Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

analyse

Lorak

Par Lorak
dans Analyses et éradication malwares

 Partager

Messages recommandés

Lorak Member

Lorak

Posté(e)
Posté(e)

Bonjour,

Pouvez-vous me dire si je suis infecté merci beaucoup!

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:21:50, on 12/11/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16671)

Boot mode: Normal

 

Running processes:

C:\Users\Lorak\AppData\Roaming\Microsoft\Windows\shell.exe

C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe

C:\Users\Lorak\AppData\Roaming\Microsoft\svchost.exe

C:\Users\Lorak\AppData\Local\Temp\dwm.exe

C:\Program Files (x86)\RocketDock\RocketDock.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files (x86)\ASUS\PC Probe II\Probe2.exe

C:\Program Files (x86)\ASUS\AASP\1.00.95\aaCenter.exe

C:\Program Files (x86)\ICQ7.2\ICQ.exe

C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

C:\Program Files (x86)\Opera\opera.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google Actualités

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:50370

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F3 - REG:win.ini: load=C:\Users\Lorak\AppData\Local\Temp\dwm.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')

O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_6_0_1.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files (x86)\ma-config.com\maconfservice.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\mprdim.dll,-200 (RemoteAccess) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

 

--

End of file - 19095 bytes

lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Bonjour Lorak,

 

Très Important!

 

>>> A faire immédiatement:

En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

 

>>> Que faire durant ce nettoyage, merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

 

>>> Que faire à la réception de nouvelles instructions,

  • Lire la totalité du message.
  • Télécharger et enregistrer les utilitaires DIRECTEMENT sur le Bureau ou les déplacer (tout de suite après par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller".
    Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau.
  • Prendre l'habitude de désactiver tous les programmes de protection au début de chaque nouvelle étape et de les réactiver à la fin.
  • Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
  • NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.

>>> Comment répondre: Cliquer sur le bouton zeb_bouton.png car je n'ai pas besoin de relire mes messages précédents.

 

1- >>> Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau:

  • Malware(partes Anti-Malware depuis ici ou ici
  • OTL (par OldTimer) depuis ICI ou ICI
  • Security Check (par screen317) depuis ici ou ici

 

>>> Utiliser Malwarebytes' Anti-Malware Fermer tout et cliquer sur mbam-setup.exe. Suivre les indications en laissant tout par défaut. Cliquer sur Terminer sans rien changer.

- Lancer le programme depuis son icône sur le bureau ou depuis "Démarrer" => "Tous les programmes" => "Malwarebytes' Anti-Malware".

- Faire les Mises à jour depuis l'onglet du même nom). Si problème avec les mises à jour automatiques, cliquer ICI pour les télécharger et les installer manuellement.

- Dans l'onglet "Recherche" laisser la case "Exécuter un examen rapide" cochée et cliquer sur "Rechercher".

 

mb3.jpg

 

Patienter jusqu'à la fin (affichage du message ci-dessous)

 

mb4.jpg

 

Cliquer sur OK, pour fermer ce message.

 

- Cliquer sur "Afficher les résultats" puis sur "Supprimer la sélection".

 

Le programme procède alors au nettoyage. S'il vous demande de redémarrer le PC, ACCEPTER (c'est pour supprimer certains fichiers spécifiques).

A la fin un rapport s'affiche (accessible à tout moment depuis l'onglet Rapport/Logs de la fenêtre principale de MBAM. Poster son contenu dans la prochaine réponse.

 

 

2- >>> Brancher et allumer tous les médias amovibles ayant servi à un quelconque transfert de données (clés USB...).

Fermer tout et double-cliquer sur OTL.exe (Vista/ Windows7, clic-droit dessus => Exécuter en tant qu'Admin).

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

CREATERESTOREPOINT

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

Poster le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

 

 

3- >>> Fermer tout et double-cliquer sur "SecurityCheck.exe" pour lancer le programme.

Appuyer sur une touche comme demandé et suivre les indications.

Note: Si un des programmes de sécurité demande la permission d'accéder à Internet depuis dig.exe, acceptez.

Le Rapport checkup.txt s'ouvre à la fin et ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

Copier le contenu de ce rapport et le coller dans un nouvelle réponse.

 

 

Rapports demandés:

  • Malwarebytes Anti-Malware log
  • OTL.txt
  • Extras.txt
  • checkup.txt
Lorak Member

Lorak

Posté(e)
  • Auteur
Posté(e)

Re!

Voici mon rapport Malwarebytes pour commencer.

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Version de la base de données: 5099

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

12/11/2010 15:33:11

mbam-log-2010-11-12 (15-33-11).txt

 

Type d'examen: Examen rapide

Elément(s) analysé(s): 136943

Temps écoulé: 3 minute(s), 15 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

Lorak Member

Lorak

Posté(e)
  • Auteur
Posté(e)

voici le rapport OTL.txt

OTL logfile created on: 12/11/2010 15:37:43 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Lorak\Desktop

64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

6,00 Gb Total Physical Memory | 5,00 Gb Available Physical Memory | 76,00% Memory free

12,00 Gb Paging File | 10,00 Gb Available in Paging File | 86,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 149,10 Gb Total Space | 70,19 Gb Free Space | 47,07% Space Free | Partition Type: NTFS

Drive D: | 74,53 Gb Total Space | 39,12 Gb Free Space | 52,50% Space Free | Partition Type: NTFS

Drive E: | 488,28 Gb Total Space | 111,61 Gb Free Space | 22,86% Space Free | Partition Type: NTFS

Drive F: | 148,99 Gb Total Space | 107,61 Gb Free Space | 72,23% Space Free | Partition Type: NTFS

Drive M: | 298,08 Gb Total Space | 34,66 Gb Free Space | 11,63% Space Free | Partition Type: NTFS

 

Computer Name: LORAK-PC | User Name: Lorak | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2010/11/12 15:08:43 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Lorak\Desktop\OTL.exe

PRC - [2010/08/17 12:39:03 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2010/08/17 12:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2010/08/17 12:38:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2009/06/26 15:08:38 | 006,036,992 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe

PRC - [2009/04/02 11:27:26 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe

PRC - [2008/01/04 16:47:28 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Peer2Me\Peer2Me.exe

PRC - [2007/09/02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010/11/12 15:08:43 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Lorak\Desktop\OTL.exe

MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

MOD - [2007/09/02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2010/10/28 14:29:12 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)

SRV:64bit: - [2010/09/29 02:51:08 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2010/10/28 14:32:34 | 001,974,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)

SRV - [2010/10/28 14:29:08 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)

SRV - [2010/09/12 14:30:52 | 000,251,248 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files (x86)\ma-config.com\maconfservice.exe -- (maconfservice)

SRV - [2010/08/17 12:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2010/08/17 12:38:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/04/02 11:27:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)

DRV:64bit: - [2010/11/01 15:49:51 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2010/09/29 03:26:12 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2010/09/29 03:26:12 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2010/09/29 02:14:48 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010/09/20 15:39:06 | 000,349,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2010/08/17 12:39:11 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2010/08/17 12:39:11 | 000,081,584 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2010/08/16 11:42:00 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2010/06/06 21:57:22 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)

DRV:64bit: - [2010/05/06 10:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2010/03/10 03:03:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)

DRV:64bit: - [2009/07/16 10:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)

DRV:64bit: - [2009/07/14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009/07/14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2010/10/07 13:34:32 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)

DRV - [2010/08/30 11:19:54 | 000,015,872 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ma-config.com\Drivers\driverhardwarev2x64.sys -- (driverhardwarev2x64)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google Actualités

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7B E6 3D 72 89 02 CB 01 [binary data]

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010/10/29 13:40:38 | 000,000,000 | ---D | M]

 

[2010/09/16 19:32:41 | 000,000,000 | ---D | M] -- C:\Users\Lorak\AppData\Roaming\mozilla\Extensions

[2010/09/16 19:32:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lorak\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

 

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)

O13 - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://fichiers.touslesdrivers.com/maconfig/MaConfig_4_6_0_1.cab ("Ma-Config.com control)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/03/19 18:28:09 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010/11/12 15:08:41 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Lorak\Desktop\OTL.exe

[2010/11/12 11:20:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro

[2010/11/11 21:59:48 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek

[2010/11/11 21:59:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM

[2010/11/11 21:59:18 | 002,580,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll

[2010/11/11 21:59:18 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll

[2010/11/11 21:59:18 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll

[2010/11/11 21:59:18 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll

[2010/11/11 21:59:18 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll

[2010/11/11 21:59:18 | 000,118,464 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll

[2010/11/11 21:59:17 | 002,654,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll

[2010/11/11 21:59:17 | 002,096,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll

[2010/11/11 21:59:17 | 001,716,368 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll

[2010/11/11 21:59:17 | 001,242,728 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll

[2010/11/11 21:59:17 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl

[2010/11/11 21:59:17 | 000,618,600 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll

[2010/11/11 21:59:17 | 000,561,256 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat

[2010/11/11 21:59:17 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll

[2010/11/11 21:59:17 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll

[2010/11/11 21:59:17 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll

[2010/11/11 21:59:17 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll

[2010/11/11 21:59:17 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll

[2010/11/11 21:59:17 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll

[2010/11/11 21:59:17 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll

[2010/11/11 21:59:17 | 000,125,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll

[2010/11/11 21:59:17 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll

[2010/11/11 21:59:17 | 000,082,024 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll

[2010/11/11 21:59:17 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll

[2010/11/11 21:59:17 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll

[2010/11/11 21:59:17 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll

[2010/11/11 21:59:17 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll

[2010/11/11 21:59:16 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll

[2010/11/11 21:59:16 | 001,770,328 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll

[2010/11/11 21:59:16 | 000,419,472 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll

[2010/11/11 21:59:16 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll

[2010/11/11 21:59:16 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll

[2010/11/11 21:59:16 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll

[2010/11/11 21:59:16 | 000,106,640 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll

[2010/11/11 21:59:16 | 000,072,336 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll

[2010/11/11 21:59:14 | 001,937,312 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll

[2010/11/11 21:59:14 | 001,327,208 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll

[2010/11/11 21:59:14 | 001,179,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll

[2010/11/11 21:59:14 | 001,111,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll

[2010/11/11 21:59:14 | 000,504,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll

[2010/11/11 21:59:14 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll

[2010/11/11 21:59:14 | 000,475,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll

[2010/11/11 21:59:14 | 000,317,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll

[2010/11/11 21:59:14 | 000,269,928 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll

[2010/11/11 21:59:14 | 000,266,856 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll

[2010/11/11 21:59:14 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll

[2010/11/11 21:59:14 | 000,126,056 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll

[2010/11/11 21:59:14 | 000,125,544 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll

[2010/11/11 21:59:14 | 000,125,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll

[2010/11/11 21:59:14 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll

[2010/11/11 21:59:12 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll

[2010/11/11 21:38:50 | 000,349,800 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys

[2010/11/07 18:04:31 | 000,000,000 | ---D | C] -- C:\Users\Lorak\Documents\Rockstar Games

[2010/11/07 17:21:12 | 000,000,000 | ---D | C] -- C:\Users\Lorak\AppData\Local\Rockstar Games

[2010/11/07 17:21:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft

[2010/11/07 17:20:48 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM

[2010/11/07 17:17:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive

[2010/11/07 17:17:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE

[2010/11/07 16:10:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Grand Theft Auto IV - Episodes From Liberty City

[2010/11/05 16:02:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera

[2010/11/04 01:14:16 | 000,000,000 | ---D | C] -- C:\Users\Lorak\AppData\Local\bizarre creations

[2010/11/04 01:07:54 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll

[2010/11/04 01:07:54 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll

[2010/11/04 01:07:54 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll

[2010/11/04 01:07:54 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll

[2010/11/04 01:07:54 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll

[2010/11/04 01:07:54 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll

[2010/11/04 01:07:53 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll

[2010/11/04 01:07:53 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll

[2010/11/04 01:07:52 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll

[2010/11/04 01:07:52 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll

[2010/11/04 01:07:52 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll

[2010/11/04 01:07:52 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll

[2010/11/04 01:07:51 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll

[2010/11/04 01:07:51 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll

[2010/11/04 01:07:50 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll

[2010/11/04 01:07:50 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll

[2010/11/04 00:59:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision

[2010/11/03 16:02:07 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe

[2010/11/03 16:02:03 | 000,036,160 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll

[2010/11/03 16:02:03 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll

[2010/11/03 16:02:03 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll

[2010/11/03 16:02:02 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll

[2010/11/03 16:01:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2011

[2010/11/03 16:01:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}

[2010/11/01 16:34:53 | 000,000,000 | RH-D | C] -- C:\Users\Lorak\AppData\Roaming\SecuROM

[2010/11/01 15:49:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite

[2010/11/01 15:48:22 | 000,000,000 | ---D | C] -- C:\Users\Lorak\AppData\Roaming\DAEMON Tools Lite

[2010/11/01 15:48:14 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite

[2010/10/31 15:06:39 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll

[2010/10/31 15:06:39 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll

[2010/10/31 15:06:39 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll

[2010/10/31 15:06:39 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll

[2010/10/31 15:06:37 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll

[2010/10/31 15:06:37 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll

[2010/10/31 15:06:36 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll

[2010/10/31 15:06:36 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll

[2010/10/31 15:06:34 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll

[2010/10/31 15:06:34 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll

[2010/10/31 15:06:32 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll

[2010/10/31 15:06:32 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll

[2010/10/31 15:06:30 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll

[2010/10/31 15:06:30 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll

[2010/10/31 15:06:27 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll

[2010/10/31 15:06:27 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll

[2010/10/31 15:06:25 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll

[2010/10/31 15:06:25 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll

[2010/10/31 15:06:24 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll

[2010/10/31 15:06:24 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll

[2010/10/31 15:06:21 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll

[2010/10/31 15:06:21 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll

[2010/10/31 15:06:18 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll

[2010/10/31 15:06:18 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll

[2010/10/31 15:06:18 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll

[2010/10/31 15:06:18 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll

[2010/10/31 15:06:15 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll

[2010/10/31 15:06:15 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll

[2010/10/31 15:06:13 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll

[2010/10/31 15:06:13 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll

[2010/10/31 15:06:13 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll

[2010/10/31 15:06:13 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll

[2010/10/31 15:06:12 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll

[2010/10/31 15:06:12 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll

[2010/10/31 15:06:10 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll

[2010/10/31 15:06:10 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll

[2010/10/31 15:06:08 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll

[2010/10/31 15:06:08 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll

[2010/10/31 15:06:08 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll

[2010/10/31 15:06:08 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll

[2010/10/31 15:06:05 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll

[2010/10/31 15:06:05 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll

[2010/10/31 15:06:03 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll

[2010/10/31 15:06:03 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll

[2010/10/31 15:06:03 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll

[2010/10/31 15:06:03 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll

[2010/10/31 15:06:01 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll

[2010/10/31 15:06:01 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll

[2010/10/31 15:06:00 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll

[2010/10/31 15:06:00 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll

[2010/10/31 15:05:58 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll

[2010/10/31 15:05:58 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll

[2010/10/31 15:05:58 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll

[2010/10/31 15:05:58 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll

[2010/10/31 15:05:56 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll

[2010/10/31 15:05:56 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll

[2010/10/31 15:05:53 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll

[2010/10/31 15:05:53 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll

[2010/10/31 15:05:53 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll

[2010/10/31 15:05:53 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll

[2010/10/31 15:05:51 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll

[2010/10/31 15:05:51 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll

[2010/10/31 15:05:48 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll

[2010/10/31 15:05:48 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll

[2010/10/31 15:05:48 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll

[2010/10/31 15:05:48 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll

[2010/10/31 15:05:47 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll

[2010/10/31 15:05:47 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll

[2010/10/31 15:05:46 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll

[2010/10/31 15:05:46 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll

[2010/10/31 15:05:43 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll

[2010/10/31 15:05:43 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll

[2010/10/31 15:05:43 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll

[2010/10/31 15:05:43 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll

[2010/10/31 15:05:41 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll

[2010/10/31 15:05:41 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll

[2010/10/31 15:05:39 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll

[2010/10/31 15:05:39 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll

[2010/10/31 15:05:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll

[2010/10/31 15:05:37 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll

[2010/10/31 15:05:35 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll

[2010/10/31 15:05:35 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll

[2010/10/31 15:05:33 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll

[2010/10/31 15:05:33 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll

[2010/10/31 15:05:33 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll

[2010/10/31 15:05:33 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll

[2010/10/31 15:05:22 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll

[2010/10/31 15:05:22 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll

[2010/10/31 15:05:15 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll

[2010/10/31 15:05:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll

[2010/10/31 15:05:02 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll

[2010/10/31 15:05:02 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll

[2010/10/31 15:05:02 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll

[2010/10/31 15:05:02 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll

[2010/10/31 15:04:55 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll

[2010/10/31 15:04:55 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll

[2010/10/31 15:04:50 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll

[2010/10/31 15:04:50 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll

[2010/10/31 15:04:40 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll

[2010/10/31 15:04:40 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll

[2010/10/31 15:04:40 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll

[2010/10/31 15:04:40 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll

[2010/10/31 15:04:31 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll

[2010/10/31 15:04:31 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll

[2010/10/31 15:04:23 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll

[2010/10/31 15:04:23 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll

[2010/10/31 15:04:23 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll

[2010/10/31 15:04:23 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll

[2010/10/31 15:04:12 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll

[2010/10/31 15:04:12 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll

[2010/10/31 15:04:12 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll

[2010/10/31 15:04:12 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll

[2010/10/31 15:04:00 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll

[2010/10/31 15:04:00 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll

[2010/10/31 15:03:58 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll

[2010/10/31 15:03:58 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll

[2010/10/31 15:03:52 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll

[2010/10/31 15:03:52 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll

[2010/10/31 15:03:45 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll

[2010/10/31 15:03:45 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll

[2010/10/31 15:03:45 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll

[2010/10/31 15:03:45 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll

[2010/10/31 15:03:33 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll

[2010/10/31 15:03:33 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll

[2010/10/31 15:03:27 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll

[2010/10/31 15:03:27 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll

[2010/10/31 15:03:22 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll

[2010/10/31 15:03:22 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll

[2010/10/31 15:03:20 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll

[2010/10/31 15:03:20 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll

[2010/10/31 15:03:12 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll

[2010/10/31 15:03:12 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll

[2010/10/31 15:03:10 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll

[2010/10/31 15:03:10 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll

[2010/10/31 15:03:10 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll

[2010/10/31 15:03:10 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll

[2010/10/31 15:03:07 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll

[2010/10/31 15:03:07 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll

[2010/10/31 15:03:05 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll

[2010/10/31 15:03:05 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll

[2010/10/31 15:03:04 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll

[2010/10/31 15:03:04 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll

[2010/10/31 15:03:03 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll

[2010/10/31 15:03:03 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll

[2010/10/31 15:03:01 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll

[2010/10/31 15:03:01 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll

[2010/10/31 15:03:00 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll

[2010/10/31 15:03:00 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll

[2010/10/31 15:02:52 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll

[2010/10/31 15:02:52 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll

[2010/10/31 15:02:50 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll

[2010/10/31 15:02:50 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll

[2010/10/31 15:02:50 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll

[2010/10/31 15:02:50 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll

[2010/10/31 15:02:49 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll

[2010/10/31 15:02:49 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll

[2010/10/31 15:02:47 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll

[2010/10/31 15:02:47 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll

[2010/10/31 15:02:46 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll

[2010/10/31 15:02:46 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll

[2010/10/31 15:02:45 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll

[2010/10/31 15:02:45 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll

[2010/10/31 15:02:44 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll

[2010/10/31 15:02:44 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll

[2010/10/31 15:02:42 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll

[2010/10/31 15:02:42 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll

[2010/10/28 19:11:36 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP

[2010/10/28 19:00:40 | 000,000,000 | ---D | C] -- C:\Users\Lorak\Documents\PcSetup

[2010/10/27 16:42:14 | 000,000,000 | ---D | C] -- C:\Users\Lorak\AppData\Local\LucasArts

[2010/10/26 18:21:22 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll

[2010/10/26 18:21:22 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll

[2010/10/26 18:21:22 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll

[2010/10/26 18:21:22 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax

[2010/10/26 18:21:22 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax

[2010/10/26 18:21:22 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax

[2010/10/26 18:21:22 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax

[2010/10/26 18:21:17 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys

[2010/10/26 18:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI

[2010/10/26 18:13:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies

[2010/10/26 18:12:47 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies

[2010/10/26 18:12:13 | 000,000,000 | ---D | C] -- C:\ATI

[2010/10/24 19:49:57 | 000,000,000 | ---D | C] -- C:\ProgramData\SpinTop Games

[2010/10/24 19:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2010/10/24 19:49:02 | 000,000,000 | ---D | C] -- C:\Windows\Zuma's Revenge!

[2010/10/24 19:49:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zuma's Revenge!

[2010/10/22 16:59:33 | 000,000,000 | ---D | C] -- C:\DreamScènes

[2010/10/22 16:50:42 | 000,275,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DreamScene.dll

[2010/06/06 21:57:22 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Lorak\AppData\Roaming\pcouffin.sys

 

========== Files - Modified Within 30 Days ==========

 

[2010/11/12 15:36:29 | 001,329,320 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2010/11/12 15:36:29 | 000,800,448 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2010/11/12 15:36:29 | 000,333,402 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2010/11/12 15:36:29 | 000,282,380 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2010/11/12 15:36:29 | 000,005,194 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2010/11/12 15:27:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/11/12 15:26:27 | 000,013,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/11/12 15:26:27 | 000,013,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/11/12 15:08:50 | 000,869,086 | ---- | M] () -- C:\Users\Lorak\Desktop\SecurityCheck.exe

[2010/11/12 15:08:43 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Lorak\Desktop\OTL.exe

[2010/11/02 19:33:34 | 001,146,984 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl

[2010/11/02 19:33:22 | 002,096,232 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll

[2010/11/02 19:33:22 | 000,332,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll

[2010/11/02 19:33:00 | 002,654,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll

[2010/11/02 19:33:00 | 000,618,600 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll

[2010/11/02 19:33:00 | 000,149,608 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll

[2010/11/02 19:32:48 | 001,242,728 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll

[2010/11/02 19:32:48 | 000,561,256 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat

[2010/11/02 19:32:48 | 000,082,024 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll

[2010/11/02 19:32:26 | 001,327,208 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll

[2010/11/02 19:32:26 | 000,491,112 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll

[2010/11/02 19:32:26 | 000,475,752 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll

[2010/11/02 19:32:14 | 001,179,752 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll

[2010/11/02 19:32:14 | 000,317,032 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll

[2010/11/02 19:32:14 | 000,269,928 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll

[2010/11/02 19:32:14 | 000,126,056 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll

[2010/11/02 19:32:14 | 000,125,032 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll

[2010/11/02 19:32:02 | 001,111,656 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll

[2010/11/02 19:32:02 | 000,504,936 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll

[2010/11/02 19:32:02 | 000,266,856 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll

[2010/11/02 19:32:02 | 000,125,544 | ---- | M] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll

[2010/11/01 16:47:25 | 000,000,001 | ---- | M] () -- C:\Windows\SysWow64\SI.bin

[2010/11/01 15:49:51 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys

[2010/10/29 10:05:34 | 000,118,464 | ---- | M] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll

[2010/10/28 19:00:42 | 000,099,384 | ---- | M] () -- C:\Users\Lorak\AppData\Roaming\inst.exe

[2010/10/28 19:00:42 | 000,082,816 | ---- | M] (VSO Software) -- C:\Users\Lorak\AppData\Roaming\pcouffin.sys

[2010/10/28 19:00:42 | 000,007,859 | ---- | M] () -- C:\Users\Lorak\AppData\Roaming\pcouffin.cat

[2010/10/28 19:00:42 | 000,001,167 | ---- | M] () -- C:\Users\Lorak\AppData\Roaming\pcouffin.inf

[2010/10/28 19:00:31 | 000,001,057 | ---- | M] () -- C:\Users\Lorak\AppData\Roaming\vso_ts_preview.xml

[2010/10/28 14:33:02 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe

[2010/10/28 14:29:18 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll

[2010/10/28 14:29:16 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll

[2010/10/28 14:29:12 | 000,036,160 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll

[2010/10/28 14:29:08 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll

[2010/10/28 10:46:00 | 001,251,944 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll

[2010/10/26 13:03:04 | 001,937,312 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll

[2010/10/26 09:16:00 | 001,716,368 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll

[2010/10/26 09:15:58 | 000,419,472 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll

[2010/10/26 09:15:58 | 000,125,584 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll

[2010/10/26 09:15:58 | 000,072,336 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll

[2010/10/26 09:15:56 | 000,106,640 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll

[2010/10/22 17:27:37 | 000,008,107 | ---- | M] () -- C:\Windows\w7dsd.reg

[2010/10/22 17:27:37 | 000,008,089 | ---- | M] () -- C:\Windows\w7dse.reg

[2010/10/22 16:50:42 | 000,275,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DreamScene.dll

 

========== Files Created - No Company Name ==========

 

[2010/11/12 15:08:50 | 000,869,086 | ---- | C] () -- C:\Users\Lorak\Desktop\SecurityCheck.exe

[2010/11/11 21:38:50 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll

[2010/11/01 16:47:25 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin

[2010/11/01 15:49:51 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys

[2010/10/22 16:50:42 | 000,008,107 | ---- | C] () -- C:\Windows\w7dsd.reg

[2010/10/22 16:50:42 | 000,008,089 | ---- | C] () -- C:\Windows\w7dse.reg

[2010/09/30 03:02:24 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

[2010/06/30 19:16:23 | 000,000,438 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2010/06/06 21:58:13 | 000,001,057 | ---- | C] () -- C:\Users\Lorak\AppData\Roaming\vso_ts_preview.xml

[2010/06/06 21:57:58 | 000,000,055 | ---- | C] () -- C:\Users\Lorak\AppData\Roaming\pcouffin.log

[2010/06/06 21:57:22 | 000,099,384 | ---- | C] () -- C:\Users\Lorak\AppData\Roaming\inst.exe

[2010/06/06 21:57:22 | 000,007,859 | ---- | C] () -- C:\Users\Lorak\AppData\Roaming\pcouffin.cat

[2010/06/06 21:57:22 | 000,001,167 | ---- | C] () -- C:\Users\Lorak\AppData\Roaming\pcouffin.inf

[2010/06/03 17:50:59 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini

[2010/06/03 13:25:00 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll

[2010/06/03 13:25:00 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys

[2010/06/02 21:36:41 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

[2009/11/06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2010/10/28 21:15:39 | 000,000,084 | ---- | M] () -- C:\cmdlog.txt

[2010/11/12 15:27:05 | 2146,623,487 | -HS- | M] () -- C:\pagefile.sys

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2010/09/08 05:28:01 | 000,185,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\iepeers.dll

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

 

< %systemroot%\system32\drivers\*.sys /90 >

 

< >

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:ADF211B1

 

< End of report >

Lorak Member

Lorak

Posté(e)
  • Auteur
Posté(e)

Voici mon rapport Extras.txt

OTL Extras logfile created on: 12/11/2010 15:37:43 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Lorak\Desktop

64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

6,00 Gb Total Physical Memory | 5,00 Gb Available Physical Memory | 76,00% Memory free

12,00 Gb Paging File | 10,00 Gb Available in Paging File | 86,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 149,10 Gb Total Space | 70,19 Gb Free Space | 47,07% Space Free | Partition Type: NTFS

Drive D: | 74,53 Gb Total Space | 39,12 Gb Free Space | 52,50% Space Free | Partition Type: NTFS

Drive E: | 488,28 Gb Total Space | 111,61 Gb Free Space | 22,86% Space Free | Partition Type: NTFS

Drive F: | 148,99 Gb Total Space | 107,61 Gb Free Space | 72,23% Space Free | Partition Type: NTFS

Drive M: | 298,08 Gb Total Space | 34,66 Gb Free Space | 11,63% Space Free | Partition Type: NTFS

 

Computer Name: LORAK-PC | User Name: Lorak | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %* File not found

cmdfile [open] -- "%1" %* File not found

comfile [open] -- "%1" %* File not found

exefile [open] -- "%1" %* File not found

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found

http [open] -- Reg Error: Key error.

https [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %* File not found

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1" File not found

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S File not found

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- Reg Error: Key error.

https [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

========== Authorized Applications List ==========

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{4B5F58F7-C7D1-3CE3-9B37-B657F0852643}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}" = ATI Catalyst Install Manager

"{D29E5E5F-47CA-087E-DCBF-FB75171D5B2E}" = ccc-utility64

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"CCleaner" = CCleaner

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"Satsuki Decoder Pack" = Satsuki Decoder Pack 64 bits

"WinRAR archiver" = WinRAR archiver

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable

"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight

"{135F49F2-9071-F45A-4263-DF7D42FBF7DD}" = CCC Help English

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011

"{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}" = Next Generation Visualisations

"{33899F97-411C-4759-BDAA-26ECAE715B9C}" = TuneUp Utilities Language Pack (fr-FR)

"{3F66C4BF-4BD9-FF9C-FA9F-4579F60A33B3}" = Catalyst Control Center Graphics Previews Vista

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City

"{5454083B-1308-4485-BF17-111000038701}" = Grand Theft Auto: Episodes from Liberty City

"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine

"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver

"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A56A332-F833-45CF-9A20-6F3524054843}" = James Bond 007 - Blood Stone

"{8ED35B48-AFBD-4F32-8271-2257AD8B907E}_is1" = Grand Theft Auto IV - Episodes From Liberty City

"{96EB95A2-5245-4EA2-B6EA-B8BA2FBF64C4}" = Ma-Config.com

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV pour Windows Media Center

"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE

"{A914AE85-1A36-0575-714C-BF996BDA20C7}" = ccc-core-static

"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.0 - Français

"{AE249BA3-2421-3996-5E9A-DF4A9F3551FC}" = Catalyst Control Center InstallProxy

"{C783600B-C726-4481-9BBE-06F560CF8968}" = Peer2Me

"{DB8B49A9-7CF1-34DB-6DF2-1EC41C0FE5E1}" = Catalyst Control Center Graphics Previews Common

"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding

"{E2A6B1A0-C1E3-4311-BF86-EAF18841FD67}" = CANAL+ pour Windows Media Center

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II

"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition

"EPSON Scanner" = EPSON Scan

"InstallShield_{8A56A332-F833-45CF-9A20-6F3524054843}" = James Bond 007 - Blood Stone

"Just Cause 2_is1" = Just Cause 2

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Mozilla Thunderbird (3.1.6)" = Mozilla Thunderbird (3.1.6)

"RocketDock_is1" = RocketDock 1.3.5

"TuneUp Utilities 2011" = TuneUp Utilities 2011

"uTorrent" = µTorrent

"VPN Lifeguard 1.3.17_is1" = VPN Lifeguard

"Wise Registry Cleaner_is1" = Wise Registry Cleaner 5.8.6

"Zuma's Revenge!1.0" = Zuma's Revenge!

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 12/11/2010 10:23:14 | Computer Name = Lorak-PC | Source = RasClient | ID = 20227

Description =

 

Error - 12/11/2010 10:23:51 | Computer Name = Lorak-PC | Source = RasClient | ID = 20227

Description =

 

Error - 12/11/2010 10:24:45 | Computer Name = Lorak-PC | Source = RasClient | ID = 20227

Description =

 

Error - 12/11/2010 10:27:12 | Computer Name = Lorak-PC | Source = Winlogon | ID = 4103

Description = Échec de l’activation de la licence Windows. Erreur 0x80070005.

 

Error - 12/11/2010 10:32:56 | Computer Name = Lorak-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Les chaînes de performance dans la valeur de Registre Performance

sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance.

La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans

la section Données, la valeur LastCounter est le deuxième DWORD dans la section

Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

 

Error - 12/11/2010 10:32:56 | Computer Name = Lorak-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Les chaînes de performance dans la valeur de Registre Performance

sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance.

La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans

la section Données, la valeur LastCounter est le deuxième DWORD dans la section

Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

 

Error - 12/11/2010 10:32:56 | Computer Name = Lorak-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011

Description = Le déchargement des chaînes de compteurs de performances pour le service

WmiApRpl (WmiApRpl) a échoué. Le premier DWORD de la section Data contient le code

d’erreur.

 

Error - 12/11/2010 10:36:26 | Computer Name = Lorak-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Les chaînes de performance dans la valeur de Registre Performance

sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance.

La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans

la section Données, la valeur LastCounter est le deuxième DWORD dans la section

Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

 

Error - 12/11/2010 10:36:26 | Computer Name = Lorak-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Les chaînes de performance dans la valeur de Registre Performance

sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance.

La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans

la section Données, la valeur LastCounter est le deuxième DWORD dans la section

Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

 

Error - 12/11/2010 10:36:26 | Computer Name = Lorak-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011

Description = Le déchargement des chaînes de compteurs de performances pour le service

WmiApRpl (WmiApRpl) a échoué. Le premier DWORD de la section Data contient le code

d’erreur.

 

[ System Events ]

Error - 12/11/2010 09:15:44 | Computer Name = Lorak-PC | Source = Service Control Manager | ID = 7001

Description = Le service Fournisseur HomeGroup dépend du service Hôte du fournisseur

de découverte de fonctions qui n’a pas pu démarrer en raison de l’erreur : %%1058

 

Error - 12/11/2010 09:15:45 | Computer Name = Lorak-PC | Source = Service Control Manager | ID = 7001

Description = Le service Fournisseur HomeGroup dépend du service Hôte du fournisseur

de découverte de fonctions qui n’a pas pu démarrer en raison de l’erreur : %%1058

 

Error - 12/11/2010 09:38:28 | Computer Name = Lorak-PC | Source = RemoteAccess | ID = 20106

Description = Impossible d’ajouter l’interface {283F0265-4EE0-4A83-A4A6-06F0B6C6CE16}

avec le Gestionnaire de routage pour le protocole IPV6. L’erreur suivante s’est

produite : Impossible d’accomplir cette fonction.

 

Error - 12/11/2010 09:38:32 | Computer Name = Lorak-PC | Source = Service Control Manager | ID = 7001

Description = Le service Fournisseur HomeGroup dépend du service Hôte du fournisseur

de découverte de fonctions qui n’a pas pu démarrer en raison de l’erreur : %%1058

 

Error - 12/11/2010 10:16:09 | Computer Name = Lorak-PC | Source = RemoteAccess | ID = 20106

Description = Impossible d’ajouter l’interface {283F0265-4EE0-4A83-A4A6-06F0B6C6CE16}

avec le Gestionnaire de routage pour le protocole IPV6. L’erreur suivante s’est

produite : Impossible d’accomplir cette fonction.

 

Error - 12/11/2010 10:16:10 | Computer Name = Lorak-PC | Source = Service Control Manager | ID = 7001

Description = Le service Fournisseur HomeGroup dépend du service Hôte du fournisseur

de découverte de fonctions qui n’a pas pu démarrer en raison de l’erreur : %%1058

 

Error - 12/11/2010 10:25:02 | Computer Name = Lorak-PC | Source = Service Control Manager | ID = 7001

Description = Le service Fournisseur HomeGroup dépend du service Hôte du fournisseur

de découverte de fonctions qui n’a pas pu démarrer en raison de l’erreur : %%1058

 

Error - 12/11/2010 10:27:31 | Computer Name = Lorak-PC | Source = RemoteAccess | ID = 20106

Description = Impossible d’ajouter l’interface {283F0265-4EE0-4A83-A4A6-06F0B6C6CE16}

avec le Gestionnaire de routage pour le protocole IPV6. L’erreur suivante s’est

produite : Impossible d’accomplir cette fonction.

 

Error - 12/11/2010 10:27:32 | Computer Name = Lorak-PC | Source = Service Control Manager | ID = 7001

Description = Le service Fournisseur HomeGroup dépend du service Hôte du fournisseur

de découverte de fonctions qui n’a pas pu démarrer en raison de l’erreur : %%1058

 

Error - 12/11/2010 10:28:04 | Computer Name = Lorak-PC | Source = Service Control Manager | ID = 7001

Description = Le service Fournisseur HomeGroup dépend du service Hôte du fournisseur

de découverte de fonctions qui n’a pas pu démarrer en raison de l’erreur : %%1058

 

 

< End of report >

Lorak Member

Lorak

Posté(e)
  • Auteur
Posté(e)

Voici mon rapport SecurityCheck.exe

Results of screen317's Security Check version 0.99.6

Windows 7 (UAC is disabled!)

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Avira AntiVir Personal - Free Antivirus

WMI entry may not exist for antivirus; attempting automatic update.

Avira successfully updated!

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

TuneUp Utilities 2011

TuneUp Utilities Language Pack (fr-FR)

Wise Registry Cleaner 5.8.6

Adobe Flash Player 10.1.102.64

Adobe Reader 9.4.0 - Français

Mozilla Thunderbird (3.1.6)

````````````````````````````````

Process Check:

objlist.exe by Laurent

Avira Antivir avgnt.exe

Avira Antivir avguard.exe

````````````````````````````````

DNS Vulnerability Check:

Request Timed Out (Wireless Internet connection/Disconnected Internet/Proxy?)

 

``````````End of Log````````````

 

 

Encore MERCI pour tout! :P

lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Re,

 

Rien de méchant!

 

Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation".

 

:OTL

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:ADF211B1

 

:Commands

[EMPTYTEMP]

[RESETHOSTS]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme vous demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

 

A la fin un rapport s'ouvre dans le bloc-note. Copier tout son contenu et le coller dans une nouvelle réponse. Fermer le rapport et OTL.

 

Rapport demandé:

  • OTL.txt

As-tu un souci quelconque avant de conclure?

Lorak Member

Lorak

Posté(e)
  • Auteur
Posté(e)

Voici le dernier Rapport

All processes killed

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.

64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

ADS C:\ProgramData\TEMP:ADF211B1 deleted successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Lorak

->Temp folder emptied: 970 bytes

->Temporary Internet Files folder emptied: 5711259 bytes

->Opera cache emptied: 240 bytes

->Flash cache emptied: 3348 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50540 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 5,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.17.3 log created on 11122010_174530

 

Files\Folders moved on Reboot...

C:\Users\Lorak\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

 

Registry entries deleted on Reboot...

 

 

Maintenant je n'arrive plus à me connecter sur internet sauf avec mon VPN(là je comprends pas),je ne sais pas si ça à un rapport avec tout ça mais merci beaucoup.

lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Bonjour,

 

...

Maintenant je n'arrive plus à me connecter sur internet sauf avec mon VPN(là je comprends pas),je ne sais pas si ça à un rapport avec tout ça mais merci beaucoup.

Diaaaable!

Si tu n'as pas trouvé une solution, ça pourrait venir de ton fichier Hosts s'il est personnalisé par toi-même, ton Admin ou par un programme et que nous avons ré-initialisé. Tu peux le restaurer en le copiant d'ici (en gras) C:\_OTL\MovedFiles\[date]_[numéro]\C_WINDOWS\System32\drivers\etc\Hosts.

Ensuite, naviguer et supprimer celui-ci (en gras) C:\WINDOWS\System32\drivers\etc\Hosts puis cliquer-droit => "Coller".

Redémarre et essaie.

Lorak Member

Lorak

Posté(e)
  • Auteur
Posté(e)

salut!

Merci pour tout même la dernière astuce a marché!MERCI :P

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...