010/11/20 14:25:46.0119 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 2010/11/20 14:25:46.0233 driverhardwarev2 (aad5b49f2aabeb78f8e37984f475659e) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys 2010/11/20 14:25:46.0367 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 2010/11/20 14:25:46.0434 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys 2010/11/20 14:25:46.0520 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 2010/11/20 14:25:46.0599 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 2010/11/20 14:25:46.0702 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 2010/11/20 14:25:46.0854 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 2010/11/20 14:25:46.0885 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 2010/11/20 14:25:46.0968 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 2010/11/20 14:25:47.0019 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 2010/11/20 14:25:47.0056 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 2010/11/20 14:25:47.0090 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 2010/11/20 14:25:47.0160 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 2010/11/20 14:25:47.0308 fssfltr (491e9d9a26a745f6ae7d570849f4bd87) C:\Windows\system32\DRIVERS\fssfltr.sys 2010/11/20 14:25:47.0382 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 2010/11/20 14:25:47.0435 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 2010/11/20 14:25:47.0485 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 2010/11/20 14:25:47.0535 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 2010/11/20 14:25:47.0569 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 2010/11/20 14:25:47.0614 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 2010/11/20 14:25:47.0701 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 2010/11/20 14:25:47.0752 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 2010/11/20 14:25:47.0780 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 2010/11/20 14:25:47.0846 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 2010/11/20 14:25:47.0889 iaStor (baabb0301949774a66b955c65319635a) C:\Windows\system32\drivers\iastor.sys 2010/11/20 14:25:47.0930 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 2010/11/20 14:25:47.0959 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 2010/11/20 14:25:48.0070 IntcAzAudAddService (5d26ccb06e1f3b5c26e863df3f4f2611) C:\Windows\system32\drivers\RTKVHDA.sys 2010/11/20 14:25:48.0240 intelide (e08fb545eda9d1e3ca689b4b3f6e4c22) C:\Windows\system32\drivers\intelide.sys 2010/11/20 14:25:48.0287 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 2010/11/20 14:25:48.0385 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2010/11/20 14:25:48.0476 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 2010/11/20 14:25:48.0724 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 2010/11/20 14:25:48.0791 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 2010/11/20 14:25:48.0883 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys 2010/11/20 14:25:48.0925 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 2010/11/20 14:25:49.0021 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 2010/11/20 14:25:49.0064 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 2010/11/20 14:25:49.0148 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 2010/11/20 14:25:49.0274 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys 2010/11/20 14:25:49.0317 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys 2010/11/20 14:25:49.0453 Lbd (713cd5267abfb86fe90a72e384e82a38) C:\Windows\system32\DRIVERS\Lbd.sys 2010/11/20 14:25:49.0534 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 2010/11/20 14:25:49.0666 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 2010/11/20 14:25:49.0702 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 2010/11/20 14:25:49.0832 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 2010/11/20 14:25:49.0876 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 2010/11/20 14:25:50.0016 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 2010/11/20 14:25:50.0058 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 2010/11/20 14:25:50.0125 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 2010/11/20 14:25:50.0179 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 2010/11/20 14:25:50.0239 mouhid (a3a6dff7e9e757db3df51a833bc28885) C:\Windows\system32\drivers\mouhid.sys 2010/11/20 14:25:50.0273 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 2010/11/20 14:25:50.0380 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 2010/11/20 14:25:50.0415 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 2010/11/20 14:25:50.0513 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 2010/11/20 14:25:50.0535 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 2010/11/20 14:25:50.0583 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys 2010/11/20 14:25:50.0613 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2010/11/20 14:25:50.0639 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2010/11/20 14:25:50.0675 msahci (d537c241db604fa86e46328da0fd83d6) C:\Windows\system32\drivers\msahci.sys 2010/11/20 14:25:50.0699 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 2010/11/20 14:25:50.0816 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 2010/11/20 14:25:50.0881 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 2010/11/20 14:25:50.0951 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 2010/11/20 14:25:50.0974 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 2010/11/20 14:25:51.0018 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 2010/11/20 14:25:51.0049 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 2010/11/20 14:25:51.0090 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 2010/11/20 14:25:51.0150 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 2010/11/20 14:25:51.0202 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 2010/11/20 14:25:51.0270 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 2010/11/20 14:25:51.0361 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 2010/11/20 14:25:51.0437 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 2010/11/20 14:25:51.0477 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 2010/11/20 14:25:51.0539 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 2010/11/20 14:25:51.0602 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 2010/11/20 14:25:51.0687 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 2010/11/20 14:25:51.0741 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 2010/11/20 14:25:51.0833 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 2010/11/20 14:25:51.0921 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 2010/11/20 14:25:51.0974 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 2010/11/20 14:25:52.0079 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 2010/11/20 14:25:52.0129 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 2010/11/20 14:25:52.0172 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 2010/11/20 14:25:52.0481 nvlddmkm (c8cb6135884cbc2a10225c4c3cef0f95) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2010/11/20 14:25:52.0630 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 2010/11/20 14:25:52.0672 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 2010/11/20 14:25:52.0737 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys 2010/11/20 14:25:52.0848 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 2010/11/20 14:25:52.0946 P1131VID (ef3b8896ad48325c60d3a63513cd0c4d) C:\Windows\system32\DRIVERS\P1131Vid.sys 2010/11/20 14:25:53.0006 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 2010/11/20 14:25:53.0060 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 2010/11/20 14:25:53.0082 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 2010/11/20 14:25:53.0165 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 2010/11/20 14:25:53.0216 pciide (a88ff9e32aaa9af398ae89b9a082870b) C:\Windows\system32\drivers\pciide.sys 2010/11/20 14:25:53.0257 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 2010/11/20 14:25:53.0329 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 2010/11/20 14:25:53.0518 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 2010/11/20 14:25:53.0548 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 2010/11/20 14:25:53.0618 Ps2 (390c204ced3785609ab24e9c52054a84) C:\Windows\system32\DRIVERS\PS2.sys 2010/11/20 14:25:53.0683 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 2010/11/20 14:25:53.0793 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 2010/11/20 14:25:53.0830 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 2010/11/20 14:25:53.0867 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 2010/11/20 14:25:53.0937 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 2010/11/20 14:25:53.0973 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 2010/11/20 14:25:54.0036 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 2010/11/20 14:25:54.0124 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 2010/11/20 14:25:54.0188 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 2010/11/20 14:25:54.0234 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 2010/11/20 14:25:54.0327 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys 2010/11/20 14:25:54.0358 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 2010/11/20 14:25:54.0412 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 2010/11/20 14:25:54.0473 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 2010/11/20 14:25:54.0506 RTL8169 (c347a3cde57077056e7e73d3498f7d7d) C:\Windows\system32\DRIVERS\Rtlh86.sys 2010/11/20 14:25:54.0576 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 2010/11/20 14:25:54.0644 SCDEmu (e9bbd87afd80dc1212ecd762858b45c7) C:\Windows\system32\drivers\SCDEmu.sys 2010/11/20 14:25:54.0808 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2010/11/20 14:25:54.0853 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 2010/11/20 14:25:54.0896 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 2010/11/20 14:25:54.0931 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 2010/11/20 14:25:54.0974 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys 2010/11/20 14:25:55.0007 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys 2010/11/20 14:25:55.0032 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys 2010/11/20 14:25:55.0067 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 2010/11/20 14:25:55.0099 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys 2010/11/20 14:25:55.0127 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 2010/11/20 14:25:55.0155 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 2010/11/20 14:25:55.0206 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 2010/11/20 14:25:55.0333 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 2010/11/20 14:25:55.0406 srv (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys 2010/11/20 14:25:55.0651 srv2 (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys 2010/11/20 14:25:55.0724 srvnet (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys 2010/11/20 14:25:55.0854 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\Windows\system32\drivers\StarOpen.sys 2010/11/20 14:25:55.0909 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 2010/11/20 14:25:56.0032 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 2010/11/20 14:25:56.0073 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 2010/11/20 14:25:56.0097 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 2010/11/20 14:25:56.0216 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys 2010/11/20 14:25:56.0316 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys 2010/11/20 14:25:56.0368 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 2010/11/20 14:25:56.0474 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 2010/11/20 14:25:56.0495 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 2010/11/20 14:25:56.0534 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 2010/11/20 14:25:56.0569 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 2010/11/20 14:25:56.0633 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 2010/11/20 14:25:56.0658 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 2010/11/20 14:25:56.0726 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 2010/11/20 14:25:56.0791 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 2010/11/20 14:25:56.0832 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 2010/11/20 14:25:56.0988 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys 2010/11/20 14:25:57.0022 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 2010/11/20 14:25:57.0055 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 2010/11/20 14:25:57.0082 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 2010/11/20 14:25:57.0118 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 2010/11/20 14:25:57.0196 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys 2010/11/20 14:25:57.0333 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 2010/11/20 14:25:57.0457 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 2010/11/20 14:25:57.0512 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 2010/11/20 14:25:57.0548 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 2010/11/20 14:25:57.0629 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 2010/11/20 14:25:57.0665 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 2010/11/20 14:25:57.0738 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 2010/11/20 14:25:57.0787 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2010/11/20 14:25:57.0866 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 2010/11/20 14:25:57.0941 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys 2010/11/20 14:25:58.0004 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 2010/11/20 14:25:58.0046 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 2010/11/20 14:25:58.0080 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys 2010/11/20 14:25:58.0136 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 2010/11/20 14:25:58.0166 viaide (f2eb2e6e21b008695d3d28e69937da9c) C:\Windows\system32\drivers\viaide.sys 2010/11/20 14:25:58.0197 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 2010/11/20 14:25:58.0290 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 2010/11/20 14:25:58.0324 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 2010/11/20 14:25:58.0361 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 2010/11/20 14:25:58.0475 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 2010/11/20 14:25:58.0517 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2010/11/20 14:25:58.0539 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 2010/11/20 14:25:58.0657 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 2010/11/20 14:25:58.0713 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 2010/11/20 14:25:58.0821 winusb (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\winusb.sys 2010/11/20 14:25:58.0864 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys 2010/11/20 14:25:59.0001 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 2010/11/20 14:25:59.0104 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 2010/11/20 14:25:59.0320 ================================================================================ 2010/11/20 14:25:59.0320 Scan finished 2010/11/20 14:25:59.0320 ======================================================
  5. gazagelle
    J'le crois pas....la restauration lors du démarrage loupé m'a rétabli tout ce que j'avais supprimé...emule, spybot, azureus, conduit Je redésinstalle tout et j'm'y relance
  6. gazagelle
    Bah vi j'ai compris, c'est un vrai bébé ce pc ^^ Nouveau scan effectué avec succès, aucun virus détecté, pas de rapport à enregistrer, mais encore des problèmes....Redémarrage planté avec nouvelle restauration effectuée par l'outil de réparation démarrage Et toujours le même gel dès que j'essaie d'ouvrir quoi que ce soit en mode normal. Je commence à en avoir maaarrre Serait il possible que ce ne soit finalement pas (seulement) un souci de virus mais un problème matériel? J'ai démonté le pc pour tout dépoussiérer et vérifier que tout est toujours bien en place, mais là non plus je n'ai rien remarqué de particulier, et ma tour n'a pas subi de choc, de déplacement, d'humidité...rien qui expliquerait (à moi du moins ^^) une altération de l'un ou l'autre élément... Avez-vous encore de bonnes idées en stock ? J'admire en tout cas votre patience, il y a longtemps que je me serais envoyée paître à votre place
  7. gazagelle
    Bonjour, J'ai lancé Dr web cure it hier soir et l'ai laissé tourner seul au bout de 1h30, mais ce matin, mon pc avait redémarré en mode normal toujours gelé, et j'avais juste le message "windows a récupéré d'un arrêt non planifié". Je n'ai trouvé aucun log de Dr Web....Je refais un essai.
  8. gazagelle
    Voici le rapport combofix... A noter que le programme m'a annoncé que Avast et Spybot sont toujours actifs sur mon pc, or Avast était bel et bien désactivé (et pour cause, il se désactive tout seul à chaque démarrage), et spybot est complètement désinstallé Changement de comportement du pc:j'ai récupéré des "trucs" se lançant au démarrage (one note, majuscule, défilement,unlocker...) qui ne se lançaient plus, mon centre de sécurité qui fonctionne à nouveau correctement, et réinitialisation de mes paramètres écran. Apparemment pas de freeze si je ne fais rien (curseur en mouvement, éléments en surbrillance), mais dès que je clique sur quoi que ce soit (explorer, document bureau, internet) => ça gèle à nouveau ComboFix 10-11-18.04 - Nous 19/11/2010 14:09:37.1.2 - x86 NETWORK Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.32.1036.18.3071.2446 [GMT 1:00] Lancé depuis: C:\Users\Nous\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1229 [VPS 081116-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} SP: avast! antivirus 4.8.1229 [VPS 081116-1] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22} SP: Spybot - Search and Destroy *enabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Users\Nous\AppData\Roaming\TMInc C:\Users\Nous\AppData\Roaming\TMInc\game.cfg C:\Windows\system32\jusched.exe . ---- Exécution préalable ------- . C:\Users\Nous\AppData\Roaming\TMInc\game.cfg C:\Users\Nous\AppData\Roaming\TMInc\user1.sav C:\Windows\system32\jusched.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_Boonty Games -------\Service_Schedule
  9. gazagelle
    Bonjour, Déjà merci pour votre aide et plus encore pour votre patience J'ai désinstallé azureus et msn live de la façon demandée, j'ai par contre dû désinstaller conduit et emule "à l'arrachée" car pas dans la liste des suppressions et pas de fichier uninstall. J'ai lancé ccleaner pour nettoyer le registre après. OTL lancé, mais il y avait un second émule dans ma bécane! (Merci mon mari )que j'ai désinstallé après, ainsi que spybot, et désactivé defender. Tout ce blabla au cas où cela a une incidence sur le rapport OTL qui suit ^^ Côté changements de comportement de pc: Le freeze a eu lieu un tout petit peu plus tard (2-3 minutes) en émettant pour la première fois un "bip", C'est pas top encore hein? All processes killed ========== OTL ========== Service Boonty Games stopped successfully! Service Boonty Games deleted successfully! File C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe not found. Prefs.js: "http://search.sweetim.com/search.asp?src=2&q=" removed from keyword.URL Prefs.js: "chrome://browser-region/locale/region.properties" removed from sweetim.toolbar.previous.keyword.URL Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Health Check Scheduler deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http deleted successfully. Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found. Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\Windows\Downloaded Program Files\gp.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{522da2ed-9413-11df-b1fb-001fc6104658}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{522da2ed-9413-11df-b1fb-001fc6104658}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{522da2ed-9413-11df-b1fb-001fc6104658}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{522da2ed-9413-11df-b1fb-001fc6104658}\ not found. File J:\laucher.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\ not found. File J:\BS4Launcher.exe not found. Folder C:\Program Files\Messenger Plus! Live\ not found. Folder C:\Program Files\Conduit\ not found. C:\sqmdata00.sqm moved successfully. C:\sqmnoopt00.sqm moved successfully. C:\sqmnoopt01.sqm moved successfully. C:\VundoFix.txt moved successfully. ADS C:\ProgramData\TEMP:87951F59 deleted successfully. ADS C:\ProgramData\TEMP:C186F20B deleted successfully. ADS C:\ProgramData\TEMP:B37E855B deleted successfully. ADS C:\ProgramData\TEMP:796EE7C8 deleted successfully. ADS C:\ProgramData\TEMP:93F0301A deleted successfully. ADS C:\ProgramData\TEMP:3595B780 deleted successfully. ADS C:\ProgramData\TEMP:0F0A5896 deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 402 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Nous ->Temp folder emptied: 1856858 bytes ->Temporary Internet Files folder emptied: 197010 bytes ->Java cache emptied: 87567492 bytes ->FireFox cache emptied: 87743258 bytes ->Flash cache emptied: 1932122 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 524288 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 171,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.17.3 log created on 11192010_115600 Files\Folders moved on Reboot... Registry entries deleted on Reboot...
  10. gazagelle
    Pour ce qui est du programme d'installation, j'ai acheté le pc avec vista pré installé mais sans cd fourni:s Par contre, j'ai eu lors de la configuration la possibilité de créer des dvd de récupération (3) qui serviraient à réinstaller tout tel que sorti de l'usine... J'espère juste avoir tout fait correctement
  11. gazagelle
    OTL logfile created on: 18/11/2010 18:35:30 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Nous\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 84,00% Memory free 6,00 Gb Paging File | 6,00 Gb Available in Paging File | 95,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 325,13 Gb Total Space | 199,23 Gb Free Space | 61,28% Space Free | Partition Type: NTFS Drive D: | 10,22 Gb Total Space | 1,40 Gb Free Space | 13,70% Space Free | Partition Type: NTFS Drive E: | 1,46 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: SWEETHOME | User Name: Nous | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010/11/18 18:23:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Nous\Desktop\OTL.exe PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe ========== Modules (SafeList) ========== MOD - [2010/11/18 18:23:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Nous\Desktop\OTL.exe MOD - [2010/08/31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games) SRV - [2010/09/22 11:03:38 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort) SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Stopped] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) SRV - [2010/02/08 20:19:46 | 001,181,328 | ---- | M] (Lavasoft) [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2009/11/25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus) SRV - [2009/11/25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner) SRV - [2009/11/25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner) SRV - [2009/11/25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv) SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) SRV - [2008/07/25 19:57:54 | 000,191,656 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice) SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008/01/19 08:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2008/01/19 08:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007/04/29 21:54:44 | 000,537,520 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\lxcgcoms.exe -- (lxcg_device) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SymIM.sys -- (SymIMMP) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pfc.sys -- (pfc) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\pcdrndisuio.sys -- (PcdrNdisuio) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive) DRV - [2010/04/28 07:44:02 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2010/04/03 21:55:32 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009/12/02 14:19:06 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2009/11/25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2009/11/25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2009/11/25 00:49:48 | 000,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2009/11/25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2009/11/25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen) DRV - [2009/04/11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb) DRV - [2008/12/04 19:34:52 | 000,328,728 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor) DRV - [2008/07/25 20:14:02 | 000,015,352 | ---- | M] (Ma-Config.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2) DRV - [2008/07/03 16:03:48 | 002,152,088 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008/03/14 07:04:29 | 000,046,652 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu) DRV - [2008/02/17 03:50:56 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008/02/17 03:50:56 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008/02/17 03:50:56 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007/10/03 17:18:12 | 000,099,840 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2006/11/02 10:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2006/11/02 10:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2006/11/02 10:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2006/11/02 10:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2006/11/02 10:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2006/11/02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2006/11/02 10:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2006/11/02 10:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2006/11/02 10:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2006/11/02 10:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006/11/02 10:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2006/11/02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006/11/02 10:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2006/11/02 10:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2006/11/02 10:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2) DRV - [2006/11/02 10:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2006/11/02 10:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006/11/02 10:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006/11/02 10:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006/11/02 10:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006/11/02 08:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel® DRV - [2005/12/12 17:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2) DRV - [2004/05/04 05:49:00 | 000,091,241 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\P1131Vid.sys -- (P1131VID) Creative WebCam NX Pro (WDM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Consumer | MSN IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP Consumer | MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Connexion IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.google.be" FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.96 FF - prefs.js..extensions.enabledItems: {d1a1c8f1-e3d9-48df-802f-20201061ef61}:2.7.1.3 FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q=" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/04 18:12:27 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/31 13:11:11 | 000,000,000 | ---D | M] [2008/07/13 11:17:44 | 000,000,000 | ---D | M] -- C:\Users\Nous\AppData\Roaming\mozilla\Extensions [2010/11/02 20:45:07 | 000,000,000 | ---D | M] -- C:\Users\Nous\AppData\Roaming\mozilla\Firefox\Profiles\efzm1m1t.default\extensions [2010/06/23 21:12:59 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Nous\AppData\Roaming\mozilla\Firefox\Profiles\efzm1m1t.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010/11/02 20:44:52 | 000,000,000 | ---D | M] (Messenger Plus Live Belgium Toolbar) -- C:\Users\Nous\AppData\Roaming\mozilla\Firefox\Profiles\efzm1m1t.default\extensions\{d1a1c8f1-e3d9-48df-802f-20201061ef61} [2010/02/08 19:17:20 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Nous\AppData\Roaming\mozilla\Firefox\Profiles\efzm1m1t.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2010/07/20 16:36:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nous\AppData\Roaming\mozilla\Firefox\Profiles\efzm1m1t.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}-trash [2010/02/05 08:51:16 | 000,000,000 | ---D | M] (SearchPreview) -- C:\Users\Nous\AppData\Roaming\mozilla\Firefox\Profiles\efzm1m1t.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2010/07/20 16:36:20 | 000,000,000 | ---D | M] -- C:\Users\Nous\AppData\Roaming\mozilla\Firefox\Profiles\efzm1m1t.default\extensions\radiobar@toolbar-trash [2010/04/21 18:32:37 | 000,000,000 | ---D | M] -- C:\Users\Nous\AppData\Roaming\mozilla\Firefox\Profiles\efzm1m1t.default\extensions\smarterwiki@wikiatic.com-trash [2010/11/02 20:45:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010/09/21 15:57:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010/03/26 15:41:59 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml [2010/03/26 15:41:59 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/03/26 15:41:59 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml [2009/07/24 06:34:57 | 000,000,748 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\MediaDICO-fr.xml [2010/03/26 15:41:59 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml [2010/03/28 07:25:51 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: ::1 localhost O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 2300 Series\ezprint.exe (Lexmark International Inc.) O4 - HKLM..\Run: [HP Health Check Scheduler] File not found O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe () O4 - HKLM..\Run: [LXCGCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.DLL () O4 - HKLM..\Run: [lxcgmon.exe] C:\Program Files\Lexmark 2300 Series\lxcgmon.exe (Lexmark International, Inc.) O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [sunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Ranges: Range1 ([http] in Intranet local) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Nous\Pictures\21072009\P1010215.JPG O24 - Desktop BackupWallPaper: C:\Users\Nous\Pictures\21072009\P1010215.JPG O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/02/16 19:27:45 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{522da2ed-9413-11df-b1fb-001fc6104658}\Shell - "" = AutoRun O33 - MountPoints2\{522da2ed-9413-11df-b1fb-001fc6104658}\Shell\AutoRun\command - "" = J:\laucher.exe -- File not found O33 - MountPoints2\J\Shell - "" = AutoRun O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\BS4Launcher.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Error creating restore point. ========== Files/Folders - Created Within 30 Days ========== [2010/11/18 18:23:59 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Nous\Desktop\OTL.exe [2010/11/17 17:56:27 | 000,000,000 | ---D | C] -- C:\Users\Nous\AppData\Local\temp(51) [2010/11/17 17:48:32 | 000,000,000 | ---D | C] -- C:\ComboFix(2) [2010/11/17 00:36:19 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs [2010/11/17 00:34:50 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint [2010/11/17 00:34:49 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs [2010/11/16 23:18:01 | 000,000,000 | ---D | C] -- C:\Users\Nous\AppData\Roaming\Malwarebytes [2010/11/16 23:17:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/11/16 23:17:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010/11/15 23:32:52 | 000,000,000 | RH-D | C] -- C:\Users\Nous\AppData\Roaming\SecuROM [2010/11/14 12:39:45 | 000,000,000 | ---D | C] -- C:\Users\Nous\AppData\Roaming\AlawarSouthpoint [2010/11/14 12:39:45 | 000,000,000 | ---D | C] -- C:\ProgramData\AlawarSouthpoint [2010/11/13 22:05:21 | 000,000,000 | ---D | C] -- C:\Users\Nous\AppData\Roaming\GameHouse [2010/11/12 02:10:55 | 000,000,000 | ---D | C] -- C:\Users\Nous\AppData\Roaming\Awem [2010/11/07 10:43:21 | 000,000,000 | ---D | C] -- C:\Users\Nous\AppData\Roaming\MA2 [2010/11/06 23:26:01 | 000,000,000 | ---D | C] -- C:\Users\Nous\AppData\Roaming\Jetdogs Studios [2010/11/05 20:48:34 | 000,000,000 | ---D | C] -- C:\Users\Nous\AppData\Roaming\Vogat Interactive [2010/11/05 20:31:07 | 000,000,000 | ---D | C] -- C:\Users\Nous\AppData\Roaming\Games [2010/11/05 19:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger Plus! Live [2010/11/05 19:04:39 | 000,054,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys [2010/11/05 18:58:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2010/11/05 18:56:13 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive [2010/11/05 18:55:20 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2010/11/02 20:44:57 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit [2010/11/01 20:15:08 | 000,000,000 | ---D | C] -- C:\Users\Nous\AppData\Local\Astar Games [2010/11/01 18:39:59 | 000,000,000 | ---D | C] -- C:\Users\Nous\Documents\Amnesia [2010/10/31 17:13:19 | 000,000,000 | ---D | C] -- C:\Users\Nous\AppData\Roaming\Artifex Mundi [2010/10/27 21:27:03 | 000,000,000 | ---D | C] -- C:\Users\Nous\AppData\Roaming\Enki Games [2010/10/26 22:15:08 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2010/10/26 22:15:06 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010/10/26 22:15:06 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2010/10/23 22:08:38 | 000,000,000 | ---D | C] -- C:\Users\Nous\AppData\Roaming\Aerohills [2010/10/23 17:51:39 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll [2010/10/22 16:45:05 | 000,000,000 | ---D | C] -- C:\Users\Nous\AppData\Roaming\ScreenSeven [2010/10/22 16:45:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ScreenSeven [2008/09/19 10:39:52 | 001,953,480 | ---- | C] (Microsoft Corporation) -- C:\Program Files\PPVIEWER.EXE [2008/07/13 13:24:53 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcginpa.dll [2008/07/13 13:24:53 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcgiesc.dll [2008/07/13 13:24:53 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxcghcp.dll [2008/07/13 13:24:52 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcgserv.dll [2008/07/13 13:24:52 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxcgusb1.dll [2008/07/13 13:24:52 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcgprox.dll [2008/07/13 13:24:52 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcgpplc.dll [2008/07/13 13:24:51 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcgpmui.dll [2008/07/13 13:24:51 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcglmpm.dll [2008/07/13 13:24:50 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxcghbn3.dll [2008/07/13 13:24:49 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcgcomc.dll [2008/07/13 13:24:49 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcgcomm.dll [3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Nous\*.tmp files -> C:\Users\Nous\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010/11/18 18:32:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/11/18 18:28:04 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn [2010/11/18 18:26:46 | 000,035,565 | ---- | M] () -- C:\ProgramData\nvModes.dat [2010/11/18 18:26:45 | 000,035,565 | ---- | M] () -- C:\ProgramData\nvModes.001 [2010/11/18 18:26:19 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010/11/18 18:26:18 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010/11/18 18:23:59 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Nous\Desktop\OTL.exe [2010/11/18 18:21:32 | 000,364,032 | ---- | M] () -- C:\Users\Nous\Desktop\rkill.exe [2010/11/18 18:14:29 | 000,680,812 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/11/18 18:14:29 | 000,598,290 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/11/18 18:14:29 | 000,126,920 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/11/18 18:14:29 | 000,104,304 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/11/17 23:18:05 | 000,000,290 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2010/11/17 23:12:40 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{954094CF-A7C7-4E85-B3F1-E2346D73B7D9}.job [2010/11/17 23:09:06 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2010/11/17 23:09:06 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job [2010/11/17 23:09:06 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job [2010/11/17 23:09:06 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job [2010/11/17 23:09:06 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job [2010/11/17 00:48:57 | 000,002,032 | ---- | M] () -- C:\Users\Nous\AppData\Local\d3d9caps.dat [2010/11/17 00:43:57 | 000,000,552 | ---- | M] () -- C:\Users\Nous\AppData\Local\d3d8caps.dat [2010/11/12 19:47:55 | 000,107,520 | ---- | M] () -- C:\Users\Nous\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/11/10 18:28:57 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll [2010/11/05 18:44:52 | 000,077,256 | ---- | M] () -- C:\Users\Nous\Documents\cc_20101105_184439.reg [2010/11/05 18:24:15 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE [2010/10/27 02:18:06 | 000,392,896 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Nous\*.tmp files -> C:\Users\Nous\*.tmp -> ] ========== Files Created - No Company Name ========== [2010/11/18 18:21:31 | 000,364,032 | ---- | C] () -- C:\Users\Nous\Desktop\rkill.exe [2010/11/17 23:06:43 | 000,001,117 | ---- | C] () -- C:\Users\Nous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk [2010/11/17 23:06:43 | 000,000,805 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LUMIX Simple Viewer.lnk [2010/11/17 00:43:57 | 000,000,552 | ---- | C] () -- C:\Users\Nous\AppData\Local\d3d8caps.dat [2010/11/13 09:58:20 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2010/11/13 09:58:20 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job [2010/11/13 09:58:20 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job [2010/11/13 09:58:20 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job [2010/11/13 09:58:19 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job [2010/11/05 18:44:43 | 000,077,256 | ---- | C] () -- C:\Users\Nous\Documents\cc_20101105_184439.reg [2010/11/05 18:24:14 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE [2010/10/07 11:54:30 | 000,000,000 | ---- | C] () -- C:\Windows\SETUP32.INI [2010/10/03 12:22:39 | 000,000,334 | ---- | C] () -- C:\Windows\TLCAPPS.INI [2010/09/29 22:58:09 | 000,003,394 | ---- | C] () -- C:\ProgramData\dscrane_save.log [2010/09/29 22:42:01 | 000,000,044 | ---- | C] () -- C:\ProgramData\{3D55D1F4-1059-11DC-B281-197056D89593} [2010/09/19 13:56:56 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll [2010/09/19 13:48:13 | 000,000,590 | ---- | C] () -- C:\Windows\WININIT.INI [2010/09/19 13:47:58 | 000,000,046 | ---- | C] () -- C:\Windows\PEJ.INI [2010/08/31 22:49:14 | 003,088,886 | ---- | C] () -- C:\Users\Nous\AppData\Roaming\screenshot8Tuesday2349147680000.png [2010/07/19 16:49:09 | 000,000,035 | ---- | C] () -- C:\Windows\A5W.INI [2010/07/19 09:07:05 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2010/05/26 06:50:46 | 000,035,565 | ---- | C] () -- C:\ProgramData\nvModes.001 [2010/05/26 05:34:25 | 000,035,565 | ---- | C] () -- C:\ProgramData\nvModes.dat [2010/05/05 19:56:13 | 000,000,000 | ---- | C] () -- C:\Windows\Game.INI [2010/04/02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2010/01/30 02:08:58 | 000,000,364 | ---- | C] () -- C:\ProgramData\aygdi_save.log [2009/11/06 20:18:43 | 000,000,004 | ---- | C] () -- C:\Users\Nous\AppData\Roaming\992ncc8f18425un59ztm1t8naz9gj6h [2009/10/20 18:40:34 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2008/11/19 07:15:07 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2008/09/19 10:33:14 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI [2008/08/06 11:17:36 | 000,003,664 | ---- | C] () -- C:\Users\Nous\AppData\Roaming\wklnhst.dat [2008/08/01 09:24:21 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2008/07/18 12:07:12 | 000,031,007 | ---- | C] () -- C:\Users\Nous\AppData\Roaming\UserTile.png [2008/07/15 15:09:15 | 000,107,520 | ---- | C] () -- C:\Users\Nous\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/07/13 13:24:54 | 000,274,432 | ---- | C] () -- C:\Windows\System32\lxcginst.dll [2008/07/13 10:43:37 | 000,002,032 | ---- | C] () -- C:\Users\Nous\AppData\Local\d3d9caps.dat [2008/02/16 19:21:20 | 000,000,342 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2008/02/16 19:04:14 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll [2008/02/16 19:04:14 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2007/07/23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2007/07/23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2007/02/22 17:32:00 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxcgcoin.dll [2006/11/02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2005/08/18 05:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxcgvs.dll [2005/03/13 13:32:14 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxcgcnv4.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2010/11/18 18:31:46 | 000,062,475 | ---- | M] () -- C:\aaw7boot.log [2008/02/16 19:27:45 | 000,000,074 | ---- | M] () -- C:\autoexec.bat [2009/04/11 07:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr [2008/02/17 03:17:02 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2006/09/18 22:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys [2008/07/29 15:37:57 | 000,000,125 | ---- | M] () -- C:\FINIS_IT.TXT [2010/02/12 21:39:46 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2009/01/05 16:40:54 | 001,111,450 | ---- | M] () -- C:\log.txt [2010/03/01 17:34:24 | 000,000,485 | ---- | M] () -- C:\lxcg.log [2008/07/13 13:20:19 | 000,241,733 | ---- | M] () -- C:\lxcgunst.csv [2010/02/12 21:39:46 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010/11/18 18:31:48 | 3534,307,328 | -HS- | M] () -- C:\pagefile.sys [2008/08/18 16:20:54 | 000,000,574 | ---- | M] () -- C:\RHDSetup.log [2010/11/18 18:33:22 | 000,000,405 | ---- | M] () -- C:\rkill.log [2009/01/23 06:01:01 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm [2009/01/23 06:01:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm [2010/07/20 08:30:42 | 000,000,704 | ---- | M] () -- C:\sqmnoopt01.sqm [2010/02/27 18:18:03 | 000,000,135 | ---- | M] () -- C:\VundoFix.txt < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2006/11/02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2006/11/02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006/11/02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006/11/02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\drivers\*.sys /90 > [2010/09/06 14:45:38 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv.sys [2010/09/06 14:45:22 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys [2010/09/06 14:45:19 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys ========== Alternate Data Streams ========== @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:87951F59 @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:C186F20B @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:B37E855B @Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:796EE7C8 @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:93F0301A @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:3595B780 @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:0F0A5896 < End of report > OTL Extras logfile created on: 18/11/2010 18:35:30 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Nous\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 0000080C | Country: Belgique | Language: FRB | Date Format: d/MM/yyyy 3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 84,00% Memory free 6,00 Gb Paging File | 6,00 Gb Available in Paging File | 95,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 325,13 Gb Total Space | 199,23 Gb Free Space | 61,28% Space Free | Partition Type: NTFS Drive D: | 10,22 Gb Total Space | 1,40 Gb Free Space | 13,70% Space Free | Partition Type: NTFS Drive E: | 1,46 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: SWEETHOME | User Name: Nous | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 0 "InternetSettingsDisableNotify" = 0 "AutoUpdateDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{03B3A587-5CF5-49D8-85D7-491395FEED19}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe | "{04BAA3F5-93F6-4191-9C65-7028730DA7BA}" = lport=137 | protocol=17 | dir=in | app=system | "{0B747FA4-9780-4822-B325-FA91DD1D1DAE}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp | "{22CD63EF-182E-45E4-B4D3-A5D3AAD671BE}" = lport=5358 | protocol=6 | dir=in | app=system | "{286D59C2-1827-474C-B666-FC6E3931F84B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{2C4D4DDF-6EE2-4898-82B6-29BADB96BB0B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{3D0D6C3B-07D6-4D68-BB27-A1C7112ACAD5}" = rport=5358 | protocol=6 | dir=out | app=system | "{45FF6FC7-DE43-4691-934B-9D06214C53B5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{480FDDBE-6575-41E8-9A6E-C3E45D064D84}" = lport=2869 | protocol=6 | dir=in | app=system | "{4DFEEE69-C8FC-4E96-90A8-DC4A9751A440}" = rport=138 | protocol=17 | dir=out | app=system | "{566E6504-F68D-488D-B22F-272D3CFEF627}" = lport=445 | protocol=6 | dir=in | app=system | "{6D7C0CAE-C30F-4380-A2B9-6F025024203F}" = lport=138 | protocol=17 | dir=in | app=system | "{748DA358-F70B-45A4-8396-0CDCF9A8203F}" = lport=2869 | protocol=6 | dir=in | app=system | "{76969EDC-C211-4322-B3D7-C7F2F476C5C5}" = lport=5357 | protocol=6 | dir=in | app=system | "{86DC7C30-189C-4213-A407-44494B7D7EB5}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe | "{B649F559-90EA-4997-A0EA-8C0962C42428}" = rport=445 | protocol=6 | dir=out | app=system | "{BA97A0A5-2D97-4260-894D-EC436BAD43DC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{BACDFE45-1AAB-4041-8174-F659F3FBF493}" = rport=139 | protocol=6 | dir=out | app=system | "{D41DC7F2-375D-4EE2-B000-CA0C9AAC7F27}" = rport=5357 | protocol=6 | dir=out | app=system | "{D5FB8156-46B7-4790-A2F7-717170FFAF0D}" = lport=139 | protocol=6 | dir=in | app=system | "{D63D313F-C3F9-4BCA-899D-D3BC1F3F3C3A}" = rport=137 | protocol=17 | dir=out | app=system | "{E8F82315-55CE-49AE-BB39-15024EF9393C}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp | "{F310E15C-752F-4997-84ED-27F9F33B9456}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02EA4E04-C24E-4209-A525-863D8E4C08F4}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{0F5887CA-EBBE-40EF-B810-643F38BF1CA7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{1CD7F5B0-A4A7-494A-95D0-EBEB253E93E0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{25F748ED-8937-40A2-A40C-0B904B8D9937}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{2A2BF570-7C23-4B95-8925-6A759E47059F}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{38A9F16C-CED6-4F95-8E73-E36210CB3948}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe | "{4981AAAD-FE34-4ED7-92CD-CE1BA0F0DF8E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{49E51823-91E8-44D2-8507-5F215FBF35FE}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{5E695800-47C5-4DFB-B1F9-9268AD6C73C6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{613F713B-8AED-4920-AD20-ED0F29F8F93A}" = protocol=17 | dir=in | app=c:\windows\system32\lxcgcoms.exe | "{69ABD204-E77D-464F-84FF-73A632B8230D}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe | "{73C05592-F09C-4F0B-BA2F-DDE2E0A1B9DE}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | "{78473262-0C00-428C-B58F-C250C55983A3}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxcgpswx.exe | "{89177F13-E9C5-4F0D-97C3-CAA0050F78E6}" = protocol=17 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{8D437D1F-B4F9-4A4C-9F14-9D0A6617F34F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{90C5C918-E370-4345-9FA5-09A246BE1719}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe | "{96BFD239-D37E-4CC0-8D42-227A697E39BF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{99599423-FD08-464C-A1E5-C99C670F8DC4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | "{A0D13F56-ED8B-414C-A0FB-D572BE92BB66}" = protocol=17 | dir=in | app=d:\recovery\utorrent.exe | "{ACF19F98-769E-4D79-8CF1-F202008D8E4C}" = protocol=6 | dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{AE91A663-6EFB-4D5F-BA36-2B175E9A4B8E}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | "{B06CE094-975B-4798-A110-A3B893658289}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe | "{B80F847F-ED82-451C-9C8B-F394A99FCF7A}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{B92031A6-B219-4EA1-83C7-E0169BFB5236}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxcgpswx.exe | "{CF04EFCF-974A-4373-983A-FE10CDBBB393}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{CF61675D-6EEE-429A-A8DA-199A6F0A4087}" = protocol=6 | dir=in | app=c:\windows\system32\lxcgcoms.exe | "{E2C79776-52D0-4DD1-85B4-2CB71866B1C8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{E5CB6025-D70F-4CC9-B55D-5F96E59CB3B5}" = dir=out | app=c:\program files\emule\emule.exe | "{F95B7D9C-B905-467B-AF74-D38C82A59F4C}" = protocol=6 | dir=in | app=d:\recovery\utorrent.exe | "{F9D2A3DF-536E-4B77-ABBE-21D843BC2008}" = dir=in | app=c:\program files\emule\emule.exe | "TCP Query User{195DBFC1-BEF6-4A10-9104-221105EA1749}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe | "TCP Query User{1C28F4D0-53D1-405A-A44D-68F361B43DCD}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{21BF831E-9902-4E21-9EC9-A027316084A1}C:\program files\ip privacy\ip privacy.exe" = protocol=6 | dir=in | app=c:\program files\ip privacy\ip privacy.exe | "TCP Query User{257FB34F-D016-42E1-ABE5-7E407CB4CDFF}C:\program files\emule0.50a\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule0.50a\emule.exe | "TCP Query User{2D330B9A-22C5-4112-8EBD-00311781F210}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "TCP Query User{49302144-5DDB-4EC2-84B9-E32270DFC383}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "TCP Query User{6825C7BE-C746-470F-BB24-A9C8CE6C5D2C}C:\program files\messenger plus! live\msgplus\msg plus\bin\wish.exe" = protocol=6 | dir=in | app=c:\program files\messenger plus! live\msgplus\msg plus\bin\wish.exe | "TCP Query User{71A6AD11-2206-48A1-994A-DAE37F9DF50A}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{8E3ACDBE-AB7C-47AD-B480-388D8205D680}C:\users\nous\desktop\emule\emule.exe" = protocol=6 | dir=in | app=c:\users\nous\desktop\emule\emule.exe | "TCP Query User{A19C57E1-3A13-46A8-97EB-0E5100C851C0}C:\users\nous\desktop\emule0.50a\emule.exe" = protocol=6 | dir=in | app=c:\users\nous\desktop\emule0.50a\emule.exe | "TCP Query User{A4507185-31FE-4CCE-B4A2-251E49CCEE54}C:\games\heidi\heidi_release.exe" = protocol=6 | dir=in | app=c:\games\heidi\heidi_release.exe | "TCP Query User{B6E5C9C6-664A-4F65-B676-3EB66F5920BC}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe | "TCP Query User{C1594F6E-15F0-43DD-AC48-D53B272ADE3A}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "TCP Query User{D930C176-C3DC-4E64-A652-15A1A9475B8A}E:\easysetupassistant\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe | "TCP Query User{DE19BA0D-6EDB-4314-B1BF-226599900809}C:\program files\shareaza\shareaza.exe" = protocol=6 | dir=in | app=c:\program files\shareaza\shareaza.exe | "TCP Query User{F401226D-92B9-43D6-BB09-7287ED903DC8}J:\fscommand\vividas_ep12.exe" = protocol=6 | dir=in | app=j:\fscommand\vividas_ep12.exe | "TCP Query User{F7CCD1DA-7654-4654-B456-FA14B2F37A48}C:\program files\emule\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule\emule.exe | "TCP Query User{FAA536B1-C503-42D3-BF06-2DBD8E2AAE72}C:\games\majesty2\majesty 2\majesty2.exe" = protocol=6 | dir=in | app=c:\games\majesty2\majesty 2\majesty2.exe | "UDP Query User{05C9F6C1-9FC5-4A84-AB4A-DB1B069FE662}C:\program files\messenger plus! live\msgplus\msg plus\bin\wish.exe" = protocol=17 | dir=in | app=c:\program files\messenger plus! live\msgplus\msg plus\bin\wish.exe | "UDP Query User{0B66798E-9183-4EF5-8115-445D71EB7B26}J:\fscommand\vividas_ep12.exe" = protocol=17 | dir=in | app=j:\fscommand\vividas_ep12.exe | "UDP Query User{210382EC-EA31-4736-AD6C-BB29F66078E1}C:\games\majesty2\majesty 2\majesty2.exe" = protocol=17 | dir=in | app=c:\games\majesty2\majesty 2\majesty2.exe | "UDP Query User{2397ACB8-7699-4254-B4DF-06D206A40AAC}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "UDP Query User{3002B99C-C1CD-4D57-AEF3-DDA7D1F5E1CC}C:\users\nous\desktop\emule0.50a\emule.exe" = protocol=17 | dir=in | app=c:\users\nous\desktop\emule0.50a\emule.exe | "UDP Query User{4247EFD7-FBE6-40C0-95C1-182779EB1410}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe | "UDP Query User{435046FA-4D61-4404-A885-038FAA4B22D6}C:\program files\shareaza\shareaza.exe" = protocol=17 | dir=in | app=c:\program files\shareaza\shareaza.exe | "UDP Query User{5462397C-FC1E-4240-94FB-42FA8825537C}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{7A0CB6E6-9953-48C3-9117-6BE795D069E0}C:\users\nous\desktop\emule\emule.exe" = protocol=17 | dir=in | app=c:\users\nous\desktop\emule\emule.exe | "UDP Query User{8D408AFB-A0FE-47F1-886D-80AC719CE522}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | "UDP Query User{9ECFF6C2-F669-40C9-B1F9-D3AEAFEBF203}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{A5068769-5943-4338-8A18-17AB4051DECB}C:\games\heidi\heidi_release.exe" = protocol=17 | dir=in | app=c:\games\heidi\heidi_release.exe | "UDP Query User{B1AD84DD-25CF-4F96-99D1-62581C6556B9}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe | "UDP Query User{B393D6B7-92F7-489F-A94F-83FB1CD6B911}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{CD0D7AB0-29DB-4B0D-8C37-BF6964159E98}C:\program files\ip privacy\ip privacy.exe" = protocol=17 | dir=in | app=c:\program files\ip privacy\ip privacy.exe | "UDP Query User{E0A84CCE-4B1B-408A-B3C8-19DC9DB041B2}C:\program files\emule\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule\emule.exe | "UDP Query User{F05F0950-F612-4AB0-8C9B-B02BB43D502C}C:\program files\emule0.50a\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule0.50a\emule.exe | "UDP Query User{FB960EE4-9D16-479F-A933-9ACE3BA7144E}E:\easysetupassistant\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5 "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1 "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1BCE2581-B7CA-4BB4-BDFB-D113506AA38B}" = HP Easy Setup - Frontend "{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth "{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}" = Galerie de photos Windows Live "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{230B83A5-7D88-4B95-B71E-F44C0C78B002}" = Windows Live Movie Maker "{25271647-B1F5-4BC5-B931-5B91BC167294}_is1" = Arevan version 1.3 "{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check "{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java 6 Update 21 "{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}" = LUMIX Simple Viewer "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java SE Runtime Environment 6 Update 1 "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE "{352B2D26-26A3-468C-8295-AE2830EE0536}" = Les Chemins de la Lecture "{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0 "{3AFC7779-F2B8-49A4-9689-A2EA86ABCC8A}" = Dora Sakado "{3B160861-7250-451E-B5EE-8B92BF30A710}" = Microsoft Works "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger "{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13 "{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout "{5115C036-C0D5-4E1B-81C9-542CA967478A}" = muvee autoProducer 6.1 "{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable "{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007 "{90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007 "{90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007 "{90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007 "{90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007 "{90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007 "{90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007 "{90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISER_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007 "{90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISER_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-040C-0000-0000000FF1CE}" = Module de compatibilité pour Microsoft Office System 2007 "{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007 "{90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007 "{90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISER_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007 "{90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007 "{90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISER_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90AF040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office PowerPoint Viewer 2003 "{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-007A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback "{9FF9FDF7-F84A-4F99-B4BB-066B6F95F33D}" = Windows Live Contrôle parental "{A08D0E9F-6E0F-43C7-9172-F12078D545FA}" = Lapin Malin Maternelle 1 2007 "{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.0 - Français "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5 "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C8D47273-7A1A-4614-A3D8-263632D8A5ED}" = HP Customer Experience Enhancements "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CD95F661-A5C4-44F5-A6AA-ECDD91C240B2}" = WinZip 11.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CFF24C43-9C46-4044-9C54-A4D98A3A25FB}" = Ma-Config.com "{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack "{D13E2C9A-5E09-41C8-ABCD-C7E67525C26D}" = Voyage au Pays de la Lecture "{DA932D71-E52A-43D5-009E-395A1AEC1474}" = Les Sims™ Histoires de vie "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE "{FE978B11-8733-4CC0-B40A-2F5A4B0B33A5}" = Dora La Cité Perdue "{FECF47C9-E521-420B-8186-70441FE7D69E}" = Lapin Malin Initiation à l'anglais Maternelle "{fef8097e-662d-49b3-aa77-2919db3746d7}" = HP Total Care Advisor "{FF9FA161-78F2-11D8-95ED-000476379056}" = Dora l'exploratrice : Les animaux de la jungle "Ad-Aware" = Ad-Aware "Adibou V.3.00 on C" = Adibou V.3.00 on C "Adobe Acrobat 5.0" = Adobe Acrobat 5.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "Ankh 3 - Battle Of The Gods 1.00" = Ankh 3 - Battle Of The Gods 1.00 "Art of Murder 2/EN/FR-French_is1" = Art of Murder: La Traque du Marionnettiste "Art of Murder 3/EN-English_is1" = Art of Murder: Cards of Destiny "avast!" = avast! Antivirus "Aveyond Gates of Night 1.00" = Aveyond Gates of Night 1.00 "Aveyond Gates of Night_is1" = Aveyond Gates of Night "Aveyond Lord of Twilight_is1" = Aveyond Lord of Twilight "Azureus Vuze" = Azureus Vuze "BFGC" = Big Fish Games Client "BFG-Top Ten Solitaire" = Top Ten Solitaire "Blackwell Unbound 1.00" = Blackwell Unbound 1.00 "Broken Sword - The Sleeping Dragon" = Broken Sword - The Sleeping Dragon "CCleaner" = CCleaner "Columbus Ghost of the Mystery Stone 1.00" = Columbus Ghost of the Mystery Stone 1.00 "Cooking Dash 3 Thrills and Spills Collectors Edition 1.00" = Cooking Dash 3 Thrills and Spills Collectors Edition 1.00 "Creative PD1131" = Creative WebCam NX Pro Driver (1.03.03.0326) "Dancing Craze 1.00" = Dancing Craze 1.00 "ENTERPRISER" = Microsoft Office Enterprise 2007 "Farm Frenzy 3 American Pie_is1" = Farm Frenzy 3 American Pie "Farm Frenzy 3 Ice Age_is1" = Farm Frenzy 3 Ice Age "Fishdom 2 BFG 1.00" = Fishdom 2 BFG 1.00 "Ghost in the Sheet_is1" = Ghost in the Sheet "Grimoire Chronicles 1.00" = Grimoire Chronicles 1.00 "HP Photosmart Essential" = HP Photosmart Essential 2.5 "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "IsoBuster_is1" = IsoBuster 2.7 "Jigsaw365_is1" = Jigsaw365 "Kings Smith 2 1.00" = Kings Smith 2 1.00 "Lapin Malin Maternelle 2 + Atelier de dessin & de musique" = Lapin Malin Maternelle 2 + Atelier de dessin & de musique "Letters from Nowhere 1.00" = Letters from Nowhere 1.00 "Lexmark 2300 Series" = Lexmark 2300 Series "Messenger Plus! Live" = Messenger Plus! Live "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12) "Nightmare Adventures The Witchs Prison (NEW) 1.1" = Nightmare Adventures The Witchs Prison (NEW) 1.1 "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "OfficeTrial" = Version de démonstration de Microsoft Office Home and Student 2007 "OpenAL" = OpenAL "OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator "Paradise Beach 2 Around the World 1.00" = Paradise Beach 2 Around the World 1.00 "PC-Doctor 5 for Windows" = Outils de diagnostic du matériel "PowerISO" = PowerISO "QuickTime" = QuickTime "RarZilla Free Unrar 2.53" = RarZilla Free Unrar 2.53 "Ricochet Xtreme_is1" = Ricochet Xtreme "rrpw32.exe" = Lapin Malin Maternelle 2 "RUNAWAY: A TWIST OF FATE (en)" = RUNAWAY: A TWIST OF FATE (English) "Sinister City 1.00" = Sinister City 1.00 "Strike Ball 2_is1" = Strike Ball 2 "Strike Ball_is1" = Strike Ball "Strimko_is1" = Strimko "Super Granny 5_is1" = Super Granny 5 "Unlocker" = Unlocker 1.9.0 "VLC media player" = VideoLAN VLC media player 0.8.6i "WinLiveSuite_Wave3" = Installation Windows Live "WinRAR archiver" = Archiveur WinRAR "World Mosaics 2_is1" = World Mosaics 2 "World Riddles Animals 1.00" = World Riddles Animals 1.00 "Youda Survivor 1.00" = Youda Survivor 1.00 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "PhotoFiltre" = PhotoFiltre ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 13/08/2010 1:30:18 | Computer Name = sweethome | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Program Files\eMule\temp\Majesty.2.The.Fantasy.Kingdom.Sim.French.iSO-FROGS\Majesty 2.iso failed, 00000026. Error - 30/08/2010 6:00:55 | Computer Name = sweethome | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Program Files\eMule\temp\Majesty.2.The.Fantasy.Kingdom.Sim.French.iSO-FROGS\Majesty 2.iso failed, 00000026. Error - 4/09/2010 14:33:23 | Computer Name = sweethome | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Users\Nous\AppData\Local\Temp\YpEkfjNi.iso.part failed, 0000001E. Error - 4/09/2010 14:33:23 | Computer Name = sweethome | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Users\Nous\Desktop\Elemental.War.of.Magic.iso.part failed, 0000001E. Error - 4/09/2010 14:35:02 | Computer Name = sweethome | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of http://s298.hotfile.com/get/4ce59f0494d74cd5815e1cfdf703f03724841a58/4c829109/192/8f3a2935a0758690/3d76628/Elemental.War.of.Magic.iso failed, 00000084. Error - 12/10/2010 5:50:34 | Computer Name = sweethome | Source = avast! | ID = 33554522 Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of C:\Program Files\eMule\emule\Temp\011.part failed, 00000026. Error - 15/11/2010 17:59:36 | Computer Name = sweethome | Source = avast! | ID = 33554522 Description = Internal error has occurred in module aswar scan function failed!, function 00000002. Error - 15/11/2010 18:44:46 | Computer Name = sweethome | Source = avast! | ID = 33554522 Description = Internal error has occurred in module aswar scan function failed!, function 00000002. Error - 16/11/2010 17:29:41 | Computer Name = sweethome | Source = avast! | ID = 33554522 Description = Error in aswChestC: chestOpenList Error 1753. Error - 16/11/2010 17:29:41 | Computer Name = sweethome | Source = avast! | ID = 33554522 Description = aswChestInterface - Program error description: CChestListView::LoadFiles() chestOpenList() failed: 2147422219. [ Application Events ] Error - 17/11/2010 17:16:19 | Computer Name = sweethome | Source = ESENT | ID = 494 Description = Catalog Database (1572) Catalog Database: La récupération de la base de données a échoué en indiquant l’erreur -1216, car elle a rencontré des références à une base de données, ’C:\Windows\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb’, qui n’est plus présente. Cette dernière n’a pas été amenée à un état d’arrêt correct avant d’être supprimée (ou éventuellement déplacée ou renommée). Le moteur de base de données n’autorisera pas l’achèvement de la récupération pour cette instance aussi longtemps que la base de données manquante n’est pas réactivée. Si la base de données n’est réellement plus disponible et n’est plus nécessaire, des procédures de récupération suite à cette erreur sont proposées dans la Base de connaissances Microsoft ou par le lien « pour plus d’informations » en bas de ce message. Error - 17/11/2010 17:16:19 | Computer Name = sweethome | Source = ESENT | ID = 454 Description = Catalog Database (1572) Catalog Database: La récupération/restauration de la base de données a échoué avec l'erreur inattendue -1216. Error - 17/11/2010 17:16:19 | Computer Name = sweethome | Source = Microsoft-Windows-CAPI2 | ID = 131329 Description = Error - 17/11/2010 17:19:35 | Computer Name = sweethome | Source = EventSystem | ID = 4609 Description = Error - 17/11/2010 18:22:56 | Computer Name = sweethome | Source = EventSystem | ID = 4609 Description = Error - 18/11/2010 13:10:31 | Computer Name = sweethome | Source = EventSystem | ID = 4609 Description = Error - 18/11/2010 13:22:12 | Computer Name = sweethome | Source = EventSystem | ID = 4609 Description = Error - 18/11/2010 13:33:06 | Computer Name = sweethome | Source = EventSystem | ID = 4609 Description = Error - 18/11/2010 13:33:27 | Computer Name = sweethome | Source = EventSystem | ID = 4609 Description = Error - 18/11/2010 13:35:57 | Computer Name = sweethome | Source = System Restore | ID = 8193 Description = [ System Events ] Error - 18/11/2010 13:10:54 | Computer Name = sweethome | Source = Service Control Manager | ID = 7026 Description = Error - 18/11/2010 13:27:06 | Computer Name = sweethome | Source = Microsoft-Windows-GroupPolicy | ID = 1096 Description = Échec du traitement de la stratégie de groupe. Windows n’a pas pu appliquer les paramètres de stratégie basés sur le Registre pour l’objet de stratégie de groupe LocalGPO. Les paramètres de stratégie de groupe ne seront pas corrigés tant que cet événement ne sera pas résolu. Consultez les détails de l’événement pour plus d’informations sur le nom du fichier et le chemin d’accès à l’origine du problème. Error - 18/11/2010 13:29:47 | Computer Name = sweethome | Source = DCOM | ID = 10010 Description = Error - 18/11/2010 13:29:53 | Computer Name = sweethome | Source = DCOM | ID = 10010 Description = Error - 18/11/2010 13:32:56 | Computer Name = sweethome | Source = DCOM | ID = 10005 Description = Error - 18/11/2010 13:33:06 | Computer Name = sweethome | Source = DCOM | ID = 10005 Description = Error - 18/11/2010 13:33:08 | Computer Name = sweethome | Source = DCOM | ID = 10005 Description = Error - 18/11/2010 13:33:27 | Computer Name = sweethome | Source = DCOM | ID = 10005 Description = Error - 18/11/2010 13:33:31 | Computer Name = sweethome | Source = Service Control Manager | ID = 7001 Description = Error - 18/11/2010 13:33:31 | Computer Name = sweethome | Source = Service Control Manager | ID = 7026 Description = < End of report >
  12. gazagelle
    Bonsoir, Voici les rapports demandés, mais impossible d'exécuter les programmes en mode normal, le freeze est immédiat après le démarrage :s rkill: This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Ran as Nous on 18/11/2010 at 18:33:20. Services Stopped: Processes terminated by Rkill or while it was running: C:\Users\Nous\Desktop\rkill.exe C:\Windows\system32\conime.exe Rkill completed on 18/11/2010 at 18:33:22.
  13. gazagelle
    Bon eh bien ce n'est pas ma journée on dirait Security check ne fonctionne pas non plus: voilà 2h que l'écran reste sur "avast! updater"...- Le tiret clignote, mais c'est la seule chose qui bouge depuis exactement 2 heures. C'est grave docteur ? EDIT: Cela va de pire en pire, j'ai du redémarrer le pc suite au problème décrit ci dessus, et l'outil de redémarrage système s'est mis en route avec restauration...Depuis, j'ai avast est désactivé, le centre sécurité windows également, et impossible de réactiver :s ça sent très très mauvais tout ça...help please.
  14. gazagelle
    Bonsoir, Voici le rapport malwarebytes: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 5129 Windows 6.0.6002 Service Pack 2 (Safe Mode) Internet Explorer 8.0.6001.18975 17/11/2010 5:19:02 mbam-log-2010-11-17 (05-19-02).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 344415 Temps écoulé: 3 heure(s), 23 minute(s), 40 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\games\Uninstall.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully. J ai un souci avec combofix par contre, car il redémarre sans me laisser choisir le mode, donc le pc redémarre en mode normal et combofix n arrive pas à créer son rapport (après 1h, il était toujours bloqué. j'ai juste vu qu il supprimait deux fichiers et deux dossiers, mais pas moyen de trouver un log. je lance security check en attendant
  15. gazagelle
    Bonsoir, Après un redémarrage, mon pc s'est mis à geler totalement (même l'horloge ^^)Il démarre correctement mais ça s'arrête là. Tout va très bien par contre en mode sans échec. Voici ce que j'ai déjà fait sans succès: retirer tous les périphériques libérer 100 gigas de mon disque dur qui était surchargé restauration à une semaine auparavant pc doctor scan disk antivirus avast ad aware (traité win32.trojanPWS.bybalom) ccleaner atf cleaner spybot hijackthis et enfin malwarebytes (qui n'a pas encore fini son analyse) Si vous avez une autre idée, ce ne serait pas de refus En attendant un nouvel essai après malwarebytes, voici déjà mon dxdiag et rapport hijackthis (auquel je ne comprends rien) Merci d'avance pour toute aide. ------------------ System Information ------------------ Time of this report: 11/16/2010, 21:11:31 Machine name: SWEETHOME Operating System: Windows Vista™ Édition Familiale Premium (6.0, Build 6002) Service Pack 2 (6002.vistasp2_gdr.100608-0458) Language: French (Regional Setting: French) System Manufacturer: HP-Pavilion System Model: KP233AA-ABF a6422.fr BIOS: BIOS Date: 02/26/08 10:59:48 Ver: 5.21 Processor: Intel® Core2 Duo CPU E4600 @ 2.40GHz (2 CPUs), ~2.4GHz Memory: 3070MB RAM Page File: 307MB used, 6034MB available Windows Dir: C:\Windows DirectX Version: DirectX 11 DX Setup Parameters: Not found DxDiag Version: 7.00.6002.18107 32bit Unicode ------------ DxDiag Notes ------------ Display Tab 1: No problems found. Sound Tab 1: This computer cannot play audio because the Windows Audio service is not enabled. Use the Sounds and Devices Properties control panel to enable audio. Sound Tab 2: This computer cannot play audio because the Windows Audio service is not enabled. Use the Sounds and Devices Properties control panel to enable audio. Sound Tab 3: This computer cannot play audio because the Windows Audio service is not enabled. Use the Sounds and Devices Properties control panel to enable audio. Input Tab: No problems found. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:12:46, on 16/11/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18975) Boot mode: Safe mode with network support Running processes: C:\Windows\Explorer.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\Nous\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Connexion R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Consumer | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP Consumer | MSN R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - Default URLSearchHook is missing O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [sunJavaUpdateReg] "C:\Windows\system32\jureg.exe" O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10k_Plugin.exe -update plugin O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxcg_device - - C:\Windows\system32\lxcgcoms.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- End of file - 6613 bytes
×
×
  • Créer...