Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[Resolu] Demarrage Windows tres long / Impossible

GreGDurablement

Par GreGDurablement
dans Analyses et éradication malwares

 Partager

Messages recommandés

lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Bonjour GreGDurablement,

 

Très Important!

 

>>> A faire immédiatement:

En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

 

>>> Que faire durant ce nettoyage, merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

 

>>> Que faire à la réception de nouvelles instructions,

  • Lire la totalité du message.
  • Télécharger et enregistrer les utilitaires DIRECTEMENT sur le Bureau ou les déplacer (tout de suite après par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller".
    Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau.
  • Prendre l'habitude de désactiver tous les programmes de protection au début de chaque nouvelle étape et de les réactiver à la fin.
  • Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
  • NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.

>>> Comment répondre: Cliquer sur le bouton zeb_bouton.png car je n'ai pas besoin de relire mes messages précédents.

 

PS: Pendant l'exécution, le logiciel me signal que mon fichier host est très important, ce qui est normal puisque je l'ai musclé sur les conseils du forum de malékal.

Tellement musclé qu'il est plus difficile d'y trouver les signes d'infections :).

 

...

Autre chose, le son crachote depuis le début des ennuis, que ce soit avec itunes ou vlc et même en passant sur des haut-parleurs externes. Un problème de pilote ?

Ou un bootkit, on verra.

--

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau:

>>> TDSSKiller: Dézipper TDSSKiller.zip (clic-droit dessus => "Extraire ici". Glisser TDSSKiller.zip dans la corbeille pour le supprimer.

  • Fermer tout et désactiver antivirus et tout autre programme de protection. Cliquer sur TDSSKiller.exe pour lancer le programme.
     
  • Cliquer sur le bouton Start Scan et patienter jusqu'à la fin de l'analyse.
     
  • Si un fichier infecté est détecté, l'action par défaut sera Cure. Cliquer sur le bouton Continue Sans rien changer. tdsskiller2.png
     
  • Si un fichier suspect est détecté, l'action par défaut sera Skip. Cliquer sur le bouton Continue Sans rien changer. tdsskiller3.png

Si vous êtes invité à redémarre la machine pour finir le processus (reboot the computer to complete the process), cliquez sur le bouton Reboot Now. Le rapport sera sauvegardé à la racine de la partition système, là où Windows est installé (généralement C:\); son format est du type "TDSSKiller.[Version]_[Date]_[Heure]_log.txt" (par exemple, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Poster son contenu.

Si aucun redémarrage n'est requis, cliquer sur Report. Un fichier texte s'ouvre et sera sauvegardé de la même manière, poster son contenu.

 

>>> MBRCheck: Fermer tout et cliquer sur MBRCheck.exe.

Un rapport s'ouvre en fin de scan et sera automatiquement enregistré sur le Bureau. Il sera du type MBRCheck_AA.JJ.MM_hh.mm.ss.txt (i.e. MBRCheck_07.21.10_18.08.06.txt).

Presser la touche "Entrée" pour fermer la fenêtre et poster son contenu.

 

Rapports demandés:

  • MBRCheck log
  • TDSSKiller_log.txt

Un changement quelconque?

GreGDurablement Junior Member

GreGDurablement

Posté(e)
  • Auteur
Posté(e)

... parce que je ne l'avais pas encore fait et que je n'avais que ça à faire. Et l'ordi c'est éteint avant la fin (j'avais éteint la multiprise sans m'en rendre compte), donc un coup dans l'eau :$

 

Avant j'ai fait un scan antivir en mode sans échec qui n'a rien révélé de nouveau.

 

Je viens d'utiliser TDSSkiller. L'examen s'est arrêté au bout d'une minute (?) en identifiant uniquement un fichier suspect (un .sptd, de mémoire) car "locked". je ne peut poster le rapport maintenant car en cliquant sur "close", j'ai eu un écran bleu avec du texte blanc disant qu'il y avait une erreur. Je n'ai put lire la suite, l'ordi a redémarrer et me proposait des modes sans échec et autres. Le temps que je rédige ce post, l'ordi s'est lancé dans un redémarrage. Il est donc indisponible pour l'heure à venir...

GreGDurablement Junior Member

GreGDurablement

Posté(e)
  • Auteur
Posté(e)

Voici le rapport TDSSKiller:

2010/11/21 17:08:43.0836 TDSS rootkit removing tool 2.4.8.0 Nov 17 2010 07:23:12

2010/11/21 17:08:43.0836 ================================================================================

2010/11/21 17:08:43.0836 SystemInfo:

2010/11/21 17:08:43.0836

2010/11/21 17:08:43.0836 OS Version: 6.1.7600 ServicePack: 0.0

2010/11/21 17:08:43.0836 Product type: Workstation

2010/11/21 17:08:43.0836 ComputerName: THINKINGMACHINE

2010/11/21 17:08:43.0836 UserName: Deux Ex Machina

2010/11/21 17:08:43.0836 Windows directory: W:\Windows

2010/11/21 17:08:43.0836 System windows directory: W:\Windows

2010/11/21 17:08:43.0836 Processor architecture: Intel x86

2010/11/21 17:08:43.0836 Number of processors: 2

2010/11/21 17:08:43.0836 Page size: 0x1000

2010/11/21 17:08:43.0836 Boot type: Normal boot

2010/11/21 17:08:43.0836 ================================================================================

2010/11/21 17:08:52.0650 Initialize success

2010/11/21 17:08:58.0641 ================================================================================

2010/11/21 17:08:58.0641 Scan started

2010/11/21 17:08:58.0641 Mode: Manual;

2010/11/21 17:08:58.0641 ================================================================================

2010/11/21 17:09:02.0213 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) W:\Windows\system32\DRIVERS\1394ohci.sys

2010/11/21 17:09:02.0400 ACPI (f0e07d144c8685b8774bc32fc8da4df0) W:\Windows\system32\DRIVERS\ACPI.sys

2010/11/21 17:09:02.0556 AcpiPmi (98d81ca942d19f7d9153b095162ac013) W:\Windows\system32\DRIVERS\acpipmi.sys

2010/11/21 17:09:02.0790 adp94xx (21e785ebd7dc90a06391141aac7892fb) W:\Windows\system32\DRIVERS\adp94xx.sys

2010/11/21 17:09:02.0978 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) W:\Windows\system32\DRIVERS\adpahci.sys

2010/11/21 17:09:03.0165 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) W:\Windows\system32\DRIVERS\adpu320.sys

2010/11/21 17:09:03.0430 AFD (ddc040fdb01ef1712a6b13e52afb104c) W:\Windows\system32\drivers\afd.sys

2010/11/21 17:09:03.0555 agp440 (507812c3054c21cef746b6ee3d04dd6e) W:\Windows\system32\DRIVERS\agp440.sys

2010/11/21 17:09:03.0773 aic78xx (8b30250d573a8f6b4bd23195160d8707) W:\Windows\system32\DRIVERS\djsvs.sys

2010/11/21 17:09:03.0976 aliide (0d40bcf52ea90fc7df2aeab6503dea44) W:\Windows\system32\DRIVERS\aliide.sys

2010/11/21 17:09:04.0070 amdagp (3c6600a0696e90a463771c7422e23ab5) W:\Windows\system32\DRIVERS\amdagp.sys

2010/11/21 17:09:04.0210 amdide (cd5914170297126b6266860198d1d4f0) W:\Windows\system32\DRIVERS\amdide.sys

2010/11/21 17:09:04.0382 AmdK8 (00dda200d71bac534bf56a9db5dfd666) W:\Windows\system32\DRIVERS\amdk8.sys

2010/11/21 17:09:04.0522 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) W:\Windows\system32\DRIVERS\amdppm.sys

2010/11/21 17:09:04.0631 amdsata (2101a86c25c154f8314b24ef49d7fbc2) W:\Windows\system32\DRIVERS\amdsata.sys

2010/11/21 17:09:04.0772 amdsbs (ea43af0c423ff267355f74e7a53bdaba) W:\Windows\system32\DRIVERS\amdsbs.sys

2010/11/21 17:09:04.0928 amdxata (b81c2b5616f6420a9941ea093a92b150) W:\Windows\system32\DRIVERS\amdxata.sys

2010/11/21 17:09:05.0115 AppID (feb834c02ce1e84b6a38f953ca067706) W:\Windows\system32\drivers\appid.sys

2010/11/21 17:09:05.0442 arc (2932004f49677bd84dbc72edb754ffb3) W:\Windows\system32\DRIVERS\arc.sys

2010/11/21 17:09:05.0645 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) W:\Windows\system32\DRIVERS\arcsas.sys

2010/11/21 17:09:05.0832 AsyncMac (add2ade1c2b285ab8378d2daaf991481) W:\Windows\system32\DRIVERS\asyncmac.sys

2010/11/21 17:09:06.0066 atapi (338c86357871c167a96ab976519bf59e) W:\Windows\system32\DRIVERS\atapi.sys

2010/11/21 17:09:06.0238 avgntflt (1eb7d72a82f94f7e9496d363fce00b68) W:\Windows\system32\DRIVERS\avgntflt.sys

2010/11/21 17:09:06.0472 avipbb (f8c56231ed5ecf7d1b46b0330880ccef) W:\Windows\system32\DRIVERS\avipbb.sys

2010/11/21 17:09:06.0722 b06bdrv (1a231abec60fd316ec54c66715543cec) W:\Windows\system32\DRIVERS\bxvbdx.sys

2010/11/21 17:09:07.0002 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) W:\Windows\system32\DRIVERS\b57nd60x.sys

2010/11/21 17:09:07.0205 Beep (505506526a9d467307b3c393dedaf858) W:\Windows\system32\drivers\Beep.sys

2010/11/21 17:09:07.0502 blbdrive (2287078ed48fcfc477b05b20cf38f36f) W:\Windows\system32\DRIVERS\blbdrive.sys

2010/11/21 17:09:07.0829 bowser (fcafaef6798d7b51ff029f99a9898961) W:\Windows\system32\DRIVERS\bowser.sys

2010/11/21 17:09:08.0001 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) W:\Windows\system32\DRIVERS\BrFiltLo.sys

2010/11/21 17:09:08.0141 BrFiltUp (56801ad62213a41f6497f96dee83755a) W:\Windows\system32\DRIVERS\BrFiltUp.sys

2010/11/21 17:09:08.0328 Brserid (845b8ce732e67f3b4133164868c666ea) W:\Windows\System32\Drivers\Brserid.sys

2010/11/21 17:09:08.0484 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) W:\Windows\System32\Drivers\BrSerWdm.sys

2010/11/21 17:09:08.0578 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) W:\Windows\System32\Drivers\BrUsbMdm.sys

2010/11/21 17:09:08.0781 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) W:\Windows\System32\Drivers\BrUsbSer.sys

2010/11/21 17:09:08.0890 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) W:\Windows\system32\DRIVERS\bthmodem.sys

2010/11/21 17:09:09.0155 cdfs (77ea11b065e0a8ab902d78145ca51e10) W:\Windows\system32\DRIVERS\cdfs.sys

2010/11/21 17:09:09.0358 cdrom (ba6e70aa0e6091bc39de29477d866a77) W:\Windows\system32\DRIVERS\cdrom.sys

2010/11/21 17:09:09.0530 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) W:\Windows\system32\DRIVERS\circlass.sys

2010/11/21 17:09:09.0748 CLFS (635181e0e9bbf16871bf5380d71db02d) W:\Windows\system32\CLFS.sys

2010/11/21 17:09:10.0029 CmBatt (dea805815e587dad1dd2c502220b5616) W:\Windows\system32\DRIVERS\CmBatt.sys

2010/11/21 17:09:10.0247 cmdGuard (21fd53b014fd91f78c32fea3f7d0d448) W:\Windows\system32\DRIVERS\cmdguard.sys

2010/11/21 17:09:10.0434 cmdHlp (512862cc91ddf82cd2c826b64c713358) W:\Windows\system32\DRIVERS\cmdhlp.sys

2010/11/21 17:09:10.0559 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) W:\Windows\system32\DRIVERS\cmdide.sys

2010/11/21 17:09:10.0856 CNG (1b675691ed940766149c93e8f4488d68) W:\Windows\system32\Drivers\cng.sys

2010/11/21 17:09:11.0027 Compbatt (a6023d3823c37043986713f118a89bee) W:\Windows\system32\DRIVERS\compbatt.sys

2010/11/21 17:09:11.0261 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) W:\Windows\system32\DRIVERS\CompositeBus.sys

2010/11/21 17:09:11.0480 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) W:\Windows\system32\DRIVERS\crcdisk.sys

2010/11/21 17:09:11.0698 CSC (27c9490bdd0ae48911ab8cf1932591ed) W:\Windows\system32\drivers\csc.sys

2010/11/21 17:09:12.0119 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) W:\Windows\system32\Drivers\dfsc.sys

2010/11/21 17:09:12.0400 discache (1a050b0274bfb3890703d490f330c0da) W:\Windows\system32\drivers\discache.sys

2010/11/21 17:09:12.0603 Disk (565003f326f99802e68ca78f2a68e9ff) W:\Windows\system32\DRIVERS\disk.sys

2010/11/21 17:09:12.0852 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) W:\Windows\system32\drivers\drmkaud.sys

2010/11/21 17:09:13.0055 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) W:\Windows\System32\drivers\dxgkrnl.sys

2010/11/21 17:09:13.0508 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) W:\Windows\system32\DRIVERS\evbdx.sys

2010/11/21 17:09:13.0898 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) W:\Windows\system32\DRIVERS\elxstor.sys

2010/11/21 17:09:14.0038 ErrDev (8fc3208352dd3912c94367a206ab3f11) W:\Windows\system32\DRIVERS\errdev.sys

2010/11/21 17:09:14.0256 exfat (2dc9108d74081149cc8b651d3a26207f) W:\Windows\system32\drivers\exfat.sys

2010/11/21 17:09:14.0444 fastfat (7e0ab74553476622fb6ae36f73d97d35) W:\Windows\system32\drivers\fastfat.sys

2010/11/21 17:09:14.0615 fdc (e817a017f82df2a1f8cfdbda29388b29) W:\Windows\system32\DRIVERS\fdc.sys

2010/11/21 17:09:14.0787 FileInfo (6cf00369c97f3cf563be99be983d13d8) W:\Windows\system32\drivers\fileinfo.sys

2010/11/21 17:09:14.0880 Filetrace (42c51dc94c91da21cb9196eb64c45db9) W:\Windows\system32\drivers\filetrace.sys

2010/11/21 17:09:15.0036 flpydisk (87907aa70cb3c56600f1c2fb8841579b) W:\Windows\system32\DRIVERS\flpydisk.sys

2010/11/21 17:09:15.0161 FltMgr (7520ec808e0c35e0ee6f841294316653) W:\Windows\system32\drivers\fltmgr.sys

2010/11/21 17:09:15.0333 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) W:\Windows\system32\drivers\FsDepends.sys

2010/11/21 17:09:15.0442 Fs_Rec (a574b4360e438977038aae4bf60d79a2) W:\Windows\system32\drivers\Fs_Rec.sys

2010/11/21 17:09:15.0707 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) W:\Windows\system32\DRIVERS\fvevol.sys

2010/11/21 17:09:15.0879 gagp30kx (65ee0c7a58b65e74ae05637418153938) W:\Windows\system32\DRIVERS\gagp30kx.sys

2010/11/21 17:09:16.0035 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) W:\Windows\system32\DRIVERS\GEARAspiWDM.sys

2010/11/21 17:09:16.0316 hcw85cir (c44e3c2bab6837db337ddee7544736db) W:\Windows\system32\drivers\hcw85cir.sys

2010/11/21 17:09:16.0503 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) W:\Windows\system32\drivers\HdAudio.sys

2010/11/21 17:09:16.0690 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) W:\Windows\system32\DRIVERS\HDAudBus.sys

2010/11/21 17:09:16.0924 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) W:\Windows\system32\DRIVERS\HidBatt.sys

2010/11/21 17:09:17.0033 HidBth (89448f40e6df260c206a193a4683ba78) W:\Windows\system32\DRIVERS\hidbth.sys

2010/11/21 17:09:17.0236 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) W:\Windows\system32\DRIVERS\hidir.sys

2010/11/21 17:09:17.0517 HidUsb (25072fb35ac90b25f9e4e3bacf774102) W:\Windows\system32\DRIVERS\hidusb.sys

2010/11/21 17:09:17.0813 HpSAMD (295fdc419039090eb8b49ffdbb374549) W:\Windows\system32\DRIVERS\HpSAMD.sys

2010/11/21 17:09:18.0032 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) W:\Windows\system32\drivers\HTTP.sys

2010/11/21 17:09:18.0250 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) W:\Windows\system32\drivers\hwpolicy.sys

2010/11/21 17:09:18.0500 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) W:\Windows\system32\DRIVERS\i8042prt.sys

2010/11/21 17:09:18.0687 iaStorV (934af4d7c5f457b9f0743f4299b77b67) W:\Windows\system32\DRIVERS\iaStorV.sys

2010/11/21 17:09:19.0170 igfx (9467514ea189475a6e7fdc5d7bde9d3f) W:\Windows\system32\DRIVERS\igdkmd32.sys

2010/11/21 17:09:19.0638 iirsp (4173ff5708f3236cf25195fecd742915) W:\Windows\system32\DRIVERS\iirsp.sys

2010/11/21 17:09:19.0841 Inspect (040f2142d21cbe036d35db56da877c30) W:\Windows\system32\DRIVERS\inspect.sys

2010/11/21 17:09:19.0966 intelide (a0f12f2c9ba6c72f3987ce780e77c130) W:\Windows\system32\DRIVERS\intelide.sys

2010/11/21 17:09:20.0138 intelppm (3b514d27bfc4accb4037bc6685f766e0) W:\Windows\system32\DRIVERS\intelppm.sys

2010/11/21 17:09:20.0309 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) W:\Windows\system32\DRIVERS\ipfltdrv.sys

2010/11/21 17:09:20.0512 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) W:\Windows\system32\DRIVERS\IPMIDrv.sys

2010/11/21 17:09:20.0699 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) W:\Windows\system32\drivers\ipnat.sys

2010/11/21 17:09:20.0886 IRENUM (42996cff20a3084a56017b7902307e9f) W:\Windows\system32\drivers\irenum.sys

2010/11/21 17:09:21.0089 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) W:\Windows\system32\DRIVERS\isapnp.sys

2010/11/21 17:09:21.0292 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) W:\Windows\system32\DRIVERS\msiscsi.sys

2010/11/21 17:09:21.0448 kbdclass (adef52ca1aeae82b50df86b56413107e) W:\Windows\system32\DRIVERS\kbdclass.sys

2010/11/21 17:09:21.0713 kbdhid (3d9f0ebf350edcfd6498057301455964) W:\Windows\system32\DRIVERS\kbdhid.sys

2010/11/21 17:09:21.0885 KSecDD (e36a061ec11b373826905b21be10948f) W:\Windows\system32\Drivers\ksecdd.sys

2010/11/21 17:09:22.0025 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) W:\Windows\system32\Drivers\ksecpkg.sys

2010/11/21 17:09:22.0337 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) W:\Windows\system32\DRIVERS\lltdio.sys

2010/11/21 17:09:22.0758 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) W:\Windows\system32\DRIVERS\lsi_fc.sys

2010/11/21 17:09:22.0946 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) W:\Windows\system32\DRIVERS\lsi_sas.sys

2010/11/21 17:09:23.0055 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) W:\Windows\system32\DRIVERS\lsi_sas2.sys

2010/11/21 17:09:23.0273 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) W:\Windows\system32\DRIVERS\lsi_scsi.sys

2010/11/21 17:09:23.0476 luafv (6703e366cc18d3b6e534f5cf7df39cee) W:\Windows\system32\drivers\luafv.sys

2010/11/21 17:09:23.0694 MBAMSwissArmy (c7dd7d9739785bd3a6b8499eec1dee7e) W:\Windows\system32\drivers\mbamswissarmy.sys

2010/11/21 17:09:23.0882 megasas (0fff5b045293002ab38eb1fd1fc2fb74) W:\Windows\system32\DRIVERS\megasas.sys

2010/11/21 17:09:24.0053 MegaSR (dcbab2920c75f390caf1d29f675d03d6) W:\Windows\system32\DRIVERS\MegaSR.sys

2010/11/21 17:09:24.0303 mod7700 (c4fee5e6c41b3c5a7257b33ad624bb10) W:\Windows\system32\Drivers\mod7700.sys

2010/11/21 17:09:24.0630 Modem (f001861e5700ee84e2d4e52c712f4964) W:\Windows\system32\drivers\modem.sys

2010/11/21 17:09:24.0786 MODEMCSA (25483f9d590d5f00bd951e1181453ec2) W:\Windows\system32\drivers\MODEMCSA.sys

2010/11/21 17:09:24.0927 monitor (79d10964de86b292320e9dfe02282a23) W:\Windows\system32\DRIVERS\monitor.sys

2010/11/21 17:09:25.0067 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) W:\Windows\system32\DRIVERS\mouclass.sys

2010/11/21 17:09:25.0270 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) W:\Windows\system32\DRIVERS\mouhid.sys

2010/11/21 17:09:25.0410 mountmgr (921c18727c5920d6c0300736646931c2) W:\Windows\system32\drivers\mountmgr.sys

2010/11/21 17:09:25.0535 mpio (2af5997438c55fb79d33d015c30e1974) W:\Windows\system32\DRIVERS\mpio.sys

2010/11/21 17:09:25.0691 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) W:\Windows\system32\drivers\mpsdrv.sys

2010/11/21 17:09:25.0847 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) W:\Windows\system32\drivers\mrxdav.sys

2010/11/21 17:09:26.0019 mrxsmb (f1b6aa08497ea86ca6ef6f7a08b0bfb8) W:\Windows\system32\DRIVERS\mrxsmb.sys

2010/11/21 17:09:26.0128 mrxsmb10 (5613358b4050f46f5a9832da8050d6e4) W:\Windows\system32\DRIVERS\mrxsmb10.sys

2010/11/21 17:09:26.0284 mrxsmb20 (25c9792778d80feb4c8201e62281bfdf) W:\Windows\system32\DRIVERS\mrxsmb20.sys

2010/11/21 17:09:26.0471 msahci (4326d168944123f38dd3b2d9c37a0b12) W:\Windows\system32\DRIVERS\msahci.sys

2010/11/21 17:09:26.0580 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) W:\Windows\system32\DRIVERS\msdsm.sys

2010/11/21 17:09:26.0799 Msfs (daefb28e3af5a76abcc2c3078c07327f) W:\Windows\system32\drivers\Msfs.sys

2010/11/21 17:09:26.0955 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) W:\Windows\System32\drivers\mshidkmdf.sys

2010/11/21 17:09:27.0080 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) W:\Windows\system32\DRIVERS\msisadrv.sys

2010/11/21 17:09:27.0267 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) W:\Windows\system32\drivers\MSKSSRV.sys

2010/11/21 17:09:27.0423 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) W:\Windows\system32\drivers\MSPCLOCK.sys

2010/11/21 17:09:27.0594 MSPQM (f456e973590d663b1073e9c463b40932) W:\Windows\system32\drivers\MSPQM.sys

2010/11/21 17:09:27.0735 MsRPC (0e008fc4819d238c51d7c93e7b41e560) W:\Windows\system32\drivers\MsRPC.sys

2010/11/21 17:09:27.0922 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) W:\Windows\system32\DRIVERS\mssmbios.sys

2010/11/21 17:09:28.0094 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) W:\Windows\system32\drivers\MSTEE.sys

2010/11/21 17:09:28.0218 MTConfig (33599130f44e1f34631cea241de8ac84) W:\Windows\system32\DRIVERS\MTConfig.sys

2010/11/21 17:09:28.0343 Mup (159fad02f64e6381758c990f753bcc80) W:\Windows\system32\Drivers\mup.sys

2010/11/21 17:09:28.0593 NativeWifiP (26384429fcd85d83746f63e798ab1480) W:\Windows\system32\DRIVERS\nwifi.sys

2010/11/21 17:09:28.0842 NDIS (23759d175a0a9baaf04d05047bc135a8) W:\Windows\system32\drivers\ndis.sys

2010/11/21 17:09:29.0092 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) W:\Windows\system32\DRIVERS\ndiscap.sys

2010/11/21 17:09:29.0248 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) W:\Windows\system32\DRIVERS\ndistapi.sys

2010/11/21 17:09:29.0404 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) W:\Windows\system32\DRIVERS\ndisuio.sys

2010/11/21 17:09:29.0529 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) W:\Windows\system32\DRIVERS\ndiswan.sys

2010/11/21 17:09:29.0716 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) W:\Windows\system32\drivers\NDProxy.sys

2010/11/21 17:09:29.0841 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) W:\Windows\system32\DRIVERS\netbios.sys

2010/11/21 17:09:30.0106 NetBT (dd52a733bf4ca5af84562a5e2f963b91) W:\Windows\system32\DRIVERS\netbt.sys

2010/11/21 17:09:30.0590 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) W:\Windows\system32\DRIVERS\netw5v32.sys

2010/11/21 17:09:30.0917 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) W:\Windows\system32\DRIVERS\nfrd960.sys

2010/11/21 17:09:31.0120 Npfs (1db262a9f8c087e8153d89bef3d2235f) W:\Windows\system32\drivers\Npfs.sys

2010/11/21 17:09:31.0260 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) W:\Windows\system32\drivers\nsiproxy.sys

2010/11/21 17:09:31.0526 Ntfs (3795dcd21f740ee799fb7223234215af) W:\Windows\system32\drivers\Ntfs.sys

2010/11/21 17:09:31.0806 Null (f9756a98d69098dca8945d62858a812c) W:\Windows\system32\drivers\Null.sys

2010/11/21 17:09:31.0994 nvraid (3f3d04b1d08d43c16ea7963954ec768d) W:\Windows\system32\DRIVERS\nvraid.sys

2010/11/21 17:09:32.0165 nvstor (c99f251a5de63c6f129cf71933aced0f) W:\Windows\system32\DRIVERS\nvstor.sys

2010/11/21 17:09:32.0306 nv_agp (5a0983915f02bae73267cc2a041f717d) W:\Windows\system32\DRIVERS\nv_agp.sys

2010/11/21 17:09:32.0477 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) W:\Windows\system32\DRIVERS\ohci1394.sys

2010/11/21 17:09:32.0727 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) W:\Windows\system32\DRIVERS\parport.sys

2010/11/21 17:09:32.0852 partmgr (ff4218952b51de44fe910953a3e686b9) W:\Windows\system32\drivers\partmgr.sys

2010/11/21 17:09:32.0961 Parvdm (eb0a59f29c19b86479d36b35983daadc) W:\Windows\system32\DRIVERS\parvdm.sys

2010/11/21 17:09:33.0117 pci (c858cb77c577780ecc456a892e7e7d0f) W:\Windows\system32\DRIVERS\pci.sys

2010/11/21 17:09:33.0226 pciide (afe86f419014db4e5593f69ffe26ce0a) W:\Windows\system32\DRIVERS\pciide.sys

2010/11/21 17:09:33.0366 pcmcia (f396431b31693e71e8a80687ef523506) W:\Windows\system32\DRIVERS\pcmcia.sys

2010/11/21 17:09:33.0507 pcw (250f6b43d2b613172035c6747aeeb19f) W:\Windows\system32\drivers\pcw.sys

2010/11/21 17:09:33.0678 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) W:\Windows\system32\drivers\peauth.sys

2010/11/21 17:09:34.0178 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) W:\Windows\system32\DRIVERS\raspptp.sys

2010/11/21 17:09:34.0349 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) W:\Windows\system32\DRIVERS\processr.sys

2010/11/21 17:09:34.0614 Psched (6270ccae2a86de6d146529fe55b3246a) W:\Windows\system32\DRIVERS\pacer.sys

2010/11/21 17:09:34.0770 PSI (1df21f001f3a94eba4a2950c70cc358f) W:\Windows\system32\DRIVERS\psi_mf.sys

2010/11/21 17:09:34.0989 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) W:\Windows\system32\DRIVERS\ql2300.sys

2010/11/21 17:09:35.0176 ql40xx (b4dd51dd25182244b86737dc51af2270) W:\Windows\system32\DRIVERS\ql40xx.sys

2010/11/21 17:09:35.0348 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) W:\Windows\system32\drivers\qwavedrv.sys

2010/11/21 17:09:35.0472 RasAcd (30a81b53c766d0133bb86d234e5556ab) W:\Windows\system32\DRIVERS\rasacd.sys

2010/11/21 17:09:35.0613 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) W:\Windows\system32\DRIVERS\AgileVpn.sys

2010/11/21 17:09:35.0769 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) W:\Windows\system32\DRIVERS\rasl2tp.sys

2010/11/21 17:09:35.0987 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) W:\Windows\system32\DRIVERS\raspppoe.sys

2010/11/21 17:09:36.0096 RasSstp (44101f495a83ea6401d886e7fd70096b) W:\Windows\system32\DRIVERS\rassstp.sys

2010/11/21 17:09:36.0252 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) W:\Windows\system32\DRIVERS\rdbss.sys

2010/11/21 17:09:36.0408 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) W:\Windows\system32\DRIVERS\rdpbus.sys

2010/11/21 17:09:36.0533 RDPCDD (1e016846895b15a99f9a176a05029075) W:\Windows\system32\DRIVERS\RDPCDD.sys

2010/11/21 17:09:36.0736 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) W:\Windows\system32\drivers\rdpdr.sys

2010/11/21 17:09:36.0861 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) W:\Windows\system32\drivers\rdpencdd.sys

2010/11/21 17:09:36.0986 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) W:\Windows\system32\drivers\rdprefmp.sys

2010/11/21 17:09:37.0110 RDPWD (801371ba9782282892d00aadb08ee367) W:\Windows\system32\drivers\RDPWD.sys

2010/11/21 17:09:37.0251 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) W:\Windows\system32\drivers\rdyboost.sys

2010/11/21 17:09:37.0500 rspndr (032b0d36ad92b582d869879f5af5b928) W:\Windows\system32\DRIVERS\rspndr.sys

2010/11/21 17:09:37.0688 RTL8167 (d5ede44ca85899e0478208c8413c1c31) W:\Windows\system32\DRIVERS\Rt86win7.sys

2010/11/21 17:09:37.0890 s3cap (5423d8437051e89dd34749f242c98648) W:\Windows\system32\DRIVERS\vms3cap.sys

2010/11/21 17:09:38.0046 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) W:\Windows\system32\DRIVERS\sbp2port.sys

2010/11/21 17:09:38.0202 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) W:\Windows\system32\DRIVERS\scfilter.sys

2010/11/21 17:09:38.0405 secdrv (90a3935d05b494a5a39d37e71f09a677) W:\Windows\system32\drivers\secdrv.sys

2010/11/21 17:09:38.0655 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) W:\Windows\system32\DRIVERS\serenum.sys

2010/11/21 17:09:38.0733 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) W:\Windows\system32\DRIVERS\serial.sys

2010/11/21 17:09:38.0889 sermouse (79bffb520327ff916a582dfea17aa813) W:\Windows\system32\DRIVERS\sermouse.sys

2010/11/21 17:09:39.0138 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) W:\Windows\system32\DRIVERS\sffdisk.sys

2010/11/21 17:09:39.0279 sffp_mmc (932a68ee27833cfd57c1639d375f2731) W:\Windows\system32\DRIVERS\sffp_mmc.sys

2010/11/21 17:09:39.0404 sffp_sd (a0708bbd07d245c06ff9de549ca47185) W:\Windows\system32\DRIVERS\sffp_sd.sys

2010/11/21 17:09:39.0497 sfloppy (db96666cc8312ebc45032f30b007a547) W:\Windows\system32\DRIVERS\sfloppy.sys

2010/11/21 17:09:39.0669 sisagp (2565cac0dc9fe0371bdce60832582b2e) W:\Windows\system32\DRIVERS\sisagp.sys

2010/11/21 17:09:39.0825 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) W:\Windows\system32\DRIVERS\SiSRaid2.sys

2010/11/21 17:09:39.0965 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) W:\Windows\system32\DRIVERS\sisraid4.sys

2010/11/21 17:09:40.0137 Smb (3e21c083b8a01cb70ba1f09303010fce) W:\Windows\system32\DRIVERS\smb.sys

2010/11/21 17:09:40.0324 smserial (859e3adc59d1c89a66aa6492c14d379e) W:\Windows\system32\DRIVERS\smserial.sys

2010/11/21 17:09:40.0636 spldr (95cf1ae7527fb70f7816563cbc09d942) W:\Windows\system32\drivers\spldr.sys

2010/11/21 17:09:40.0870 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) W:\Windows\system32\Drivers\sptd.sys

2010/11/21 17:09:40.0870 Suspicious file (NoAccess): W:\Windows\system32\Drivers\sptd.sys. md5: c4bb8a12843d9cbb65f5ff617f389bbd

2010/11/21 17:09:40.0917 sptd - detected Locked file (1)

2010/11/21 17:09:41.0026 srv (2dbedfb1853f06110ec2aa7f3213c89f) W:\Windows\system32\DRIVERS\srv.sys

2010/11/21 17:09:41.0244 srv2 (db37131d1027c50ea7ee21c8bb4536aa) W:\Windows\system32\DRIVERS\srv2.sys

2010/11/21 17:09:41.0416 srvnet (f5980b74124db9233b33f86fc5ebbb4f) W:\Windows\system32\DRIVERS\srvnet.sys

2010/11/21 17:09:41.0588 ssmdrv (a36ee93698802cd899f98bfd553d8185) W:\Windows\system32\DRIVERS\ssmdrv.sys

2010/11/21 17:09:41.0868 stexstor (db32d325c192b801df274bfd12a7e72b) W:\Windows\system32\DRIVERS\stexstor.sys

2010/11/21 17:09:42.0056 storflt (957e346ca948668f2496a6ccf6ff82cc) W:\Windows\system32\DRIVERS\vmstorfl.sys

2010/11/21 17:09:42.0196 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) W:\Windows\system32\DRIVERS\storvsc.sys

2010/11/21 17:09:42.0352 swenum (e58c78a848add9610a4db6d214af5224) W:\Windows\system32\DRIVERS\swenum.sys

2010/11/21 17:09:42.0711 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) W:\Windows\system32\drivers\tcpip.sys

2010/11/21 17:09:43.0070 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) W:\Windows\system32\DRIVERS\tcpip.sys

2010/11/21 17:09:43.0226 tcpipreg (e64444523add154f86567c469bc0b17f) W:\Windows\system32\drivers\tcpipreg.sys

2010/11/21 17:09:43.0428 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) W:\Windows\system32\drivers\tdpipe.sys

2010/11/21 17:09:43.0553 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) W:\Windows\system32\drivers\tdtcp.sys

2010/11/21 17:09:43.0694 tdx (cb39e896a2a83702d1737bfd402b3542) W:\Windows\system32\DRIVERS\tdx.sys

2010/11/21 17:09:43.0881 TermDD (c36f41ee20e6999dbf4b0425963268a5) W:\Windows\system32\DRIVERS\termdd.sys

2010/11/21 17:09:44.0177 truecrypt (be45dad1c73a3216edc8c485916f6594) W:\Windows\system32\drivers\truecrypt.sys

2010/11/21 17:09:44.0489 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) W:\Windows\system32\DRIVERS\tssecsrv.sys

2010/11/21 17:09:44.0692 tunnel (3e461d890a97f9d4c168f5fda36e1d00) W:\Windows\system32\DRIVERS\tunnel.sys

2010/11/21 17:09:44.0832 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) W:\Windows\system32\DRIVERS\uagp35.sys

2010/11/21 17:09:45.0020 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) W:\Windows\system32\DRIVERS\udfs.sys

2010/11/21 17:09:45.0285 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) W:\Windows\system32\DRIVERS\uliagpkx.sys

2010/11/21 17:09:45.0456 umbus (049b3a50b3d646baeeee9eec9b0668dc) W:\Windows\system32\DRIVERS\umbus.sys

2010/11/21 17:09:45.0612 UmPass (7550ad0c6998ba1cb4843e920ee0feac) W:\Windows\system32\DRIVERS\umpass.sys

2010/11/21 17:09:45.0815 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) W:\Windows\system32\DRIVERS\usbccgp.sys

2010/11/21 17:09:45.0940 usbcir (04ec7cec62ec3b6d9354eee93327fc82) W:\Windows\system32\DRIVERS\usbcir.sys

2010/11/21 17:09:46.0190 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) W:\Windows\system32\DRIVERS\usbehci.sys

2010/11/21 17:09:46.0392 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) W:\Windows\system32\DRIVERS\usbhub.sys

2010/11/21 17:09:46.0548 usbohci (a6fb7957ea7afb1165991e54ce934b74) W:\Windows\system32\DRIVERS\usbohci.sys

2010/11/21 17:09:46.0673 usbprint (797d862fe0875e75c7cc4c1ad7b30252) W:\Windows\system32\DRIVERS\usbprint.sys

2010/11/21 17:09:46.0829 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) W:\Windows\system32\DRIVERS\usbscan.sys

2010/11/21 17:09:46.0985 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) W:\Windows\system32\DRIVERS\USBSTOR.SYS

2010/11/21 17:09:47.0157 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) W:\Windows\system32\DRIVERS\usbuhci.sys

2010/11/21 17:09:47.0328 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) W:\Windows\system32\DRIVERS\vdrvroot.sys

2010/11/21 17:09:47.0531 vga (17c408214ea61696cec9c66e388b14f3) W:\Windows\system32\DRIVERS\vgapnp.sys

2010/11/21 17:09:47.0640 VgaSave (8e38096ad5c8570a6f1570a61e251561) W:\Windows\System32\drivers\vga.sys

2010/11/21 17:09:47.0750 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) W:\Windows\system32\DRIVERS\vhdmp.sys

2010/11/21 17:09:47.0874 viaagp (c829317a37b4bea8f39735d4b076e923) W:\Windows\system32\DRIVERS\viaagp.sys

2010/11/21 17:09:47.0984 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) W:\Windows\system32\DRIVERS\viac7.sys

2010/11/21 17:09:48.0155 viaide (e43574f6a56a0ee11809b48c09e4fd3c) W:\Windows\system32\DRIVERS\viaide.sys

2010/11/21 17:09:48.0296 vmbus (379b349f65f453d2a6e75ea6b7448e49) W:\Windows\system32\DRIVERS\vmbus.sys

2010/11/21 17:09:48.0436 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) W:\Windows\system32\DRIVERS\VMBusHID.sys

2010/11/21 17:09:48.0545 volmgr (384e5a2aa49934295171e499f86ba6f3) W:\Windows\system32\DRIVERS\volmgr.sys

2010/11/21 17:09:48.0701 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) W:\Windows\system32\drivers\volmgrx.sys

2010/11/21 17:09:48.0873 volsnap (58df9d2481a56edde167e51b334d44fd) W:\Windows\system32\DRIVERS\volsnap.sys

2010/11/21 17:09:49.0107 vsmraid (9dfa0cc2f8855a04816729651175b631) W:\Windows\system32\DRIVERS\vsmraid.sys

2010/11/21 17:09:49.0310 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) W:\Windows\System32\drivers\vwifibus.sys

2010/11/21 17:09:49.0513 WacomPen (de3721e89c653aa281428c8a69745d90) W:\Windows\system32\DRIVERS\wacompen.sys

2010/11/21 17:09:49.0700 WANARP (692a712062146e96d28ba0b7d75de31b) W:\Windows\system32\DRIVERS\wanarp.sys

2010/11/21 17:09:49.0793 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) W:\Windows\system32\DRIVERS\wanarp.sys

2010/11/21 17:09:50.0043 Wd (1112a9badacb47b7c0bb0392e3158dff) W:\Windows\system32\DRIVERS\wd.sys

2010/11/21 17:09:50.0199 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) W:\Windows\system32\drivers\Wdf01000.sys

2010/11/21 17:09:50.0495 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) W:\Windows\system32\DRIVERS\wfplwf.sys

2010/11/21 17:09:50.0620 WIMMount (5cf95b35e59e2a38023836fff31be64c) W:\Windows\system32\drivers\wimmount.sys

2010/11/21 17:09:50.0979 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) W:\Windows\system32\DRIVERS\wmiacpi.sys

2010/11/21 17:09:51.0307 ws2ifsl (6db3276587b853bf886b69528fdb048c) W:\Windows\system32\drivers\ws2ifsl.sys

2010/11/21 17:09:51.0556 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) W:\Windows\system32\drivers\WudfPf.sys

2010/11/21 17:09:51.0712 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) W:\Windows\system32\DRIVERS\WUDFRd.sys

2010/11/21 17:09:51.0962 ================================================================================

2010/11/21 17:09:51.0962 Scan finished

2010/11/21 17:09:51.0962 ================================================================================

2010/11/21 17:09:52.0009 Detected object count: 1

2010/11/21 17:13:55.0931 Locked file(sptd) - User select action: Skip

 

Et le rapport MBRCheck:

 

MBRCheck, version 1.2.3

© 2010, AD

 

Command-line:

Windows Version: Windows 7 Professional

Windows Information: (build 7600), 32-bit

Base Board Manufacturer: FUJITSU SIEMENS

BIOS Manufacturer: Phoenix Technologies LTD

System Manufacturer: FUJITSU SIEMENS

System Product Name: AMILO Pi 2515

Logical Drives Mask: 0x0044007c

 

Kernel Drivers (total 197):

0x82A45000 \SystemRoot\system32\ntkrnlpa.exe

0x82A0E000 \SystemRoot\system32\halmacpi.dll

0x80BB4000 \SystemRoot\system32\kdcom.dll

0x88625000 \SystemRoot\system32\mcupdate_GenuineIntel.dll

0x8869D000 \SystemRoot\system32\PSHED.dll

0x886AE000 \SystemRoot\system32\BOOTVID.dll

0x886B6000 \SystemRoot\system32\CLFS.SYS

0x886F8000 \SystemRoot\system32\CI.dll

0x8881D000 \SystemRoot\system32\drivers\Wdf01000.sys

0x8888E000 \SystemRoot\system32\drivers\WDFLDR.SYS

0x8889C000 \SystemRoot\System32\Drivers\spev.sys

0x88995000 \SystemRoot\System32\Drivers\WMILIB.SYS

0x8899E000 \SystemRoot\System32\Drivers\SCSIPORT.SYS

0x887A3000 \SystemRoot\system32\DRIVERS\ACPI.sys

0x889C4000 \SystemRoot\system32\DRIVERS\msisadrv.sys

0x889CC000 \SystemRoot\system32\DRIVERS\vdrvroot.sys

0x88A06000 \SystemRoot\system32\DRIVERS\pci.sys

0x88A30000 \SystemRoot\System32\drivers\partmgr.sys

0x88A41000 \SystemRoot\system32\DRIVERS\compbatt.sys

0x88A49000 \SystemRoot\system32\DRIVERS\BATTC.SYS

0x88A54000 \SystemRoot\system32\DRIVERS\volmgr.sys

0x88A64000 \SystemRoot\System32\drivers\volmgrx.sys

0x88AAF000 \SystemRoot\system32\DRIVERS\intelide.sys

0x88AB6000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS

0x88AC4000 \SystemRoot\System32\drivers\mountmgr.sys

0x88ADA000 \SystemRoot\system32\DRIVERS\atapi.sys

0x88AE3000 \SystemRoot\system32\DRIVERS\ataport.SYS

0x88B06000 \SystemRoot\system32\DRIVERS\msahci.sys

0x88B10000 \SystemRoot\system32\DRIVERS\amdxata.sys

0x88B19000 \SystemRoot\system32\drivers\fltmgr.sys

0x88B4D000 \SystemRoot\system32\drivers\fileinfo.sys

0x88C0D000 \SystemRoot\System32\Drivers\Ntfs.sys

0x88D3C000 \SystemRoot\System32\Drivers\msrpc.sys

0x88D67000 \SystemRoot\System32\Drivers\ksecdd.sys

0x88D7A000 \SystemRoot\System32\Drivers\cng.sys

0x88DD7000 \SystemRoot\System32\drivers\pcw.sys

0x88DE5000 \SystemRoot\System32\Drivers\Fs_Rec.sys

0x88E1E000 \SystemRoot\system32\drivers\ndis.sys

0x88ED5000 \SystemRoot\system32\drivers\NETIO.SYS

0x88F13000 \SystemRoot\System32\Drivers\ksecpkg.sys

0x89011000 \SystemRoot\System32\drivers\tcpip.sys

0x8915A000 \SystemRoot\System32\drivers\fwpkclnt.sys

0x8918B000 \SystemRoot\system32\DRIVERS\vmstorfl.sys

0x89194000 \SystemRoot\system32\DRIVERS\volsnap.sys

0x891D3000 \SystemRoot\System32\Drivers\spldr.sys

0x88F38000 \SystemRoot\System32\drivers\rdyboost.sys

0x891DB000 \SystemRoot\System32\Drivers\mup.sys

0x891EB000 \SystemRoot\System32\drivers\hwpolicy.sys

0x88F65000 \SystemRoot\System32\DRIVERS\fvevol.sys

0x89000000 \SystemRoot\system32\DRIVERS\disk.sys

0x88F97000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS

0x88FBC000 \SystemRoot\System32\Drivers\fastfat.SYS

0x88B5E000 \SystemRoot\system32\DRIVERS\cdrom.sys

0x88B7D000 \SystemRoot\System32\DRIVERS\cmdguard.sys

0x88E11000 \SystemRoot\System32\Drivers\Null.SYS

0x88DEE000 \SystemRoot\System32\Drivers\Beep.SYS

0x88C00000 \SystemRoot\System32\drivers\vga.sys

0x88B93000 \SystemRoot\System32\drivers\VIDEOPRT.SYS

0x88BB4000 \SystemRoot\System32\drivers\watchdog.sys

0x88DF5000 \SystemRoot\System32\DRIVERS\RDPCDD.sys

0x88BC1000 \SystemRoot\system32\drivers\rdpencdd.sys

0x88BC9000 \SystemRoot\system32\drivers\rdprefmp.sys

0x88BD1000 \SystemRoot\System32\Drivers\Msfs.SYS

0x88BDC000 \SystemRoot\System32\Drivers\Npfs.SYS

0x889D7000 \SystemRoot\system32\DRIVERS\tdx.sys

0x88BEA000 \SystemRoot\system32\DRIVERS\TDI.SYS

0x88BF5000 \SystemRoot\System32\DRIVERS\cmdhlp.sys

0x8E801000 \SystemRoot\system32\drivers\afd.sys

0x8E85B000 \SystemRoot\System32\DRIVERS\netbt.sys

0x8E88D000 \SystemRoot\system32\DRIVERS\wfplwf.sys

0x8E894000 \SystemRoot\system32\DRIVERS\pacer.sys

0x8E8B3000 \SystemRoot\system32\DRIVERS\netbios.sys

0x8E8C1000 \SystemRoot\system32\DRIVERS\wanarp.sys

0x8E8D4000 \SystemRoot\System32\drivers\truecrypt.sys

0x8E90B000 \SystemRoot\system32\DRIVERS\termdd.sys

0x8E91B000 \SystemRoot\system32\DRIVERS\ssmdrv.sys

0x8E921000 \SystemRoot\system32\DRIVERS\rdbss.sys

0x8E962000 \SystemRoot\system32\drivers\nsiproxy.sys

0x8E96C000 \SystemRoot\system32\DRIVERS\mssmbios.sys

0x8E976000 \SystemRoot\System32\drivers\discache.sys

0x8E982000 \SystemRoot\system32\drivers\csc.sys

0x8E9E6000 \SystemRoot\System32\Drivers\dfsc.sys

0x889EE000 \SystemRoot\system32\DRIVERS\blbdrive.sys

0x88600000 \SystemRoot\system32\DRIVERS\avipbb.sys

0x8FE02000 \SystemRoot\system32\DRIVERS\tunnel.sys

0x8FE23000 \SystemRoot\system32\DRIVERS\intelppm.sys

0x90034000 \SystemRoot\system32\DRIVERS\igdkmd32.sys

0x9053D000 \SystemRoot\System32\drivers\dxgkrnl.sys

0x8FE35000 \SystemRoot\System32\drivers\dxgmms1.sys

0x905F4000 \SystemRoot\system32\DRIVERS\usbuhci.sys

0x8FE6E000 \SystemRoot\system32\DRIVERS\USBPORT.SYS

0x90000000 \SystemRoot\system32\DRIVERS\usbehci.sys

0x9000F000 \SystemRoot\system32\DRIVERS\HDAudBus.sys

0x82031000 \SystemRoot\system32\DRIVERS\netw5v32.sys

0x82444000 \SystemRoot\system32\DRIVERS\Rt86win7.sys

0x82489000 \SystemRoot\system32\DRIVERS\CmBatt.sys

0x8248D000 \SystemRoot\system32\DRIVERS\i8042prt.sys

0x824A5000 \SystemRoot\system32\DRIVERS\kbdclass.sys

0x824B2000 \SystemRoot\system32\DRIVERS\mouclass.sys

0x824BF000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

0x824C5000 \SystemRoot\System32\Drivers\a2hkqwyu.SYS

0x824FC000 \SystemRoot\system32\DRIVERS\CompositeBus.sys

0x82509000 \SystemRoot\system32\DRIVERS\AgileVpn.sys

0x8251B000 \SystemRoot\system32\DRIVERS\rasl2tp.sys

0x82533000 \SystemRoot\system32\DRIVERS\ndistapi.sys

0x8253E000 \SystemRoot\system32\DRIVERS\ndiswan.sys

0x82560000 \SystemRoot\system32\DRIVERS\raspppoe.sys

0x82578000 \SystemRoot\system32\DRIVERS\raspptp.sys

0x8258F000 \SystemRoot\system32\DRIVERS\rassstp.sys

0x825A6000 \SystemRoot\system32\DRIVERS\inspect.sys

0x825BA000 \SystemRoot\system32\DRIVERS\rdpbus.sys

0x825C4000 \SystemRoot\system32\DRIVERS\swenum.sys

0x825C6000 \SystemRoot\system32\DRIVERS\ks.sys

0x82000000 \SystemRoot\system32\DRIVERS\umbus.sys

0x8FEB9000 \SystemRoot\system32\DRIVERS\usbhub.sys

0x8200E000 \SystemRoot\System32\Drivers\NDProxy.SYS

0x82612000 \SystemRoot\system32\DRIVERS\smserial.sys

0x8271E000 \SystemRoot\system32\drivers\modem.sys

0x8272B000 \SystemRoot\system32\drivers\HdAudio.sys

0x8277B000 \SystemRoot\system32\drivers\portcls.sys

0x827AA000 \SystemRoot\system32\drivers\drmk.sys

0x827C3000 \SystemRoot\system32\drivers\MODEMCSA.sys

0x827CD000 \SystemRoot\system32\DRIVERS\hidusb.sys

0x827D8000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS

0x827EB000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS

0x827F2000 \SystemRoot\system32\DRIVERS\USBD.SYS

0x827F4000 \SystemRoot\system32\DRIVERS\mouhid.sys

0x82600000 \SystemRoot\System32\Drivers\crashdmp.sys

0x8201F000 \SystemRoot\System32\Drivers\dump_dumpata.sys

0x8FEFD000 \SystemRoot\System32\Drivers\dump_msahci.sys

0x8FF07000 \SystemRoot\System32\Drivers\dump_dumpfve.sys

0x96010000 \SystemRoot\System32\win32k.sys

0x8FF18000 \SystemRoot\System32\drivers\Dxapi.sys

0x8FF22000 \SystemRoot\system32\DRIVERS\monitor.sys

0x96270000 \SystemRoot\System32\TSDDD.dll

0x962A0000 \SystemRoot\System32\cdd.dll

0x8FF2D000 \SystemRoot\system32\drivers\luafv.sys

0x8FF48000 \SystemRoot\system32\DRIVERS\avgntflt.sys

0x8FF5D000 \SystemRoot\system32\drivers\WudfPf.sys

0x8FF77000 \SystemRoot\system32\DRIVERS\lltdio.sys

0x8FF87000 \SystemRoot\system32\DRIVERS\nwifi.sys

0x8FFCD000 \SystemRoot\system32\DRIVERS\ndisuio.sys

0x8FFDD000 \SystemRoot\system32\DRIVERS\rspndr.sys

0x98800000 \SystemRoot\system32\drivers\HTTP.sys

0x98885000 \SystemRoot\system32\DRIVERS\bowser.sys

0x9889E000 \SystemRoot\System32\drivers\mpsdrv.sys

0x988B0000 \SystemRoot\system32\DRIVERS\mrxsmb.sys

0x988D3000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys

0x9890E000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys

0x98941000 \SystemRoot\system32\drivers\peauth.sys

0x989D8000 \SystemRoot\System32\Drivers\secdrv.SYS

0xA9A2E000 \SystemRoot\System32\DRIVERS\srvnet.sys

0xA9A4F000 \SystemRoot\System32\drivers\tcpipreg.sys

0xA9A5C000 \SystemRoot\System32\DRIVERS\srv2.sys

0xA9AAB000 \SystemRoot\System32\DRIVERS\srv.sys

0xA9B66000 \SystemRoot\system32\DRIVERS\asyncmac.sys

0xA9B6F000

0x77970000 \Windows\System32\ntdll.dll

0x476F0000 \Windows\System32\smss.exe

0x77BB0000 \Windows\System32\apisetschema.dll

0x00BF0000 \Windows\System32\autochk.exe

0x77AF0000 \Windows\System32\rpcrt4.dll

0x778E0000 \Windows\System32\clbcatq.dll

0x77890000 \Windows\System32\gdi32.dll

0x777B0000 \Windows\System32\kernel32.dll

0x776E0000 \Windows\System32\msctf.dll

0x77580000 \Windows\System32\ole32.dll

0x77AD0000 \Windows\System32\sechost.dll

0x77440000 \Windows\System32\urlmon.dll

0x77AC0000 \Windows\System32\lpk.dll

0x77400000 \Windows\System32\ws2_32.dll

0x773A0000 \Windows\System32\difxapi.dll

0x772A0000 \Windows\System32\wininet.dll

0x77240000 \Windows\System32\shlwapi.dll

0x771A0000 \Windows\System32\usp10.dll

0x77000000 \Windows\System32\setupapi.dll

0x76E00000 \Windows\System32\iertutil.dll

0x77AB0000 \Windows\System32\normaliz.dll

0x76DF0000 \Windows\System32\psapi.dll

0x761A0000 \Windows\System32\shell32.dll

0x760D0000 \Windows\System32\user32.dll

0x76030000 \Windows\System32\advapi32.dll

0x75F80000 \Windows\System32\msvcrt.dll

0x75F00000 \Windows\System32\comdlg32.dll

0x75E70000 \Windows\System32\oleaut32.dll

0x75E40000 \Windows\System32\imagehlp.dll

0x75E30000 \Windows\System32\nsi.dll

0x75E10000 \Windows\System32\imm32.dll

0x75DC0000 \Windows\System32\Wldap32.dll

0x75CA0000 \Windows\System32\crypt32.dll

0x75C80000 \Windows\System32\devobj.dll

0x75C30000 \Windows\System32\KernelBase.dll

0x75C00000 \Windows\System32\cfgmgr32.dll

0x75B70000 \Windows\System32\comctl32.dll

0x75B40000 \Windows\System32\wintrust.dll

0x75B30000 \Windows\System32\msasn1.dll

0x10000000 \Program Files\Alcohol 52 Montage Image Disque\Alcoholx.dll

 

Processes (total 47):

0 System Idle Process

4 System

312 W:\Windows\System32\smss.exe

416 csrss.exe

468 csrss.exe

476 W:\Windows\System32\wininit.exe

512 W:\Windows\System32\winlogon.exe

580 W:\Windows\System32\services.exe

596 W:\Windows\System32\lsass.exe

604 W:\Windows\System32\lsm.exe

724 W:\Windows\System32\svchost.exe

828 W:\Windows\System32\svchost.exe

928 W:\Windows\System32\svchost.exe

964 W:\Windows\System32\svchost.exe

992 W:\Windows\System32\svchost.exe

1180 W:\Windows\System32\svchost.exe

1472 W:\Windows\System32\spoolsv.exe

1512 W:\Program Files\Avira\AntiVir Desktop\sched.exe

1536 W:\Windows\System32\svchost.exe

1652 W:\Windows\System32\svchost.exe

1704 W:\Program Files\Avira\AntiVir Desktop\avguard.exe

1744 W:\Program Files\Cobian Backup 10 - Sauvegarde Donnees\cbVSCService.exe

1772 W:\Program Files\Avira\AntiVir Desktop\avshadow.exe

1780 W:\Windows\System32\conhost.exe

1824 W:\Program Files\COMODO\Firewall\cmdagent.exe

1872 W:\Windows\System32\svchost.exe

256 W:\Program Files\Alcohol 52 Montage Image Disque\StarWind\StarWindServiceAE.exe

744 W:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

1272 W:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

2256 W:\Windows\System32\svchost.exe

1888 W:\Windows\System32\taskhost.exe

388 W:\Windows\System32\dwm.exe

2208 W:\Windows\System32\taskeng.exe

2624 W:\Windows\explorer.exe

2360 W:\Windows\System32\hkcmd.exe

3004 W:\Windows\System32\igfxpers.exe

1880 W:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

3024 W:\Program Files\Common Files\Java\Java Update\jusched.exe

2772 W:\Program Files\Classic Shell\ClassicStartMenu.exe

3320 W:\Windows\System32\audiodg.exe

3324 W:\Program Files\Avira\AntiVir Desktop\avgnt.exe

3272 W:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

3252 W:\Windows\System32\igfxsrvc.exe

4088 W:\Windows\System32\svchost.exe

3040 W:\Users\Deux Ex Machina\Desktop\MBRCheck(2).exe

3296 W:\Windows\System32\conhost.exe

3260 W:\Windows\System32\dllhost.exe

 

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`ee100000 (NTFS)

\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000018`5e700000 (NTFS)

\\.\S: --> \\.\PhysicalDrive0 at offset 0x00000017`de600000 (FAT32)

\\.\W: --> \\.\PhysicalDrive0 at offset 0x0000000f`1e500000 (NTFS)

 

PhysicalDrive0 Model Number: FUJITSUMHW2160BH, Rev: 0000001C

 

Size Device Name MBR Status

--------------------------------------------

149 GB \\.\PhysicalDrive0 Windows 7 MBR code detected

SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79

 

 

Done!

  • Upvote 1
lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Bonjour,

 

RAS pour les deux rapports. On passe à autre chose!

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

Brancher et allumer tous les médias amovibles ayant servi à un quelconque transfert de données (clés USB...).

Fermer tout et double-cliquer sur OTL.exe (Vista/ Windows7, clic-droit dessus => Exécuter en tant qu'Admin).

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

CREATERESTOREPOINT

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

 

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

 

Rapports demandés:

  • OTL.txt
  • Extras.txt
GreGDurablement Junior Member

GreGDurablement

Posté(e)
  • Auteur
Posté(e)

Voici le rapport OTL:

OTL logfile created on: 22/11/2010 11:59:18 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = W:\Users\Deux Ex Machina\Desktop

An unknown product (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free

2,00 Gb Paging File | 1,00 Gb Available in Paging File | 62,00% Paging File free

Paging file location(s): s:\pagefile.sys 220 2040 [binary data]

 

%SystemDrive% = W: | %SystemRoot% = W:\Windows | %ProgramFiles% = W:\Program Files

Drive C: | 48,75 Gb Total Space | 0,68 Gb Free Space | 1,40% Space Free | Partition Type: NTFS

Drive D: | 51,57 Gb Total Space | 6,21 Gb Free Space | 12,04% Space Free | Partition Type: NTFS

Drive G: | 979,03 Mb Total Space | 971,08 Mb Free Space | 99,19% Space Free | Partition Type: FAT32

Drive H: | 248,99 Mb Total Space | 238,48 Mb Free Space | 95,78% Space Free | Partition Type: FAT32

Drive K: | 465,76 Gb Total Space | 34,94 Gb Free Space | 7,50% Space Free | Partition Type: NTFS

Drive S: | 1,99 Gb Total Space | 1,78 Gb Free Space | 89,21% Space Free | Partition Type: FAT32

Drive W: | 35,00 Gb Total Space | 17,37 Gb Free Space | 49,64% Space Free | Partition Type: NTFS

 

Computer Name: THINKINGMACHINE | User Name: Deux Ex Machina | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2010/11/22 09:44:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- W:\Users\Deux Ex Machina\Desktop\OTL.exe

PRC - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) -- W:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2010/08/17 13:38:55 | 000,281,768 | ---- | M] (Avira GmbH) -- W:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) -- W:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2010/07/17 20:11:41 | 000,507,648 | ---- | M] (COMODO) -- W:\Program Files\COMODO\Firewall\cmdagent.exe

PRC - [2010/07/17 20:11:40 | 001,773,312 | ---- | M] (COMODO) -- W:\Program Files\COMODO\Firewall\cfpupdat.exe

PRC - [2010/07/16 06:34:00 | 000,092,160 | ---- | M] (IvoSoft) -- W:\Program Files\Classic Shell\ClassicStartMenu.exe

PRC - [2010/07/13 09:45:40 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) -- W:\Program Files\Cobian Backup 10 - Sauvegarde Donnees\cbVSCService.exe

PRC - [2010/01/14 22:11:14 | 000,076,968 | ---- | M] (Avira GmbH) -- W:\Program Files\Avira\AntiVir Desktop\avshadow.exe

PRC - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- W:\Program Files\Alcohol 52 Montage Image Disque\StarWind\StarWindServiceAE.exe

PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- W:\Windows\explorer.exe

PRC - [2009/10/26 13:46:54 | 001,458,176 | ---- | M] (Motorola Inc.) -- W:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\taskhost.exe

PRC - [2009/07/14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\conhost.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2010/11/22 09:44:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- W:\Users\Deux Ex Machina\Desktop\OTL.exe

MOD - [2010/08/21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- W:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

MOD - [2010/07/17 20:11:41 | 000,139,008 | ---- | M] () -- W:\Windows\System32\guard32.dll

MOD - [2009/07/14 02:16:19 | 000,156,160 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\winsta.dll

MOD - [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\sspicli.dll

MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\sechost.dll

MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\profapi.dll

MOD - [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\KernelBase.dll

MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\dwmapi.dll

MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\devobj.dll

MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\cryptbase.dll

MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\cfgmgr32.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2010/08/17 13:39:03 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- W:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2010/08/17 13:38:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- W:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- W:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2010/07/17 20:11:41 | 000,507,648 | ---- | M] (COMODO) [Auto | Running] -- W:\Program Files\COMODO\Firewall\cmdagent.exe -- (cmdAgent)

SRV - [2010/07/17 17:19:27 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- W:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)

SRV - [2010/07/13 09:45:40 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- W:\Program Files\Cobian Backup 10 - Sauvegarde Donnees\cbVSCService.exe -- (cbVSCService)

SRV - [2010/05/04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) [Disabled | Stopped] -- W:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- W:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/12/23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- W:\Program Files\Alcohol 52 Montage Image Disque\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

SRV - [2009/07/14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\wwansvc.dll -- (WwanSvc)

SRV - [2009/07/14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)

SRV - [2009/07/14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- W:\Windows\System32\umpo.dll -- (Power)

SRV - [2009/07/14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- W:\Windows\System32\themeservice.dll -- (Themes)

SRV - [2009/07/14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\sppuinotify.dll -- (sppuinotify)

SRV - [2009/07/14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\StorSvc.dll -- (StorSvc)

SRV - [2009/07/14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [unknown | Running] -- W:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)

SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- W:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)

SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- W:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)

SRV - [2009/07/14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- W:\Windows\System32\provsvc.dll -- (HomeGroupProvider)

SRV - [2009/07/14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)

SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2009/07/14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- W:\Windows\System32\ListSvc.dll -- (HomeGroupListener)

SRV - [2009/07/14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- W:\Windows\System32\dhcpcore.dll -- (Dhcp)

SRV - [2009/07/14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\defragsvc.dll -- (defragsvc)

SRV - [2009/07/14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- W:\Windows\System32\bdesvc.dll -- (BDESVC)

SRV - [2009/07/14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\AxInstSv.dll -- (AxInstSV) Programme d’installation ActiveX (AxInstSV)

SRV - [2009/07/14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- W:\Windows\System32\appidsvc.dll -- (AppIDSvc)

SRV - [2009/07/14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- W:\Windows\System32\sppsvc.exe -- (sppsvc)

SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- W:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2010/09/06 17:06:43 | 000,231,248 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- W:\Windows\System32\drivers\truecrypt.sys -- (truecrypt)

DRV - [2010/08/17 13:39:11 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- W:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2010/08/17 13:39:11 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- W:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2010/07/18 18:38:13 | 000,697,328 | ---- | M] () [Kernel | Boot | Running] -- W:\Windows\System32\Drivers\sptd.sys -- (sptd)

DRV - [2010/07/17 20:11:41 | 000,083,448 | ---- | M] (COMODO) [File_System | System | Running] -- W:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard)

DRV - [2010/07/17 20:11:41 | 000,072,696 | ---- | M] (COMODO) [Kernel | On_Demand | Running] -- W:\Windows\System32\drivers\inspect.sys -- (Inspect)

DRV - [2010/07/17 20:11:41 | 000,025,080 | ---- | M] (COMODO) [Kernel | System | Running] -- W:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)

DRV - [2010/07/07 15:05:32 | 000,014,904 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- W:\Windows\System32\drivers\psi_mf.sys -- (PSI)

DRV - [2010/06/23 08:10:54 | 000,275,048 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- W:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)

DRV - [2010/06/17 15:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- W:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)

DRV - [2009/12/11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- W:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)

DRV - [2009/10/26 14:09:06 | 001,095,936 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- W:\Windows\System32\drivers\smserial.sys -- (smserial)

DRV - [2009/09/23 18:18:14 | 004,808,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- W:\Windows\System32\drivers\igdkmd32.sys -- (igfx)

DRV - [2009/07/14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)

DRV - [2009/07/14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)

DRV - [2009/07/14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)

DRV - [2009/07/14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)

DRV - [2009/07/14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)

DRV - [2009/07/14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)

DRV - [2009/07/14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)

DRV - [2009/07/14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\arc.sys -- (arc)

DRV - [2009/07/14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- W:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)

DRV - [2009/07/14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\aliide.sys -- (aliide)

DRV - [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)

DRV - [2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)

DRV - [2009/07/14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)

DRV - [2009/07/14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)

DRV - [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)

DRV - [2009/07/14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)

DRV - [2009/07/14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2009/07/14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)

DRV - [2009/07/14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)

DRV - [2009/07/14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)

DRV - [2009/07/14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\megasas.sys -- (megasas)

DRV - [2009/07/14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- W:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)

DRV - [2009/07/14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)

DRV - [2009/07/14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)

DRV - [2009/07/14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)

DRV - [2009/07/14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- W:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)

DRV - [2009/07/14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)

DRV - [2009/07/14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)

DRV - [2009/07/14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)

DRV - [2009/07/14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- W:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)

DRV - [2009/07/14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- W:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)

DRV - [2009/07/14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)

DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- W:\Windows\System32\drivers\wimmount.sys -- (WIMMount)

DRV - [2009/07/14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\viaide.sys -- (viaide)

DRV - [2009/07/14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)

DRV - [2009/07/14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- W:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)

DRV - [2009/07/14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)

DRV - [2009/07/14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)

DRV - [2009/07/14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- W:\Windows\System32\drivers\pcw.sys -- (pcw)

DRV - [2009/07/14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)

DRV - [2009/07/14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)

DRV - [2009/07/14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- W:\Windows\System32\Drivers\cng.sys -- (CNG)

DRV - [2009/07/14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2009/07/14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- W:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)

DRV - [2009/07/14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- W:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)

DRV - [2009/07/14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- W:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)

DRV - [2009/07/14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- W:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)

DRV - [2009/07/14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)

DRV - [2009/07/14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)

DRV - [2009/07/14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)

DRV - [2009/07/14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)

DRV - [2009/07/14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)

DRV - [2009/07/14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)

DRV - [2009/07/14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- W:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)

DRV - [2009/07/14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\drivers\appid.sys -- (AppID)

DRV - [2009/07/14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- W:\Windows\System32\drivers\scfilter.sys -- (scfilter)

DRV - [2009/07/14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)

DRV - [2009/07/14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)

DRV - [2009/07/14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- W:\Windows\System32\drivers\discache.sys -- (discache)

DRV - [2009/07/14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)

DRV - [2009/07/14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)

DRV - [2009/07/13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2009/07/13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)

DRV - [2009/07/13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)

DRV - [2009/07/13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)

DRV - [2009/07/13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)

DRV - [2009/07/13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)

DRV - [2009/07/13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- W:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Pilote de carte de liaison WiFi sans fil Intel®

DRV - [2009/07/13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)

DRV - [2009/07/13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)

DRV - [2009/07/13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- W:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)

DRV - [2008/06/26 13:43:06 | 000,819,072 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- W:\Windows\System32\drivers\mod7700.sys -- (mod7700)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BC 64 70 64 83 26 CB 01 [binary data]

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Yahoo"

FF - prefs.js..browser.search.defaulturl: "http://fr.search.yahoo.com/"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://fr.mg40.mail.yahoo.com/dc/"

FF - prefs.js..extensions.enabledItems: {2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}:2.1.073

FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0

FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1

FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.4.7amo

FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.3.7

FF - prefs.js..extensions.enabledItems: {fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3}:5.1.0.1

FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.29

FF - prefs.js..extensions.enabledItems: {B9C8BE50-7105-4ec6-8FB4-4935C0671648}:0.5.995

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {6005d9b1-d115-485a-a92a-3f6453ca3fe2}:1.1

FF - prefs.js..keyword.URL: "http://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="

FF - prefs.js..network.proxy.backup.ftp: "wwwcache.univ-lr.fr"

FF - prefs.js..network.proxy.backup.ftp_port: 3128

FF - prefs.js..network.proxy.backup.gopher: "wwwcache.univ-lr.fr"

FF - prefs.js..network.proxy.backup.gopher_port: 3128

FF - prefs.js..network.proxy.backup.socks: "wwwcache.univ-lr.fr"

FF - prefs.js..network.proxy.backup.socks_port: 3128

FF - prefs.js..network.proxy.backup.ssl: "wwwcache.univ-lr.fr"

FF - prefs.js..network.proxy.backup.ssl_port: 3128

FF - prefs.js..network.proxy.ftp: "wwwcache.univ-lr.fr"

FF - prefs.js..network.proxy.ftp_port: 3128

FF - prefs.js..network.proxy.gopher: "wwwcache.univ-lr.fr"

FF - prefs.js..network.proxy.gopher_port: 3128

FF - prefs.js..network.proxy.http: "wwwcache.univ-lr.fr"

FF - prefs.js..network.proxy.http_port: 3128

FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, *.univ-lr.fr,"

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.socks: "wwwcache.univ-lr.fr"

FF - prefs.js..network.proxy.socks_port: 3128

FF - prefs.js..network.proxy.ssl: "wwwcache.univ-lr.fr"

FF - prefs.js..network.proxy.ssl_port: 3128

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: W:\Program Files\Firefox - Navigateur internet\components [2010/11/20 11:52:05 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: W:\Program Files\Firefox - Navigateur internet\plugins [2010/11/18 17:24:29 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Components: W:\Program Files\Sunbird - Agenda\components [2010/09/19 09:00:53 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Plugins: W:\Program Files\Sunbird - Agenda\plugins

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: W:\Program Files\Thunderbird - Messagerie Mail\components [2010/11/14 13:17:33 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Plugins: W:\Program Files\Thunderbird - Messagerie Mail\plugins

 

[2010/09/19 08:44:31 | 000,000,000 | ---D | M] -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Extensions

[2010/09/19 08:44:31 | 000,000,000 | ---D | M] (No name found) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2010/08/15 13:57:10 | 000,000,000 | ---D | M] -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions

[2010/08/15 13:57:05 | 000,000,000 | ---D | M] (Screengrab) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}

[2010/08/15 13:57:06 | 000,000,000 | ---D | M] (FlashGot) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}

[2010/08/15 13:57:06 | 000,000,000 | ---D | M] (TwitterBar) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{1a0c9ebe-ddf9-4b76-b8a3-675c77874d37}

[2010/08/15 13:57:06 | 000,000,000 | ---D | M] (No name found) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}

[2010/08/15 13:57:07 | 000,000,000 | ---D | M] (ScrapBook) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}

[2010/08/15 13:57:07 | 000,000,000 | ---D | M] (Readability) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{6005d9b1-d115-485a-a92a-3f6453ca3fe2}

[2010/08/15 13:57:08 | 000,000,000 | ---D | M] (NoScript) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}

[2010/08/15 13:57:08 | 000,000,000 | ---D | M] (Password Exporter) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}

[2010/08/15 13:57:09 | 000,000,000 | ---D | M] (No name found) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{B9C8BE50-7105-4ec6-8FB4-4935C0671648}

[2010/08/15 13:57:09 | 000,000,000 | ---D | M] (Update Scanner) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9}

[2010/08/15 13:57:09 | 000,000,000 | ---D | M] (Adblock Plus) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2010/08/15 13:57:10 | 000,000,000 | ---D | M] (flashget3 Extension) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}

[2010/08/15 13:57:10 | 000,000,000 | ---D | M] (Diigo Bookmarks and Web Annotations) -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\{fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3}

[2010/08/15 13:57:05 | 000,000,000 | ---D | M] -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\SkipScreen@SkipScreen

[2010/08/15 13:57:05 | 000,000,000 | ---D | M] -- W:\Users\Deux Ex Machina\AppData\Roaming\mozilla\Firefox\Profiles\k1f5bc9p.default\extensions\VacuumPlaces@revertron.com

[2010/08/12 20:45:56 | 000,002,533 | ---- | M] () -- W:\Users\Deux Ex Machina\AppData\Roaming\Mozilla\FireFox\Profiles\k1f5bc9p.default\searchplugins\diigo--google.xml

 

O1 HOSTS File: ([2010/11/20 12:26:20 | 011,692,086 | R--- | M]) - W:\Windows\System32\drivers\etc\HOSTS

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O1 - Hosts: 127.0.0.1 babe.the-killer.bz

O1 - Hosts: 127.0.0.1 www.babe.the-killer.bz

O1 - Hosts: 127.0.0.1 babe.k-lined.com

O1 - Hosts: 127.0.0.1 www.babe.k-lined.com

O1 - Hosts: 127.0.0.1 did.i-used.cc

O1 - Hosts: 127.0.0.1 www.did.i-used.cc

O1 - Hosts: 127.0.0.1 coolwwwsearch.com

O1 - Hosts: 127.0.0.1 www.coolwwwsearch.com

O1 - Hosts: 127.0.0.1 coolwebsearch.com

O1 - Hosts: 127.0.0.1 www.coolwebsearch.com

O1 - Hosts: 127.0.0.1 hi.studioaperto.net

O1 - Hosts: 127.0.0.1 www.hi.studioaperto.net

O1 - Hosts: 127.0.0.1 webbrowser.tv

O1 - Hosts: 127.0.0.1 www.webbrowser.tv

O1 - Hosts: 127.0.0.1 wazzupnet.com

O1 - Hosts: 127.0.0.1 www.wazzupnet.com

O1 - Hosts: 127.0.0.1 gueb.com

O1 - Hosts: 127.0.0.1 www.gueb.com

O1 - Hosts: 127.0.0.1 kabex.com

O1 - Hosts: 127.0.0.1 www.kabex.com

O1 - Hosts: 127.0.0.1 hityou.com

O1 - Hosts: 127.0.0.1 www.hityou.com

O1 - Hosts: 127.0.0.1 miosearch.com

O1 - Hosts: 439905 more lines...

O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - W:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - W:\Program Files\SpywareGuard - Protection\dlprotect.dll ()

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - W:\PROGRA~1\SPYBOT~2\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - W:\Users\Erregior\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll (Trend Media Group)

O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - W:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] W:\Program Files\Adobe Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] W:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [Classic Start Menu] W:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)

O4 - HKLM..\Run: [COMODO Firewall Pro] W:\Program Files\COMODO\Firewall\cfp.exe (COMODO)

O4 - HKLM..\Run: [Google Desktop Search] W:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)

O4 - HKLM..\Run: [iTunesHelper] W:\Program Files\iTunes - Musique\iTunesHelper.exe (Apple Inc.)

O4 - HKLM..\Run: [sMSERIAL] W:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)

O4 - HKLM..\Run: [spybotSnD] W:\Program Files\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)

O4 - HKCU..\Run: [spybotSD TeaTimer] W:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Add to Google Photos Screensa&ver - W:\Windows\System32\GPhotos.scr (Google Inc.)

O9 - Extra Button: @W:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - W:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @W:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - W:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found

O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - W:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - W:\PROGRA~1\SPYBOT~2\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - W:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: localhost ([]http in Intranet local)

O15 - HKCU\..Trusted Domains: secunia.com ([psi] https in Sites de confiance)

O15 - HKCU\..Trusted Ranges: GD ([http] in Intranet local)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - W:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (W:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL) - W:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL (Google)

O20 - AppInit_DLLs: (W:\Windows\system32\guard32.dll) - W:\Windows\System32\guard32.dll ()

O20 - HKLM Winlogon: Shell - (explorer.exe) - W:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - W:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - W:\Windows\System32\igfxdev.dll (Intel Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - W:\Program Files\SpywareGuard - Protection\spywareguard.dll ()

O30 - LSA: Security Packages - (pku2u) - W:\Windows\System32\pku2u.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (livessp) - W:\Windows\System32\livessp.dll (Microsoft Corp.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - W:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{163c23a8-9c95-11df-9932-00030d7844bb}\Shell - "" = AutoRun

O33 - MountPoints2\{163c23a8-9c95-11df-9932-00030d7844bb}\Shell\AutoRun\command - "" = F:\Installer.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

NetSvcs: Themes - W:\Windows\System32\themeservice.dll (Microsoft Corporation)

NetSvcs: BDESVC - W:\Windows\System32\bdesvc.dll (Microsoft Corporation)

 

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010/11/22 10:25:22 | 000,000,000 | ---D | C] -- D:\Responsable editorial LPO 30 11

[2010/11/22 09:43:01 | 000,575,488 | ---- | C] (OldTimer Tools) -- W:\Users\Deux Ex Machina\Desktop\OTL.exe

[2010/11/21 17:55:13 | 000,000,000 | ---D | C] -- W:\Windows\Minidump

[2010/11/21 17:00:53 | 001,339,480 | ---- | C] (Kaspersky Lab ZAO) -- W:\Users\Deux Ex Machina\Desktop\TDSSKiller.exe

[2010/11/20 11:29:21 | 000,000,000 | ---D | C] -- W:\Users\Deux Ex Machina\AppData\Roaming\TrueCrypt

[2010/11/18 17:20:39 | 000,000,000 | ---D | C] -- W:\Users\Deux Ex Machina\AppData\Roaming\Avira

[2010/11/18 16:12:32 | 000,028,520 | ---- | C] (Avira GmbH) -- W:\Windows\System32\drivers\ssmdrv.sys

[2010/11/18 16:12:02 | 000,126,856 | ---- | C] (Avira GmbH) -- W:\Windows\System32\drivers\avipbb.sys

[2010/11/18 16:12:02 | 000,060,936 | ---- | C] (Avira GmbH) -- W:\Windows\System32\drivers\avgntflt.sys

[2010/11/18 16:11:57 | 000,000,000 | ---D | C] -- W:\ProgramData\Avira

[2010/11/18 16:11:57 | 000,000,000 | ---D | C] -- W:\Program Files\Avira

[2010/11/18 16:04:19 | 000,000,000 | ---D | C] -- D:\Mes Google Gadgets

[2010/11/18 00:47:24 | 000,000,000 | ---D | C] -- W:\Users\Deux Ex Machina\AppData\Local\Apple

[2010/11/17 16:43:54 | 000,000,000 | ---D | C] -- W:\Program Files\ESET

[2010/11/17 11:19:43 | 000,000,000 | ---D | C] -- W:\Users\Deux Ex Machina\AppData\Roaming\Malwarebytes

[2010/11/17 11:17:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- W:\Windows\System32\drivers\mbamswissarmy.sys

[2010/11/17 11:17:12 | 000,000,000 | ---D | C] -- W:\ProgramData\Malwarebytes

[2010/11/17 11:17:06 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- W:\Windows\System32\drivers\mbam.sys

[2010/11/17 11:17:06 | 000,000,000 | ---D | C] -- W:\Program Files\Malwarebytes' Anti-Malware

[2010/11/15 12:48:53 | 003,887,480 | ---- | C] (Sysinternals - www.sysinternals.com) -- W:\Program Files\procexp.exe

[2010/11/15 11:02:41 | 000,000,000 | ---D | C] -- W:\Users\Deux Ex Machina\AppData\Local\ElevatedDiagnostics

[2010/11/14 15:25:41 | 000,000,000 | ---D | C] -- W:\Users\Deux Ex Machina\AppData\Roaming\InstallShield

[2010/11/14 14:52:00 | 000,000,000 | ---D | C] -- W:\Intel

[2010/11/14 14:47:09 | 000,000,000 | ---D | C] -- W:\Users\Deux Ex Machina\AppData\Roaming\vlc

[2010/11/14 14:43:45 | 000,000,000 | ---D | C] -- W:\Program Files\Realtek

[2010/11/08 10:47:41 | 000,000,000 | ---D | C] -- W:\Program Files\iPod

[2010/10/27 12:21:08 | 000,000,000 | ---D | C] -- W:\Program Files\Bonjour

[2010/10/27 10:28:31 | 000,000,000 | R--D | C] -- W:\Program Files\Skype

[2010/10/27 10:28:28 | 000,000,000 | ---D | C] -- W:\Users\Deux Ex Machina\AppData\Roaming\Skype

[2010/10/27 10:12:36 | 000,641,536 | ---- | C] (Microsoft Corporation) -- W:\Windows\System32\CPFilters.dll

[2010/10/27 10:12:35 | 000,204,288 | ---- | C] (Microsoft Corporation) -- W:\Windows\System32\MSNP.ax

[2010/10/27 10:12:35 | 000,199,680 | ---- | C] (Microsoft Corporation) -- W:\Windows\System32\mpg2splt.ax

[2010/10/27 10:12:30 | 000,026,504 | ---- | C] (Microsoft Corporation) -- W:\Windows\System32\drivers\Diskdump.sys

 

========== Files - Modified Within 30 Days ==========

 

[2010/11/22 11:58:55 | 000,681,976 | ---- | M] () -- W:\Windows\System32\perfh00C.dat

[2010/11/22 11:58:55 | 000,594,964 | ---- | M] () -- W:\Windows\System32\perfh009.dat

[2010/11/22 11:58:55 | 000,121,872 | ---- | M] () -- W:\Windows\System32\perfc00C.dat

[2010/11/22 11:58:55 | 000,099,334 | ---- | M] () -- W:\Windows\System32\perfc009.dat

[2010/11/22 11:31:00 | 000,001,088 | ---- | M] () -- W:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-689601093-2118000924-3733035549-1001UA.job

[2010/11/22 10:55:04 | 000,092,672 | ---- | M] () -- D:\Projet CV.doc

[2010/11/22 10:18:09 | 003,507,883 | ---- | M] () -- D:\Expertise et blog.pdf

[2010/11/22 09:44:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- W:\Users\Deux Ex Machina\Desktop\OTL.exe

[2010/11/22 09:42:50 | 000,122,866 | ---- | M] () -- W:\Users\Deux Ex Machina\Desktop\Desinfection 2.pdf

[2010/11/22 08:32:39 | 000,067,584 | --S- | M] () -- W:\Windows\bootstat.dat

[2010/11/21 18:38:42 | 000,000,356 | ---- | M] () -- W:\Windows\tasks\GlaryInitialize.job

[2010/11/21 18:31:00 | 000,001,036 | ---- | M] () -- W:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-689601093-2118000924-3733035549-1001Core.job

[2010/11/21 18:03:24 | 000,013,248 | -H-- | M] () -- W:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/11/21 18:03:24 | 000,013,248 | -H-- | M] () -- W:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/11/21 17:53:03 | 1603,084,288 | -HS- | M] () -- W:\hiberfil.sys

[2010/11/21 14:24:44 | 000,080,384 | ---- | M] () -- W:\Users\Deux Ex Machina\Desktop\MBRCheck(2).exe

[2010/11/21 14:18:56 | 000,260,919 | ---- | M] () -- W:\Users\Deux Ex Machina\Desktop\inqtruction desinfection.pdf

[2010/11/21 13:12:01 | 000,000,162 | -H-- | M] () -- D:\~$ojet CV.doc

[2010/11/21 13:09:32 | 000,088,064 | ---- | M] () -- D:\CV.doc

[2010/11/21 13:09:32 | 000,000,162 | -H-- | M] () -- D:\~$ .doc

[2010/11/21 13:01:10 | 000,000,162 | -H-- | M] () -- D:\~$ travail CDP .doc

[2010/11/21 12:59:45 | 000,000,162 | -H-- | M] () -- D:\~$ .doc

[2010/11/20 12:26:20 | 011,692,086 | R--- | M] () -- W:\Windows\System32\drivers\etc\HOSTS

[2010/11/19 15:36:12 | 000,324,490 | ---- | M] () -- D:\Journaliste .pdf

[2010/11/19 13:16:55 | 000,639,981 | ---- | M] () -- D:\calendrier FPT Charentes 2010-mai2010.pdf

[2010/11/19 12:57:26 | 000,258,798 | ---- | M] () -- D:\Calendrier coucours FP territoriale.pdf

[2010/11/18 16:13:22 | 000,002,020 | ---- | M] () -- W:\Users\Public\Desktop\Avira AntiVir Control Center.lnk

[2010/11/17 11:18:10 | 000,000,987 | ---- | M] () -- W:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/11/17 07:24:22 | 001,339,480 | ---- | M] (Kaspersky Lab ZAO) -- W:\Users\Deux Ex Machina\Desktop\TDSSKiller.exe

[2010/11/14 12:51:22 | 000,000,945 | ---- | M] () -- W:\Users\Deux Ex Machina\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk

[2010/11/10 18:24:26 | 000,053,248 | ---- | M] () -- D:\CVe.doc

[2010/11/10 18:04:37 | 000,084,992 | ---- | M] () -- D:\CV travail .doc

[2010/11/10 10:45:27 | 011,690,974 | R--- | M] () -- W:\Windows\System32\drivers\etc\hosts.20101120-122620.backup

[2010/11/09 16:08:06 | 011,689,504 | ---- | M] () -- W:\Windows\System32\drivers\etc\hosts.20101110-104527.backup

[2010/11/09 16:08:06 | 011,689,504 | ---- | M] () -- D:\HOSTS

[2010/11/04 18:30:46 | 000,045,568 | ---- | M] () -- D:\courrier en-tete .doc

[2010/11/01 14:01:56 | 000,088,064 | ---- | M] () -- D:\CV .doc

[2010/10/29 14:22:41 | 000,023,763 | ---- | M] () -- D:\CV_.pdf

[2010/10/27 10:19:46 | 000,001,050 | ---- | M] () -- W:\Users\Deux Ex Machina\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk

[2010/10/27 10:19:46 | 000,001,026 | ---- | M] () -- W:\Users\Deux Ex Machina\Desktop\Glary Utilities.lnk

[2010/10/25 23:40:57 | 000,000,447 | ---- | M] () -- D:\ax_files.xml

 

========== Files Created - No Company Name ==========

 

[2010/11/22 11:55:23 | 000,122,866 | ---- | C] () -- W:\Users\Deux Ex Machina\Desktop\Desinfection 2.pdf

[2010/11/22 10:45:27 | 000,182,213 | ---- | C] () -- D:\Projet .pdf

[2010/11/22 10:18:09 | 003,507,883 | ---- | C] () -- D:\Expertise et blog.pdf

[2010/11/21 17:01:38 | 000,260,919 | ---- | C] () -- W:\Users\Deux Ex Machina\Desktop\inqtruction desinfection.pdf

[2010/11/21 17:00:43 | 000,080,384 | ---- | C] () -- W:\Users\Deux Ex Machina\Desktop\MBRCheck(2).exe

[2010/11/21 13:12:01 | 000,000,162 | -H-- | C] () -- D:\~$ojet CV .doc

[2010/11/21 13:11:59 | 000,092,672 | ---- | C] () -- D:\Projet CV .doc

[2010/11/21 13:09:32 | 000,000,162 | -H-- | C] () -- D:\~$ GM.doc

[2010/11/21 13:09:28 | 000,088,064 | ---- | C] () -- D:\CV GM.doc

[2010/11/21 13:01:10 | 000,000,162 | -H-- | C] () -- D:\~$ travail CDP .doc

[2010/11/21 12:59:45 | 000,000,162 | -H-- | C] () -- D:\~$ GM.doc

[2010/11/20 17:44:04 | 000,088,064 | ---- | C] () -- D:\CV GM.doc

[2010/11/20 17:44:04 | 000,053,248 | ---- | C] () -- D:\CV GM.doc

[2010/11/20 17:44:04 | 000,052,009 | ---- | C] () -- D:\dossier pedagogique fais ton journal.pdf

[2010/11/20 17:44:04 | 000,045,568 | ---- | C] () -- D:\courrier en-tete .doc

[2010/11/20 17:44:04 | 000,023,763 | ---- | C] () -- D:\CV_.pdf

[2010/11/20 17:44:03 | 003,181,222 | ---- | C] () -- D:\flickr securisation.pdf

[2010/11/20 17:44:03 | 001,288,788 | ---- | C] () -- D:\Tutoriel-logiciel-fais-ton-journal.pdf

[2010/11/20 17:44:03 | 000,760,325 | ---- | C] () -- D:\aide_creation_index.pdf

[2010/11/20 17:44:03 | 000,639,981 | ---- | C] () -- D:\calendrier FPT Charentes 2010-mai2010.pdf

[2010/11/20 17:44:03 | 000,258,798 | ---- | C] () -- D:\Calendrier coucours FP territoriale.pdf

[2010/11/20 17:44:03 | 000,060,928 | ---- | C] () -- D:\Pour securiser et mieux utiliser un ordinateur.doc

[2010/11/20 17:44:03 | 000,016,022 | ---- | C] () -- D:\Notes sur min identite numerique.docx

[2010/11/18 16:13:22 | 000,002,020 | ---- | C] () -- W:\Users\Public\Desktop\Avira AntiVir Control Center.lnk

[2010/11/17 11:18:10 | 000,000,987 | ---- | C] () -- W:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/11/09 16:08:05 | 011,689,504 | ---- | C] () -- D:\HOSTS

[2010/10/07 10:36:42 | 000,001,928 | ---- | C] () -- W:\Program Files\Adobe Reader 9.lnk

[2010/08/22 11:01:56 | 000,001,071 | ---- | C] () -- W:\Program Files\Picasa 3.lnk

[2010/08/22 09:55:48 | 000,116,224 | ---- | C] () -- W:\Windows\System32\pdfcmnnt.dll

[2010/08/16 21:42:50 | 000,001,149 | ---- | C] () -- W:\Program Files\Google Talk.lnk

[2010/07/18 18:38:13 | 000,697,328 | ---- | C] () -- W:\Windows\System32\drivers\sptd.sys

[2010/07/18 18:02:44 | 000,000,117 | ---- | C] () -- W:\Windows\SoftWriting.ini

[2010/07/17 20:11:42 | 000,139,008 | ---- | C] () -- W:\Windows\System32\guard32.dll

[2010/07/17 17:37:22 | 000,140,288 | ---- | C] () -- W:\Windows\System32\igfxtvcx.dll

[2010/07/17 16:43:30 | 000,000,025 | ---- | C] () -- W:\Windows\libem.INI

[2009/12/03 08:27:30 | 000,080,416 | ---- | C] () -- W:\Windows\System32\RtNicProp32.dll

[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- W:\Windows\System32\BthpanContextHandler.dll

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- W:\Windows\System32\BWContextHandler.dll

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2009/06/10 22:42:20 | 000,000,024 | ---- | M] () -- W:\autoexec.bat

[2009/06/10 22:42:20 | 000,000,010 | ---- | M] () -- W:\config.sys

[2010/11/21 17:53:03 | 1603,084,288 | -HS- | M] () -- W:\hiberfil.sys

[2010/09/19 08:43:21 | 000,009,593 | ---- | M] () -- W:\JavaRa.log

[2010/11/21 17:13:57 | 000,063,004 | ---- | M] () -- W:\TDSSKiller.2.4.8.0_21.11.2010_17.08.43_log.txt

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

 

< %systemroot%\system32\drivers\*.sys /90 >

[2010/08/27 04:31:30 | 000,310,784 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\drivers\srv.sys

[2010/08/27 04:30:47 | 000,308,736 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\drivers\srv2.sys

[2010/08/27 04:30:40 | 000,113,664 | ---- | M] (Microsoft Corporation) -- W:\Windows\System32\drivers\srvnet.sys

[2010/09/06 17:06:43 | 000,231,248 | ---- | M] (TrueCrypt Foundation) -- W:\Windows\System32\drivers\truecrypt.sys

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 95 bytes -> W:\ProgramData\TEMP:5C321E34

 

< End of report >

 

Et maintenant le rapport Extras:

OTL Extras logfile created on: 22/11/2010 11:59:18 - Run 1

OTL by OldTimer - Version 3.2.17.3 Folder = W:\Users\Deux Ex Machina\Desktop

An unknown product (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 65,00% Memory free

2,00 Gb Paging File | 1,00 Gb Available in Paging File | 62,00% Paging File free

Paging file location(s): s:\pagefile.sys 220 2040 [binary data]

 

%SystemDrive% = W: | %SystemRoot% = W:\Windows | %ProgramFiles% = W:\Program Files

Drive C: | 48,75 Gb Total Space | 0,68 Gb Free Space | 1,40% Space Free | Partition Type: NTFS

Drive D: | 51,57 Gb Total Space | 6,21 Gb Free Space | 12,04% Space Free | Partition Type: NTFS

Drive G: | 979,03 Mb Total Space | 971,08 Mb Free Space | 99,19% Space Free | Partition Type: FAT32

Drive H: | 248,99 Mb Total Space | 238,48 Mb Free Space | 95,78% Space Free | Partition Type: FAT32

Drive K: | 465,76 Gb Total Space | 34,94 Gb Free Space | 7,50% Space Free | Partition Type: NTFS

Drive S: | 1,99 Gb Total Space | 1,78 Gb Free Space | 89,21% Space Free | Partition Type: FAT32

Drive W: | 35,00 Gb Total Space | 17,37 Gb Free Space | 49,64% Space Free | Partition Type: NTFS

 

Computer Name: THINKINGMACHINE | User Name: Deux Ex Machina | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- W:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- W:\Windows\winhlp32.exe (Microsoft Corporation)

.reg [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- W:\Program Files\Firefox - Navigateur internet\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "W:\Program Files\VLC - Video\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [browse with &IrfanView] -- "W:\Program Files\IrfanView - Lecteur Images\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "W:\Program Files\VLC - Video\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"W:\Program Files\FlashGet 3 - Gestion telechargement\FlashGet3.exe" = W:\Program Files\FlashGet 3 - Gestion telechargement\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

".sol Editor" = .sol Editor 1.1.0.1

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control

"{13CD417D-F1F1-4AC4-945D-FDDEB884756F}" = Microsoft Baseline Security Analyzer 2.2

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)

"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10

"{266517E6-D866-439D-919C-B8B1A52E6080}" = OpenOffice.org 3.2

"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java 6 Update 22

"{2AD738DC-FC24-4342-A2DA-BB6DCCF6B048}" = Jing

"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)

"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10

"{7F6291BF-6354-4D3F-8BF8-47D8DB46E45C}" = Classic Shell

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007

"{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007

"{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007

"{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007

"{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007

"{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10

"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update

"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D3A80508-CD83-4CA3-8671-914A1BC78B61}" = Microsoft Sync Framework 2.0 Provider Services (x86) ENU

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype 5.0

"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime

"{F7E1CA14-B39D-452A-960B-39423DDDD933}" = DriveImage XML (Private Edition)

"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour

"{FF63121D-91C6-42CC-B341-F1AA729728E7}" = Microsoft Sync Framework 2.0 Core Components (x86) ENU

"7-Zip" = 7-Zip 9.20

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind

"CCleaner" = CCleaner

"CobBackup10" = Cobian Backup 10

"ENTERPRISE" = Microsoft Office Enterprise 2007

"ESET Online Scanner" = ESET Online Scanner v3

"Exifer_is1" = Exifer

"FileHippo.com" = FileHippo.com Update Checker

"FlashGet 3.5" = FlashGet 3.5

"Glary Utilities_is1" = Glary Utilities 2.29.0.1032

"Google Desktop" = Google Desktop

"HDMI" = Intel® Graphics Media Accelerator Driver

"hpHosts_is1" = hpHosts

"ImgBurn" = ImgBurn

"IrfanView" = IrfanView (remove only)

"JDownloader" = JDownloader

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"MozBackup" = MozBackup 1.4.10

"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)

"Mozilla Sunbird (0.9)" = Mozilla Sunbird (0.9)

"Mozilla Thunderbird (3.1.6)" = Mozilla Thunderbird (3.1.6)

"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1

"Notepad++" = Notepad++

"OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français

"Picasa 3" = Picasa 3

"Secunia PSI" = Secunia PSI

"SimpleOCR 3.1" = SimpleOCR 3.1

"SMSERIAL" = Motorola SM56 Speakerphone Modem

"SpywareBlaster_is1" = SpywareBlaster 4.4

"SpywareGuard_is1" = SpywareGuard v2.2

"TrueCrypt" = TrueCrypt

"TVWiz" = Intel® TV Wizard

"uTorrent" = µTorrent

"VLC media player" = VLC media player 1.1.4

"WinGimp-2.0_is1" = GIMP 2.6.10

"WinLiveSuite" = Windows Live

"XnView_is1" = XnView 1.97.6

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 21/11/2010 13:41:10 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Échec de l’extraction de la liste racine tierce depuis le fichier

CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>'>http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

avec l’erreur : Données non valides. .

 

Error - 22/11/2010 03:43:58 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Échec de l’extraction de la liste racine tierce depuis le fichier

CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

avec l’erreur : Données non valides. .

 

Error - 22/11/2010 03:45:25 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Échec de l’extraction de la liste racine tierce depuis le fichier

CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

avec l’erreur : Données non valides. .

 

Error - 22/11/2010 04:58:23 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Échec de l’extraction de la liste racine tierce depuis le fichier

CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

avec l’erreur : Données non valides. .

 

Error - 22/11/2010 05:05:22 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Échec de l’extraction de la liste racine tierce depuis le fichier

CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

avec l’erreur : Données non valides. .

 

Error - 22/11/2010 05:06:05 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Échec de l’extraction de la liste racine tierce depuis le fichier

CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

avec l’erreur : Données non valides. .

 

Error - 22/11/2010 05:32:46 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Échec de l’extraction de la liste racine tierce depuis le fichier

CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

avec l’erreur : Données non valides. .

 

Error - 22/11/2010 05:32:46 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Échec de l’extraction de la liste racine tierce depuis le fichier

CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

avec l’erreur : Données non valides. .

 

Error - 22/11/2010 05:32:46 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Échec de l’extraction de la liste racine tierce depuis le fichier

CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

avec l’erreur : Données non valides. .

 

Error - 22/11/2010 05:32:47 | Computer Name = ThinkingMachine | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Échec de l’extraction de la liste racine tierce depuis le fichier

CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

avec l’erreur : Données non valides. .

 

[ System Events ]

Error - 20/11/2010 13:16:33 | Computer Name = ThinkingMachine | Source = Service Control Manager | ID = 7001

Description = Le service Service Liste des réseaux dépend du service Connaissance

des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : %%1068

 

Error - 20/11/2010 13:16:33 | Computer Name = ThinkingMachine | Source = Service Control Manager | ID = 7001

Description = Le service Service Liste des réseaux dépend du service Connaissance

des emplacements réseau qui n’a pas pu démarrer en raison de l’erreur : %%1068

 

Error - 21/11/2010 10:05:27 | Computer Name = ThinkingMachine | Source = EventLog | ID = 6008

Description = L’arrêt système précédant à 14:15:04 le ?21/?11/?2010 n’était pas

prévu.

 

Error - 21/11/2010 10:06:21 | Computer Name = ThinkingMachine | Source = Service Control Manager | ID = 7009

Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de

l’attente de la connexion du service SBSD Security Center Service.

 

Error - 21/11/2010 10:06:21 | Computer Name = ThinkingMachine | Source = Service Control Manager | ID = 7000

Description = Le service SBSD Security Center Service n’a pas pu démarrer en raison

de l’erreur : %%1053

 

Error - 21/11/2010 12:55:17 | Computer Name = ThinkingMachine | Source = EventLog | ID = 6008

Description = L’arrêt système précédant à 17:14:07 le ?21/?11/?2010 n’était pas

prévu.

 

Error - 21/11/2010 12:55:18 | Computer Name = THINKINGMACHINE | Source = BugCheck | ID = 1001

Description =

 

Error - 21/11/2010 12:56:11 | Computer Name = ThinkingMachine | Source = Service Control Manager | ID = 7009

Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de

l’attente de la connexion du service SBSD Security Center Service.

 

Error - 21/11/2010 12:56:11 | Computer Name = ThinkingMachine | Source = Service Control Manager | ID = 7000

Description = Le service SBSD Security Center Service n’a pas pu démarrer en raison

de l’erreur : %%1053

 

Error - 21/11/2010 18:44:07 | Computer Name = ThinkingMachine | Source = Service Control Manager | ID = 7011

Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de

l’attente de la réponse transactionnelle du service ShellHWDetection.

 

 

< End of report >

 

Sinon, je n'ai pu brancher qu'un DD externe et 2 clefs USB. Je relance le logiciel avec les clefs restantes ?

lance_yien Full Patch Member

lance_yien

Posté(e)
Posté(e)

Re,

 

Rien de méchant si ce n'est un peu de ménage et on verra après s'il faut chercher autre chose:

 

>>> OTL: Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation".

 

:OTL

@Alternate Data Stream - 95 bytes -> W:\ProgramData\TEMP:5C321E34

 

:Services

 

:Reg

 

:Files

W:\Windows\tasks\*.job

 

:Commands

[EMPTYTEMP]

[RESETHOSTS]

[REBOOT]

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme vous demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier tout son contenu et le coller dans une nouvelle réponse du forum. Fermer le rapport et OTL.

INUTILE DE POSTER LE RAPPORT.

 

>>> Supprimer les utilitaires:

- Dans la fenêtre de OTL, cliquer sur Purge outils. Laisser faire et redémarrer le PC.

- Pour supprimer les autres utilitaires et leur rapports, cliquer-droit dessus => "Supprimer".

 

>>> Ré-initialiser les Points de Restauration:

Clic-droit sur "Ordinateur" => "Propriétés" => "Protection Système". Cliquer sur le nom de la partition système (généralement C:) puis sur "Configurer" => "Supprimer" => "Continuer" (pour confirmer).

Cliquer sur "Fermer" puis "OK" => "OK" et attendre un moment.

 

Retourner dans "Protection système" et cliquer sur la partition => "Configurer" et sélectionner "Restaurer les paramètres système et les versions précédentes des fichiers"

Cliquer sur "OK" => "OK" et fermer la fenêtre.

Un nouveau point de restauration sera créé.

 

 

>>> Activer l'UAC: Parce qu'il y a de plus en plus de malware qui exploitent la désactivation de l'UAC (contrôle de compte utilisateur) de Windows (Vista et W7) pour installer des rootkits, garder ce module activé même s'il paraît, des fois, énervant:

Cliquer sur "Démarrer" => "Panneau de configuration". Cliquer sur " Comptes d'utilisateurs..." => "Modifier les paramètres de contrôle de compte utilisateur."

Régler le curseur comme indiqué sur l'image.

 

uac-w7_fr.png

 

>>> Très important: Toute ancienne version d'un programme quel qu'il soit peut comporter des vulnérabilités susceptibles d'être exploitées pour infecter un PC et notre meilleur moyen pour limiter les dégâts c'est la mise à jour régulièrement:

  • Firefox: Lancer FF et cliquer sur le ? puis sur "Rechercher des mises à jour...". Suivre les indications.

Please, let me know how the updates went. This is important because any problem in updating may indicate more malware present in your system.

 

 

>>> libérer de l'espace: Ces lignes indiquent que ton lecteurs sont saturés

Drive C: | 48,75 Gb Total Space | 0,68 Gb Free Space | 1,40% Space Free | Partition Type: NTFS

Drive D: | 51,57 Gb Total Space | 6,21 Gb Free Space | 12,04% Space Free | Partition Type: NTFS

 

Un minimum de 15% est requis pour une fluidité d'accès. Supprime le maximum que tu peux.

 

 

>>> Protections: Tes rapports montrent

- avast! Free Antivirus <= Lui ou Avira

- Avira <= Lui ou Avast

- ESET Online Scanner v3 <= Inutile de garder

- COMODO-Firewall <= Connu pour consommer trop de ressource. Tu peut utiliser le PF de Windows7, il va bien chez moi :)

Pour désinstaller des programme utilise Revo uninstaller qui va bien pour tout (voir plus bas).

 

>>> Pour améliorer ton système, télécharger sur le Bureau:

  • CCleaner depuis ici (si tu ne l'as pas).
  • MBAM' StartUpLite depuis ici.
  • Revo Uninstaller depuis ICI.

 

>>> Désinstaller les programmes inutiles.

  • Installez Revo Uninstaller et lancer le programme depuis son icône sur le Bureau ou depuis "Démarrer" => "Tous les Programmes" => "Revo Uninstaller".
     
  • Sélectionner un programme et cliquer sur le bouton Désinstaller revo1.png
     
  • Dans la nouvelle fenêtre, choisir le mode Avancé et cliquer sur Suivant. revo2.png
     
    Suivre les instructions.
     
  • Cliquer sur Sélectionner tout (1) puis sur Supprimer (2) revo3.png.
     
    Ceci a pour effet de supprimer tous les items listés dans le champ en haut de la fenêtre.
     
  • Cliquer sur le bouton Fini pour fermer la fenêtre.

 

>>> StartUpLite Il y a toujours des programmes qui se lancent INUTILEMENT en même temps que Windows.

Double-cliquer sur StartUpLite.exe mbamuplite1.png pour lancer le programme.

Il affichera toutes les entrées inutiles en démarrage automatique.

Sélectionner TOUTES les entrées affichées et cliquer sur Continue.

S'il affiche "No unnecessary startups found!", c'est qu'il n'y a rien à faire.

 

 

>>> CCleaner: Faire un nettoyage.

 

 

>>> Enfin: Dé-fragmenter toutes les partitions existantes sur le PC.

 

 

Fais-moi savoir ce que ça donne. C'est important.

 

Bon courage!

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...