zorbec

Bonsoir, Une collègue a des problèmes avec un disque USB Toshiba, il doit avoir un ou deux ans. C'est la ou elle stocke ses photos et vidéos. Il est illisible. A priori pas eu de choc ou de problèmes mécaniques. J'ai essayé qques utilitaires mais sans succès. Je viens d'essayer photorec qui me retrouve des fichiers JPG et AVI, mais ils semblent corrompus, on arrive à les afficher, mais ce n'est pas terrible (cf images) Quelqu'un aura t il une idée? Merci d'avance

Bonjour, J'ai toujours le même problème, c'est étrange. Une constatation, en mode normal le disque tourne sans arrêt, le voyant est sans cesse allumé, pourtant il n'y pas de programme ou de processus particulier de lancé. Par contre en mode sans échec, il ne s'allume que de temps en temps et l'ordi répond correctement A+

Alors le chkdsk je l'ai déjà fait plusieurs fois, qques erreurs au début, et ensuite plus d'erreur. Pour la défragmentation j'ai déjà fait plusieurs fois deffragler mais je vais utiliser l'outil que tu proposes. Merci

Bonjour, Merci pour ton aide. Adwcleaner n'a rien trouvé, CrystalDiskInfo dit que le DD est en état correct, et speccy n'indique pas de problème particulier, proc à 55° CM à 59° et DD à 46° Voici le report: Rapport de ZHPFix 2013.3.9.1 par Nicolas Coolman, Update du 9/03/2013 Fichier d'export Registre : Run by isabelle at 16/04/2013 14:09:50 High Elevated Privileges : OK Windows Vista Business Edition, 32-bit Service Pack 2 (Build 6002) Corbeille vidée ========== Clé(s) du Registre ========== SUPPRIME Key: SearchScopes :{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} ABSENT Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} ========== Valeur(s) du Registre ========== ABSENT Valeur Standard Profile: FirewallRaz : ABSENT Valeur Domain Profile: FirewallRaz : SUPPRIME FirewallRaz (Public) : {C9849991-8DBC-456A-B6D5-78DCE50982CD} SUPPRIME FirewallRaz (Public) : {60E0E43A-2A37-41B9-9108-D1ACC5F225EC} SUPPRIME FirewallRaz (Private) : {8720B228-2251-4B39-845E-332D6292B406} SUPPRIME FirewallRaz (Private) : {866BE350-A6D0-4B97-8DDD-38176174341E} ========== Dossier(s) ========== SUPPRIME Flash Cookies SUPPRIME Temporaires Windows ========== Fichier(s) ========== SUPPRIME Reboot c:\windows\system32\cscript.exe SUPPRIME Reboot c:\windows\system32\taskcomp.dll SUPPRIME Flash Cookies SUPPRIME Temporaires Windows ========== Restauration Système ========== Point de restauration du système créé avec succès ========== Récapitulatif ========== 2 : Clé(s) du Registre 6 : Valeur(s) du Registre 2 : Dossier(s) 4 : Fichier(s) 1 : Restauration Système End of clean in 01mn 13s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 16/04/2013 14:09:51 [1516]

Bonjour, On m'a refilé un portable Sony Vaio VGN-TZ11MN, il y a un Centrino Duo avec 1go de mémoire et vista pro. Il rame furieusement, on a le temps d'aller boire une bière entre chaque clic de souris. J'ai fait les maj Windows, un ccleaner, un malwarebytes, une analyse antivirus...... Ca s'est amélioré, mais c'est encore très lent, ce n'est pas une bête de course, mais ça devrait aller mieux que ça. Si quelqu'un pouvait me donner un coup de main, ce serait sympa. J'ai fait un Zhpdiag, le rapport est ici. pjjoint.malekal.com - Submit a file Merci d'avance

Bonsoir, Pour des raisons de sécurité, je crypte les disques durs des PC portables de ma société. J'utilise les utilitaires HP Protect Tools Pas de soucis, tout fonctionne correctement pour la plupart des PC sauf 1. C'est un PC 6730B sous Win 7 Pro. Je n'arrive pas à crypter le DD, j'ai réinstallé les programmes. J'ai ce 1er écran : Un truc bizarre le DD C: apparait 2 fois. Ensuite j'ai cet écran : Je reboote et le DD n'est pas crypté. J'ai ouvert un incident chez HP, mais rien n'y a fait, après plusieurs échanges et réinstallations, le problème est toujours identique, j'ai fermé le ticket. En dernier lieu il me proposait de me renvoyer un DD neuf et de tout réinstaller, j'ai refusé. Si quelqu'un a un piste je suis preneur. Merci d'avance.

C'est fait pour le dernier dossier. Le comportement semble meilleur, la navigation parait plus rapide. A confirmer, je te redirais, je n'ai pas de traitements lourds à faire ce soir. En tout cas merci beaucoup pour ton aide rapide et constructive. Bonne soirée

Re Voici les résultats : OTL : All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully. C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found. C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VyprVPN - Raccourci.lnk moved successfully. ========== FILES ========== C:\Users\Alain\Desktop\Fichiers d’installation Norton.lnk moved successfully. C:\Program Files\Enigma Software Group\SpyHunter\mon folder moved successfully. C:\Program Files\Enigma Software Group\SpyHunter\Log folder moved successfully. C:\Program Files\Enigma Software Group\SpyHunter\Downloads folder moved successfully. C:\Program Files\Enigma Software Group\SpyHunter\Defs folder moved successfully. C:\Program Files\Enigma Software Group\SpyHunter\Data folder moved successfully. C:\Program Files\Enigma Software Group\SpyHunter folder moved successfully. C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully. C:\Program Files\DAEMON Tools Toolbar folder moved successfully. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\svchost.exe deleted successfully. Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aklzrvcs\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\bkxjsjno\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\rlpqmwim\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aklzrvcs\ not found. Registry key HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bkxjsjno\ not found. Registry key HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rlpqmwim\ not found. Registry key HKEY_CURRENT_USER\Software\AppDataLow\Software\toolbar\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Ask&Record\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT1060933\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar\ deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099aac-c132-4136-9e9a-4e364a424e17} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099aac-c132-4136-9e9a-4e364a424e17}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099aac-c132-4136-9e9a-4e364a424e17} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099aac-c132-4136-9e9a-4e364a424e17}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: Alain ->Temp folder emptied: 1374952 bytes ->Temporary Internet Files folder emptied: 47616872 bytes ->Java cache emptied: 75687837 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 470 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 820505 bytes %systemroot%\System32 .tmp files removed: 5 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 120,00 mb OTL by OldTimer - Version 3.2.31.0 log created on 11012011_193512 Files\Folders moved on Reboot... File\Folder C:\Users\Alain\AppData\Local\Temp\~DF4B6EB15D000F0C2A.TMP not found! File\Folder C:\Users\Alain\AppData\Local\Temp\~DF5A7E1D825AEC7E5C.TMP not found! File\Folder C:\Users\Alain\AppData\Local\Temp\~DF8B3DC2A748B68F9E.TMP not found! File\Folder C:\Users\Alain\AppData\Local\Temp\~DFCBC6C0828388DAF8.TMP not found! C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOL4UT6D\ads[1].htm moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOL4UT6D\AP_ADV_300x250[1].htm moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOL4UT6D\si[1].htm moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SGN6CJH6\afr[1].htm moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SGN6CJH6\povh[1].htm moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\90QFPA5R\search[2].htm moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6FN17TGQ\ads[1].htm moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6FN17TGQ\ads[2].htm moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6FN17TGQ\afr[1].htm moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6FN17TGQ\AP_ADV_728x90[1].htm moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\67LWZ017\like[1].htm moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\67LWZ017\si[1].htm moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ZYMCWMK\AP_VIA_300x250[1].htm moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ZYMCWMK\AP_VIA_728x90[1].htm moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ZYMCWMK\pc-assemble-qui-devient-lent-t189044[1].htm moved successfully. C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ZYMCWMK\search[1].htm moved successfully. Registry entries deleted on Reboot... MalwareBytes : Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Version de la base de données: 8063 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 01/11/2011 20:01:01 mbam-log-2011-11-01 (20-01-01).txt Type d'examen: Examen rapide Elément(s) analysé(s): 176029 Temps écoulé: 5 minute(s), 39 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Merci

Re Voici le résultat OTL logfile created on: 01/11/2011 18:27:19 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Alain\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,55% Memory free 4,00 Gb Paging File | 2,75 Gb Available in Paging File | 68,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 372,61 Gb Total Space | 238,29 Gb Free Space | 63,95% Space Free | Partition Type: NTFS Drive D: | 82,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 372,61 Gb Total Space | 142,70 Gb Free Space | 38,30% Space Free | Partition Type: NTFS Drive I: | 3,69 Gb Total Space | 3,68 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Computer Name: ALAIN-PC | User Name: Alain | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days ========== Custom Scans ========== < HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\prevhost.exe: 8000 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\svchost.exe: 8000 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\sllauncher.exe: 8000 < HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs > < HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs > < End of report > Merci

Salut Merci pour ton aide. Voici les rapports Rapport de Tdsskiller : 15:56:15.0550 1732 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01 15:56:15.0769 1732 ============================================================ 15:56:15.0769 1732 Current date / time: 2011/11/01 15:56:15.0769 15:56:15.0769 1732 SystemInfo: 15:56:15.0769 1732 15:56:15.0769 1732 OS Version: 6.1.7601 ServicePack: 1.0 15:56:15.0769 1732 Product type: Workstation 15:56:15.0769 1732 ComputerName: ALAIN-PC 15:56:15.0769 1732 UserName: Alain 15:56:15.0769 1732 Windows directory: C:\Windows 15:56:15.0769 1732 System windows directory: C:\Windows 15:56:15.0769 1732 Processor architecture: Intel x86 15:56:15.0769 1732 Number of processors: 2 15:56:15.0769 1732 Page size: 0x1000 15:56:15.0769 1732 Boot type: Normal boot 15:56:15.0769 1732 ============================================================ 15:56:16.0988 1732 Initialize success 15:56:37.0707 3732 ============================================================ 15:56:37.0707 3732 Scan started 15:56:37.0707 3732 Mode: Manual; 15:56:37.0707 3732 ============================================================ 15:56:38.0082 3732 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 15:56:38.0082 3732 1394ohci - ok 15:56:38.0128 3732 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 15:56:38.0144 3732 ACPI - ok 15:56:38.0160 3732 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 15:56:38.0160 3732 AcpiPmi - ok 15:56:38.0253 3732 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 15:56:38.0269 3732 adp94xx - ok 15:56:38.0285 3732 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 15:56:38.0300 3732 adpahci - ok 15:56:38.0332 3732 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 15:56:38.0332 3732 adpu320 - ok 15:56:38.0410 3732 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 15:56:38.0410 3732 AFD - ok 15:56:38.0441 3732 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 15:56:38.0441 3732 agp440 - ok 15:56:38.0488 3732 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 15:56:38.0488 3732 aic78xx - ok 15:56:38.0550 3732 aklzrvcs - ok 15:56:38.0597 3732 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 15:56:38.0597 3732 aliide - ok 15:56:38.0628 3732 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 15:56:38.0628 3732 amdagp - ok 15:56:38.0675 3732 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 15:56:38.0675 3732 amdide - ok 15:56:38.0707 3732 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 15:56:38.0707 3732 AmdK8 - ok 15:56:38.0738 3732 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 15:56:38.0738 3732 AmdPPM - ok 15:56:38.0769 3732 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 15:56:38.0769 3732 amdsata - ok 15:56:38.0816 3732 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 15:56:38.0816 3732 amdsbs - ok 15:56:38.0847 3732 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 15:56:38.0847 3732 amdxata - ok 15:56:38.0894 3732 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 15:56:38.0894 3732 AppID - ok 15:56:38.0925 3732 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 15:56:38.0941 3732 arc - ok 15:56:38.0957 3732 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 15:56:38.0972 3732 arcsas - ok 15:56:39.0003 3732 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 15:56:39.0003 3732 AsyncMac - ok 15:56:39.0019 3732 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 15:56:39.0019 3732 atapi - ok 15:56:39.0082 3732 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 15:56:39.0082 3732 b06bdrv - ok 15:56:39.0113 3732 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 15:56:39.0113 3732 b57nd60x - ok 15:56:39.0144 3732 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 15:56:39.0144 3732 Beep - ok 15:56:39.0394 3732 BHDrvx86 (fe57ab6683f48264d1cd36f5d5ee95a8) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111014.001\BHDrvx86.sys 15:56:39.0410 3732 BHDrvx86 - ok 15:56:39.0472 3732 bkxjsjno - ok 15:56:39.0488 3732 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 15:56:39.0488 3732 blbdrive - ok 15:56:39.0535 3732 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 15:56:39.0535 3732 bowser - ok 15:56:39.0550 3732 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 15:56:39.0550 3732 BrFiltLo - ok 15:56:39.0582 3732 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 15:56:39.0582 3732 BrFiltUp - ok 15:56:39.0613 3732 Bridge (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys 15:56:39.0613 3732 Bridge - ok 15:56:39.0628 3732 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys 15:56:39.0628 3732 BridgeMP - ok 15:56:39.0675 3732 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 15:56:39.0675 3732 Brserid - ok 15:56:39.0816 3732 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 15:56:39.0816 3732 BrSerWdm - ok 15:56:39.0847 3732 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 15:56:39.0847 3732 BrUsbMdm - ok 15:56:39.0847 3732 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 15:56:39.0847 3732 BrUsbSer - ok 15:56:39.0878 3732 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 15:56:39.0878 3732 BTHMODEM - ok 15:56:40.0003 3732 ccSet_NIS (2b2f9b4a08190334a9c36446b208bae9) C:\Windows\system32\drivers\NIS\1301010.003\ccSetx86.sys 15:56:40.0003 3732 ccSet_NIS - ok 15:56:40.0050 3732 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 15:56:40.0050 3732 cdfs - ok 15:56:40.0113 3732 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys 15:56:40.0113 3732 cdrom - ok 15:56:40.0144 3732 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 15:56:40.0160 3732 circlass - ok 15:56:40.0191 3732 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 15:56:40.0191 3732 CLFS - ok 15:56:40.0253 3732 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 15:56:40.0253 3732 CmBatt - ok 15:56:40.0285 3732 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 15:56:40.0285 3732 cmdide - ok 15:56:40.0316 3732 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 15:56:40.0332 3732 CNG - ok 15:56:40.0378 3732 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 15:56:40.0378 3732 Compbatt - ok 15:56:40.0410 3732 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 15:56:40.0410 3732 CompositeBus - ok 15:56:40.0457 3732 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 15:56:40.0457 3732 crcdisk - ok 15:56:40.0519 3732 CrystalSysInfo - ok 15:56:40.0566 3732 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 15:56:40.0566 3732 DfsC - ok 15:56:40.0582 3732 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 15:56:40.0582 3732 discache - ok 15:56:40.0613 3732 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 15:56:40.0613 3732 Disk - ok 15:56:40.0691 3732 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 15:56:40.0691 3732 drmkaud - ok 15:56:40.0753 3732 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 15:56:40.0753 3732 DXGKrnl - ok 15:56:40.0878 3732 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 15:56:40.0894 3732 ebdrv - ok 15:56:41.0019 3732 eeCtrl (8f7dbc4be48f5388a6fe1f285e7948ef) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 15:56:41.0019 3732 eeCtrl - ok 15:56:41.0066 3732 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 15:56:41.0066 3732 elxstor - ok 15:56:41.0128 3732 EraserUtilRebootDrv (3ee14d400e0fdd0d214275a4a20b7022) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 15:56:41.0128 3732 EraserUtilRebootDrv - ok 15:56:41.0144 3732 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 15:56:41.0144 3732 ErrDev - ok 15:56:41.0207 3732 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 15:56:41.0207 3732 exfat - ok 15:56:41.0238 3732 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 15:56:41.0238 3732 fastfat - ok 15:56:41.0285 3732 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 15:56:41.0285 3732 fdc - ok 15:56:41.0316 3732 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 15:56:41.0316 3732 FileInfo - ok 15:56:41.0332 3732 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 15:56:41.0332 3732 Filetrace - ok 15:56:41.0363 3732 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 15:56:41.0363 3732 flpydisk - ok 15:56:41.0410 3732 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 15:56:41.0410 3732 FltMgr - ok 15:56:41.0441 3732 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 15:56:41.0441 3732 FsDepends - ok 15:56:41.0488 3732 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 15:56:41.0488 3732 Fs_Rec - ok 15:56:41.0535 3732 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 15:56:41.0535 3732 fvevol - ok 15:56:41.0566 3732 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 15:56:41.0566 3732 gagp30kx - ok 15:56:41.0628 3732 GearAspiWDM (5dc17164f66380cbfefd895c18467773) C:\Windows\system32\drivers\GEARAspiWDM.sys 15:56:41.0628 3732 GearAspiWDM - ok 15:56:41.0707 3732 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 15:56:41.0707 3732 hcw85cir - ok 15:56:41.0769 3732 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 15:56:41.0769 3732 HdAudAddService - ok 15:56:41.0800 3732 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 15:56:41.0800 3732 HDAudBus - ok 15:56:41.0832 3732 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 15:56:41.0832 3732 HidBatt - ok 15:56:41.0863 3732 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 15:56:41.0863 3732 HidBth - ok 15:56:41.0894 3732 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 15:56:41.0894 3732 HidIr - ok 15:56:41.0957 3732 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys 15:56:41.0957 3732 HidUsb - ok 15:56:41.0988 3732 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 15:56:41.0988 3732 HpSAMD - ok 15:56:42.0050 3732 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 15:56:42.0066 3732 HTTP - ok 15:56:42.0082 3732 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 15:56:42.0082 3732 hwpolicy - ok 15:56:42.0113 3732 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 15:56:42.0113 3732 i8042prt - ok 15:56:42.0160 3732 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 15:56:42.0160 3732 iaStorV - ok 15:56:42.0378 3732 IDSVix86 (9bc8840de4140e8e2a6fc3192e054a8c) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20111028.030\IDSvix86.sys 15:56:42.0378 3732 IDSVix86 - ok 15:56:42.0410 3732 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 15:56:42.0410 3732 iirsp - ok 15:56:42.0535 3732 IntcAzAudAddService (202350c0055a39cfca30b2942f7b10d2) C:\Windows\system32\drivers\RTKVHDA.sys 15:56:42.0550 3732 IntcAzAudAddService - ok 15:56:42.0628 3732 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 15:56:42.0628 3732 intelide - ok 15:56:42.0660 3732 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 15:56:42.0660 3732 intelppm - ok 15:56:42.0691 3732 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:56:42.0691 3732 IpFilterDriver - ok 15:56:42.0769 3732 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 15:56:42.0769 3732 IPMIDRV - ok 15:56:42.0800 3732 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 15:56:42.0816 3732 IPNAT - ok 15:56:42.0847 3732 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 15:56:42.0863 3732 IRENUM - ok 15:56:42.0894 3732 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 15:56:42.0894 3732 isapnp - ok 15:56:42.0925 3732 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 15:56:42.0925 3732 iScsiPrt - ok 15:56:42.0957 3732 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys 15:56:42.0957 3732 kbdclass - ok 15:56:43.0003 3732 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 15:56:43.0003 3732 kbdhid - ok 15:56:43.0050 3732 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys 15:56:43.0050 3732 KSecDD - ok 15:56:43.0066 3732 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys 15:56:43.0066 3732 KSecPkg - ok 15:56:43.0128 3732 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 15:56:43.0128 3732 lltdio - ok 15:56:43.0191 3732 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 15:56:43.0191 3732 LSI_FC - ok 15:56:43.0207 3732 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 15:56:43.0207 3732 LSI_SAS - ok 15:56:43.0222 3732 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 15:56:43.0222 3732 LSI_SAS2 - ok 15:56:43.0253 3732 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 15:56:43.0253 3732 LSI_SCSI - ok 15:56:43.0285 3732 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 15:56:43.0285 3732 luafv - ok 15:56:43.0316 3732 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 15:56:43.0316 3732 megasas - ok 15:56:43.0347 3732 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 15:56:43.0347 3732 MegaSR - ok 15:56:43.0410 3732 Memctl - ok 15:56:43.0441 3732 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 15:56:43.0441 3732 Modem - ok 15:56:43.0488 3732 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 15:56:43.0488 3732 monitor - ok 15:56:43.0503 3732 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys 15:56:43.0503 3732 mouclass - ok 15:56:43.0535 3732 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 15:56:43.0535 3732 mouhid - ok 15:56:43.0566 3732 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 15:56:43.0566 3732 mountmgr - ok 15:56:43.0613 3732 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 15:56:43.0613 3732 mpio - ok 15:56:43.0660 3732 MpNWMon (bfd981f12c8c6beebdca70efbfdd0a08) C:\Windows\system32\DRIVERS\MpNWMon.sys 15:56:43.0660 3732 MpNWMon - ok 15:56:43.0691 3732 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 15:56:43.0691 3732 mpsdrv - ok 15:56:43.0738 3732 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 15:56:43.0738 3732 MRxDAV - ok 15:56:43.0785 3732 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:56:43.0800 3732 mrxsmb - ok 15:56:43.0832 3732 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:56:43.0832 3732 mrxsmb10 - ok 15:56:43.0863 3732 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:56:43.0863 3732 mrxsmb20 - ok 15:56:43.0894 3732 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 15:56:43.0894 3732 msahci - ok 15:56:43.0941 3732 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 15:56:43.0957 3732 msdsm - ok 15:56:43.0972 3732 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 15:56:43.0988 3732 Msfs - ok 15:56:44.0019 3732 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 15:56:44.0019 3732 mshidkmdf - ok 15:56:44.0035 3732 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 15:56:44.0035 3732 msisadrv - ok 15:56:44.0082 3732 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 15:56:44.0082 3732 MSKSSRV - ok 15:56:44.0113 3732 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 15:56:44.0113 3732 MSPCLOCK - ok 15:56:44.0144 3732 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 15:56:44.0144 3732 MSPQM - ok 15:56:44.0175 3732 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 15:56:44.0175 3732 MsRPC - ok 15:56:44.0207 3732 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 15:56:44.0207 3732 mssmbios - ok 15:56:44.0222 3732 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 15:56:44.0222 3732 MSTEE - ok 15:56:44.0238 3732 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 15:56:44.0253 3732 MTConfig - ok 15:56:44.0269 3732 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 15:56:44.0269 3732 Mup - ok 15:56:44.0316 3732 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 15:56:44.0332 3732 NativeWifiP - ok 15:56:44.0566 3732 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111031.034\NAVENG.SYS 15:56:44.0566 3732 NAVENG - ok 15:56:44.0644 3732 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111031.034\NAVEX15.SYS 15:56:44.0660 3732 NAVEX15 - ok 15:56:44.0722 3732 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 15:56:44.0722 3732 NDIS - ok 15:56:44.0785 3732 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 15:56:44.0785 3732 NdisCap - ok 15:56:44.0816 3732 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 15:56:44.0816 3732 NdisTapi - ok 15:56:44.0878 3732 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 15:56:44.0878 3732 Ndisuio - ok 15:56:44.0910 3732 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 15:56:44.0910 3732 NdisWan - ok 15:56:44.0957 3732 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 15:56:44.0957 3732 NDProxy - ok 15:56:45.0019 3732 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 15:56:45.0019 3732 NetBIOS - ok 15:56:45.0066 3732 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 15:56:45.0066 3732 NetBT - ok 15:56:45.0113 3732 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 15:56:45.0113 3732 nfrd960 - ok 15:56:45.0160 3732 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 15:56:45.0160 3732 Npfs - ok 15:56:45.0191 3732 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 15:56:45.0191 3732 nsiproxy - ok 15:56:45.0253 3732 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 15:56:45.0269 3732 Ntfs - ok 15:56:45.0285 3732 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 15:56:45.0285 3732 Null - ok 15:56:45.0332 3732 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys 15:56:45.0332 3732 NVENETFD - ok 15:56:45.0628 3732 nvlddmkm (4152708c0c24e30dae7fa87d5afe1d7b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 15:56:45.0691 3732 nvlddmkm - ok 15:56:45.0769 3732 NVNET (5bf9c11586f4764446407f509f1beca8) C:\Windows\system32\DRIVERS\nvmf6232.sys 15:56:45.0769 3732 NVNET - ok 15:56:45.0847 3732 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 15:56:45.0847 3732 nvraid - ok 15:56:45.0894 3732 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 15:56:45.0894 3732 nvstor - ok 15:56:45.0925 3732 nvstor32 (e83233178dc8c0409f9aa5036bab7272) C:\Windows\system32\DRIVERS\nvstor32.sys 15:56:45.0925 3732 nvstor32 - ok 15:56:46.0035 3732 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 15:56:46.0035 3732 nv_agp - ok 15:56:46.0066 3732 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 15:56:46.0066 3732 ohci1394 - ok 15:56:46.0160 3732 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 15:56:46.0160 3732 Parport - ok 15:56:46.0191 3732 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 15:56:46.0191 3732 partmgr - ok 15:56:46.0222 3732 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 15:56:46.0222 3732 Parvdm - ok 15:56:46.0269 3732 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 15:56:46.0269 3732 pci - ok 15:56:46.0285 3732 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 15:56:46.0285 3732 pciide - ok 15:56:46.0316 3732 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 15:56:46.0316 3732 pcmcia - ok 15:56:46.0347 3732 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 15:56:46.0347 3732 pcw - ok 15:56:46.0378 3732 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 15:56:46.0378 3732 PEAUTH - ok 15:56:46.0472 3732 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 15:56:46.0472 3732 PptpMiniport - ok 15:56:46.0503 3732 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 15:56:46.0503 3732 Processor - ok 15:56:46.0566 3732 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 15:56:46.0566 3732 Psched - ok 15:56:46.0628 3732 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 15:56:46.0644 3732 ql2300 - ok 15:56:46.0675 3732 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 15:56:46.0675 3732 ql40xx - ok 15:56:46.0691 3732 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 15:56:46.0691 3732 QWAVEdrv - ok 15:56:46.0722 3732 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 15:56:46.0722 3732 RasAcd - ok 15:56:46.0769 3732 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 15:56:46.0769 3732 RasAgileVpn - ok 15:56:46.0785 3732 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:56:46.0785 3732 Rasl2tp - ok 15:56:46.0816 3732 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 15:56:46.0816 3732 RasPppoe - ok 15:56:46.0832 3732 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 15:56:46.0832 3732 RasSstp - ok 15:56:46.0894 3732 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 15:56:46.0894 3732 rdbss - ok 15:56:46.0910 3732 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 15:56:46.0910 3732 rdpbus - ok 15:56:46.0957 3732 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:56:46.0957 3732 RDPCDD - ok 15:56:46.0988 3732 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 15:56:46.0988 3732 RDPENCDD - ok 15:56:47.0003 3732 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 15:56:47.0003 3732 RDPREFMP - ok 15:56:47.0050 3732 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 15:56:47.0050 3732 RDPWD - ok 15:56:47.0082 3732 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 15:56:47.0082 3732 rdyboost - ok 15:56:47.0113 3732 rlpqmwim - ok 15:56:47.0160 3732 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 15:56:47.0160 3732 rspndr - ok 15:56:47.0222 3732 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 15:56:47.0222 3732 sbp2port - ok 15:56:47.0269 3732 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 15:56:47.0269 3732 scfilter - ok 15:56:47.0300 3732 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 15:56:47.0300 3732 secdrv - ok 15:56:47.0332 3732 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 15:56:47.0332 3732 Serenum - ok 15:56:47.0378 3732 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 15:56:47.0378 3732 Serial - ok 15:56:47.0394 3732 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 15:56:47.0410 3732 sermouse - ok 15:56:47.0441 3732 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 15:56:47.0441 3732 sffdisk - ok 15:56:47.0472 3732 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 15:56:47.0472 3732 sffp_mmc - ok 15:56:47.0488 3732 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 15:56:47.0488 3732 sffp_sd - ok 15:56:47.0519 3732 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 15:56:47.0519 3732 sfloppy - ok 15:56:47.0566 3732 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 15:56:47.0566 3732 sisagp - ok 15:56:47.0597 3732 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 15:56:47.0597 3732 SiSRaid2 - ok 15:56:47.0628 3732 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 15:56:47.0628 3732 SiSRaid4 - ok 15:56:47.0675 3732 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 15:56:47.0675 3732 Smb - ok 15:56:47.0707 3732 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 15:56:47.0707 3732 spldr - ok 15:56:47.0785 3732 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys 15:56:47.0785 3732 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505 15:56:47.0785 3732 sptd ( LockedFile.Multi.Generic ) - warning 15:56:47.0785 3732 sptd - detected LockedFile.Multi.Generic (1) 15:56:47.0925 3732 SRTSP (2c5fbf6a00a4a3dcf643e46e8acb20c2) C:\Windows\System32\Drivers\NIS\1301010.003\SRTSP.SYS 15:56:47.0941 3732 SRTSP - ok 15:56:47.0972 3732 SRTSPX (9034ea58552b55f370e5293a7175c5ac) C:\Windows\system32\drivers\NIS\1301010.003\SRTSPX.SYS 15:56:47.0972 3732 SRTSPX - ok 15:56:48.0019 3732 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 15:56:48.0019 3732 srv - ok 15:56:48.0066 3732 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 15:56:48.0066 3732 srv2 - ok 15:56:48.0097 3732 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 15:56:48.0097 3732 srvnet - ok 15:56:48.0144 3732 StarOpen - ok 15:56:48.0191 3732 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 15:56:48.0191 3732 stexstor - ok 15:56:48.0238 3732 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 15:56:48.0238 3732 swenum - ok 15:56:48.0269 3732 SYMDNS - ok 15:56:48.0300 3732 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\Windows\system32\drivers\NIS\1301010.003\SYMDS.SYS 15:56:48.0300 3732 SymDS - ok 15:56:48.0378 3732 SymEFA (a0c7005387bb6f055bb50bd8e779368b) C:\Windows\system32\drivers\NIS\1301010.003\SYMEFA.SYS 15:56:48.0394 3732 SymEFA - ok 15:56:48.0425 3732 SymEvent (98d28d08e68145fb550ee7670b43baf2) C:\Windows\system32\Drivers\SYMEVENT.SYS 15:56:48.0425 3732 SymEvent - ok 15:56:48.0441 3732 SYMFW - ok 15:56:48.0472 3732 SymIRON (39c35ddbb570e9f334f239248e4de34d) C:\Windows\system32\drivers\NIS\1301010.003\Ironx86.SYS 15:56:48.0472 3732 SymIRON - ok 15:56:48.0488 3732 SYMNDISV - ok 15:56:48.0535 3732 SymNetS (af979b363126cf54efbc46bf61b7d540) C:\Windows\System32\Drivers\NIS\1301010.003\SYMNETS.SYS 15:56:48.0535 3732 SymNetS - ok 15:56:48.0550 3732 SYMREDRV - ok 15:56:48.0644 3732 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys 15:56:48.0660 3732 Tcpip - ok 15:56:48.0691 3732 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys 15:56:48.0707 3732 TCPIP6 - ok 15:56:48.0753 3732 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 15:56:48.0753 3732 tcpipreg - ok 15:56:48.0800 3732 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 15:56:48.0816 3732 TDPIPE - ok 15:56:48.0832 3732 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 15:56:48.0832 3732 TDTCP - ok 15:56:48.0894 3732 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 15:56:48.0894 3732 tdx - ok 15:56:48.0972 3732 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 15:56:48.0972 3732 TermDD - ok 15:56:49.0035 3732 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:56:49.0035 3732 tssecsrv - ok 15:56:49.0097 3732 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 15:56:49.0097 3732 TsUsbFlt - ok 15:56:49.0144 3732 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 15:56:49.0144 3732 tunnel - ok 15:56:49.0191 3732 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 15:56:49.0191 3732 uagp35 - ok 15:56:49.0222 3732 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 15:56:49.0222 3732 udfs - ok 15:56:49.0285 3732 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 15:56:49.0285 3732 uliagpkx - ok 15:56:49.0300 3732 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 15:56:49.0316 3732 umbus - ok 15:56:49.0347 3732 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 15:56:49.0347 3732 UmPass - ok 15:56:49.0394 3732 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\drivers\usbccgp.sys 15:56:49.0394 3732 usbccgp - ok 15:56:49.0425 3732 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 15:56:49.0425 3732 usbcir - ok 15:56:49.0472 3732 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 15:56:49.0472 3732 usbehci - ok 15:56:49.0535 3732 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 15:56:49.0535 3732 usbhub - ok 15:56:49.0582 3732 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys 15:56:49.0582 3732 usbohci - ok 15:56:49.0613 3732 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 15:56:49.0613 3732 usbprint - ok 15:56:49.0660 3732 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:56:49.0660 3732 USBSTOR - ok 15:56:49.0707 3732 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys 15:56:49.0707 3732 usbuhci - ok 15:56:49.0753 3732 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 15:56:49.0753 3732 vdrvroot - ok 15:56:49.0800 3732 vflt (032a1f7357ba2c235c3ba8002d52f870) C:\Windows\system32\DRIVERS\vfilter.sys 15:56:49.0800 3732 vflt - ok 15:56:49.0816 3732 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 15:56:49.0816 3732 vga - ok 15:56:49.0847 3732 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 15:56:49.0847 3732 VgaSave - ok 15:56:49.0878 3732 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 15:56:49.0878 3732 vhdmp - ok 15:56:49.0925 3732 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 15:56:49.0925 3732 viaagp - ok 15:56:49.0941 3732 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 15:56:49.0941 3732 ViaC7 - ok 15:56:49.0988 3732 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 15:56:49.0988 3732 viaide - ok 15:56:50.0035 3732 vnet (fbd7e0a5b543480a69896811cb66a1fb) C:\Windows\system32\DRIVERS\virtualnet.sys 15:56:50.0035 3732 vnet - ok 15:56:50.0050 3732 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 15:56:50.0050 3732 volmgr - ok 15:56:50.0082 3732 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 15:56:50.0082 3732 volmgrx - ok 15:56:50.0113 3732 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 15:56:50.0113 3732 volsnap - ok 15:56:50.0160 3732 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 15:56:50.0160 3732 vsmraid - ok 15:56:50.0191 3732 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 15:56:50.0191 3732 vwifibus - ok 15:56:50.0222 3732 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 15:56:50.0222 3732 WacomPen - ok 15:56:50.0253 3732 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 15:56:50.0253 3732 WANARP - ok 15:56:50.0253 3732 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 15:56:50.0253 3732 Wanarpv6 - ok 15:56:50.0316 3732 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 15:56:50.0316 3732 Wd - ok 15:56:50.0363 3732 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 15:56:50.0363 3732 Wdf01000 - ok 15:56:50.0425 3732 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 15:56:50.0425 3732 WfpLwf - ok 15:56:50.0457 3732 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 15:56:50.0457 3732 WIMMount - ok 15:56:50.0503 3732 WINFLASH - ok 15:56:50.0613 3732 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys 15:56:50.0613 3732 WinUsb - ok 15:56:50.0644 3732 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 15:56:50.0644 3732 WmiAcpi - ok 15:56:50.0691 3732 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 15:56:50.0691 3732 ws2ifsl - ok 15:56:50.0722 3732 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 15:56:50.0738 3732 WudfPf - ok 15:56:50.0769 3732 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:56:50.0769 3732 WUDFRd - ok 15:56:50.0816 3732 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 15:56:50.0816 3732 \Device\Harddisk0\DR0 - ok 15:56:50.0832 3732 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1 15:56:50.0832 3732 \Device\Harddisk1\DR1 - ok 15:56:50.0847 3732 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2 15:56:50.0847 3732 \Device\Harddisk2\DR2 - ok 15:56:50.0863 3732 Boot (0x1200) (34dc11460f9af2de95130a0f0acc2726) \Device\Harddisk0\DR0\Partition0 15:56:50.0863 3732 \Device\Harddisk0\DR0\Partition0 - ok 15:56:50.0863 3732 Boot (0x1200) (b52e74c708fed41be9becd85c264426f) \Device\Harddisk1\DR1\Partition0 15:56:50.0863 3732 \Device\Harddisk1\DR1\Partition0 - ok 15:56:50.0878 3732 Boot (0x1200) (2748ee8b30160ee34dcf1d4b0d2934f4) \Device\Harddisk2\DR2\Partition0 15:56:50.0878 3732 \Device\Harddisk2\DR2\Partition0 - ok 15:56:50.0878 3732 ============================================================ 15:56:50.0878 3732 Scan finished 15:56:50.0878 3732 ============================================================ 15:56:50.0894 5140 Detected object count: 1 15:56:50.0894 5140 Actual detected object count: 1 15:56:56.0285 5140 sptd ( LockedFile.Multi.Generic ) - skipped by user 15:56:56.0285 5140 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 15:57:53.0441 5392 Deinitialize success Rapports de OTL OTL logfile created on: 01/11/2011 16:01:31 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Alain\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 0,79 Gb Available Physical Memory | 39,72% Memory free 4,00 Gb Paging File | 2,43 Gb Available in Paging File | 60,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 372,61 Gb Total Space | 237,62 Gb Free Space | 63,77% Space Free | Partition Type: NTFS Drive D: | 82,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 372,61 Gb Total Space | 142,70 Gb Free Space | 38,30% Space Free | Partition Type: NTFS Drive I: | 3,69 Gb Total Space | 3,67 Gb Free Space | 99,50% Space Free | Partition Type: FAT32 Computer Name: ALAIN-PC | User Name: Alain | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Alain\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe (Symantec Corporation) PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Giganews Accelerator\GiganewsAccelerator.exe (Giganews, Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Program Files\Cobian Backup 10\cbInterface.exe (Luis Cobian, CobianSoft) PRC - C:\Program Files\Cobian Backup 10\cbService.exe (Luis Cobian, CobianSoft) PRC - C:\Program Files\Cobian Backup 10\cbVSCService.exe (CobianSoft, Luis Cobian) PRC - C:\Program Files\NETASQ\NETASQ Updater\autoupdate.exe () PRC - C:\Program Files\ShrewSoft\VPN Client\dtpd.exe () PRC - C:\Program Files\ShrewSoft\VPN Client\iked.exe () PRC - C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe () PRC - C:\Program Files\Moniteur neufbox\Moniteur neufbox.exe (Nicolas Vannier) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll () MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll () MOD - C:\Program Files\WinRAR\RarExt.dll () ========== Win32 Services (SafeList) ========== SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe (Symantec Corporation) SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (CobianBackup10) -- C:\Program Files\Cobian Backup 10\cbService.exe (Luis Cobian, CobianSoft) SRV - (cbVSCService) -- C:\Program Files\Cobian Backup 10\cbVSCService.exe (CobianSoft, Luis Cobian) SRV - (NETASQ Updater) -- C:\Program Files\NETASQ\NETASQ Updater\autoupdate.exe () SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (dtpd) -- C:\Program Files\ShrewSoft\VPN Client\dtpd.exe () SRV - (iked) -- C:\Program Files\ShrewSoft\VPN Client\iked.exe () SRV - (ipsecd) -- C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe () SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111031.034\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111031.034\NAVENG.SYS (Symantec Corporation) DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20111028.030\IDSvix86.sys (Symantec Corporation) DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111014.001\BHDrvx86.sys (Symantec Corporation) DRV - (ccSet_NIS) -- C:\Windows\system32\drivers\NIS\1301010.003\ccSetx86.sys (Symantec Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (SRTSP) -- C:\Windows\System32\Drivers\NIS\1301010.003\SRTSP.SYS (Symantec Corporation) DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1301010.003\SRTSPX.SYS (Symantec Corporation) DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1301010.003\SYMEFA.SYS (Symantec Corporation) DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (SymNetS) -- C:\Windows\System32\Drivers\NIS\1301010.003\SYMNETS.SYS (Symantec Corporation) DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1301010.003\SYMDS.SYS (Symantec Corporation) DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1301010.003\Ironx86.SYS (Symantec Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys () DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (vflt) -- C:\Windows\System32\drivers\vfilter.sys (Shrew Soft Inc) DRV - (vnet) -- C:\Windows\System32\drivers\virtualnet.sys (Shrew Soft Inc) DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation) DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = Le Complément de recherche d'Internet Explorer 6 n'est plus pris en charge. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3C 5C 37 71 97 54 CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Alain\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Alain\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\ [2011/10/30 19:21:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\ [2011/11/01 12:12:35 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/11/29 23:50:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alain\AppData\Roaming\mozilla\Extensions [2010/11/29 23:50:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alain\AppData\Roaming\mozilla\Extensions\MediaCoder-Setup-Wizard ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Alain\AppData\Local\Google\Chrome\Application\14.0.835.187\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = F:\PFiles\Plugins\np-mswmp.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Alain\AppData\Local\Google\Chrome\Application\14.0.835.187\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Alain\AppData\Local\Google\Chrome\Application\14.0.835.187\pdf.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: Google Update (Enabled) = C:\Users\Alain\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2010/05/03 18:02:38 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\IPS\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\CoIEPlg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [Cobian Backup 10 Interface] C:\Program Files\Cobian Backup 10\cbInterface.exe (Luis Cobian, CobianSoft) O4 - Startup: C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Moniteur neufbox.lnk = C:\Program Files\Moniteur neufbox\Moniteur neufbox.exe (Nicolas Vannier) O4 - Startup: C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) O4 - Startup: C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VyprVPN - Raccourci.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Envoyer à OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2512F390-1BBF-4560-8598-0A358D92B9F8}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2512F390-1BBF-4560-8598-0A358D92B9F8}: NameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: MsMpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: MsMpSvc - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found ========== Files/Folders - Created Within 30 Days ========== [2011/11/01 15:58:59 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Alain\Desktop\OTL.exe [2011/11/01 12:26:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP [2011/11/01 12:01:05 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011/11/01 11:57:59 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\Adobe [2011/11/01 11:23:25 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\Alain\Desktop\ATF-Cleaner.exe [2011/11/01 11:12:32 | 000,000,000 | ---D | C] -- C:\ZHP [2011/11/01 11:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag [2011/11/01 10:02:59 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{2EEF971B-1E03-4F02-8D7D-8CF8B99CC960} [2011/11/01 10:02:42 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{C28C6846-B0C8-4213-80EA-F420851B177B} [2011/10/31 11:53:19 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{8571C003-4DC2-42F6-9474-1FA59DD36E7F} [2011/10/31 11:53:04 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{242177CB-5F4B-4D57-9E14-EAF93E5C91CE} [2011/10/31 08:36:51 | 000,000,000 | ---D | C] -- C:\Users\Alain\Desktop\A copier [2011/10/30 23:52:36 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{EC1039C8-400C-423D-9D99-F3D1551EE811} [2011/10/30 23:52:29 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{D83F4AE7-5469-4FB0-8153-2CFAF89797F3} [2011/10/30 10:44:11 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{87DC273E-7A41-40BE-A2CA-FC805D2647D1} [2011/10/30 10:44:04 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{B2089892-D12D-4702-8B21-D37A13DD94C6} [2011/10/29 17:37:06 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{30F34706-A7CD-492D-B451-B703F52C998B} [2011/10/29 17:36:59 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{5CEC3454-1BA6-4C14-A6C0-BCC6C3F6EA26} [2011/10/27 21:52:16 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{16670E59-B28A-4045-946C-AE4A8F8570A0} [2011/10/27 21:51:58 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{E29B0E3E-54CD-4A19-A454-956B1023B34D} [2011/10/26 21:49:05 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{B05B09E9-E6E4-4BC8-9908-2176D58BEC14} [2011/10/26 21:49:02 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{6C088FEE-A441-4E84-973B-5A79B908B01F} [2011/10/24 20:36:52 | 000,000,000 | ---D | C] -- C:\Site LP Bis [2011/10/24 20:36:43 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{FA67AC26-0B34-4826-9705-60ABF3A0FB44} [2011/10/24 20:36:37 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{BB06DB64-D522-454B-A191-685DA10A18DD} [2011/10/23 18:47:23 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{8E45344C-0772-4EEF-9279-7837A5DAEC50} [2011/10/23 18:47:15 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{5E21EE7E-5211-4B18-BAF5-B18FFFB22E18} [2011/10/22 10:34:02 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{11A8BE26-A0F4-4D40-8982-E7E785F3A0EF} [2011/10/22 10:33:54 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{131B196A-2DA3-4F96-9619-023B815B52C2} [2011/10/21 18:38:24 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{0C510D7D-4613-4424-A280-FBF79DCB506F} [2011/10/21 18:38:19 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{E99359E7-C357-4AF4-BCB9-E8C29F96F178} [2011/10/20 21:40:53 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{55DFDD33-DF10-44A6-BF84-4B49F1C66F37} [2011/10/20 21:40:48 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{1D4B255D-9138-497F-B170-BCAE88B138F7} [2011/10/18 20:45:27 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{6C866337-C0EF-43E0-9E77-D7981A496EC9} [2011/10/18 20:45:15 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{05C36271-C9EB-43C3-B9B2-E3072E742B99} [2011/10/17 21:21:13 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{C715C641-9D54-41C7-8E66-0AAA2B313622} [2011/10/17 21:20:56 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{D9F855F4-9BFD-44F7-8CC5-EF00577FBC56} [2011/10/16 11:05:53 | 000,000,000 | ---D | C] -- C:\Users\Alain\Desktop\Foulée 2011 HD [2011/10/16 11:00:10 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{C10B3F60-E0A8-4610-B248-5E01698BF053} [2011/10/16 11:00:04 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{CDDF8012-CCB3-4EF6-89DA-F67A2FC1F516} [2011/10/15 05:22:10 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{8A2E8BBF-000B-4EC9-9767-4CAE2C28FBE8} [2011/10/15 05:21:58 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{892112FD-2A6A-4F0C-9186-2E56D9854F14} [2011/10/14 02:06:40 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011/10/14 02:06:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011/10/14 02:06:38 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011/10/14 02:06:38 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011/10/14 02:06:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011/10/13 20:35:39 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2011/10/13 20:35:39 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax [2011/10/13 20:35:15 | 002,334,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011/10/13 20:14:04 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{262121F2-4604-4B6A-9EC1-CEAD055E96B5} [2011/10/13 20:13:58 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{1152C3A9-4006-4A66-A8B3-0F4BDE20CDC4} [2011/10/09 09:36:41 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{26EC5732-DB9B-4755-91A6-70BD5CFC3BC1} [2011/10/09 09:36:37 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{30C029C3-30CE-49C4-A556-0C324A7E7363} [2011/10/08 17:36:28 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{986592F1-C064-490B-A274-9EE969E33F16} [2011/10/08 17:36:25 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{E8ED120F-3996-4845-96C7-5EB6634D4A58} [2011/10/08 10:39:16 | 016,595,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2011/10/08 10:39:16 | 010,304,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2011/10/08 10:39:16 | 000,875,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco32.dll [2011/10/08 10:39:16 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011/10/08 10:39:15 | 017,193,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2011/10/08 10:39:15 | 005,404,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2011/10/08 10:39:15 | 002,391,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2011/10/08 10:39:15 | 002,090,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2011/10/08 10:39:15 | 000,914,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll [2011/10/08 05:36:01 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{7138CA8F-303C-4E7C-9231-621BC15DBFA6} [2011/10/08 05:35:55 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{2A420AD5-1815-413A-B9E6-8779BD018C5B} [2011/10/04 20:55:02 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{E49E2744-D41E-4818-912B-CA0EF3D091C7} [2011/10/04 20:54:57 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{C56D2017-9AB7-4063-93F2-84A25FB725F8} [2011/10/03 21:39:43 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{86839E3B-E1AE-4BF5-81A4-4640B50D94AA} [2011/10/03 21:39:39 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{3617C795-65AA-4044-8FA6-55057EEBE118} [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011/11/01 16:03:45 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2011/11/01 15:59:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Alain\Desktop\OTL.exe [2011/11/01 15:59:02 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1031263749-3106254363-3016180105-1001UA.job [2011/11/01 13:16:20 | 000,022,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/11/01 13:16:20 | 000,022,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/11/01 12:43:39 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin [2011/11/01 12:26:03 | 000,000,920 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk [2011/11/01 12:26:03 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk [2011/11/01 12:26:03 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2011/11/01 12:19:32 | 000,708,614 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2011/11/01 12:19:32 | 000,619,952 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011/11/01 12:19:32 | 000,132,628 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2011/11/01 12:19:32 | 000,108,134 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011/11/01 12:12:27 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2011/11/01 12:12:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/11/01 12:11:49 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys [2011/11/01 11:23:46 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\Alain\Desktop\ATF-Cleaner.exe [2011/10/31 22:13:02 | 000,007,611 | ---- | M] () -- C:\Users\Alain\AppData\Local\Resmon.ResmonCfg [2011/10/30 22:59:01 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1031263749-3106254363-3016180105-1001Core.job [2011/10/30 18:41:44 | 000,004,782 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1301010.003\VT20111023.024 [2011/10/30 18:19:40 | 000,001,250 | ---- | M] () -- C:\Users\Alain\Desktop\Fichiers d’installation Norton.lnk [2011/10/30 18:19:35 | 000,002,374 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk [2011/10/30 18:19:09 | 001,348,541 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1301010.003\Cat.DB [2011/10/30 18:14:31 | 000,127,096 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS [2011/10/30 18:14:31 | 000,007,510 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT [2011/10/30 18:14:31 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF [2011/10/30 17:05:21 | 000,001,470 | ---- | M] () -- C:\Users\Alain\Desktop\PopCorn.lnk [2011/10/30 11:40:13 | 000,000,931 | ---- | M] () -- C:\Users\Alain\Application Data\Microsoft\Internet Explorer\Quick Launch\NewsLeecher.lnk [2011/10/30 11:40:13 | 000,000,907 | ---- | M] () -- C:\Users\Alain\Desktop\NewsLeecher.lnk [2011/10/28 05:17:37 | 000,026,074 | ---- | M] () -- C:\index.php [2011/10/28 05:14:25 | 000,001,204 | ---- | M] () -- C:\.htaccess [2011/10/24 22:17:16 | 000,000,600 | ---- | M] () -- C:\Users\Alain\AppData\Local\PUTTY.RND [2011/10/21 18:42:54 | 1475,164,527 | ---- | M] () -- C:\Users\Alain\Desktop\Foul2011HD.zip [2011/10/14 04:37:10 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011/10/14 02:25:36 | 000,437,840 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011/10/08 14:16:00 | 000,001,827 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011/11/01 16:03:45 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2011/11/01 12:26:03 | 000,000,920 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk [2011/11/01 12:26:03 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk [2011/11/01 12:26:02 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk [2011/11/01 11:32:56 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin [2011/10/30 17:39:45 | 000,001,250 | ---- | C] () -- C:\Users\Alain\Desktop\Fichiers d’installation Norton.lnk [2011/10/30 17:05:21 | 000,001,470 | ---- | C] () -- C:\Users\Alain\Desktop\PopCorn.lnk [2011/10/28 05:17:36 | 000,026,074 | ---- | C] () -- C:\index.php [2011/10/24 21:23:35 | 000,001,204 | ---- | C] () -- C:\.htaccess [2011/10/21 18:39:38 | 1475,164,527 | ---- | C] () -- C:\Users\Alain\Desktop\Foul2011HD.zip [2010/10/30 18:21:55 | 000,000,028 | ---- | C] () -- C:\Windows\v2d.INI [2010/02/06 19:45:17 | 000,000,334 | ---- | C] () -- C:\Users\Alain\AppData\Roaming\burnaware.ini [2010/01/31 09:09:19 | 000,000,600 | ---- | C] () -- C:\Users\Alain\AppData\Local\PUTTY.RND [2010/01/16 16:31:22 | 000,000,403 | ---- | C] () -- C:\Windows\CD Jaquette.ini [2009/12/05 18:26:03 | 000,000,608 | ---- | C] () -- C:\Users\Alain\AppData\Roaming\AutoGK.ini [2009/12/05 18:12:38 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2009/11/22 18:29:01 | 000,007,611 | ---- | C] () -- C:\Users\Alain\AppData\Local\Resmon.ResmonCfg [2009/11/08 13:03:55 | 000,005,120 | ---- | C] () -- C:\Users\Alain\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/11/07 18:00:22 | 000,006,136 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin [2009/11/07 16:59:07 | 000,003,548 | ---- | C] () -- C:\Windows\System32\drivers\WinFlash.sys [2009/10/27 21:46:18 | 000,175,104 | ---- | C] () -- C:\Users\Alain\AppData\Roaming\SQLite3.dll [2009/08/04 17:43:40 | 000,213,024 | ---- | C] () -- C:\Windows\System32\drivers\nvstor32.sys [2009/07/14 09:39:49 | 000,708,614 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2009/07/14 09:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2009/07/14 09:39:49 | 000,132,628 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2009/07/14 09:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 05:33:53 | 000,437,840 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009/07/14 03:05:48 | 000,619,952 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009/07/14 03:05:48 | 000,108,134 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2002/10/15 23:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll ========== LOP Check ========== [2010/01/16 16:40:49 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Acoustica [2011/06/18 10:54:33 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Broad Intelligence [2010/07/30 17:39:16 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Canneverbe Limited [2009/12/13 11:01:19 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\DAEMON Tools Lite [2010/11/29 23:38:33 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Dr. DivX 2.0 OSS [2009/10/27 21:36:52 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\ESET [2009/12/25 23:09:57 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Felix_Deimel [2011/11/01 15:59:46 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\FileZilla [2009/12/20 18:40:46 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Icones [2009/10/27 22:09:47 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\IrfanView [2010/11/06 12:50:52 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Mimo [2011/11/01 12:12:57 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Moniteur neufbox [2010/01/05 20:53:06 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Netasq [2011/10/31 11:47:40 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\NewsLeecher [2009/10/26 23:27:16 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\OpenOffice.org [2011/02/20 11:32:44 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\TeamViewer [2010/02/07 16:20:59 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\TuneUp Software [2010/10/24 18:02:44 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Windows Live Writer [2011/07/27 07:10:41 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < hklm\software\clients\startmenuinternet|command /rs > HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Alain\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2011/10/26 09:10:47 | 001,036,344 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Alain\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2011/10/26 09:10:47 | 001,036,344 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Alain\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/10/26 09:10:47 | 001,036,344 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Alain\AppData\Local\Google\Chrome\Application\chrome.exe" [2011/10/26 09:10:47 | 001,036,344 | ---- | M] (Google Inc.) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/03/30 21:02:28 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/03/30 21:02:28 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/03/30 21:02:28 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/03/30 21:02:29 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/03/30 21:02:29 | 000,748,336 | ---- | M] (Microsoft Corporation) < nslookup www.google.fr /c > Serveur : neufbox Address: 192.168.1.1 Nom : www.l.google.com Addresses: 74.125.39.105 74.125.39.103 74.125.39.106 74.125.39.147 74.125.39.99 74.125.39.104 Aliases: WWW.GOOGLE.FR www.google.com < %systemroot%\system32\drivers\*.sys /lockedfiles > [2009/12/13 10:58:58 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys < %APPDATA%\*.exe /s > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys < MD5 for: ATAPI.SYS > [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys < MD5 for: CDROM.SYS > [2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys [2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys [2010/11/20 00:38:12 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys [2010/11/20 00:38:12 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys [2010/11/20 00:38:12 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys < MD5 for: CNGAUDIT.DLL > [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: CTFMON.EXE > [2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\System32\ctfmon.exe [2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe < MD5 for: DISK.SYS > [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys < MD5 for: DWM.EXE > [2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=505BF4D1CADEB8D4F8BCD08D944DE25D -- C:\Windows\System32\dwm.exe [2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=505BF4D1CADEB8D4F8BCD08D944DE25D -- C:\Windows\winsxs\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7600.16385_none_8d79ea381e8590a8\dwm.exe [2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=505BF4D1CADEB8D4F8BCD08D944DE25D -- C:\Windows\winsxs\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_8faafe001b741442\dwm.exe < MD5 for: EXPLORER.EXE > [2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe [2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2010/11/20 04:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe < MD5 for: IASTORV.SYS > [2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys [2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys [2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys [2011/03/11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys [2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys [2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys [2010/11/20 04:29:56 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys [2010/11/20 04:29:56 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys [2011/03/11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys < MD5 for: NDIS.SYS > [2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys [2010/11/20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys [2010/11/20 04:30:08 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys [2010/11/20 04:30:08 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys < MD5 for: NETLOGON.DLL > [2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [2010/11/20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll [2010/11/20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys [2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys [2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys [2011/03/11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys [2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys [2011/03/11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys [2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [2010/11/20 04:30:08 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys [2010/11/20 04:30:08 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: NVSTOR32.SYS > [2009/08/04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_40ee9c3d357e7b66\nvstor32.sys [2009/12/24 19:00:04 | 000,213,024 | ---- | M] () MD5=E83233178DC8C0409F9AA5036BAB7272 -- C:\Windows\System32\drivers\nvstor32.sys < MD5 for: RASACD.SYS > [2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\System32\drivers\rasacd.sys [2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_0fb054d9c6a6b4d4\rasacd.sys < MD5 for: RDPCLIP.EXE > [2010/11/20 13:17:31 | 000,173,568 | ---- | M] (Microsoft Corporation) MD5=5505592313B74F2E2C8727837750F66D -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7601.17514_none_03dd7a8e696443c0\rdpclip.exe [2010/11/20 04:17:32 | 000,173,568 | ---- | M] (Microsoft Corporation) MD5=5505592313B74F2E2C8727837750F66D -- C:\Windows\winsxs\x86_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7601.17514_none_03dd7a8e696443c0\rdpclip.exe [2009/07/14 02:14:30 | 000,172,032 | ---- | M] (Microsoft Corporation) MD5=7803379918DAFEDA5711390E1F83B829 -- C:\Windows\winsxs\x86_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7600.16385_none_01ac66c66c75c026\rdpclip.exe < MD5 for: RDPWD.SYS > [2010/11/20 11:22:29 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=288B06960D78428FF89E811632684E20 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_4d7cf2333344a165\rdpwd.sys [2010/11/20 02:22:30 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=288B06960D78428FF89E811632684E20 -- C:\Windows\System32\drivers\rdpwd.sys [2010/11/20 02:22:30 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=288B06960D78428FF89E811632684E20 -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_4d7cf2333344a165\rdpwd.sys [2009/07/14 01:01:55 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=801371BA9782282892D00AADB08EE367 -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_4b4bde6b36561dcb\rdpwd.sys < MD5 for: SCECLI.DLL > [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll [2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll [2010/11/20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll [2010/11/20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll < MD5 for: SFLOPPY.SYS > [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\drivers\sfloppy.sys [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_x86_neutral_2102f5344367a352\sfloppy.sys [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_e6e06650dbcf54b4\sfloppy.sys < MD5 for: SPTD.SYS > [2009/12/13 10:58:58 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys < MD5 for: TASKENG.EXE > [2010/11/02 05:24:43 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=41C52AF44FB96BDDB1EFB25D2D943BBA -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_e63d55df39278cc6\taskeng.exe [2010/11/20 13:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe [2010/11/20 04:17:48 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\System32\taskeng.exe [2010/11/20 04:17:48 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe [2009/07/14 02:14:42 | 000,190,464 | ---- | M] (Microsoft Corporation) MD5=DE5DACEBD4C89834EC6D2C41C8643CDA -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_e582a352202e02c8\taskeng.exe [2010/11/02 05:34:44 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=F8952E80B7F778DA2F7AA8393CA2D30E -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_e57bda4020327b8a\taskeng.exe < MD5 for: TASKHOST.EXE > [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=7FA8BA5A780E4757964AC9D4238302B9 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_2a461244b897f204\taskhost.exe [2010/11/20 04:17:48 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=7FA8BA5A780E4757964AC9D4238302B9 -- C:\Windows\System32\taskhost.exe [2010/11/20 04:17:48 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=7FA8BA5A780E4757964AC9D4238302B9 -- C:\Windows\winsxs\x86_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_2a461244b897f204\taskhost.exe [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=8F4F5A5C1BAE72CE6EAEEA1CA3F98CA2 -- C:\Windows\winsxs\x86_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7600.16385_none_2814fe7cbba96e6a\taskhost.exe < MD5 for: TCPIP.SYS > [2011/04/25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys [2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\System32\drivers\tcpip.sys [2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys [2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys [2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys [2010/11/20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys [2010/11/20 04:30:14 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys [2010/04/09 08:16:33 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys [2010/04/09 08:24:54 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys [2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys [2011/04/25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys [2011/06/21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys [2010/06/14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys [2010/06/14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys [2011/06/21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys [2011/06/21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys < MD5 for: TDPIPE.SYS > [2009/07/14 01:01:37 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1875C1490D99E70E449E3AFAE9FCBADF -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_db828d8fa60ad848\tdpipe.sys [2010/11/20 11:21:10 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=1CB91B2BD8F6DD367DFC2EF26FD751B2 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdpipe.sys [2010/11/20 02:21:12 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=1CB91B2BD8F6DD367DFC2EF26FD751B2 -- C:\Windows\System32\drivers\tdpipe.sys [2010/11/20 02:21:12 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=1CB91B2BD8F6DD367DFC2EF26FD751B2 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdpipe.sys < MD5 for: TDTCP.SYS > [2010/11/20 11:21:10 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=2C10395BAA4847F83042813C515CC289 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdtcp.sys [2010/11/20 02:21:12 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=2C10395BAA4847F83042813C515CC289 -- C:\Windows\System32\drivers\tdtcp.sys [2010/11/20 02:21:12 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=2C10395BAA4847F83042813C515CC289 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdtcp.sys [2009/07/14 01:01:37 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=7551E91EA999EE9A8E9C331D5A9C31F3 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_db828d8fa60ad848\tdtcp.sys < MD5 for: USBPRINT.SYS > [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\drivers\usbprint.sys [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_x86_neutral_203e16627752a160\usbprint.sys [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_32d0188e22bd908f\usbprint.sys < MD5 for: USBSCAN.SYS > [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_x86_neutral_6a74c91c1f723826\usbscan.sys [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_59b5278c421a3644\usbscan.sys < MD5 for: USERINIT.EXE > [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010/11/20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010/11/20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: VOLSNAP.SYS > [2009/07/14 02:19:10 | 000,245,328 | ---- | M] (Microsoft Corporation) MD5=58DF9D2481A56EDDE167E51B334D44FD -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_158d0da45d68903e\volsnap.sys [2010/11/20 13:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys [2010/11/20 04:30:18 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\drivers\volsnap.sys [2010/11/20 04:30:18 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys [2010/11/20 04:30:18 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys < MD5 for: WININIT.EXE > [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2010/11/20 04:17:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010/11/20 04:17:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2011/03/30 21:02:28 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll [2011/03/30 21:02:28 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll [2011/03/30 21:02:28 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll [1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > ========== Files - Unicode (All) ========== [2009/01/12 19:49:36 | 000,015,062 | ---- | M] ()(C:\Users\Alain\Documents\demande de d?grevement 3) -- C:\Users\Alain\Documents\demande de d�grevement 3 [2009/01/12 19:44:38 | 000,015,062 | ---- | C] ()(C:\Users\Alain\Documents\demande de d?grevement 3) -- C:\Users\Alain\Documents\demande de d�grevement 3 [2008/12/23 06:30:11 | 000,014,812 | ---- | M] ()(C:\Users\Alain\Documents\R?clamation TPLM) -- C:\Users\Alain\Documents\R�clamation TPLM [2008/12/23 06:30:11 | 000,014,812 | ---- | C] ()(C:\Users\Alain\Documents\R?clamation TPLM) -- C:\Users\Alain\Documents\R�clamation TPLM [2008/12/21 18:15:40 | 000,015,057 | ---- | M] ()(C:\Users\Alain\Documents\R?clamation planet saturn) -- C:\Users\Alain\Documents\R�clamation planet saturn [2008/12/21 18:02:19 | 000,015,057 | ---- | C] ()(C:\Users\Alain\Documents\R?clamation planet saturn) -- C:\Users\Alain\Documents\R�clamation planet saturn [2008/10/27 21:50:57 | 000,018,253 | ---- | M] ()(C:\Users\Alain\Documents\demande d?grevement1.odt) -- C:\Users\Alain\Documents\demande d�grevement1.odt [2008/10/27 21:48:03 | 000,014,990 | ---- | M] ()(C:\Users\Alain\Documents\demande d?grevement2.odt) -- C:\Users\Alain\Documents\demande d�grevement2.odt [2008/10/27 21:48:03 | 000,014,990 | ---- | C] ()(C:\Users\Alain\Documents\demande d?grevement2.odt) -- C:\Users\Alain\Documents\demande d�grevement2.odt [2008/10/27 21:40:17 | 000,018,253 | ---- | C] ()(C:\Users\Alain\Documents\demande d?grevement1.odt) -- C:\Users\Alain\Documents\demande d�grevement1.odt < End of report > OTL Extras logfile created on: 01/11/2011 16:01:31 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Alain\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,00 Gb Total Physical Memory | 0,79 Gb Available Physical Memory | 39,72% Memory free 4,00 Gb Paging File | 2,43 Gb Available in Paging File | 60,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 372,61 Gb Total Space | 237,62 Gb Free Space | 63,77% Space Free | Partition Type: NTFS Drive D: | 82,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 372,61 Gb Total Space | 142,70 Gb Free Space | 38,30% Space Free | Partition Type: NTFS Drive I: | 3,69 Gb Total Space | 3,67 Gb Free Space | 99,50% Space Free | Partition Type: FAT32 Computer Name: ALAIN-PC | User Name: Alain | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20187EBD-71B1-4913-AEFF-6E2E2A444434}" = Giganews Accelerator "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 24 "{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{466A3335-4DEC-484A-8BC2-A96F8618291A}" = SmartViewer3.0 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010 "{90140000-0015-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010 "{90140000-0016-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010 "{90140000-0018-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010 "{90140000-0019-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010 "{90140000-001A-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010 "{90140000-001B-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010 "{90140000-001F-0401-0000-0000000FF1CE}_Office14.SingleImage_{1A43C155-3DDA-43C9-92C5-0E7D0B2B156D}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010 "{90140000-001F-0413-0000-0000000FF1CE}_Office14.SingleImage_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010 "{90140000-002C-040C-0000-0000000FF1CE}_Office14.SingleImage_{C8E4AA87-3E5A-4C70-8CB7-43FE25C99B74}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010 "{90140000-006E-040C-0000-0000000FF1CE}_Office14.SingleImage_{7C5C7E8C-F6D2-43AC-93A4-89E4FF7367E6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010 "{90140000-00A1-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Français "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 280.26 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 280.26 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Pilote du contrôleur 3D Vision 280.19 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 1.4.28 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "7-Zip" = 7-Zip 9.17 beta "845CCCCA-B77C-43EA-9A43-62DACEA4F902" = DreamStream E2 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe SVG Viewer" = Adobe SVG Viewer 3.0 "BurnAware Free_is1" = BurnAware Free 3.3.1 "CCleaner" = CCleaner "CobBackup10" = Cobian Backup 10 "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Defraggler" = Defraggler "FileZilla Client" = FileZilla Client 3.5.1 "Free MKV Video2Dvd 3.20_is1" = Free MKV Video2Dvd 3.20 "Image HTML Integrator_is1" = Image HTML Integrator 3.27 "IrfanView" = IrfanView (remove only) "MakeMKV" = MakeMKV v1.4.10_beta "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Mimo" = Mimo "mRemote" = mRemote "NETASQ Administration Suite_8.1" = NETASQ Administration Suite 8.1 "NETASQUpdater" = NETASQ Updater "NewsLeecher_is1" = NewsLeecher v5.0 Beta 7 "NIS" = Norton Internet Security "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver "Office14.SingleImage" = Microsoft Office Famille et Étudiant 2010 "Picasa 3" = Picasa 3 "QuickPar" = QuickPar 0.9 "Shrew Soft VPN Client" = Shrew Soft VPN Client "TeamViewer 6" = TeamViewer 6 "VLC media player" = VLC media player 1.1.11 "VobSub" = VobSub 2.23 "WinLiveSuite" = Windows Live "WinRAR archiver" = WinRAR "ZHPDiag_is1" = ZHPDiag 1.28 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Moniteur neufbox" = Moniteur neufbox "WinDirStat" = WinDirStat 1.1.2 ========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt! < End of report >

Bonjour, Merci, c'est fait Zorbec

Bonjour, Bleuet m'a conseillé de poster un message dans cette section, car mon PC semble infecté. Il y aurait : Le Crapware.SpyHunter, du FakeAlert, et TDL4 (TDSS Rootkit)? et voir si +. Merci pour votre aide Voici le lien vers ce post : Post Et le texte du post d'origine: Voici ma config : WIn 7 familial Prémium CM ABIT KN9 Ultra Proc AMD 64 X2 4200 2 Go de mémoire DD Samsung 400 Go Je trouve que mon PC commence à ramer un peu. Windows est à jour. J'utilise CCleaner et Deffragler régulierement. MBM est exécuté régulierement. Norton 2012 est mon antivirus. J'ai posté le rapport ZHPDiag ici : Rapport Merci

Bonjour, Voici ma config : WIn 7 familial Prémium CM ABIT KN9 Ultra Proc AMD 64 X2 4200 2 Go de mémoire DD Samsung 400 Go Je trouve que mon PC commence à ramer un peu. Windows est à jour. J'utilise CCleaner et Deffragler régulierement. MBM est exécuté régulierement. Norton 2012 est mon antivirus. J'ai posté le rapport ZHPDiag ici : Cijoint.fr - Service gratuit de dépôt de fichiers Si quelqu'un peut jeter un oeil et voir si il y des pistes d'améliorations? Merci

Je te remercie. Je ne pourrai faire la suite qu'en début de semaine prochaine. Mais ça va déja beaucoup mieux Bon WE

Voici le résultat: Rapport de ZHPFix 1.12.3361 par Nicolas Coolman, Update du 06/09/2011 Fichier d'export Registre : Run by Philippe Neu at 9/23/2011 5:14:15 PM Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601) Web site : ZHPFix Fix de rapport ========== Clé(s) du Registre ========== SUPPRIME Key: HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E} ========== Récapitulatif ========== 1 : Clé(s) du Registre End of clean in 00mn AMs ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 9/23/2011 5:14:15 PM [554] Merci