Aller au contenu

Dahosdren

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    20

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    Francais, anglais

Dahosdren's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Dahosdren
    SAlut, J'ai désinstallé ExpressGateCloud mais le problème a continué, néanmoins,j'ai après désinstallé Asus Webstorage et le problème semble disparu. Si jamais il réaparait (ce qui veut dire que ce n'étais pas ca), je vous le ferais savoir. En tout cas j'espère de tout coeur que c'est réglé et te dit un grand merci
  2. Dahosdren
    Bonjour, pourrais-tu le dire de quel logiciel il s'agissait ? C'est moi aussi un asus, du coup ton post m'intrigue j'espère être sur la bonne piste ! Merci
  3. Dahosdren
    Bonjour, Voilà j'ai acquis un nouveau pc il y a quelques jours et j'ai malheureusement un problème très embêtant. En effet très souvent quand je me balade dans mon poste de travail ( que ce soit documents, téléchargements, même panneau de configuration et autres), le message d'erreur "explorateur windows a cessé de fonctionner" apparaît et se relance donc après quelques secondes. Cela est extrêmement embêtant car des fois je n'ai même pas accès à un dossier il me le fait à chaque fois. J'ai testé tout ce que j'ai pu trouver sur internet mais là je sèche, je viens donc vous demander votre aide. Merci d'avance, demandez moi ce dont vous avez besoin (Hijack, config, proc, n'importe) PS : je précise avoir déjà effectué un reformatage d'usine avec F9, mais cela n'a rien changer au problème.
  4. Dahosdren
    Merci pour ta réponse mais en effet aucune de tes solutions ne me concerne et, comme je viens de demander de l'aider pour netoyer mon pc il y a 2jours, tout est fait niveau logiciels, virus, defragmentation, etc ... Je ne vois pas d'ou peu venir le problème, et j'espère donc ne pas avoir à reformater.
  5. Dahosdren
    Bonjour, Tout d'abord je m'excuse si mon sujet à déjà été traité mais j'avou ne pas avoir le temps de regarder dans presque un millier de discussions. Alors voilà, je vous explique mon problème : Depuis environ 2/3mois (sans changement d'utilisation du pc) j'ai de très sérieux ralentissements en pleine partie de jeux video (principalement League of Legends et Starcraft II). C'est à dire que, dès qu'il y a plus de données sur l'écran (combats principalement, beaucoup d'unités, de sorts, etc ...) mon ordinateur se met à ramer sévèrement. Pour LoL (où les ips sont affichées) je passe de 60/90 et, dès qu'il y a de l'action, je descends entre 10 et 20 ips, ce qui me fait lagger. Pour ce qui est de Starcraft, le problème est quasiment durant toute la partie, vu qu'il y a beaucoup plus d'unités. Cela est extrèmement dérangeant, et tout à fait sans raison particulière il me semble. J'espère que vous pourrez m'aider rapidement et vous remercie à l'avance. PS : je viens de régler un problème de sécurité ici même donc je pense pouvoir exclure l'option virus. Merci. J'avais oublié de vous donnner des détails sur mon matériel. Je ne sais pas ce qu'il vous faut donc je vais essayer d'être complet (à mon sens de néophyte.) Packard Bell Ipower processeur : Intel Core 2 Duo CPU E8235 2.80Ghz 2.80Ghz RAM : 4.00 G. système : windows 7 64bits carte graphique : Nvidia GeForce GTX 260M
  6. Dahosdren
    Tout est fait tout est bon tout marche bien !! J'espère que mes ralentissements en jeu auront disparus. Merci encore du temps que tu m'a accordé et de la rapidité de tes réponses ! a++
  7. Dahosdren
    voilà le rapport OTL. OTL logfile created on: 28/08/2011 11:32:29 - Run 1 OTL by OldTimer - Version 3.2.26.6 Folder = C:\Users\Dahosdren\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 60,23% Memory free 9,98 Gb Paging File | 8,39 Gb Available in Paging File | 84,07% Paging File free Paging file location(s): c:\pagefile.sys 6135 6135 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 298,09 Gb Total Space | 130,38 Gb Free Space | 43,74% Space Free | Partition Type: NTFS Computer Name: DAHOSDREN-PC | User Name: Dahosdren | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/08/28 11:31:37 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Dahosdren\Desktop\OTL.exe PRC - [2011/08/04 00:49:00 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2011/08/03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/05/21 17:46:13 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011/04/19 08:44:40 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe PRC - [2011/04/19 08:44:40 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe PRC - [2011/04/19 08:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe PRC - [2011/04/04 14:56:00 | 000,556,072 | ---- | M] (ROCCAT GmbH) -- C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe PRC - [2010/11/05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010/11/05 23:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe PRC - [2007/02/12 17:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe ========== Modules (No Company Name) ========== MOD - [2011/08/28 09:06:24 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll MOD - [2011/08/04 00:49:03 | 001,000,920 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\js3250.dll MOD - [2011/05/05 00:32:40 | 003,190,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2011/03/30 00:33:52 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2011/03/30 00:33:48 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll MOD - [2010/11/13 02:54:34 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/11/05 03:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2010/11/05 03:58:10 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2010/11/05 03:58:08 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2010/11/05 03:58:04 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll MOD - [2010/11/05 03:53:26 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll MOD - [2010/06/22 13:50:52 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll MOD - [2009/07/14 17:23:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2009/06/10 23:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011/07/09 15:58:20 | 000,421,376 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\x64\maconfservice.exe -- (maconfservice) SRV:64bit: - [2011/06/30 09:37:30 | 002,528,096 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV:64bit: - [2011/05/26 05:43:26 | 000,161,080 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS) SRV:64bit: - [2010/11/02 13:49:46 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:64bit: - [2010/11/02 13:39:08 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2010/11/02 13:34:14 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009/06/16 08:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Stopped] -- C:\Windows\SysNative\PrintCtrl.exe -- (Printer Control) SRV - [2011/08/03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/05/21 17:46:13 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011/04/19 08:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent) SRV - [2011/04/19 08:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent) SRV - [2011/03/09 16:40:13 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010/11/05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel® SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007/02/12 17:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/07/02 14:33:48 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64) DRV:64bit: - [2011/06/30 09:38:08 | 000,016,016 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd) DRV:64bit: - [2011/05/26 11:29:24 | 000,397,600 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010/11/09 04:16:36 | 008,500,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Pilote de carte de la série Intel® DRV:64bit: - [2010/11/05 23:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/10/13 18:20:45 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2010/09/01 10:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI) DRV:64bit: - [2010/07/01 18:52:18 | 000,051,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) DRV:64bit: - [2010/05/11 12:00:40 | 000,020,968 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz133_x64.sys -- (cpuz133) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009/06/10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009/06/10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009/06/10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Pilote de carte de liaison WiFi sans fil Intel® DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2008/06/12 10:29:30 | 000,051,800 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdx64.sys -- (O2SDRDR) DRV:64bit: - [2008/05/13 13:48:38 | 000,062,424 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdx64.sys -- (O2MDRDR) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 32 9A 1D C2 37 CC 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://google.fr" FF:64bit: - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.622.0\firefox\extensions FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/08/28 10:08:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/08/28 11:01:03 | 000,000,000 | ---D | M] [2010/09/30 18:50:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dahosdren\AppData\Roaming\mozilla\Extensions [2011/08/28 10:11:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dahosdren\AppData\Roaming\mozilla\Firefox\Profiles\6fw35odx.default\extensions [2011/06/18 11:49:33 | 000,000,000 | ---D | M] (Rikaichan) -- C:\Users\Dahosdren\AppData\Roaming\mozilla\Firefox\Profiles\6fw35odx.default\extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82} [2011/06/01 17:55:56 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Dahosdren\AppData\Roaming\mozilla\Firefox\Profiles\6fw35odx.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2011/06/08 15:27:26 | 000,000,000 | ---D | M] (Rikaichan Japanese-French Dictionary File) -- C:\Users\Dahosdren\AppData\Roaming\mozilla\Firefox\Profiles\6fw35odx.default\extensions\rikaichan-jpfr@polarcloud.com [2011/06/20 11:17:28 | 000,000,000 | ---D | M] (Zotero) -- C:\Users\Dahosdren\AppData\Roaming\mozilla\Firefox\Profiles\6fw35odx.default\extensions\zotero@chnm.gmu.edu [2011/08/28 09:53:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/10/22 11:46:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/10/24 12:59:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010/12/21 13:00:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/04/05 02:08:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011/07/05 17:22:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll O1 HOSTS File: ([2011/08/27 17:07:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO) O4 - HKLM..\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe (COMODO) O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [RoccatKone+] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011/08/28 10:24:41 | 000,000,000 | ---D | M] - C:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/08/28 11:31:36 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Dahosdren\Desktop\OTL.exe [2011/08/28 10:35:59 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3 [2011/08/28 10:34:14 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011/08/28 10:34:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011/08/28 10:34:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011/08/28 10:29:03 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler [2011/08/28 10:26:39 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011/08/28 10:24:41 | 000,000,000 | ---D | C] -- C:\autorun.inf [2011/08/28 10:23:26 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX [2011/08/28 10:23:26 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL [2011/08/28 10:23:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster [2011/08/28 10:23:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster [2011/08/28 10:04:22 | 000,000,000 | ---D | C] -- C:\ad4e04bfbd95391f3a7416143151 [2011/08/28 09:54:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2011/08/28 09:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2011/08/28 09:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox [2011/08/28 09:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn [2011/08/28 09:51:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn [2011/08/28 09:49:25 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\AppData\Roaming\BitTorrent [2011/08/28 09:44:24 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\AppData\Local\Secunia PSI [2011/08/28 09:44:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia [2011/08/28 09:06:24 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011/08/27 22:01:09 | 000,000,000 | -H-D | C] -- C:\VritualRoot [2011/08/27 20:45:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO [2011/08/27 20:29:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo [2011/08/27 20:29:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO [2011/08/27 20:29:29 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO [2011/08/27 20:28:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader [2011/08/27 17:59:18 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\Documents\caméra [2011/08/27 17:07:38 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2011/08/27 16:59:18 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011/08/27 10:07:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag [2011/08/27 10:03:11 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2011/08/27 10:01:57 | 006,136,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2011/08/27 10:01:57 | 003,021,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2011/08/27 10:01:57 | 002,560,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2011/08/27 10:01:57 | 000,836,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll [2011/08/27 10:01:57 | 000,335,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhotkey.dll [2011/08/27 10:01:57 | 000,117,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2011/08/27 10:01:57 | 000,061,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2011/08/27 10:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2011/08/27 09:57:39 | 008,355,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2011/08/27 09:57:39 | 006,613,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2011/08/27 09:57:39 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011/08/27 09:57:39 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011/08/27 09:57:38 | 024,692,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2011/08/27 09:57:38 | 022,470,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2011/08/27 09:57:38 | 017,193,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2011/08/27 09:57:38 | 016,595,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2011/08/27 09:57:38 | 015,064,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2011/08/27 09:57:38 | 012,636,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2011/08/27 09:57:38 | 007,254,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2011/08/27 09:57:38 | 005,404,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2011/08/27 09:57:38 | 002,758,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2011/08/27 09:57:38 | 002,532,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2011/08/27 09:57:38 | 002,412,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2011/08/27 09:57:38 | 002,391,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2011/08/27 09:57:38 | 002,222,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2011/08/27 09:57:38 | 002,090,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2011/08/27 09:57:38 | 001,519,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll [2011/08/27 09:57:38 | 001,453,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll [2011/08/18 02:19:30 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\Documents\Dust [2011/08/18 02:09:59 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\AppData\Local\Ubisoft Game Launcher [2011/08/18 02:08:08 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2011/08/18 02:08:08 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2011/08/18 02:08:08 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2011/08/18 02:08:08 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2011/08/18 02:08:07 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2011/08/18 02:08:07 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2011/08/18 02:08:07 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2011/08/18 02:08:07 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2011/08/18 02:08:07 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2011/08/18 02:08:07 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2011/08/18 02:08:07 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2011/08/18 02:08:07 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2011/08/18 02:08:07 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2011/08/18 02:08:07 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2011/08/18 02:08:07 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2011/08/18 02:08:07 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2011/08/15 11:59:09 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2011/08/14 20:30:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE [2011/08/14 20:25:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts [2011/08/14 16:08:26 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\AppData\Roaming\GOA [2011/08/14 16:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\GOA [2011/08/14 16:05:47 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Folk of Faery [2011/08/14 16:05:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Little Folk of Faery [2011/08/14 15:58:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Big Fish Games [2011/08/12 12:35:57 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\AppData\Roaming\Skype [2011/08/12 12:35:51 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2011/08/12 12:35:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011/08/12 12:35:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2011/08/10 15:04:38 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll [2011/08/10 15:04:33 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll [2011/08/10 15:04:33 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll [2011/08/10 15:04:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll [2011/08/10 15:04:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll [2011/08/10 15:04:33 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll [2011/08/10 15:04:33 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll [2011/08/10 15:04:33 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll [2011/08/10 15:04:33 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll [2011/08/10 15:04:33 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll [2011/08/10 15:04:28 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2011/08/10 15:04:28 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2011/08/10 15:04:28 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2011/08/10 15:04:28 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2011/08/10 15:04:28 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2011/08/10 15:04:28 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2011/08/10 15:04:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2011/08/10 15:04:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2011/08/10 15:04:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2011/08/10 15:04:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2011/08/10 15:04:27 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2011/08/10 15:04:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2011/08/10 15:04:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2011/08/10 15:04:27 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2011/08/10 15:04:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2011/08/10 15:04:26 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2011/08/10 15:04:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2011/08/10 15:04:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2011/08/10 15:04:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2011/08/10 15:04:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2011/08/10 15:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2011/08/10 15:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2011/08/10 15:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2011/08/10 15:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2011/08/10 15:04:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2011/08/10 15:04:07 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011/08/10 15:04:06 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/08/10 15:04:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/08/10 15:04:06 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011/08/10 15:04:06 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011/08/10 15:04:06 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/08/10 15:04:06 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/08/10 15:04:00 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2011/08/10 15:03:59 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2011/08/10 15:03:59 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2011/08/03 15:12:18 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\AppData\Local\Ascaron Entertainment [2011/08/03 15:10:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2011/08/03 14:40:18 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2011/08/03 14:40:18 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2011/08/03 14:40:15 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2011/08/03 14:38:17 | 000,419,840 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2011/08/03 14:38:17 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2011/08/03 14:38:17 | 000,133,632 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2011/08/03 14:38:16 | 000,110,592 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2011/08/03 14:37:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver [2011/08/03 14:26:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deep Silver [2011/08/02 18:36:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com ========== Files - Modified Within 30 Days ========== [2011/08/28 11:31:37 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Dahosdren\Desktop\OTL.exe [2011/08/28 11:28:18 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat [2011/08/28 11:17:49 | 001,685,044 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/08/28 11:17:49 | 000,745,518 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/08/28 11:17:49 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/08/28 11:17:49 | 000,149,004 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/08/28 11:17:49 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/08/28 11:14:31 | 001,627,720 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/08/28 10:24:15 | 000,388,227 | ---- | M] () -- C:\MKV.exe [2011/08/28 10:16:03 | 000,023,056 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/08/28 10:16:03 | 000,023,056 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/08/28 10:08:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/08/28 10:08:17 | 3217,244,160 | -HS- | M] () -- C:\hiberfil.sys [2011/08/28 09:44:20 | 000,001,110 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2011/08/28 09:06:24 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011/08/27 20:50:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/08/27 20:29:29 | 000,001,069 | ---- | M] () -- C:\Users\Dahosdren\Application Data\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk [2011/08/27 17:07:31 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011/08/27 10:12:46 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2011/08/23 13:37:00 | 000,841,416 | ---- | M] () -- C:\Users\Dahosdren\AppData\Local\census.cache [2011/08/23 13:36:51 | 000,102,603 | ---- | M] () -- C:\Users\Dahosdren\AppData\Local\ars.cache [2011/08/21 12:10:26 | 005,601,781 | ---- | M] () -- C:\Users\Dahosdren\Documents\faune_australie.pdf [2011/08/20 10:02:18 | 000,219,248 | ---- | M] () -- C:\Users\Dahosdren\Documents\Chaton Thomas 2.jpg [2011/08/20 10:02:15 | 000,178,873 | ---- | M] () -- C:\Users\Dahosdren\Documents\Chaton Thomas 3.jpg [2011/08/15 21:40:59 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011/08/15 21:40:59 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011/08/15 19:15:40 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2011/08/15 11:59:09 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2011/08/12 10:42:01 | 000,100,700 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat [2011/08/11 03:06:57 | 000,000,118 | ---- | M] () -- C:\Windows\SysNative\MRT.INI [2011/08/03 14:42:36 | 000,291,440 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/08/03 14:38:17 | 000,419,840 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2011/08/03 14:38:17 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2011/08/03 14:38:17 | 000,133,632 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2011/08/03 14:38:16 | 000,110,592 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2011/08/03 13:50:00 | 024,692,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2011/08/03 13:50:00 | 022,470,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2011/08/03 13:50:00 | 017,193,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2011/08/03 13:50:00 | 016,595,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2011/08/03 13:50:00 | 015,064,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2011/08/03 13:50:00 | 012,636,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2011/08/03 13:50:00 | 008,355,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2011/08/03 13:50:00 | 007,254,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2011/08/03 13:50:00 | 006,613,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2011/08/03 13:50:00 | 006,136,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2011/08/03 13:50:00 | 005,404,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2011/08/03 13:50:00 | 003,021,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2011/08/03 13:50:00 | 002,758,760 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2011/08/03 13:50:00 | 002,560,616 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2011/08/03 13:50:00 | 002,532,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2011/08/03 13:50:00 | 002,412,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2011/08/03 13:50:00 | 002,391,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2011/08/03 13:50:00 | 002,222,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2011/08/03 13:50:00 | 002,090,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2011/08/03 13:50:00 | 001,519,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll [2011/08/03 13:50:00 | 001,453,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll [2011/08/03 13:50:00 | 000,836,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll [2011/08/03 13:50:00 | 000,335,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhotkey.dll [2011/08/03 13:50:00 | 000,117,864 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2011/08/03 13:50:00 | 000,067,176 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011/08/03 13:50:00 | 000,061,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2011/08/03 13:50:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011/08/03 13:50:00 | 000,007,383 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb ========== Files Created - No Company Name ========== [2011/08/28 10:24:15 | 000,388,227 | ---- | C] () -- C:\MKV.exe [2011/08/28 09:54:59 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011/08/28 09:51:17 | 000,001,805 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk [2011/08/28 09:44:20 | 000,001,110 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2011/08/28 09:44:20 | 000,001,073 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk [2011/08/28 09:08:07 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011/08/27 20:50:04 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/08/27 20:30:54 | 001,474,832 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat [2011/08/27 20:29:29 | 000,001,069 | ---- | C] () -- C:\Users\Dahosdren\Application Data\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk [2011/08/27 10:12:46 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin [2011/08/27 09:57:38 | 000,007,383 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2011/08/23 13:37:00 | 000,841,416 | ---- | C] () -- C:\Users\Dahosdren\AppData\Local\census.cache [2011/08/23 13:36:51 | 000,102,603 | ---- | C] () -- C:\Users\Dahosdren\AppData\Local\ars.cache [2011/08/21 12:10:26 | 005,601,781 | ---- | C] () -- C:\Users\Dahosdren\Documents\faune_australie.pdf [2011/08/20 10:02:15 | 000,219,248 | ---- | C] () -- C:\Users\Dahosdren\Documents\Chaton Thomas 2.jpg [2011/08/20 10:02:12 | 000,178,873 | ---- | C] () -- C:\Users\Dahosdren\Documents\Chaton Thomas 3.jpg [2011/08/14 20:29:40 | 001,627,720 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/08/14 15:58:11 | 000,001,248 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk [2011/08/03 22:58:37 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk [2011/07/14 08:09:34 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin [2011/07/13 18:43:18 | 000,100,700 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011/07/11 22:48:35 | 662,794,240 | ---- | C] () -- C:\Program Files (x86)\heroes 4 cd 1.iso [2011/07/11 22:48:27 | 189,761,536 | ---- | C] () -- C:\Program Files (x86)\heroes 4 cd 2.iso [2011/07/01 10:34:24 | 000,128,512 | ---- | C] () -- C:\Windows\RegBootClean64.exe [2011/07/01 10:26:53 | 000,000,036 | ---- | C] () -- C:\Users\Dahosdren\AppData\Local\housecall.guid.cache [2011/06/24 08:52:28 | 000,000,392 | ---- | C] () -- C:\Windows\SysWow64\mail.dat [2011/06/24 08:52:26 | 000,000,260 | ---- | C] () -- C:\Windows\SysWow64\mess.dat [2011/05/21 17:46:34 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011/05/21 17:46:13 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/05/21 17:22:29 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini [2011/03/17 01:02:22 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2011/02/14 21:20:40 | 2781,708,288 | ---- | C] () -- C:\Program Files (x86)\CC3Kane.iso [2011/02/14 20:58:44 | 3947,679,743 | ---- | C] () -- C:\Program Files (x86)\flt-cnc3.iso [2010/11/04 21:29:33 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll [2010/10/15 18:03:28 | 000,000,017 | ---- | C] () -- C:\Users\Dahosdren\AppData\Local\resmon.resmoncfg [2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2008/01/19 17:11:08 | 000,164,352 | R--- | C] () -- C:\Windows\SysWow64\Unrar.dll < End of report >
  8. Dahosdren
    Merci beaucoup pour ton aide précieuse, ça fait plaisir d'avoir affaire à quelqu'un de sympa et compétent. Je clos mon sujet en espérant ne pas avoir à revenir Merci encore et bonne continuation !
  9. Dahosdren
    La première étape n'a supprimé que OTL, si c'est normal alors pas de problèmes
  10. Dahosdren
    Et voilà le rapport demandé, mon ordi à l'air d'aller bien All processes killed ========== OTL ========== Prefs.js: ClickPotatoLite@ClickPotatoLite.com:10.0.622.0 removed from extensions.enabledItems Prefs.js: zotero@chnm.gmu.edu:2.1.5 removed from extensions.enabledItems Prefs.js: "http://search.sweetim.com/search.asp?src=2&q=" removed from keyword.URL Prefs.js: "" removed from sweetim.toolbar.previous.keyword.URL 64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.622.0\firefox\extensions not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\BitTorrent not found. ========== FILES ========== < ipconfig /flushdns /c > Configuration IP de Windows Cache de r‚solution DNS vid‚. C:\Users\Dahosdren\Desktop\cmd.bat deleted successfully. C:\Users\Dahosdren\Desktop\cmd.txt deleted successfully. File\Folder C:\WINDOWS\tasks\*.job not found. File\Folder C:\*.sqm not found. File\Folder C:\WINDOWS\System32\*.tmp not found. C:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP folder moved successfully. C:\WINDOWS\B83FC356B7C0441F8A4DD71E088E7974.TMP folder moved successfully. File\Folder c:\windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP not found. File\Folder C:\Program Files (x86)\ClickPotatoLite not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Dahosdren ->Temp folder emptied: 2429062 bytes ->Temporary Internet Files folder emptied: 26175675 bytes ->Java cache emptied: 795862 bytes ->FireFox cache emptied: 347808709 bytes ->Flash cache emptied: 100545 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes User: UpdatusUser ->Temp folder emptied: 0 bytes User: UpdatusUser.Dahosdren-PC ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 852 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 442501 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 360,00 mb [EMPTYFLASH] User: All Users User: Dahosdren ->Flash cache emptied: 0 bytes User: Default User: Default User User: Public User: UpdatusUser User: UpdatusUser.Dahosdren-PC Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.26.6 log created on 08282011_085309 Files\Folders moved on Reboot... C:\Users\Dahosdren\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot... Néanmoins j'ai 2 dossiers système "desktop.ini" sur mon bureau. Puis-je les déplacer ou non ? Merci Et je viens de trouver ces 2 mêmes fichiers dans mes images, peut-être sont-ils encore ailleurs. Que puis-je en faire?
  11. Dahosdren
    1er rapport OTL OTL logfile created on: 27/08/2011 20:48:10 - Run 1 OTL by OldTimer - Version 3.2.26.6 Folder = C:\Users\Dahosdren\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,84 Gb Available Physical Memory | 71,00% Memory free 9,98 Gb Paging File | 8,78 Gb Available in Paging File | 87,98% Paging File free Paging file location(s): c:\pagefile.sys 6135 6135 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 298,09 Gb Total Space | 84,90 Gb Free Space | 28,48% Space Free | Partition Type: NTFS Drive F: | 931,51 Gb Total Space | 518,91 Gb Free Space | 55,71% Space Free | Partition Type: NTFS Computer Name: DAHOSDREN-PC | User Name: Dahosdren | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011/08/27 20:26:16 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Dahosdren\Desktop\OTL.exe PRC - [2011/08/03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011/05/21 17:46:13 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011/04/04 14:56:00 | 000,556,072 | ---- | M] (ROCCAT GmbH) -- C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe PRC - [2010/11/05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010/11/05 23:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe PRC - [2007/02/12 17:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe ========== Modules (No Company Name) ========== MOD - [2011/08/11 03:34:33 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3dd77b6d66cda1f160a7adbe7c0e01af\IAStorUtil.ni.dll MOD - [2011/08/11 03:29:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3e3b399b69c569ab1ed3b0ace2c8c20\System.Runtime.Remoting.ni.dll MOD - [2011/08/11 03:28:40 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll MOD - [2011/08/11 03:28:34 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll MOD - [2011/08/11 03:28:24 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6124dbbfd45927c4a6226d6e6bca6253\WindowsBase.ni.dll MOD - [2011/08/11 03:28:20 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll MOD - [2011/08/11 03:28:17 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll MOD - [2011/08/11 03:28:16 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll MOD - [2011/08/11 03:18:03 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\4655321f01d2564f3c7acda08636ecc6\IAStorCommon.ni.dll MOD - [2011/08/11 03:17:25 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll MOD - [2010/11/13 02:54:34 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/06/22 13:50:52 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll MOD - [2009/07/14 17:23:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.resources.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011/07/09 15:58:20 | 000,421,376 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\x64\maconfservice.exe -- (maconfservice) SRV:64bit: - [2011/06/30 09:37:30 | 002,528,096 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV:64bit: - [2011/05/26 05:43:26 | 000,161,080 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS) SRV:64bit: - [2010/11/02 13:49:46 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV:64bit: - [2010/11/02 13:39:08 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2010/11/02 13:34:14 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009/06/16 08:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Stopped] -- C:\Windows\SysNative\PrintCtrl.exe -- (Printer Control) SRV - [2011/08/03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011/05/21 17:46:13 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011/03/09 16:40:13 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010/11/05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel® SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007/02/12 17:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/07/02 14:33:48 | 000,016,640 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64) DRV:64bit: - [2011/06/30 09:38:08 | 000,016,016 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd) DRV:64bit: - [2011/05/26 11:29:24 | 000,397,600 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010/11/09 04:16:36 | 008,500,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Pilote de carte de la série Intel® DRV:64bit: - [2010/11/05 23:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010/10/13 18:20:45 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2010/07/01 18:52:18 | 000,051,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) DRV:64bit: - [2010/05/11 12:00:40 | 000,020,968 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz133_x64.sys -- (cpuz133) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009/06/10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009/06/10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009/06/10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Pilote de carte de liaison WiFi sans fil Intel® DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2008/06/12 10:29:30 | 000,051,800 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdx64.sys -- (O2SDRDR) DRV:64bit: - [2008/05/13 13:48:38 | 000,062,424 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdx64.sys -- (O2MDRDR) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 32 9A 1D C2 37 CC 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://google.fr" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: ClickPotatoLite@ClickPotatoLite.com:10.0.622.0 FF - prefs.js..extensions.enabledItems: zotero@chnm.gmu.edu:2.1.5 FF - prefs.js..extensions.enabledItems: rikaichan-jpfr@polarcloud.com:2.01.110409 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q=" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "" FF:64bit: - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@ma-config.com/HardwareDetection: C:\Program Files\ma-config.com\nphardwaredetection.dll (Cybelsoft) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Program Files (x86)\ClickPotatoLite\bin\10.0.622.0\firefox\extensions FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/08/19 17:39:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/08/27 16:54:56 | 000,000,000 | ---D | M] [2010/09/30 18:50:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dahosdren\AppData\Roaming\mozilla\Extensions [2011/08/27 16:55:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dahosdren\AppData\Roaming\mozilla\Firefox\Profiles\6fw35odx.default\extensions [2011/06/18 11:49:33 | 000,000,000 | ---D | M] (Rikaichan) -- C:\Users\Dahosdren\AppData\Roaming\mozilla\Firefox\Profiles\6fw35odx.default\extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82} [2011/06/01 17:55:56 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Dahosdren\AppData\Roaming\mozilla\Firefox\Profiles\6fw35odx.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2011/06/08 15:27:26 | 000,000,000 | ---D | M] (Rikaichan Japanese-French Dictionary File) -- C:\Users\Dahosdren\AppData\Roaming\mozilla\Firefox\Profiles\6fw35odx.default\extensions\rikaichan-jpfr@polarcloud.com [2011/06/20 11:17:28 | 000,000,000 | ---D | M] (Zotero) -- C:\Users\Dahosdren\AppData\Roaming\mozilla\Firefox\Profiles\6fw35odx.default\extensions\zotero@chnm.gmu.edu [2011/07/05 17:22:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010/10/22 11:46:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/10/24 12:59:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010/12/21 13:00:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/04/05 02:08:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011/07/05 17:22:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} () (No name found) -- C:\USERS\DAHOSDREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FW35ODX.DEFAULT\EXTENSIONS\{125AA783-EF4F-4515-A804-AA67116FDB43}.XPI () (No name found) -- C:\USERS\DAHOSDREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6FW35ODX.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI [2011/08/19 17:39:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010/07/12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml [2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml [2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml [2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2011/08/27 17:07:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4 - HKLM..\Run: [COMODO] C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO) O4 - HKLM..\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe (COMODO) O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [RoccatKone+] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010/04/30 23:34:21 | 000,000,000 | RH-D | M] - F:\autorun -- [ NTFS ] O32 - Unable to obtain root file information for disk F:\ O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation) Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com) CREATERESTOREPOINT Restore point Set: OTL Restore Point PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin ========== Files/Folders - Created Within 30 Days ========== [2011/08/27 20:45:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO [2011/08/27 20:29:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo [2011/08/27 20:29:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO [2011/08/27 20:29:29 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO [2011/08/27 20:28:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo Downloader [2011/08/27 20:26:13 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Dahosdren\Desktop\OTL.exe [2011/08/27 17:59:18 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\Documents\caméra [2011/08/27 17:07:38 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2011/08/27 16:59:23 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011/08/27 16:59:23 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011/08/27 16:59:23 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011/08/27 16:59:18 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011/08/27 16:59:15 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/08/27 10:07:40 | 000,000,000 | ---D | C] -- C:\ZHP [2011/08/27 10:07:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP [2011/08/27 10:07:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZHPDiag [2011/08/27 10:03:11 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2011/08/27 10:01:57 | 006,136,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2011/08/27 10:01:57 | 003,021,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2011/08/27 10:01:57 | 002,560,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2011/08/27 10:01:57 | 000,836,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll [2011/08/27 10:01:57 | 000,335,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhotkey.dll [2011/08/27 10:01:57 | 000,117,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2011/08/27 10:01:57 | 000,061,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2011/08/27 10:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2011/08/27 09:57:39 | 008,355,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2011/08/27 09:57:39 | 006,613,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2011/08/27 09:57:39 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011/08/27 09:57:39 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011/08/27 09:57:38 | 024,692,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2011/08/27 09:57:38 | 022,470,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2011/08/27 09:57:38 | 017,193,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2011/08/27 09:57:38 | 016,595,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2011/08/27 09:57:38 | 015,064,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2011/08/27 09:57:38 | 012,636,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2011/08/27 09:57:38 | 007,254,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2011/08/27 09:57:38 | 005,404,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2011/08/27 09:57:38 | 002,758,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2011/08/27 09:57:38 | 002,532,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2011/08/27 09:57:38 | 002,412,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2011/08/27 09:57:38 | 002,391,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2011/08/27 09:57:38 | 002,222,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2011/08/27 09:57:38 | 002,090,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2011/08/27 09:57:38 | 001,519,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll [2011/08/27 09:57:38 | 001,453,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll [2011/08/19 19:19:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FinalWire [2011/08/18 02:19:30 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\Documents\Dust [2011/08/18 02:09:59 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\AppData\Local\Ubisoft Game Launcher [2011/08/18 02:08:08 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2011/08/18 02:08:08 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2011/08/18 02:08:08 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2011/08/18 02:08:08 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2011/08/18 02:08:07 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2011/08/18 02:08:07 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2011/08/18 02:08:07 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2011/08/18 02:08:07 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2011/08/18 02:08:07 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2011/08/18 02:08:07 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2011/08/18 02:08:07 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2011/08/18 02:08:07 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2011/08/18 02:08:07 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2011/08/18 02:08:07 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2011/08/18 02:08:07 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2011/08/18 02:08:07 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2011/08/15 12:07:26 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\Documents\Mes Créations [2011/08/15 12:07:18 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\AppData\Roaming\SPORE [2011/08/15 11:59:09 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2011/08/14 20:32:58 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\Documents\Electronic Arts [2011/08/14 20:30:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE [2011/08/14 20:25:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts [2011/08/14 16:08:26 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\AppData\Roaming\GOA [2011/08/14 16:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\GOA [2011/08/14 16:05:47 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Little Folk of Faery [2011/08/14 16:05:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Little Folk of Faery [2011/08/14 16:05:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Little Folk of Faery [2011/08/14 15:58:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Big Fish Games [2011/08/14 15:58:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bfgclient [2011/08/14 15:56:15 | 000,000,000 | ---D | C] -- C:\BigFishGamesCache [2011/08/12 12:35:57 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\AppData\Roaming\Skype [2011/08/12 12:35:51 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2011/08/12 12:35:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011/08/12 12:35:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2011/08/10 15:04:38 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll [2011/08/10 15:04:33 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll [2011/08/10 15:04:33 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll [2011/08/10 15:04:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll [2011/08/10 15:04:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll [2011/08/10 15:04:33 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll [2011/08/10 15:04:33 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll [2011/08/10 15:04:33 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll [2011/08/10 15:04:33 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll [2011/08/10 15:04:33 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll [2011/08/10 15:04:28 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2011/08/10 15:04:28 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2011/08/10 15:04:28 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2011/08/10 15:04:28 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2011/08/10 15:04:28 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2011/08/10 15:04:28 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2011/08/10 15:04:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2011/08/10 15:04:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2011/08/10 15:04:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2011/08/10 15:04:28 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2011/08/10 15:04:27 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2011/08/10 15:04:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2011/08/10 15:04:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2011/08/10 15:04:27 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2011/08/10 15:04:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2011/08/10 15:04:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2011/08/10 15:04:27 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2011/08/10 15:04:26 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2011/08/10 15:04:26 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2011/08/10 15:04:26 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2011/08/10 15:04:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2011/08/10 15:04:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2011/08/10 15:04:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2011/08/10 15:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2011/08/10 15:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2011/08/10 15:04:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2011/08/10 15:04:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2011/08/10 15:04:07 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011/08/10 15:04:06 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/08/10 15:04:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/08/10 15:04:06 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011/08/10 15:04:06 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011/08/10 15:04:06 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/08/10 15:04:06 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/08/10 15:04:00 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2011/08/10 15:03:59 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2011/08/10 15:03:59 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2011/08/03 22:58:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2011/08/03 22:58:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2011/08/03 15:12:18 | 000,000,000 | ---D | C] -- C:\Users\Dahosdren\AppData\Local\Ascaron Entertainment [2011/08/03 15:10:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2011/08/03 14:40:18 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2011/08/03 14:40:18 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2011/08/03 14:40:15 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2011/08/03 14:38:17 | 000,419,840 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2011/08/03 14:38:17 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2011/08/03 14:38:17 | 000,133,632 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2011/08/03 14:38:16 | 000,110,592 | ---- | C] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2011/08/03 14:37:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver [2011/08/03 14:26:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deep Silver [2011/08/02 18:36:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/08/27 20:53:50 | 000,387,392 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat [2011/08/27 20:51:59 | 000,023,056 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/08/27 20:51:59 | 000,023,056 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/08/27 20:50:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/08/27 20:44:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/08/27 20:43:53 | 3217,244,160 | -HS- | M] () -- C:\hiberfil.sys [2011/08/27 20:43:00 | 001,649,174 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/08/27 20:43:00 | 000,741,092 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat [2011/08/27 20:43:00 | 000,648,164 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/08/27 20:43:00 | 000,146,870 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat [2011/08/27 20:43:00 | 000,119,294 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/08/27 20:29:29 | 000,001,069 | ---- | M] () -- C:\Users\Dahosdren\Application Data\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk [2011/08/27 20:26:16 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Dahosdren\Desktop\OTL.exe [2011/08/27 17:07:31 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011/08/27 10:12:46 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2011/08/23 13:37:00 | 000,841,416 | ---- | M] () -- C:\Users\Dahosdren\AppData\Local\census.cache [2011/08/23 13:36:51 | 000,102,603 | ---- | M] () -- C:\Users\Dahosdren\AppData\Local\ars.cache [2011/08/21 12:10:26 | 005,601,781 | ---- | M] () -- C:\Users\Dahosdren\Documents\faune_australie.pdf [2011/08/20 10:02:18 | 000,219,248 | ---- | M] () -- C:\Users\Dahosdren\Documents\Chaton Thomas 2.jpg [2011/08/20 10:02:15 | 000,178,873 | ---- | M] () -- C:\Users\Dahosdren\Documents\Chaton Thomas 3.jpg [2011/08/16 01:02:06 | 001,627,720 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/08/15 21:40:59 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011/08/15 21:40:59 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011/08/15 19:15:40 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2011/08/15 11:59:09 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2011/08/12 10:42:01 | 000,100,700 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat [2011/08/11 03:06:57 | 000,000,118 | ---- | M] () -- C:\Windows\SysNative\MRT.INI [2011/08/03 14:42:36 | 000,291,440 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/08/03 14:38:17 | 000,419,840 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll [2011/08/03 14:38:17 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2011/08/03 14:38:17 | 000,133,632 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll [2011/08/03 14:38:16 | 000,110,592 | ---- | M] (Portions © Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll [2011/08/03 13:50:00 | 024,692,840 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2011/08/03 13:50:00 | 022,470,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2011/08/03 13:50:00 | 017,193,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2011/08/03 13:50:00 | 016,595,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2011/08/03 13:50:00 | 015,064,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2011/08/03 13:50:00 | 012,636,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2011/08/03 13:50:00 | 008,355,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2011/08/03 13:50:00 | 007,254,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2011/08/03 13:50:00 | 006,613,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2011/08/03 13:50:00 | 006,136,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll [2011/08/03 13:50:00 | 005,404,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2011/08/03 13:50:00 | 003,021,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll [2011/08/03 13:50:00 | 002,758,760 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2011/08/03 13:50:00 | 002,560,616 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll [2011/08/03 13:50:00 | 002,532,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2011/08/03 13:50:00 | 002,412,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2011/08/03 13:50:00 | 002,391,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2011/08/03 13:50:00 | 002,222,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2011/08/03 13:50:00 | 002,090,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2011/08/03 13:50:00 | 001,519,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll [2011/08/03 13:50:00 | 001,453,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll [2011/08/03 13:50:00 | 000,836,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll [2011/08/03 13:50:00 | 000,335,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhotkey.dll [2011/08/03 13:50:00 | 000,117,864 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll [2011/08/03 13:50:00 | 000,067,176 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011/08/03 13:50:00 | 000,061,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll [2011/08/03 13:50:00 | 000,057,960 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011/08/03 13:50:00 | 000,007,383 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/08/27 20:50:04 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/08/27 20:30:54 | 000,045,297 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat [2011/08/27 20:29:29 | 000,001,069 | ---- | C] () -- C:\Users\Dahosdren\Application Data\Microsoft\Internet Explorer\Quick Launch\COMODO GeekBuddy.lnk [2011/08/27 16:59:23 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2011/08/27 16:59:23 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2011/08/27 16:59:23 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011/08/27 16:59:23 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011/08/27 16:59:23 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011/08/27 10:12:46 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin [2011/08/27 09:57:38 | 000,007,383 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2011/08/23 13:37:00 | 000,841,416 | ---- | C] () -- C:\Users\Dahosdren\AppData\Local\census.cache [2011/08/23 13:36:51 | 000,102,603 | ---- | C] () -- C:\Users\Dahosdren\AppData\Local\ars.cache [2011/08/21 12:10:26 | 005,601,781 | ---- | C] () -- C:\Users\Dahosdren\Documents\faune_australie.pdf [2011/08/20 10:02:15 | 000,219,248 | ---- | C] () -- C:\Users\Dahosdren\Documents\Chaton Thomas 2.jpg [2011/08/20 10:02:12 | 000,178,873 | ---- | C] () -- C:\Users\Dahosdren\Documents\Chaton Thomas 3.jpg [2011/08/14 20:29:40 | 001,627,720 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/08/14 15:58:11 | 000,001,248 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk [2011/08/03 22:58:37 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk [2011/07/14 08:09:34 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin [2011/07/13 18:43:18 | 000,100,700 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011/07/11 22:48:35 | 662,794,240 | ---- | C] () -- C:\Program Files (x86)\heroes 4 cd 1.iso [2011/07/11 22:48:27 | 189,761,536 | ---- | C] () -- C:\Program Files (x86)\heroes 4 cd 2.iso [2011/07/01 10:34:24 | 000,128,512 | ---- | C] () -- C:\Windows\RegBootClean64.exe [2011/07/01 10:26:53 | 000,000,036 | ---- | C] () -- C:\Users\Dahosdren\AppData\Local\housecall.guid.cache [2011/06/24 08:52:28 | 000,000,392 | ---- | C] () -- C:\Windows\SysWow64\mail.dat [2011/06/24 08:52:26 | 000,000,260 | ---- | C] () -- C:\Windows\SysWow64\mess.dat [2011/05/21 17:46:34 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011/05/21 17:46:13 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011/05/21 17:22:29 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini [2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011/03/17 01:02:22 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI [2011/02/14 21:20:40 | 2781,708,288 | ---- | C] () -- C:\Program Files (x86)\CC3Kane.iso [2011/02/14 20:58:44 | 3947,679,743 | ---- | C] () -- C:\Program Files (x86)\flt-cnc3.iso [2010/11/04 21:29:33 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll [2010/10/19 01:30:21 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\psfind.dll [2010/10/17 23:17:04 | 000,039,271 | ---- | C] () -- C:\Windows\DIIUnin.dat [2010/10/15 18:03:28 | 000,000,017 | ---- | C] () -- C:\Users\Dahosdren\AppData\Local\resmon.resmoncfg [2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2008/01/19 17:11:08 | 000,164,352 | R--- | C] () -- C:\Windows\SysWow64\Unrar.dll ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat [2010/09/26 12:16:43 | 000,000,212 | -H-- | M] () -- C:\Boot.BAK [2010/09/30 05:48:58 | 000,000,356 | RHS- | M] () -- C:\Boot.ini.saved [2008/04/14 14:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin [2010/11/20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr [2010/09/30 16:39:27 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2009/06/10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt [2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt [2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt [2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt [2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini [2011/08/27 20:43:53 | 3217,244,160 | -HS- | M] () -- C:\hiberfil.sys [2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini [2007/11/07 08:44:20 | 000,075,280 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll [2007/11/07 08:44:20 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll [2007/11/07 08:44:20 | 000,090,128 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll [2007/11/07 08:44:20 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll [2007/11/07 08:44:20 | 000,094,224 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll [2007/11/07 08:44:20 | 000,080,400 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll [2007/11/07 08:44:20 | 000,078,864 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll [2007/11/07 08:44:20 | 000,074,768 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll [2007/11/07 08:44:20 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll [2008/07/16 17:38:11 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2008/07/16 17:38:11 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008/04/14 14:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008/04/14 14:00:00 | 000,252,240 | RHS- | M] () -- C:\ntldr [2011/08/27 20:43:58 | 2138,046,463 | -HS- | M] () -- C:\pagefile.sys [2011/08/27 10:12:46 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2011/08/27 20:50:04 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2008/07/22 21:21:27 | 000,000,123 | -H-- | M] () -- C:\SWSTAMP.TXT [2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp [2007/11/07 08:50:40 | 001,927,956 | ---- | M] () -- C:\VC_RED.cab [2007/11/07 08:53:12 | 000,242,176 | ---- | M] () -- C:\VC_RED.MSI < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\drivers\*.sys /90 > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < End of report > _____________________________________________________________________________________________________________________________________________ 2ème rapport : Extras : OTL Extras logfile created on: 27/08/2011 20:48:10 - Run 1 OTL by OldTimer - Version 3.2.26.6 Folder = C:\Users\Dahosdren\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,84 Gb Available Physical Memory | 71,00% Memory free 9,98 Gb Paging File | 8,78 Gb Available in Paging File | 87,98% Paging File free Paging file location(s): c:\pagefile.sys 6135 6135 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 298,09 Gb Total Space | 84,90 Gb Free Space | 28,48% Space Free | Partition Type: NTFS Drive F: | 931,51 Gb Total Space | 518,91 Gb Free Space | 55,71% Space Free | Partition Type: NTFS Computer Name: DAHOSDREN-PC | User Name: Dahosdren | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Users\DAHOSD~1\AppData\Local\Temp\oCwR24UZVt.exe" = C:\Users\DAHOSD~1\AppData\Local\Temp\oCwR24UZVt.exe:*:Enabled:Windows Messanger "C:\Users\DAHOSD~1\AppData\Local\Temp\oCwR24UZVt.exe" = C:\Users\DAHOSD~1\AppData\Local\Temp\oCwR24UZVt.exe:*:Enabled:Windows Messanger ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{28D73032-5DAA-4F83-B154-85105DBCCB92}" = iTunes "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{4C97CB8A-C359-490D-A518-ED60D812E6C2}" = Ma-Config.com (64 bits) "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{AF162E20-417F-4946-A06D-65734984957F}" = Logiciel Intel® PROSet/Wireless WiFi "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 280.26 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 280.26 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Pilote du contrôleur 3D Vision 280.19 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 1.4.28 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{E3015C78-C196-4039-A279-9959940083DE}" = O2Micro Flash Memory Card Reader Driver (x64) "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security "CPUID HWMonitor_is1" = CPUID HWMonitor 1.16 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "ProInst" = Intel PROSet Wireless [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty® 4 - Modern Warfare 1.3 Patch "{1023383E-D9F6-478C-A965-23A4657B3C9A}" = Sacred 2 "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1 "{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V "{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2 "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 26 "{2BB047B7-E613-4686-BE0C-E63BB26BE121}" = Sacred 2 - Elite "{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty® 4 - Modern Warfare 1.4 Patch "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest "{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{578485F8-60F3-4C61-9183-0698E581B902}" = From Dust "{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}" = Call of Duty® 4 - Modern Warfare 1.1 Patch "{66FF4C48-0083-4E60-8556-B883AB200091}" = Heroes of Might & Magic V: Hammers of Fate "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{72199E33-4F2A-4B7F-8E25-95DDDD50A678}" = Acer System Information "{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}" = Les Sims Medieval "{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty® 4 - Modern Warfare 1.5 Patch "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare 1.6 Patch "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™ "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AC76BA86-7AD7-1036-7B44-A70900000002}" = Adobe Reader 7.0.9 - Français "{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support "{B99CB207-4704-4C51-9309-0FA90AA26DD4}" = ROCCAT Kone[+] Mouse Driver "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare "{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty® 4 - Modern Warfare 1.2 Patch "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "43442AE9-6512-4392-B5DD-9167BECD1114_is1" = Infix 4.08 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.60 "Anki" = Anki "ASIO4ALL" = ASIO4ALL "BFGC" = Big Fish Games: Game Manager "BFG-Little Folk of Faery" = Little Folk of Faery "BitTorrent" = BitTorrent "CDCE6956-DD16-4F82-ACA0-E4C7BAD6B26A_is1" = Divinity II - DKS "COMODO GeekBuddy" = COMODO GeekBuddy "Diablo II" = Diablo II "FL Studio 10" = FL Studio 10 "GFWL_{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm "Heroes of Might and Magic IV" = Heroes of Might and Magic IV: Winds of War "HijackThis" = HijackThis 2.0.2 "IL Download Manager" = IL Download Manager "InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty® 4 - Modern Warfare 1.3 Patch "InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty® 4 - Modern Warfare 1.4 Patch "InstallShield_{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}" = Call of Duty® 4 - Modern Warfare 1.1 Patch "InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty® 4 - Modern Warfare 1.5 Multiplayer Patch "InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare 1.6 Patch "InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare 1.7 Patch "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare "InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty® 4 - Modern Warfare 1.2 Patch "Magic Workstation_is1" = Magic Workstation 0.94f "Marvell Miniport Driver" = Marvell Miniport Driver "Mozilla Firefox 6.0 (x86 fr)" = Mozilla Firefox 6.0 (x86 fr) "MTG GamePack for Magic Workstation_is1" = MTG GamePack for Magic Workstation "Mumble" = Mumble and Murmur "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver "Picasa 3" = Picasa 3 "Plants vs. Zombies" = Plants vs. Zombies "StarCraft II" = StarCraft II "TeamSpeak 3 Client" = TeamSpeak 3 Client "VLC media player" = VLC media player 1.0.1 "Warcraft III" = Warcraft III "Winamp" = Winamp "WinRAR archiver" = WinRAR archiver "ZHPDiag_is1" = ZHPDiag 1.28 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Phonetik" = Phonetik "Winamp Detect" = Détection de l'application Winamp ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >
  12. Dahosdren
    L'antivirus Comodo m'a été recommandé mais il n'est pas dans ta liste. Puis-je télécharger celui-là ou tu me recommande uniquement un de ta liste ? Merci
  13. Dahosdren
    ok désolé autant pour moi, je me disais que ça allait être quelque peu long ^^ Rapport de ZHPFix 1.12.3357 par Nicolas Coolman, Update du 23/08/2011 Fichier d'export Registre : Run by Dahosdren at 27/08/2011 16:55:21 Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Web site : ZHPFix Fix de rapport ========== Logiciel(s) ========== ABSENT Software Key: Plants vs. Zombies ABSENT Software Key: BitTorrent ========== Processus mémoire ========== SUPPRIME Memory Process: C:\Users\Dahosdren\AppData\Local\Temp\setup.exe SUPPRIME Memory Process: C:\Users\Dahosdren\AppData\Local\Temp\uttD1F.tmp.exe ========== Clé(s) du Registre ========== SUPPRIME Key: HKCU\Software\Moovida SUPPRIME Key: HKCU\Software\PopCap SUPPRIME Key: HKCU\Software\clickpotatolitesa ABSENT Key: HKLM\Software\ClickPotatoLite ABSENT Key: HKLM\Software\PopCap SUPPRIME Key**: StartupReg: ClickPotatoLiteSA SUPPRIME Key**: StartupReg: system32 SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\AppID\MenuButtonIE.DLL SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C} SUPPRIME Key: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-cd68-4f36-8d02-8c43722ee5da} SUPPRIME Key: HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} SUPPRIME Key: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} SUPPRIME Key: HKLM\Software\WOW6432Node\ClickPotatoLite SUPPRIME Key: HKLM\Software\WOW6432Node\PopCap SUPPRIME Key: HKCU\Software\SweetIM ABSENT Key: HKLM\Software\SweetIM SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{eee6c35b-6118-11dc-9c72-001320c79847} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{eee6c35b-6118-11dc-9c72-001320c79847} SUPPRIME Key: HKLM\Software\WOW6432Node\SweetIM SUPPRIME Key: HKCU\Software\BitTorrent ========== Valeur(s) du Registre ========== SUPPRIME [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} SUPPRIME TCP Query User{932A97EE-1797-46BF-9605-54F82D313980}C:/program files (x86)/bittorrent/bittorrent.exe SUPPRIME UDP Query User{71965DEB-D022-46E5-BE6F-A3841271CF32}C:/program files (x86)/bittorrent/bittorrent.exe SUPPRIME {72CBBE93-E893-429D-B18B-BC044EC34BAD} SUPPRIME {44169AA3-6734-48A6-BAC5-E5580A8D15A9} ========== Dossier(s) ========== SUPPRIME Folder: C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 SUPPRIME Folder: C:\ProgramData\ClickPotatoLiteSA SUPPRIME Folder: C:\Users\Dahosdren\AppData\Roaming\ClickPotatoLite SUPPRIME Folder: C:\Users\Dahosdren\AppData\Roaming\moovida-1 SUPPRIME Folder: c:\users\dahosdren\appdata\local\temp\asksearch SUPPRIME Folder: C:\Users\Dahosdren\AppData\Roaming\Mozilla\Firefox\Profiles\6fw35odx.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} SUPPRIME Folder: C:\Users\Dahosdren\AppData\Roaming\teamspeak2 SUPPRIME Folder: C:\Users\Dahosdren\AppData\Roaming\BitTorrent ========== Fichier(s) ========== SUPPRIME c:\program files (x86)\mozilla firefox\plugins\npclntax_clickpotatolitesa.dll ABSENT File: c:\users\dahosdren\appdata\roaming\ms13s.exe SUPPRIME File: c:\users\dahosdren\appdata\local\temp\setup.exe SUPPRIME File: c:\users\dahosdren\appdata\local\temp\uttd1f.tmp.exe ABSENT Folder/File: c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65 ABSENT Folder/File: c:\programdata\clickpotatolitesa ABSENT Folder/File: c:\users\dahosdren\appdata\roaming\clickpotatolite SUPPRIME c:\users\dahosdren\appdata\roaming\mozilla\firefox\profiles\6fw35odx.default\searchplugins\sweetim.xml ABSENT Folder/File: c:\users\dahosdren\appdata\roaming\teamspeak2 ABSENT Folder/File: c:\users\dahosdren\appdata\roaming\mozilla\firefox\profiles\6fw35odx.default\searchplugins\sweetim.xml ========== Récapitulatif ========== 2 : Processus mémoire 23 : Clé(s) du Registre 5 : Valeur(s) du Registre 8 : Dossier(s) 10 : Fichier(s) 2 : Logiciel(s) End of the scan in 00mn 24s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 27/08/2011 16:55:21 [4477] _______________________________________________________________________________________________________________________________________ ComboFix 11-08-27.01 - Dahosdren 27/08/2011 17:00:09.1.2 - x64 Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.4091.2992 [GMT 2:00] Lancé depuis: c:\users\Dahosdren\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . C:\autorun.inf C:\Diskrun.exe C:\Install.exe c:\program files (x86)\ClickPotatoLite c:\program files (x86)\ClickPotatoLite\bin\10.0.622.0\ClickPotatoLiteSAHook.dll c:\program files (x86)\ClickPotatoLite\bin\10.0.622.0\firefox\extensions\install.rdf c:\program files (x86)\ClickPotatoLite\bin\10.0.622.0\firefox\extensions\plugins\npclntax_ClickPotatoLiteSA.dll c:\program files (x86)\INSTALL.LOG c:\programdata\Microsoft\Windows\Start Menu\Programs\ClickPotato c:\programdata\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk c:\programdata\Roaming C:\system.bin c:\system.bin\2C3F67F9599.exe c:\system.bin\DDE05673720B92F c:\users\Dahosdren\AppData\Roaming\Imezow c:\users\Dahosdren\AppData\Roaming\Imezow\cuomr.exe c:\users\Dahosdren\AppData\Roaming\k-one . . ((((((((((((((((((((((((((((( Fichiers créés du 2011-07-27 au 2011-08-27 )))))))))))))))))))))))))))))))))))) . . 2011-08-27 15:06 . 2011-08-27 15:06 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-08-27 08:12 . 2011-08-27 08:12 512 ----a-w- C:\PhysicalDisk0_MBR.bin 2011-08-27 08:07 . 2011-08-27 14:55 -------- d-----w- C:\ZHP 2011-08-27 08:07 . 2011-08-27 08:12 -------- d-----w- c:\program files (x86)\ZHPDiag 2011-08-27 08:03 . 2011-08-27 08:04 -------- d-----w- c:\programdata\NVIDIA 2011-08-27 08:01 . 2011-08-03 11:50 980072 ----a-w- c:\windows\system32\nvvsvc.exe 2011-08-27 08:01 . 2011-08-03 11:50 836200 ----a-w- c:\windows\system32\easyupdatusapiu64.dll 2011-08-27 08:01 . 2011-08-03 11:50 61544 ----a-w- c:\windows\system32\nvshext.dll 2011-08-27 08:01 . 2011-08-03 11:50 6136936 ----a-w- c:\windows\system32\nvcpl.dll 2011-08-27 08:01 . 2011-08-03 11:50 335976 ----a-w- c:\windows\system32\nvhotkey.dll 2011-08-27 08:01 . 2011-08-03 11:50 3021416 ----a-w- c:\windows\system32\nvsvc64.dll 2011-08-27 08:01 . 2011-08-03 11:50 2560616 ----a-w- c:\windows\system32\nvsvcr.dll 2011-08-27 08:01 . 2011-08-03 11:50 117864 ----a-w- c:\windows\system32\nvmctray.dll 2011-08-27 08:01 . 2011-08-27 08:01 -------- d-----w- c:\programdata\NVIDIA Corporation 2011-08-26 06:34 . 2011-08-12 04:10 8862544 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BA006534-8666-4CCD-A20E-1AF3815C7293}\mpengine.dll 2011-08-24 11:02 . 2011-07-09 05:26 2048 ----a-w- c:\windows\system32\tzres.dll 2011-08-24 11:02 . 2011-07-09 04:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2011-08-19 17:19 . 2011-08-19 17:19 -------- d-----w- c:\program files (x86)\FinalWire 2011-08-18 00:09 . 2011-08-18 00:19 -------- d-----w- c:\users\Dahosdren\AppData\Local\Ubisoft Game Launcher 2011-08-15 10:07 . 2011-08-15 10:07 -------- d-----w- c:\users\Dahosdren\AppData\Roaming\SPORE 2011-08-15 09:59 . 2011-08-15 09:59 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll 2011-08-14 18:30 . 2011-08-14 18:30 -------- d-----w- c:\program files (x86)\Microsoft WSE 2011-08-14 18:25 . 2011-08-15 09:55 -------- d-----w- c:\program files (x86)\Electronic Arts 2011-08-14 14:08 . 2011-08-14 14:08 -------- d-----w- c:\users\Dahosdren\AppData\Roaming\GOA 2011-08-14 14:08 . 2011-08-14 14:08 -------- d-----w- c:\programdata\GOA 2011-08-14 14:05 . 2011-08-14 14:06 -------- d-----w- c:\program files (x86)\Little Folk of Faery 2011-08-14 13:58 . 2011-08-14 13:58 -------- d-----w- c:\programdata\Big Fish Games 2011-08-14 13:58 . 2011-08-14 13:58 -------- d-----w- c:\program files (x86)\bfgclient 2011-08-14 13:56 . 2011-08-14 14:08 -------- d-----w- C:\BigFishGamesCache 2011-08-12 10:35 . 2011-08-27 14:55 -------- d-----w- c:\users\Dahosdren\AppData\Roaming\Skype 2011-08-12 10:35 . 2011-08-12 10:35 -------- d-----r- c:\program files (x86)\Skype 2011-08-12 10:35 . 2011-08-12 10:35 -------- d-----w- c:\programdata\Skype 2011-08-10 13:03 . 2011-06-23 05:43 5561216 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-08-10 13:03 . 2011-06-23 04:33 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2011-08-03 20:58 . 2011-08-03 20:58 -------- d-----w- c:\windows\SysWow64\xlive 2011-08-03 20:58 . 2011-08-03 20:58 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE 2011-08-03 13:12 . 2011-08-03 13:12 -------- d-----w- c:\users\Dahosdren\AppData\Local\Ascaron Entertainment 2011-08-03 13:11 . 2011-08-03 13:11 -------- d-----w- c:\users\UpdatusUser 2011-08-03 13:10 . 2011-08-27 08:03 -------- d-----w- c:\program files (x86)\NVIDIA Corporation 2011-08-03 12:40 . 2008-07-12 06:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll 2011-08-03 12:40 . 2008-07-12 06:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll 2011-08-03 12:40 . 2008-07-12 06:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll 2011-08-03 12:38 . 2011-08-03 12:38 419840 ----a-w- c:\windows\system32\wrap_oal.dll 2011-08-03 12:38 . 2011-08-03 12:38 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2011-08-03 12:38 . 2011-08-03 12:38 133632 ----a-w- c:\windows\system32\OpenAL32.dll 2011-08-03 12:38 . 2011-08-03 12:38 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2011-08-03 12:26 . 2011-08-03 12:26 -------- d-----w- c:\program files (x86)\Deep Silver 2011-08-03 12:26 . 2011-08-03 12:26 -------- d-----w- c:\windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-15 19:40 . 2011-05-21 15:46 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2011-08-15 19:40 . 2011-05-21 15:46 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2011-08-15 17:15 . 2011-05-21 15:46 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2011-07-20 18:56 . 2011-07-20 18:56 34064 ----a-w- c:\windows\SysWow64\lhacm.acm 2011-07-16 04:26 . 2011-08-10 13:04 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2011-07-01 08:34 . 2011-07-01 08:34 128512 ----a-w- c:\windows\RegBootClean64.exe 2011-06-19 07:41 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll 2011-06-19 07:41 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll 2011-06-11 03:07 . 2011-07-13 08:25 3137536 ----a-w- c:\windows\system32\win32k.sys . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [x] R3 dc3d;Pilote de détection des périphériques Microsoft Hardware;c:\windows\system32\DRIVERS\dc3d.sys [x] R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2011-07-02 16640] R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\x64\maconfservice.exe [2011-07-09 421376] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-11-02 340240] R3 netw5v64;Pilote de carte de liaison WiFi sans fil Intel® 5000 Series pour Windows Vista 64 bits;c:\windows\system32\DRIVERS\netw5v64.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x64.sys [x] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464] S3 NETwNs64;___ Pilote de carte de la série Intel® Wireless WiFi Link 5000 pour Windows 7 64 bits ;c:\windows\system32\DRIVERS\NETwNs64.sys [x] S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2mdx64.sys [x] S3 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sdx64.sys [x] S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x] S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x] S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x] . . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Dahosdren\AppData\Roaming\Mozilla\Firefox\Profiles\6fw35odx.default\ FF - prefs.js: browser.startup.homepage - hxxp://google.fr FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q= FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORPHELINS SUPPRIMES - - - - . Wow6432Node-HKCU-Run-{ABC6E96B-CB3A-DE25-C49B-BD8FF3BC9A23} - c:\users\Dahosdren\AppData\Roaming\Imezow\cuomr.exe WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) AddRemove-Anki - c:\program files (x86)\Anki\uninstall.exe AddRemove-CDCE6956-DD16-4F82-ACA0-E4C7BAD6B26A_is1 - c:\program files (x86)\Divinity II - DKS\unins000.exe . . . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-1852225165-3505658590-2671374733-1000\Software\SecuROM\License information*] "datasecu"=hex:d8,ff,88,6c,e0,41,09,2e,d5,93,df,b9,7a,20,2e,03,87,52,cf,40,85, 44,46,50,6e,4b,a0,fb,77,dc,de,dd,fe,34,68,20,63,8c,0d,d1,5b,70,49,6f,3a,b5,\ "rkeysecu"=hex:d1,f1,96,8c,26,51,97,65,50,fb,5f,f6,1d,57,49,84 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Autres processus actifs ------------------------ . c:\program files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe . ************************************************************************** . Heure de fin: 2011-08-27 17:12:27 - La machine a redémarré ComboFix-quarantined-files.txt 2011-08-27 15:12 . Avant-CF: 82 466 545 664 octets libres Après-CF: 92 246 089 728 octets libres . - - End Of File - - D6C8F4239917AF02920317BDC2CCF863 _______________________________________________________________________________________________________________________________________ Results of screen317's Security Check version 0.99.18 Windows 7 (UAC is disabled!) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: HijackThis 2.0.2 Java 6 Update 26 Flash Player Out of Date! Adobe Flash Player 10.2.159.1 ```````````````````````````````` Process Check: objlist.exe by Laurent ``````````End of Log````````````
  14. Dahosdren
    Observation rapide : je m'aperçoit qu'un problème à dors et déjà disparu : le double "^^" en 1 seul click. problème réglé je peut désormais mettre des trémas si je m’aperçoit d'autre chose je vous tiens informés. Merci
  15. Dahosdren
    Merci pour ton aide rapide, voici tous les rapports demandés. ZHPfix : Cijoint.fr - Service gratuit de dépôt de fichiers SecurityCheck : Cijoint.fr - Service gratuit de dépôt de fichiers ComboFix : Cijoint.fr - Service gratuit de dépôt de fichiers
×
×
  • Créer...