Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

zool62

zool62

Par zool62
dans Sécurisation, prévention

 Partager

Messages recommandés

zool62 Member

zool62

Posté(e)
  • Auteur
Posté(e) (modifié)

suite a une mise a jour de l antivirus j"ai plus de problème donc pour moi c résolut merci encore pour ton aide :)

bon désolé j'ai parlé trop vite sniff

Modifié par zool62

WawaSeb Godlike Member

WawaSeb

Posté(e)
Posté(e)

Bonsoir zool62,

 

*** Si je comprends bien, ton souci est aléatoire... et ne se produit pas chaque fois !? ***

 

 

1) Relance Firefox, et copie-colle ceci (en bleu, sans les guillemets) dans la barre d'adresse "about:crashes", puis appuie sur la touche ENTREE.

 

2) Envoie-moi le résultat.

 

 

# Que se passe-t-il si tu désactives "Kaspersky url advisor 11.0.0.232" ? Mozilla se ferme-t-il ?

 

 

@ te lire,

:hello2:

zool62 Member

zool62

Posté(e)
  • Auteur
Posté(e)

re voici le résultat :

Rapports de plantage envoyés

 

 

Identifiant du rapport

Date de soumission

 

 

Aucun rapport de plantage n'a été envoyé.

pour Kaspersky url advisor 11.0.0.232 non activé ou pas rien ne change.

@+

WawaSeb Godlike Member

WawaSeb

Posté(e)
Posté(e)

Bonsoir zool62,

 

*** Je viens d'installer KIS 2011 sur un PC doté de Windows 7... ***

 

... et cela fonctionne !

 

 

Avant de poursuivre, assure-moi stp que :

 

1) tu n'as bien qu'un seul antivirus installé sur ton poste.

2) lors des tests, tu as travaillé avec les autres programmes fermés.

3) tu n'as jamais utilisé de "nettoyeur de registre" (CCleaner, Registry Cleaner, Registry Mechanic, ...) sur cette machine.

 

 

Vérifions maintenant que ton micro n'est pas infecté :

 

1) Télécharge OTL de OldTimer : http://oldtimer.geekstogo.com/OTL.exe

  • Enregistre le fichier sur ton bureau.
  • Clique avec le bouton droit de la souris (choisis "Exécuter en tant qu'Administrateur) sur OTL.exe pour le lancer (l'extension peut ne pas apparaître).
  • Coche la case Tous les utilisateurs comme indiqué sur l'image.
    otl1.JPG
  • Fais de même avec Recherche Lop et Recherche Purity.
    otl2.JPG
     
  • Clique ensuite sur Analyse puis patiente pendant qu'il scanne le registre et les fichiers.
  • Un texte s'ouvre alors (il s'appelle "OTL.txt"), c'est le rapport... que tu "copies-colles" dans ta prochaine réponse.

 

Note : Si le rapport (qui est sauvegardé sur le bureau) est trop long, tu peux le mettre en plusieurs messages

 

 

2) Télécharge gmer

  • Déconnecte-toi d'internet si possible et ferme tous les programmes.
  • Décompresse le fichier zip, renomme gmer.exe en zool.exe et clique avec le bouton droit de la souris (choisis "Exécuter en tant qu'Administrateur) sur zool.exe
  • Clique sur l'onglet "rootkit" et ensuite sur Scan
  • Lorsque le scan est terminé, choisis "copy"
  • Ouvre le bloc-note et clique dans le menu Edition sur Coller
  • Le rapport doit alors apparaître.
  • Enregistre le fichier sur ton bureau et copie/colle son contenu ici

 

@ te lire,

:bigglasses:

zool62 Member

zool62

Posté(e)
  • Auteur
Posté(e)

OTL logfile created on: 20/07/2010 12:14:34 - Run 3

OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\zooleric\Desktop

Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 69,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 288,76 Gb Total Space | 139,89 Gb Free Space | 48,44% Space Free | Partition Type: NTFS

Drive D: | 9,33 Gb Total Space | 1,62 Gb Free Space | 17,40% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: PC-DE-ZOOLERIC

Current User Name: zooleric

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

========== Processes (SafeList) ==========

 

PRC - [2010/07/20 10:47:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\zooleric\Desktop\OTL.exe

PRC - [2010/07/01 21:34:46 | 000,129,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtblfs.exe

PRC - [2010/06/27 17:24:53 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe

PRC - [2010/06/27 17:24:52 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2010/03/23 14:53:06 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe

PRC - [2010/03/23 14:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe

PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

PRC - [2009/11/12 10:30:32 | 000,486,216 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe

PRC - [2009/11/12 10:28:40 | 001,021,256 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

PRC - [2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/10/05 13:05:24 | 000,080,456 | ---- | M] (Online Media Technologies Ltd.) -- C:\Program Files\AVS4YOU\AVSFirewall\AVSFirewallService.exe

PRC - [2009/09/26 01:30:56 | 001,488,128 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodag.exe

PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

PRC - [2009/07/14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2009/03/02 18:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe

PRC - [2008/04/27 22:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe

PRC - [2008/04/26 01:15:26 | 000,361,808 | ---- | M] () -- C:\Windows\SMINST\BLService.exe

PRC - [2008/03/12 19:24:52 | 000,699,456 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe

PRC - [2008/03/12 19:24:52 | 000,302,144 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe

PRC - [2007/07/12 12:43:50 | 000,226,904 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010/07/20 10:47:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\zooleric\Desktop\OTL.exe

MOD - [2009/07/14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll

MOD - [2009/07/14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll

MOD - [2009/07/14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll

MOD - [2009/07/14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll

MOD - [2009/07/14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll

MOD - [2009/07/14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll

MOD - [2009/07/14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll

MOD - [2009/07/14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll

MOD - [2009/07/14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll

MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

MOD - [2008/03/12 19:24:50 | 000,461,888 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpoFeedb.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2010/07/01 21:39:08 | 000,357,096 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe -- (AVP)

SRV - [2010/06/27 14:39:21 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)

SRV - [2010/06/27 12:01:29 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2010/03/23 14:53:06 | 000,229,458 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe -- (STacSV)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/11/12 10:28:40 | 001,021,256 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)

SRV - [2009/11/12 10:25:24 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)

SRV - [2009/10/05 13:05:24 | 000,080,456 | ---- | M] (Online Media Technologies Ltd.) [Auto | Running] -- C:\Program Files\AVS4YOU\AVSFirewall\AVSFirewallService.exe -- (AVSFirewallService)

SRV - [2009/09/26 01:30:56 | 001,488,128 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (O&O Defrag)

SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV - [2009/07/16 17:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2009/07/14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)

SRV - [2009/07/14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)

SRV - [2009/07/14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)

SRV - [2009/07/14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)

SRV - [2009/07/14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)

SRV - [2009/07/14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)

SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)

SRV - [2009/07/14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)

SRV - [2009/07/14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)

SRV - [2009/07/14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)

SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2009/07/14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)

SRV - [2009/07/14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009/07/14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)

SRV - [2009/07/14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)

SRV - [2009/07/14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)

SRV - [2009/07/14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Programme d’installation ActiveX (AxInstSV)

SRV - [2009/07/14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)

SRV - [2009/07/14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)

SRV - [2009/03/02 18:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe -- (AESTFilters)

SRV - [2008/04/27 22:26:44 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)

SRV - [2008/04/26 01:15:26 | 000,361,808 | ---- | M] () [Auto | Running] -- C:\Windows\SMINST\BLService.exe -- (Recovery Service for Windows)

SRV - [2008/03/12 19:24:52 | 000,302,144 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)

SRV - [2008/02/03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Stopped] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2010/06/28 16:08:30 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)

DRV - [2010/06/28 16:08:28 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)

DRV - [2010/06/22 19:23:54 | 000,495,192 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)

DRV - [2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2)

DRV - [2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\kl1.sys -- (KL1)

DRV - [2010/04/22 19:07:34 | 000,022,104 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)

DRV - [2010/03/23 14:53:06 | 000,423,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)

DRV - [2009/12/11 09:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)

DRV - [2009/11/11 17:26:54 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)

DRV - [2009/11/02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)

DRV - [2009/10/05 13:05:26 | 000,024,648 | ---- | M] (Online Media Technologies Ltd.) [Kernel | System | Running] -- C:\Program Files\AVS4YOU\AVSFirewall\AVSTDIFilterDrv.sys -- (AVSTDIFilterDrv)

DRV - [2009/10/05 13:05:26 | 000,023,624 | ---- | M] (Online Media Technologies Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVSNDISIMDriver.sys -- (AVSNDISIMMP)

DRV - [2009/10/05 13:05:26 | 000,023,624 | ---- | M] (Online Media Technologies Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVSNDISIMDriver.sys -- (AVSNDISIM)

DRV - [2009/10/05 13:05:26 | 000,017,992 | ---- | M] (Online Media Technologies Ltd.) [Kernel | System | Running] -- C:\Program Files\AVS4YOU\AVSFirewall\AVSRegMonDrv.sys -- (AVSRegMonDrv)

DRV - [2009/10/03 06:02:06 | 009,905,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2009/07/14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)

DRV - [2009/07/14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)

DRV - [2009/07/14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)

DRV - [2009/07/14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)

DRV - [2009/07/14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)

DRV - [2009/07/14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)

DRV - [2009/07/14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)

DRV - [2009/07/14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)

DRV - [2009/07/14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)

DRV - [2009/07/14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)

DRV - [2009/07/14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)

DRV - [2009/07/14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)

DRV - [2009/07/14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)

DRV - [2009/07/14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)

DRV - [2009/07/14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)

DRV - [2009/07/14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)

DRV - [2009/07/14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2009/07/14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)

DRV - [2009/07/14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)

DRV - [2009/07/14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)

DRV - [2009/07/14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)

DRV - [2009/07/14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)

DRV - [2009/07/14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)

DRV - [2009/07/14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)

DRV - [2009/07/14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)

DRV - [2009/07/14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)

DRV - [2009/07/14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)

DRV - [2009/07/14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)

DRV - [2009/07/14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)

DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)

DRV - [2009/07/14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)

DRV - [2009/07/14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)

DRV - [2009/07/14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)

DRV - [2009/07/14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)

DRV - [2009/07/14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)

DRV - [2009/07/14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)

DRV - [2009/07/14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)

DRV - [2009/07/14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)

DRV - [2009/07/14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)

DRV - [2009/07/14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2009/07/14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus)

DRV - [2009/07/14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)

DRV - [2009/07/14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)

DRV - [2009/07/14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)

DRV - [2009/07/14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)

DRV - [2009/07/14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)

DRV - [2009/07/14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)

DRV - [2009/07/14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)

DRV - [2009/07/14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)

DRV - [2009/07/14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)

DRV - [2009/07/14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)

DRV - [2009/07/14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)

DRV - [2009/07/14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)

DRV - [2009/07/14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)

DRV - [2009/07/14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)

DRV - [2009/07/14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)

DRV - [2009/07/14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)

DRV - [2009/07/14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2009/07/14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)

DRV - [2009/07/14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)

DRV - [2009/07/14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)

DRV - [2009/07/14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)

DRV - [2009/07/14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)

DRV - [2009/07/14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Pilote de carte de liaison WiFi sans fil Intel®

DRV - [2009/07/14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)

DRV - [2009/07/14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)

DRV - [2009/07/14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)

DRV - [2008/07/08 12:16:26 | 000,096,856 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)

DRV - [2008/05/24 21:09:10 | 000,073,728 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)

DRV - [2008/05/14 04:09:00 | 000,043,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)

DRV - [2008/05/02 15:59:40 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)

DRV - [2008/04/27 22:27:10 | 000,040,752 | ---- | M] (Validity Sensors, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vfs101x.sys -- (vfs101x)

DRV - [2008/03/27 12:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Stopped] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)

DRV - [2008/03/27 12:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)

DRV - [2008/01/24 15:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)

DRV - [2008/01/18 13:31:26 | 000,196,784 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)

DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=Pavilion&pf=cnnb

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=Pavilion&pf=cnnb

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=83&bd=Pavilion&pf=cnnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Orange : téléphones, forfaits mobiles, Internet, actualité, sport, video

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 57 C3 81 06 8A 1B CB 01 [binary data]

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=

 

========== FireFox ==========

 

FF - prefs.js..browser.search.suggest.enabled: false

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "www.orange.fr"

FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.0.232

FF - prefs.js..keyword.URL: "http://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata="

 

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/06/30 23:01:10 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/02 15:39:25 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/17 19:28:54 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\THBExt [2010/07/14 18:58:31 | 000,000,000 | ---D | M]

 

[2010/06/26 14:53:43 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\mozilla\Extensions

[2010/07/17 19:41:27 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\mozilla\Firefox\Profiles\07otfz62.default\extensions

[2010/06/30 22:53:21 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\mozilla\Firefox\Profiles\07otfz62.default\extensions\menu_contextuel_orange@orange.fr

[2010/07/02 15:40:37 | 000,001,819 | ---- | M] () -- C:\Users\zooleric\AppData\Roaming\Mozilla\FireFox\Profiles\07otfz62.default\searchplugins\bing.xml

[2010/07/19 14:55:41 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions

[2010/07/09 22:00:52 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru

[2010/06/12 03:05:49 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2010/06/12 03:05:49 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/06/12 03:05:49 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2010/06/12 03:05:49 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2010/06/12 03:05:49 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll (Kaspersky Lab ZAO)

O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)

O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)

O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe (Kaspersky Lab ZAO)

O4 - HKLM..\Run: [AVSFirewall] C:\Program Files\AVS4YOU\AVSFirewall\AVSFirewall.exe (Online Media Technologies Ltd.)

O4 - HKLM..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe (DigitalPersona, Inc.)

O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)

O4 - HKLM..\Run: [uCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKCU..\Run: [iSUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 24

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm ()

O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll (Kaspersky Lab ZAO)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab ZAO)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Silhouette.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Silhouette.jpg

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O34 - HKLM BootExecute: (OODBS) - C:\Windows\System32\OODBS.exe (O&O Software GmbH)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010/07/20 10:50:52 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Desktop\gmer

[2010/07/20 10:50:20 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\zooleric\Desktop\OTL.exe

[2010/07/17 20:10:57 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}

[2010/07/17 17:21:00 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Adobe

[2010/07/14 18:20:31 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab

[2010/07/14 18:20:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab

[2010/07/14 18:19:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files

[2010/07/14 17:10:59 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2010/07/14 16:45:19 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Windows Live Writer

[2010/07/14 16:45:15 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Windows Live Writer

[2010/07/09 21:12:06 | 000,061,512 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys

[2010/07/09 21:12:05 | 000,033,480 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys

[2010/07/09 21:11:58 | 000,040,904 | ---- | C] (G DATA Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys

[2010/07/09 21:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA

[2010/07/09 21:11:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\G Data

[2010/07/09 21:09:32 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Downloaded Installations

[2010/07/09 17:04:04 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Documents\ProcessExplorer

[2010/07/09 14:16:39 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\AutoHideIP

[2010/07/09 14:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\AutoHideIP

[2010/07/06 19:40:40 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Spy Emergency

[2010/07/06 19:40:31 | 000,000,000 | ---D | C] -- C:\ProgramData\NETGATE

[2010/07/06 19:24:45 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\GlarySoft

[2010/07/06 19:22:28 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities

[2010/07/05 14:22:38 | 000,000,000 | ---D | C] -- C:\Program Files\Vidal

[2010/07/04 19:52:29 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\VitySoft

[2010/07/04 19:51:55 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Documents\FreeRAPID-0.83U1

[2010/07/04 16:28:47 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Documents\IDM5.19.3.1_Port

[2010/07/04 15:47:34 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Documents\SoftMaker

[2010/07/04 15:47:34 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\SoftMaker

[2010/07/04 15:47:34 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo

[2010/07/04 14:32:13 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\DMCache

[2010/07/02 17:27:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\oodag

[2010/07/02 17:23:28 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\O&O

[2010/07/02 17:22:26 | 000,000,000 | ---D | C] -- C:\Program Files\OO Software

[2010/07/02 15:32:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition

[2010/07/02 15:31:33 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive

[2010/07/02 15:31:15 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live

[2010/07/01 21:35:12 | 000,228,024 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\klogon.dll

[2010/07/01 17:12:35 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Documents\hwmonitor_hwmonitor_1.16_portable_32_bits_anglais_192642

[2010/07/01 15:38:54 | 001,003,008 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\Windows\System32\libeay32.dll

[2010/07/01 00:40:58 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\dvdcss

[2010/06/30 23:11:41 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Tracing

[2010/06/30 23:03:14 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll

[2010/06/30 23:03:14 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll

[2010/06/30 23:03:14 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll

[2010/06/30 23:01:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight

[2010/06/30 23:01:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft

[2010/06/30 23:00:45 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll

[2010/06/30 23:00:45 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL

[2010/06/30 23:00:45 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll

[2010/06/30 22:59:34 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Windows Live

[2010/06/30 22:39:20 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Orange

[2010/06/30 22:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live

[2010/06/30 20:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine

[2010/06/30 20:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared

[2010/06/30 19:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\DivX

[2010/06/30 19:58:16 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX

[2010/06/30 18:25:57 | 000,305,664 | ---- | C] (Inekman) -- C:\Users\zooleric\Documents\Xtremsplit.exe

[2010/06/30 16:09:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2010/06/30 16:02:47 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe

[2010/06/29 19:54:46 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll

[2010/06/29 19:54:46 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll

[2010/06/29 19:54:45 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll

[2010/06/29 19:54:45 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll

[2010/06/29 19:54:45 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll

[2010/06/29 19:54:45 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll

[2010/06/29 19:54:45 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll

[2010/06/29 19:54:45 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll

[2010/06/29 19:54:44 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll

[2010/06/29 19:54:44 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll

[2010/06/29 19:54:44 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll

[2010/06/29 19:54:44 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll

[2010/06/29 19:54:44 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll

[2010/06/29 19:54:44 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll

[2010/06/29 19:54:44 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll

[2010/06/29 19:54:43 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll

[2010/06/29 19:54:43 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll

[2010/06/29 19:54:43 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll

[2010/06/29 19:54:43 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll

[2010/06/29 19:54:43 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll

[2010/06/29 19:54:43 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll

[2010/06/29 19:54:42 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll

[2010/06/29 19:54:42 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll

[2010/06/29 19:06:56 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll

[2010/06/29 19:06:56 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll

[2010/06/29 19:06:56 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll

[2010/06/29 19:06:56 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll

[2010/06/29 19:06:55 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll

[2010/06/29 19:06:55 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll

[2010/06/29 19:06:55 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll

[2010/06/29 19:06:55 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll

[2010/06/29 19:06:55 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll

[2010/06/29 19:06:55 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll

[2010/06/29 19:06:55 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll

[2010/06/29 19:06:55 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll

[2010/06/29 19:06:54 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll

[2010/06/29 19:06:54 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll

[2010/06/29 19:06:54 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll

[2010/06/28 16:08:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Tages

[2010/06/28 16:06:46 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll

[2010/06/28 16:06:45 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll

[2010/06/28 16:06:44 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll

[2010/06/28 16:06:44 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll

[2010/06/28 16:06:44 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll

[2010/06/28 16:06:38 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll

[2010/06/28 16:06:36 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll

[2010/06/28 16:06:36 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll

[2010/06/28 16:06:36 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll

[2010/06/28 16:06:36 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll

[2010/06/28 16:06:36 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll

[2010/06/28 16:06:35 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll

[2010/06/28 16:06:35 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll

[2010/06/28 16:06:35 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll

[2010/06/27 21:27:37 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\DivX

[2010/06/27 21:26:55 | 000,000,000 | ---D | C] -- C:\Program Files\directx

[2010/06/27 14:39:28 | 000,029,512 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe

[2010/06/27 14:39:24 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll

[2010/06/27 14:39:24 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll

[2010/06/27 14:39:10 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\TuneUp Software

[2010/06/27 14:38:56 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2010

[2010/06/27 14:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software

[2010/06/27 14:38:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

[2010/06/27 14:37:12 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Malwarebytes

[2010/06/27 14:36:52 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010/06/27 14:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010/06/27 14:36:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/06/27 14:36:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2010/06/27 14:33:12 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Megaupload

[2010/06/27 14:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\Megaupload

[2010/06/27 14:03:44 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\RapidShare

[2010/06/27 14:02:31 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Apps

[2010/06/27 14:02:30 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Deployment

[2010/06/27 12:04:41 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Microsoft Help

[2010/06/27 12:01:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat

[2010/06/26 19:43:16 | 000,000,000 | ---D | C] -- C:\Program Files\UltraISO

[2010/06/26 19:43:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EZB Systems

[2010/06/26 19:42:19 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Template

[2010/06/26 18:52:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam

[2010/06/26 18:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\Steam

[2010/06/26 18:46:58 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\URSoft

[2010/06/26 18:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2010/06/26 18:46:54 | 000,000,000 | ---D | C] -- C:\Program Files\Your Uninstaller 2010

[2010/06/26 18:43:27 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Uniblue

[2010/06/26 18:34:44 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Documents\hjsplit

[2010/06/26 18:28:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\custom matrices

[2010/06/26 18:28:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\QuickTime

[2010/06/26 18:28:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\C2MP

[2010/06/26 18:25:15 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\vlc

[2010/06/26 18:24:53 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN

[2010/06/26 18:23:21 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2010/06/26 18:19:12 | 000,000,000 | ---D | C] -- C:\Program Files\RegClean

[2010/06/26 16:05:20 | 000,000,000 | ---D | C] -- C:\Users\zooleric\Documents\Max Payne 2 Savegames

[2010/06/26 15:46:29 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games

[2010/06/26 15:37:08 | 000,023,624 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\drivers\AVSNDISIMDriver.sys

[2010/06/26 15:35:09 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\AVS4YOU

[2010/06/26 15:34:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia

[2010/06/26 15:33:52 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GdiPlus.dll

[2010/06/26 15:33:52 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc70.dll

[2010/06/26 15:33:52 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp70.dll

[2010/06/26 15:33:52 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll

[2010/06/26 15:33:52 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll

[2010/06/26 15:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU

[2010/06/26 15:33:52 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU

[2010/06/26 15:22:13 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group

[2010/06/26 15:12:33 | 000,056,816 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys

[2010/06/26 15:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\AntiVir PersonalEdition Classic

[2010/06/26 14:59:39 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\WinRAR

[2010/06/26 14:59:01 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2010/06/26 14:53:33 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Mozilla

[2010/06/26 14:53:33 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Mozilla

[2010/06/26 14:53:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2010/06/26 14:22:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\SRSLabs

[2010/06/26 14:19:18 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe

[2010/06/26 13:46:17 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe

[2010/06/26 13:46:17 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll

[2010/06/26 13:46:17 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll

[2010/06/26 13:45:48 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0

[2010/06/26 13:33:30 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll

[2010/06/26 13:33:29 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe

[2010/06/26 13:33:28 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL

[2010/06/26 13:33:28 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe

[2010/06/26 13:33:26 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll

[2010/06/26 13:33:26 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll

[2010/06/26 13:33:26 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll

[2010/06/26 13:33:23 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll

[2010/06/26 13:33:18 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll

[2010/06/26 13:33:18 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys

[2010/06/26 13:33:09 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2010/06/26 13:33:08 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2010/06/26 13:33:08 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2010/06/26 13:33:07 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2010/06/26 13:33:04 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2010/06/26 13:33:04 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2010/06/26 13:33:02 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2010/06/26 13:33:00 | 002,326,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2010/06/26 13:32:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2010/06/26 13:32:46 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll

[2010/06/26 13:32:46 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll

[2010/06/26 13:32:41 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll

[2010/06/26 13:32:40 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll

[2010/06/26 13:32:40 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax

[2010/06/26 13:32:39 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll

[2010/06/26 13:32:39 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll

[2010/06/26 13:32:39 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax

[2010/06/26 13:32:38 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll

[2010/06/26 13:32:37 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll

[2010/06/26 13:32:37 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe

[2010/06/26 13:32:37 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe

[2010/06/26 13:32:37 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe

[2010/06/26 13:32:37 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe

[2010/06/26 13:32:37 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll

[2010/06/26 13:32:37 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll

[2010/06/26 13:30:13 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2010/06/26 13:30:12 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll

[2010/06/26 13:30:12 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2010/06/26 13:25:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET

[2010/06/26 13:21:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint

[2010/06/26 13:21:30 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH

[2010/06/26 13:20:50 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[2010/06/26 13:20:14 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\zooleric\Documents\ATF-Cleaner.exe

[2010/06/26 13:12:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2010/06/26 13:12:23 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2010/06/26 13:10:23 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~Q

[2010/06/26 13:04:57 | 000,000,000 | -H-D | C] -- C:\$INPLACE.~TR

[2010/06/26 13:01:40 | 000,000,000 | -H-D | C] -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned

[2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\Recovery

[2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles

[2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos

[2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images

[2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer

[2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique

[2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs

[2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoris

[2010/06/26 13:01:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau

[2010/06/26 12:26:41 | 000,000,000 | --SD | C] -- C:\Users\zooleric\AppData\Roaming\Microsoft

[2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Videos

[2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Saved Games

[2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Pictures

[2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Music

[2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Links

[2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Favorites

[2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Downloads

[2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Documents

[2010/06/26 12:26:41 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Desktop

[2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Voisinage réseau

[2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Voisinage d'impression

[2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\AppData\Local\Temporary Internet Files

[2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\SendTo

[2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Recent

[2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Modèles

[2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Documents\Mes vidéos

[2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Documents\Mes images

[2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Mes documents

[2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Menu Démarrer

[2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Documents\Ma musique

[2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Local Settings

[2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\AppData\Local\Historique

[2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Cookies

[2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\Application Data

[2010/06/26 12:26:41 | 000,000,000 | -HSD | C] -- C:\Users\zooleric\AppData\Local\Application Data

[2010/06/26 12:26:41 | 000,000,000 | -H-D | C] -- C:\Users\zooleric\AppData

[2010/06/26 12:26:41 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Temp

[2010/06/26 12:26:41 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\Microsoft

[2010/06/26 12:26:41 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Media Center Programs

[2010/06/26 12:25:36 | 000,380,928 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll

[2010/06/26 12:25:36 | 000,140,288 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll

[2010/06/26 12:25:36 | 000,061,440 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll

[2010/06/26 12:25:36 | 000,000,000 | ---D | C] -- C:\Program Files\IDT

[2010/06/26 12:25:35 | 012,628,060 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtcpl.cpl

[2010/06/26 12:25:35 | 003,354,624 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stlang.dll

[2010/06/26 12:25:35 | 000,536,576 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtmini1.exe

[2010/06/26 12:25:35 | 000,495,708 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray.exe

[2010/06/26 12:25:35 | 000,086,016 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AESTCom.dll

[2010/06/26 12:25:06 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics

[2010/06/26 12:23:43 | 001,079,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpluir.dll

[2010/06/26 12:23:43 | 000,313,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvexpbar.dll

[2010/06/26 12:23:42 | 000,584,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe

[2010/06/26 12:22:03 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

[2010/06/26 03:27:18 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[2010/06/25 18:33:10 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

[2010/06/25 18:24:05 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Symantec

[2010/06/25 18:23:40 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\DigitalPersona

[2010/06/25 18:23:40 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\DigitalPersona

[2010/06/25 18:23:36 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Searches

[2010/06/25 18:23:27 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Identities

[2010/06/25 18:23:25 | 000,000,000 | R--D | C] -- C:\Users\zooleric\Contacts

[2010/06/25 18:22:34 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Macromedia

[2010/06/25 18:22:21 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Adobe

[2010/06/25 18:22:13 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Hewlett-Packard

[2010/06/25 18:22:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Viewpoint

[2010/06/25 18:22:09 | 000,000,000 | ---D | C] -- C:\Program Files\Viewpoint

[2010/06/25 18:19:47 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Roaming\Macrovision

[2010/06/25 18:18:48 | 000,000,000 | ---D | C] -- C:\Users\zooleric\AppData\Local\VirtualStore

[2010/06/25 17:54:23 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2010/06/25 17:53:24 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink

[2010/06/25 17:52:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\tr

[2010/06/25 17:52:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\ru

[2010/06/25 17:52:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\ko

[2010/06/25 17:52:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\ja

[2010/06/25 17:52:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\it

[2010/06/25 17:52:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\es

[2010/06/25 17:52:52 | 000,000,000 | ---D | C] -- C:\Windows\DPDrv

[2010/06/25 17:52:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\de

[2010/06/25 17:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision

[2010/06/25 17:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\DigitalPersona

[2010/06/25 17:49:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe

[2010/06/25 17:42:49 | 000,110,080 | ---- | C] (JMicron Technology Corporation) -- C:\Windows\System32\JmCrIcon.dll

[2010/06/25 17:42:49 | 000,000,000 | ---D | C] -- C:\Windows\JMCR_DIR

[2010/06/25 17:42:10 | 000,000,000 | ---D | C] -- C:\Program Files\Validity Sensors, Inc

[2010/06/25 17:41:44 | 000,196,784 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\drivers\SynTP.sys

[2010/06/25 17:41:44 | 000,147,456 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynTPAPI.dll

[2010/06/25 17:41:44 | 000,110,592 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynTPCo4.dll

[2010/06/25 17:41:43 | 000,196,608 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynCtrl.dll

[2010/06/25 17:41:43 | 000,163,840 | ---- | C] (Synaptics, Inc.) -- C:\Windows\System32\SynCOM.dll

[2010/06/25 17:41:04 | 000,122,368 | ---- | C] (Realtek Corporation ) -- C:\Windows\System32\drivers\Rtlh86.sys

[2010/06/25 17:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek

[2010/06/25 17:40:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\HPMDP

[2010/06/25 17:37:55 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll

[2010/06/25 17:37:55 | 000,000,000 | ---D | C] -- C:\Program Files\Intel

[2010/06/25 17:37:40 | 000,000,000 | ---D | C] -- C:\Intel

[2010/06/25 17:33:21 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2010/06/22 19:23:54 | 000,495,192 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys

 

========== Files - Modified Within 30 Days ==========

 

[2010/07/20 12:14:37 | 001,572,864 | ---- | M] () -- C:\Users\zooleric\NTUSER.DAT

[2010/07/20 10:47:54 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\zooleric\Desktop\OTL.exe

[2010/07/20 10:47:31 | 000,009,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/07/20 10:47:31 | 000,009,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/07/20 10:40:09 | 000,000,249 | ---- | M] () -- C:\ProgramData\hpqp.ini

[2010/07/20 10:40:03 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job

[2010/07/20 10:39:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010/07/20 10:39:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/07/20 10:39:43 | 2413,531,136 | -HS- | M] () -- C:\hiberfil.sys

[2010/07/20 10:39:42 | 000,082,940 | ---- | M] () -- C:\Windows\System32\oodbs.lor

[2010/07/19 19:35:50 | 002,037,806 | -H-- | M] () -- C:\Users\zooleric\AppData\Local\IconCache.db

[2010/07/17 19:26:47 | 000,524,288 | -HS- | M] () -- C:\Users\zooleric\NTUSER.DAT{4f3b6f19-9192-11df-83f0-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms

[2010/07/17 19:26:47 | 000,524,288 | -HS- | M] () -- C:\Users\zooleric\NTUSER.DAT{4f3b6f19-9192-11df-83f0-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms

[2010/07/17 19:26:47 | 000,065,536 | -HS- | M] () -- C:\Users\zooleric\NTUSER.DAT{4f3b6f19-9192-11df-83f0-806e6f6e6963}.TM.blf

[2010/07/17 17:28:58 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2010/07/17 13:00:42 | 001,835,008 | -HS- | M] () -- C:\Users\zooleric\NTUSER.DAT_tureg_old

[2010/07/15 14:50:47 | 001,549,700 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010/07/15 14:50:47 | 000,704,480 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2010/07/15 14:50:47 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010/07/15 14:50:47 | 000,130,754 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2010/07/15 14:50:47 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010/07/14 18:21:58 | 000,113,933 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat

[2010/07/14 18:21:58 | 000,097,549 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat

[2010/07/11 18:07:24 | 000,002,449 | ---- | M] () -- C:\Users\Public\Desktop\RegClean.lnk

[2010/07/09 21:12:06 | 000,061,512 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys

[2010/07/09 21:12:05 | 000,033,480 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys

[2010/07/09 21:11:58 | 000,040,904 | ---- | M] (G DATA Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys

[2010/07/06 19:22:32 | 000,000,958 | ---- | M] () -- C:\Users\zooleric\Desktop\Glary Utilities.lnk

[2010/07/05 18:26:35 | 000,000,208 | ---- | M] () -- C:\Users\zooleric\Desktop\Max Payne 2 The Fall of Max Payne.url

[2010/07/05 14:25:12 | 000,001,107 | ---- | M] () -- C:\Users\Public\Desktop\Vidal Expert.lnk

[2010/07/05 14:25:12 | 000,000,270 | ---- | M] () -- C:\Windows\win.ini

[2010/07/04 17:20:16 | 000,088,240 | ---- | M] () -- C:\Users\zooleric\AppData\Local\GDIPFONTCACHEV1.DAT

[2010/07/04 17:17:09 | 000,369,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010/07/02 17:22:28 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\O&O Defrag.lnk

[2010/07/02 15:58:32 | 000,001,992 | ---- | M] () -- C:\Users\zooleric\Desktop\Windows Live Messenger .lnk

[2010/07/02 15:32:38 | 000,000,020 | ---- | M] () -- C:\Windows\löˆ

[2010/07/01 21:35:12 | 000,228,024 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\klogon.dll

[2010/07/01 17:40:47 | 000,000,754 | ---- | M] () -- C:\Users\zooleric\AppData\Roaming\wklnhst.dat

[2010/07/01 15:39:16 | 000,001,192 | ---- | M] () -- C:\Users\zooleric\Desktop\AVS Cover Editor 2.lnk

[2010/07/01 15:39:03 | 000,001,159 | ---- | M] () -- C:\Users\zooleric\Desktop\AVS Disc Creator.lnk

[2010/06/30 23:06:25 | 000,000,020 | ---- | M] () -- C:\Windows\¸ùƒ

[2010/06/30 18:26:04 | 000,305,664 | ---- | M] (Inekman) -- C:\Users\zooleric\Documents\Xtremsplit.exe

[2010/06/30 15:48:11 | 000,001,207 | ---- | M] () -- C:\Users\zooleric\Desktop\AVS Registry Cleaner.lnk

[2010/06/29 19:55:11 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys

[2010/06/29 19:55:11 | 000,022,328 | ---- | M] () -- C:\Users\zooleric\AppData\Roaming\PnkBstrK.sys

[2010/06/29 19:54:50 | 000,682,280 | ---- | M] () -- C:\Windows\System32\pbsvc.exe

[2010/06/29 18:47:01 | 000,000,213 | ---- | M] () -- C:\Users\zooleric\Desktop\Half-Life Deathmatch Source.url

[2010/06/29 15:24:11 | 000,000,215 | ---- | M] () -- C:\Users\zooleric\Desktop\Red Faction.url

[2010/06/29 13:22:21 | 000,000,188 | ---- | M] () -- C:\Users\zooleric\Desktop\Call of Duty 2.url

[2010/06/28 17:47:56 | 000,000,215 | ---- | M] () -- C:\Users\zooleric\Desktop\Call of Duty World at War.url

[2010/06/28 16:59:15 | 000,000,203 | ---- | M] () -- C:\Users\zooleric\Desktop\Call of Duty United Offensive.url

[2010/06/28 16:08:30 | 000,281,760 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys

[2010/06/28 16:08:28 | 000,025,888 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys

[2010/06/27 22:09:37 | 000,000,186 | ---- | M] () -- C:\Users\zooleric\Desktop\Call of Duty.url

[2010/06/27 17:33:49 | 000,000,214 | ---- | M] () -- C:\Users\zooleric\Desktop\Call of Duty 4 Modern Warfare.url

[2010/06/27 14:39:21 | 000,002,155 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Maintenance en 1 clic.lnk

[2010/06/27 14:39:21 | 000,002,103 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk

[2010/06/27 14:36:54 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/06/27 14:33:11 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Mega Manager.lnk

[2010/06/27 14:02:53 | 000,002,831 | ---- | M] () -- C:\Users\zooleric\Desktop\RapidShare Manager.lnk

[2010/06/27 13:52:38 | 000,002,152 | ---- | M] () -- C:\Users\Public\Desktop\Max Payne 2.lnk

[2010/06/27 13:51:11 | 000,001,735 | ---- | M] () -- C:\Users\zooleric\Desktop\MaxPayne2 -developper - Raccourci.lnk

[2010/06/27 12:16:02 | 000,000,215 | ---- | M] () -- C:\Users\zooleric\Desktop\Chrome.url

[2010/06/27 12:14:50 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk

[2010/06/26 19:43:17 | 000,001,831 | ---- | M] () -- C:\Users\zooleric\Desktop\UltraISO.lnk

[2010/06/26 18:46:57 | 000,001,044 | ---- | M] () -- C:\Users\zooleric\Desktop\Your Unin-staller!.lnk

[2010/06/26 18:25:12 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2010/06/26 18:23:27 | 000,000,965 | ---- | M] () -- C:\Users\zooleric\Desktop\CCleaner.lnk

[2010/06/26 17:27:46 | 000,001,429 | ---- | M] () -- C:\Users\zooleric\Desktop\Internet Explorer.lnk

[2010/06/26 15:37:13 | 000,001,123 | ---- | M] () -- C:\Users\zooleric\Desktop\AVS Firewall.lnk

[2010/06/26 15:35:02 | 000,001,251 | ---- | M] () -- C:\Users\zooleric\Desktop\AVS4YOU Software Navigator.lnk

[2010/06/26 15:34:48 | 000,001,202 | ---- | M] () -- C:\Users\zooleric\Desktop\AVS Video Converter 6.lnk

[2010/06/26 15:22:13 | 000,001,222 | ---- | M] () -- C:\Users\zooleric\Desktop\Revo Uninstaller.lnk

[2010/06/26 14:59:36 | 000,001,027 | ---- | M] () -- C:\Users\zooleric\Desktop\WinRAR.lnk

[2010/06/26 14:53:34 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat

[2010/06/26 14:53:29 | 000,001,909 | ---- | M] () -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2010/06/26 14:53:29 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2010/06/26 14:06:24 | 000,028,124 | ---- | M] () -- C:\ProgramData\nvModes.001

[2010/06/26 14:06:22 | 000,028,124 | ---- | M] () -- C:\ProgramData\nvModes.dat

[2010/06/26 13:42:13 | 000,001,304 | ---- | M] () -- C:\Users\zooleric\Desktop\Notepad.lnk

[2010/06/26 13:21:56 | 000,002,661 | ---- | M] () -- C:\Users\Public\Desktop\Souris Microsoft.lnk

[2010/06/26 13:21:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_point32k_01009.Wdf

[2010/06/26 13:20:36 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2010/06/26 13:17:55 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2010/06/26 13:12:17 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2010/06/26 13:12:17 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2010/06/26 13:12:17 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2010/06/26 13:12:17 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2010/06/26 13:01:41 | 000,001,423 | ---- | M] () -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2010/06/26 13:01:32 | 000,000,020 | -HS- | M] () -- C:\Users\zooleric\ntuser.ini

[2010/06/26 12:51:18 | 000,057,206 | ---- | M] () -- C:\Windows\System32\license.rtf

[2010/06/26 12:46:14 | 000,021,680 | ---- | M] () -- C:\Windows\System32\emptyregdb.dat

[2010/06/26 12:26:44 | 000,524,288 | -HS- | M] () -- C:\Users\zooleric\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms

[2010/06/26 12:26:44 | 000,524,288 | -HS- | M] () -- C:\Users\zooleric\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms

[2010/06/26 12:26:44 | 000,065,536 | -HS- | M] () -- C:\Users\zooleric\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf

[2010/06/26 12:25:10 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf

[2010/06/26 12:01:35 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010/06/26 12:01:34 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010/06/26 11:39:25 | 000,000,221 | -HS- | M] () -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini

[2010/06/26 11:32:34 | 000,002,544 | ---- | M] () -- C:\Windows\diagwrn.xml

[2010/06/26 11:32:31 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml

[2010/06/25 18:38:11 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2010/06/25 18:23:17 | 000,000,044 | ---- | M] () -- C:\Windows\System\hpsysdrv.dat

[2010/06/25 18:22:11 | 000,000,373 | -H-- | M] () -- C:\IPH.PH

[2010/06/25 18:19:37 | 000,000,000 | RHS- | M] () -- C:\Windows\System32\drivers\103C_HP_cNB_Pavilion dv7 Notebook PC_Y5335KV_0U_QCND83254N4_E464632-052_4A_I30F4_SCompal_V99.55_F.0A_T080717_WV3-1_L40C_M3069_J320_7Intel_8676_92.27_#100625_N10EC8168;80864237_(FV084EA#ABF)_XMOBILE_CN10_Z_2F.0A.MRK

[2010/06/25 17:49:12 | 000,588,472 | ---- | M] (EasyBits Software AS) -- C:\Windows\System32\ezsvc7x.dll

[2010/06/25 17:44:53 | 000,000,125 | ---- | M] () -- C:\Windows\xUninstall.bat

[2010/06/25 17:43:30 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf

[2010/06/22 19:23:54 | 000,495,192 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys

 

========== Files Created - No Company Name ==========

 

[2010/07/17 13:01:57 | 000,524,288 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT{4f3b6f19-9192-11df-83f0-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms

[2010/07/17 13:01:57 | 000,524,288 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT{4f3b6f19-9192-11df-83f0-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms

[2010/07/17 13:01:56 | 000,065,536 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT{4f3b6f19-9192-11df-83f0-806e6f6e6963}.TM.blf

[2010/07/17 13:00:38 | 000,000,000 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT_tureg_new.LOG2

[2010/07/17 13:00:38 | 000,000,000 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT_tureg_new.LOG1

[2010/07/14 18:21:58 | 000,113,933 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat

[2010/07/14 18:21:58 | 000,097,549 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat

[2010/07/11 18:07:24 | 000,002,449 | ---- | C] () -- C:\Users\Public\Desktop\RegClean.lnk

[2010/07/06 19:22:33 | 000,000,318 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job

[2010/07/06 19:22:32 | 000,000,958 | ---- | C] () -- C:\Users\zooleric\Desktop\Glary Utilities.lnk

[2010/07/05 18:26:35 | 000,000,208 | ---- | C] () -- C:\Users\zooleric\Desktop\Max Payne 2 The Fall of Max Payne.url

[2010/07/05 14:25:12 | 000,001,107 | ---- | C] () -- C:\Users\Public\Desktop\Vidal Expert.lnk

[2010/07/03 11:50:03 | 000,082,940 | ---- | C] () -- C:\Windows\System32\oodbs.lor

[2010/07/02 17:22:28 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\O&O Defrag.lnk

[2010/07/02 15:58:32 | 000,001,992 | ---- | C] () -- C:\Users\zooleric\Desktop\Windows Live Messenger .lnk

[2010/07/02 15:32:38 | 000,000,020 | ---- | C] () -- C:\Windows\löˆ

[2010/07/01 15:39:16 | 000,001,192 | ---- | C] () -- C:\Users\zooleric\Desktop\AVS Cover Editor 2.lnk

[2010/07/01 15:39:03 | 000,001,159 | ---- | C] () -- C:\Users\zooleric\Desktop\AVS Disc Creator.lnk

[2010/06/30 23:06:24 | 000,000,020 | ---- | C] () -- C:\Windows\¸ùƒ

[2010/06/30 16:10:04 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2010/06/30 15:48:11 | 000,001,207 | ---- | C] () -- C:\Users\zooleric\Desktop\AVS Registry Cleaner.lnk

[2010/06/29 19:55:11 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys

[2010/06/29 19:55:11 | 000,022,328 | ---- | C] () -- C:\Users\zooleric\AppData\Roaming\PnkBstrK.sys

[2010/06/29 19:54:52 | 000,107,832 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe

[2010/06/29 19:54:50 | 000,682,280 | ---- | C] () -- C:\Windows\System32\pbsvc.exe

[2010/06/29 19:54:50 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe

[2010/06/29 18:47:01 | 000,000,213 | ---- | C] () -- C:\Users\zooleric\Desktop\Half-Life Deathmatch Source.url

[2010/06/29 15:24:11 | 000,000,215 | ---- | C] () -- C:\Users\zooleric\Desktop\Red Faction.url

[2010/06/29 13:22:21 | 000,000,188 | ---- | C] () -- C:\Users\zooleric\Desktop\Call of Duty 2.url

[2010/06/28 17:47:56 | 000,000,215 | ---- | C] () -- C:\Users\zooleric\Desktop\Call of Duty World at War.url

[2010/06/28 16:59:15 | 000,000,203 | ---- | C] () -- C:\Users\zooleric\Desktop\Call of Duty United Offensive.url

[2010/06/28 16:08:30 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys

[2010/06/28 16:08:28 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys

[2010/06/27 17:17:55 | 000,000,214 | ---- | C] () -- C:\Users\zooleric\Desktop\Call of Duty 4 Modern Warfare.url

[2010/06/27 14:39:21 | 000,002,155 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Maintenance en 1 clic.lnk

[2010/06/27 14:39:21 | 000,002,103 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk

[2010/06/27 14:36:54 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/06/27 14:33:11 | 000,001,973 | ---- | C] () -- C:\Users\Public\Desktop\Mega Manager.lnk

[2010/06/27 14:30:38 | 000,000,186 | ---- | C] () -- C:\Users\zooleric\Desktop\Call of Duty.url

[2010/06/27 14:02:53 | 000,002,831 | ---- | C] () -- C:\Users\zooleric\Desktop\RapidShare Manager.lnk

[2010/06/27 12:16:02 | 000,000,215 | ---- | C] () -- C:\Users\zooleric\Desktop\Chrome.url

[2010/06/26 19:43:17 | 000,001,831 | ---- | C] () -- C:\Users\zooleric\Desktop\UltraISO.lnk

[2010/06/26 19:42:18 | 000,000,754 | ---- | C] () -- C:\Users\zooleric\AppData\Roaming\wklnhst.dat

[2010/06/26 18:52:56 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk

[2010/06/26 18:46:57 | 000,001,044 | ---- | C] () -- C:\Users\zooleric\Desktop\Your Unin-staller!.lnk

[2010/06/26 18:25:12 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2010/06/26 18:23:27 | 000,000,965 | ---- | C] () -- C:\Users\zooleric\Desktop\CCleaner.lnk

[2010/06/26 18:12:13 | 000,001,735 | ---- | C] () -- C:\Users\zooleric\Desktop\MaxPayne2 -developper - Raccourci.lnk

[2010/06/26 17:27:46 | 000,001,429 | ---- | C] () -- C:\Users\zooleric\Desktop\Internet Explorer.lnk

[2010/06/26 15:58:49 | 000,002,152 | ---- | C] () -- C:\Users\Public\Desktop\Max Payne 2.lnk

[2010/06/26 15:37:13 | 000,001,123 | ---- | C] () -- C:\Users\zooleric\Desktop\AVS Firewall.lnk

[2010/06/26 15:35:02 | 000,001,251 | ---- | C] () -- C:\Users\zooleric\Desktop\AVS4YOU Software Navigator.lnk

[2010/06/26 15:34:48 | 000,001,202 | ---- | C] () -- C:\Users\zooleric\Desktop\AVS Video Converter 6.lnk

[2010/06/26 15:22:13 | 000,001,222 | ---- | C] () -- C:\Users\zooleric\Desktop\Revo Uninstaller.lnk

[2010/06/26 14:59:36 | 000,001,027 | ---- | C] () -- C:\Users\zooleric\Desktop\WinRAR.lnk

[2010/06/26 14:53:34 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2010/06/26 14:53:29 | 000,001,909 | ---- | C] () -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

[2010/06/26 14:53:29 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2010/06/26 13:42:13 | 000,001,304 | ---- | C] () -- C:\Users\zooleric\Desktop\Notepad.lnk

[2010/06/26 13:21:56 | 000,002,661 | ---- | C] () -- C:\Users\Public\Desktop\Souris Microsoft.lnk

[2010/06/26 13:21:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_point32k_01009.Wdf

[2010/06/26 13:17:55 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2010/06/26 13:01:52 | 000,000,249 | ---- | C] () -- C:\ProgramData\hpqp.ini

[2010/06/26 13:01:35 | 000,028,124 | ---- | C] () -- C:\ProgramData\nvModes.001

[2010/06/26 13:01:34 | 000,028,124 | ---- | C] () -- C:\ProgramData\nvModes.dat

[2010/06/26 13:01:32 | 000,000,020 | -HS- | C] () -- C:\Users\zooleric\ntuser.ini

[2010/06/26 12:52:48 | 2413,531,136 | -HS- | C] () -- C:\hiberfil.sys

[2010/06/26 12:46:15 | 000,021,680 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat

[2010/06/26 12:26:42 | 000,524,288 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms

[2010/06/26 12:26:41 | 001,835,008 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT_tureg_old

[2010/06/26 12:26:41 | 001,572,864 | ---- | C] () -- C:\Users\zooleric\NTUSER.DAT

[2010/06/26 12:26:41 | 000,524,288 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms

[2010/06/26 12:26:41 | 000,262,144 | -HS- | C] () -- C:\Users\zooleric\ntuser.dat.LOG1

[2010/06/26 12:26:41 | 000,065,536 | -HS- | C] () -- C:\Users\zooleric\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf

[2010/06/26 12:26:41 | 000,000,290 | ---- | C] () -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk

[2010/06/26 12:26:41 | 000,000,272 | ---- | C] () -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

[2010/06/26 12:26:41 | 000,000,000 | -HS- | C] () -- C:\Users\zooleric\ntuser.dat.LOG2

[2010/06/26 12:25:36 | 000,015,222 | ---- | C] () -- C:\Windows\System32\nbspkrs.ico

[2010/06/26 12:25:36 | 000,003,774 | ---- | C] () -- C:\Windows\System32\bltinmic.ico

[2010/06/26 12:25:36 | 000,003,774 | ---- | C] () -- C:\Windows\System32\2hps.ico

[2010/06/26 12:25:10 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf

[2010/06/26 12:25:08 | 000,009,504 | -H-- | C] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/06/26 12:25:08 | 000,009,504 | -H-- | C] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/06/26 12:00:25 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK

[2010/06/26 11:39:25 | 000,001,423 | ---- | C] () -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2010/06/26 11:32:30 | 000,002,544 | ---- | C] () -- C:\Windows\diagwrn.xml

[2010/06/26 11:32:30 | 000,001,890 | ---- | C] () -- C:\Windows\diagerr.xml

[2010/06/25 18:23:17 | 000,000,044 | ---- | C] () -- C:\Windows\System\hpsysdrv.dat

[2010/06/25 18:21:50 | 000,000,373 | -H-- | C] () -- C:\IPH.PH

[2010/06/25 18:21:28 | 000,001,859 | ---- | C] () -- C:\Users\Public\Desktop\HP Total Care Advisor.lnk

[2010/06/25 18:19:37 | 000,000,000 | RHS- | C] () -- C:\Windows\System32\drivers\103C_HP_cNB_Pavilion dv7 Notebook PC_Y5335KV_0U_QCND83254N4_E464632-052_4A_I30F4_SCompal_V99.55_F.0A_T080717_WV3-1_L40C_M3069_J320_7Intel_8676_92.27_#100625_N10EC8168;80864237_(FV084EA#ABF)_XMOBILE_CN10_Z_2F.0A.MRK

[2010/06/25 18:18:44 | 000,000,221 | -HS- | C] () -- C:\Users\zooleric\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop (1).ini

[2010/06/25 17:53:17 | 000,037,916 | ---- | C] () -- C:\Windows\WMPrfFRA.prx

[2010/06/25 17:44:53 | 000,000,125 | ---- | C] () -- C:\Windows\xUninstall.bat

[2010/06/25 17:43:30 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf

[2010/06/25 17:41:46 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

[2010/06/15 18:06:38 | 000,153,502 | ---- | C] () -- C:\Windows\System32\libmplayer.dll

[2010/06/15 18:05:02 | 005,002,416 | ---- | C] () -- C:\Windows\System32\libavcodec.dll

[2010/06/15 17:43:58 | 001,641,574 | ---- | C] () -- C:\Windows\System32\ffmpegmt.dll

[2010/05/24 21:39:50 | 000,289,065 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll

[2010/05/24 21:38:34 | 000,962,008 | ---- | C] () -- C:\Windows\System32\ff_x264.dll

[2010/05/24 21:38:22 | 000,901,509 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2010/05/19 22:59:20 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll

[2010/05/19 22:59:10 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll

[2010/05/19 22:59:02 | 000,141,824 | ---- | C] () -- C:\Windows\System32\mp4.dll

[2010/05/19 22:58:52 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll

[2010/05/19 22:58:18 | 000,154,112 | ---- | C] () -- C:\Windows\System32\ts.dll

[2010/05/19 22:58:08 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll

[2010/05/19 22:57:42 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll

[2010/05/19 22:57:26 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll

[2010/05/19 22:55:40 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll

[2010/05/19 22:55:36 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll

[2010/05/12 17:09:06 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2010/05/11 23:26:52 | 000,324,096 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll

[2010/05/11 23:22:22 | 000,100,864 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll

[2010/05/11 00:10:04 | 000,178,688 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll

[2010/05/11 00:09:50 | 000,257,024 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll

[2010/05/11 00:09:42 | 000,142,848 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll

[2010/05/11 00:09:30 | 000,484,864 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll

[2010/05/11 00:07:24 | 001,556,992 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll

[2010/05/11 00:05:28 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll

[2010/05/11 00:05:06 | 000,113,152 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll

[2010/05/11 00:03:56 | 000,163,328 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll

[2010/01/06 12:50:12 | 000,086,016 | ---- | C] () -- C:\Windows\System32\vidalhelper.dll

[2009/07/14 02:55:09 | 001,332,736 | ---- | C] () -- C:\Windows\System32\hpotiop1.dll

[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009/06/07 18:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2009/01/11 00:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\mmfinfo.dll

[2008/11/06 17:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll

[2007/11/14 16:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll

[2007/10/13 11:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\System32\Registration.ini

 

========== LOP Check ==========

 

[2010/07/09 14:16:39 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\AutoHideIP

[2010/06/26 12:42:03 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\DigitalPersona

[2010/07/04 16:32:27 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\DMCache

[2010/07/14 18:18:12 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\GlarySoft

[2010/06/27 14:33:12 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\Megaupload

[2010/06/30 22:53:25 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\Orange

[2010/07/04 15:52:06 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\SoftMaker

[2010/07/06 19:57:15 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\Spy Emergency

[2010/06/26 19:42:19 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\Template

[2010/06/27 14:39:10 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\TuneUp Software

[2010/06/26 18:43:27 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\Uniblue

[2010/06/26 18:46:58 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\URSoft

[2010/07/04 19:52:29 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\VitySoft

[2010/07/14 16:45:19 | 000,000,000 | ---D | M] -- C:\Users\zooleric\AppData\Roaming\Windows Live Writer

[2010/07/20 10:40:03 | 000,000,318 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job

[2009/07/14 06:53:46 | 000,028,310 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 

========== Purity Check ==========

 

 

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 176 bytes -> C:\ProgramData\TEMP:1CE11B51

< End of report >

 

GMER 1.0.15.15281 - GMER - Rootkit Detector and Remover

Rootkit scan 2010-07-20 12:39:55

Windows 6.1.7600

Running: zool.exe.exe; Driver: C:\Users\zooleric\AppData\Local\Temp\kfdyiuog.sys

 

 

---- System - GMER 1.0.15 ----

 

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0x8BB93528]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcConnectPort [0x8BB95752]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcCreatePort [0x8BB959CC]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwAlpcSendWaitReceivePort [0x8BB95C3E]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwClose [0x8BB93E30]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwConnectPort [0x8BB94C5C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateEvent [0x8BB951A6]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateFile [0x8BB9410C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateMutant [0x8BB9508C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0x8BB93118]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreatePort [0x8BB94F60]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSection [0x8BB932C0]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateSemaphore [0x8BB952C6]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThread [0x8BB93AB8]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateThreadEx [0x8BB93BB6]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateUserProcess [0x8BB95E88]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwCreateWaitablePort [0x8BB94FF6]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDebugActiveProcess [0x8BB969A8]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0x8BB9458E]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwDuplicateObject [0x8BB97BBE]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwFsControlFile [0x8BB9439C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwLoadDriver [0x8BB96A9A]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwMapViewOfSection [0x8BB9720A]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenEvent [0x8BB9523C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenFile [0x8BB93EB2]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenMutant [0x8BB9511C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenProcess [0x8BB93762]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSection [0x8BB96FA4]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenSemaphore [0x8BB9535C]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwOpenThread [0x8BB93656]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueryDirectoryObject [0x8BB95F42]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQuerySection [0x8BB97544]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwQueueApcThread [0x8BB96E36]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplaceKey [0x8BB91DD2]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyPort [0x8BB956C0]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0x8BB95586]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0x8BB96742]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwRestoreKey [0x8BB9214A]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwResumeThread [0x8BB97A60]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSaveKey [0x8BB91D6A]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSecureConnectPort [0x8BB949A6]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetContextThread [0x8BB93CD2]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetInformationToken [0x8BB95FE4]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSecurityObject [0x8BB96C38]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSetSystemInformation [0x8BB97694]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendProcess [0x8BB97786]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSuspendThread [0x8BB978C0]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwSystemDebugControl [0x8BB968CC]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateProcess [0x8BB93902]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwTerminateThread [0x8BB93858]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0x8BB973E8]

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wlh_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0x8BB939EE]

 

INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1FAF8

INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1F104

INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1F3F4

INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C07634

INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C07898

INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1F1DC

INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1F958

INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1F6F8

INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C1FF2C

INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82C201A8

 

---- Kernel code sections - GMER 1.0.15 ----

 

.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82C7F599 1 Byte [06]

.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82CA3F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

.text ntkrnlpa.exe!RtlSidHashLookup + 220 82CAB730 4 Bytes [28, 35, B9, 8B]

.text ntkrnlpa.exe!RtlSidHashLookup + 248 82CAB758 8 Bytes [52, 57, B9, 8B, CC, 59, B9, ...]

.text ntkrnlpa.exe!RtlSidHashLookup + 28C 82CAB79C 4 Bytes [3E, 5C, B9, 8B]

.text ntkrnlpa.exe!RtlSidHashLookup + 2B8 82CAB7C8 4 Bytes [30, 3E, B9, 8B]

.text ntkrnlpa.exe!RtlSidHashLookup + 2DC 82CAB7EC 4 Bytes [5C, 4C, B9, 8B]

.text ...

.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0x9B7BC300, 0x3B6D8, 0xE8000020]

.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x9B600300, 0x1BEE, 0xE8000020]

.text peauth.sys 9D422C9D 28 Bytes [84, 1E, 46, 92, 64, CA, 31, ...]

.text peauth.sys 9D422CC1 28 Bytes [84, 1E, 46, 92, 64, CA, 31, ...]

PAGE peauth.sys 9D428B9B 72 Bytes [49, 68, D2, 09, 4E, A8, A1, ...]

PAGE peauth.sys 9D428BEC 111 Bytes [99, 62, 7C, A1, B4, 4F, 9B, ...]

PAGE peauth.sys 9D428E20 101 Bytes [89, DD, 35, 49, 32, 83, 2F, ...]

PAGE ...

 

---- User code sections - GMER 1.0.15 ----

 

.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2184] USER32.dll!TrackPopupMenu 771D4B3B 5 Bytes JMP 652105FE C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

.text C:\Program Files\Mozilla Firefox\firefox.exe[5592] ntdll.dll!LdrLoadDll 7768F625 5 Bytes JMP 001113F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

 

---- User IAT/EAT - GMER 1.0.15 ----

 

IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74052494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74035624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [740356E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [7405250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74048573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74044D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [740450CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [740451A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [740466D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [740482CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74048819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7404907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7404E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

IAT C:\Windows\Explorer.EXE[3336] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74044C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

 

---- Devices - GMER 1.0.15 ----

 

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Runtime de l’infrastructure de pilotes en mode noyau/Microsoft Corporation)

AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Runtime de l’infrastructure de pilotes en mode noyau/Microsoft Corporation)

AttachedDevice \Driver\tdx \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

AttachedDevice \Driver\tdx \Device\Tcp AVSTDIFilterDrv.sys

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 rdyboost.sys (ReadyBoost Driver/Microsoft Corporation)

 

Device \Driver\ACPI_HAL \Device\0000004e halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

 

AttachedDevice \Driver\tdx \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

AttachedDevice \Driver\tdx \Device\Udp AVSTDIFilterDrv.sys

AttachedDevice \Driver\tdx \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

AttachedDevice \Driver\tdx \Device\RawIp AVSTDIFilterDrv.sys

 

---- Registry - GMER 1.0.15 ----

 

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\BTHPORT

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\HidBth

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\BTHPORT (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\HidBth (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings (not active ControlSet)

Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System

Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG12.00.00.01PROFESSIONAL 0A5E5166DA3912F116AF0EDE195FFAB4B10F412C8E52F4E109D5BA394A6C602142C3A7BA11351608461E3A9D114E3C11DED62D05655F6D22A4449557699C3824B974805FDFD6DFA6D67B6679E51F779BA5EA6A52B7F6CD95F140E835C5982027A2F9DB6B1942274487AA0AA9861D6DB9F2A5038E332E77B22B3C7630ECDB3FD22483523EC77BF8598A322FAD9AF62DD6258918F73C7E2176FAD194FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794FEBC9E127BECC74C5D575E7D6A3B98081B0B674B0E2BBFB0BB858B32388941CAB2EAB67D5762CEA4D6D728A4E8AE3CFCAC725DF82145120BA5A83F11B80C850CEC4AE8823EED06A548E9FAE602A9D19404937835847128AE7451406E0653FC327F7C0891177848E942E7F663BF2E5E16394DC18BBAC759347F99DF7A3344968DA3F94D1EA4D33F147E465FF4B99AE21924B0A2594A53A1C863CFD134D739E8FBD5EC5671AFC7B85A79ACD946094208C864036B503D9422AA7EF6AF7511FDAAF355B5A3A5870D2886F479F0D94A6C17E4DBBECFF4A3019C31734574E87CD3BB00A5669CAAF8512178753C1583A0D380BFB01065A38EFEF9C1AA25028BBDEF99BC914908445CB75F20C4B9156C31A656C04C592A08176A475ACDB59B31FE7B6C5AA1D6940C0

 

---- EOF - GMER 1.0.15 ----

WawaSeb Godlike Member

WawaSeb

Posté(e)
Posté(e)

Bonjour zool62,

 

*** Me voilà enfin rentré, je te remercie pour ta patience ! *** :)

 

Il a y peut-être un conflit avec des restes de NOD32... mais je suis persuadé que l'installation a été corrompue par l'un de ces logiciels :

 

RegClean.lnk

AVS Registry Cleaner.lnk

CCleaner.lnk

Glary Utilities.lnk

TuneUp Utilities

 

--> Dans pareil cas, il risque de n'y avoir d'autre solution que la réinstallation propre du système ou la réimportation d'une sauvegarde fonctionnelle (registre).

 

 

 

A tout hasard, essaie ceci (je ne vois aucun signe d'infection sur ta machine) :

 

1)
T
é
l
é
charge l'
d'E
S
ET :

 

2)
Enregi
s
tre-le
s
ur ton bureau.

 

3)
Clique avec le bouton droit de ta
s
ouri
s
s
ur "E
S
ETUnin
s
taller.exe" et choi
s
i
s
"
Ex
é
cuter en tant qu'Admini
s
trateur
".
S
ui
s
alor
s
le
s
in
s
truction
s
qui apparai
s
s
ent
à
l'
é
cran.

 

4)
Red
é
marre le po
s
te et te
s
te
à
nouveau Firefox.

 

 

Bonne chance !

;)

zool62 Member

zool62

Posté(e)
  • Auteur
Posté(e)

bonjour WawaSeb je vais refaire mon pc comme tu m as dit merci encore pour ton aide.

@+

Rejoindre la conversation

Vous publiez en tant qu’invité. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...