Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Rapport HijackThis

zebb_17

Par zebb_17
dans Analyses et éradication malwares

 Partager

Messages recommandés

zebb_17 Power Member

zebb_17

Posté(e)
Posté(e) (modifié)

Bonjour,

 

j'ai un soucis avec mon Pc portable; il est très lent et je ne sais plus quoi faire, je suis au bord du formatage...

J'ai fait une analyse MB sans aucun résultat et une analyse antivirus (antivir) sans aucun résultat non plus.

 

Je poste un scan HijackThis, si quelqu'un peut m'aider svp.

Merci d'avance.

 

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:01:35, on 01/02/2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16700)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Samsung\FW LiveUpdate\FWManager.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\Géraldine\Local Settings\Apps\F.lux\flux.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Géraldine\Documents\Logiciels\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

O4 - HKLM\..\Run: [Name of App] C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe r

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [F.lux] "C:\Users\Géraldine\Local Settings\Apps\F.lux\flux.exe" /noshow

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe

O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

 

--

End of file - 20925 bytes

Modifié par zebb_17

jeanmimigab Extrem Member

jeanmimigab

Posté(e)
Posté(e) (modifié)

bonsoir Zebb_17

 

Il n'y a pas grand chose d'infectieux, je me demande si il n'y a pas autre choses.

 

Si après le désinfection tu as toujours des soucis, il faudra envisager le formatage.

Dans l'immédiat pense a sauvegarder tous tes documents sur un autre disque dur / DVD /CD

 

On va virer ce qui est infectieux, pour cela...

 

* Télécharge >> OTL <<sur ton bureau.

 

* Fait un double-clic sur l'icône d'OTL pour le lancer

 

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

 

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

 

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

 

NetSvcs

%systemroot%\system32\drivers\*.sys /lockedfiles

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

netsvcs

%SYSTEMDRIVE%\*.exe

/md5start

explorer.exe

userinit.exe

winlogon.exe

wininit.exe

tcpip.sys

Sfloppy.sys

Changer.sys

cdrom.sys

disk.sys

ndis.sys

usbscan.sys

usbprint.sys

tdtcp.sys

tdpipe.sys

swmidi.sys

splitter.sys

rdpwd.sys

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

sceclt.dll

ntelogon.dll

logevent.dll

RASACD.SYS

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

nvrd32.sys

/md5stop

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

 

* Cliques sur l'icône "Analyse" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( réduit dans la barre des taches).

* Copie et colle les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL

 

@++ ;)

Modifié par jeanmimigab
zebb_17 Power Member

zebb_17

Posté(e)
  • Auteur
Posté(e)

Bonsoir, merci pour ta réponse; voici les deux rapports demandés:

 

OTL logfile created on: 01/02/2011 21:41:22 - Run 1

OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Géraldine\Desktop

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 141,58 Gb Total Space | 57,47 Gb Free Space | 40,59% Space Free | Partition Type: NTFS

Drive D: | 7,46 Gb Total Space | 2,31 Gb Free Space | 30,96% Space Free | Partition Type: NTFS

 

Computer Name: GÉRALDINE-PC | User Name: Géraldine | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\Géraldine\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation)

PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)

PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

PRC - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)

PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)

PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)

PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)

PRC - C:\Program Files\Samsung\FW LiveUpdate\FWManager.exe ( )

PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)

PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)

PRC - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe (InterVideo Inc.)

PRC - C:\TeamScripT4\mirc.exe (mIRC Co. Ltd.)

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Users\Géraldine\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)

MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)

MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)

MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)

MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)

MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)

MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)

MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (IAStorDataMgrSvc) Intel® -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)

SRV - (EvtEng) Intel® -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel® Corporation)

SRV - (RegSrvc) Intel® -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)

SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)

SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)

SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe ()

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)

SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)

SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)

SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)

SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)

SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)

SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)

SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)

SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)

SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)

SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

SRV - (AxInstSV) Programme d’installation ActiveX (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)

SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)

SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)

SRV - (Capture Device Service) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe (InterVideo Inc.)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)

DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)

DRV - (NETwLv32) Pilote de carte de la série Intel® -- C:\Windows\System32\drivers\NETwLv32.sys (Intel Corporation)

DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)

DRV - (DrvAgent32) -- C:\Windows\System32\drivers\DrvAgent32.sys (Phoenix Technologies)

DRV - (cpuidlep) -- C:\Windows\System32\drivers\cpuidlep.sys ()

DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek )

DRV - (netw5v32) Pilote de carte de la série Intel® -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)

DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated)

DRV - (ssm_mdm) -- C:\Windows\System32\drivers\ssm_mdm.sys (MCCI Corporation)

DRV - (ssm_bus) SAMSUNG Mobile USB Device II 1.0 driver (WDM) -- C:\Windows\System32\drivers\ssm_bus.sys (MCCI Corporation)

DRV - (ssm_mdfl) -- C:\Windows\System32\drivers\ssm_mdfl.sys (MCCI Corporation)

DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)

DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)

DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)

DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)

DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)

DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)

DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)

DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)

DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)

DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)

DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)

DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)

DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)

DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)

DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)

DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)

DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)

DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)

DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)

DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)

DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)

DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)

DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)

DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)

DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)

DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)

DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)

DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)

DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)

DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)

DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)

DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)

DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)

DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)

DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)

DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)

DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)

DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)

DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)

DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)

DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)

DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)

DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)

DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)

DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)

DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)

DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)

DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)

DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)

DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)

DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)

DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)

DRV - (usbaudio) Pilote USB audio (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)

DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)

DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)

DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)

DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)

DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)

DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)

DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)

DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)

DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)

DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)

DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)

DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)

DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)

DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)

DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)

DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)

DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)

DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)

DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)

DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)

DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)

DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)

DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()

DRV - (btnetBUs) -- C:\Windows\System32\drivers\btnetBus.sys ()

DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)

DRV - (BtHidBus) -- C:\Windows\System32\Drivers\BtHidBus.sys (IVT Corporation.)

DRV - (IvtBtBUs) -- C:\Windows\System32\drivers\IvtBtBus.sys (IVT Corporation.)

DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Windows ® 2000 DDK provider)

DRV - (giveio) -- C:\Windows\system32\giveio.sys ()

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1C AB F8 C8 D1 42 CB 01 [binary data]

IE - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

 

========== FireFox ==========

 

FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1

FF - prefs.js..extensions.enabledItems: megadebridplugin@mega-debrid.eu:0.3

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: multilinks@plugin:2.0.0.17

FF - prefs.js..extensions.enabledItems: {5CEFD22F-9A9E-4544-9BFC-C4F2FBCA87D6}:1.3

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - prefs.js..extensions.enabledItems: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0

FF - prefs.js..network.proxy.backup.ftp: "localhost"

FF - prefs.js..network.proxy.backup.ftp_port: 9666

FF - prefs.js..network.proxy.backup.gopher: "localhost"

FF - prefs.js..network.proxy.backup.gopher_port: 9666

FF - prefs.js..network.proxy.backup.socks: "localhost"

FF - prefs.js..network.proxy.backup.socks_port: 9666

FF - prefs.js..network.proxy.backup.ssl: "localhost"

FF - prefs.js..network.proxy.backup.ssl_port: 9666

FF - prefs.js..network.proxy.http: "localhost"

FF - prefs.js..network.proxy.http_port: 9666

FF - prefs.js..network.proxy.socks: "localhost"

FF - prefs.js..network.proxy.socks_port: 9050

FF - prefs.js..network.proxy.socks_remote_dns: true

FF - prefs.js..network.proxy.ssl: "localhost"

FF - prefs.js..network.proxy.ssl_port: 9666

FF - prefs.js..network.proxy.type: 0

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/08 23:36:19 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/08 23:36:18 | 000,000,000 | ---D | M]

 

[2010/12/04 20:18:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Extensions

[2010/08/24 13:39:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Extensions\home2@tomtom.com

[2010/12/04 20:18:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Extensions\MediaCoder

[2011/02/01 21:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Firefox\Profiles\u5jmeubz.default\extensions

[2011/01/17 13:03:09 | 000,000,000 | ---D | M] ("UltraSurf Firefox Tool") -- C:\Users\Géraldine\AppData\Roaming\mozilla\Firefox\Profiles\u5jmeubz.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}

[2010/10/23 14:54:01 | 000,000,000 | ---D | M] (KOLOBOK Smiles) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Firefox\Profiles\u5jmeubz.default\extensions\{5CEFD22F-9A9E-4544-9BFC-C4F2FBCA87D6}

[2010/12/24 00:21:44 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Firefox\Profiles\u5jmeubz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2011/01/27 01:45:26 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Firefox\Profiles\u5jmeubz.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2010/09/01 16:02:21 | 000,000,000 | ---D | M] (Mega-Debrid plugin) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Firefox\Profiles\u5jmeubz.default\extensions\megadebridplugin@mega-debrid.eu

[2010/10/17 10:08:32 | 000,000,000 | ---D | M] (Multi Links) -- C:\Users\Géraldine\AppData\Roaming\mozilla\Firefox\Profiles\u5jmeubz.default\extensions\multilinks@plugin

[2011/02/01 21:04:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2010/12/05 23:02:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/12/05 23:02:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2010/12/21 11:12:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

File not found (No name found) -- C:\USERS\GéRALDINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\U5JMEUBZ.DEFAULT\EXTENSIONS\{5B52016C-D097-4AEC-BE61-9F129D8FDDBA}

File not found (No name found) -- C:\USERS\GéRALDINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\U5JMEUBZ.DEFAULT\EXTENSIONS\{5CEFD22F-9A9E-4544-9BFC-C4F2FBCA87D6}

File not found (No name found) -- C:\USERS\GéRALDINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\U5JMEUBZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}

File not found (No name found) -- C:\USERS\GéRALDINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\U5JMEUBZ.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}

File not found (No name found) -- C:\USERS\GéRALDINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\U5JMEUBZ.DEFAULT\EXTENSIONS\MEGADEBRIDPLUGIN@MEGA-DEBRID.EU

File not found (No name found) -- C:\USERS\GéRALDINE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\U5JMEUBZ.DEFAULT\EXTENSIONS\MULTILINKS@PLUGIN

[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

[2010/12/11 18:03:26 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml

[2010/12/11 18:03:26 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/12/11 18:03:26 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml

[2010/12/11 18:03:27 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010/12/11 18:03:27 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)

O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)

O3 - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [Name of App] C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe ( )

O4 - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001..\Run: [F.lux] C:\Users\Géraldine\Local Settings\Apps\F.lux\flux.exe ()

O4 - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2005/09/11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)

NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

 

 

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS - File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation)

SafeBootMin: Primary disk - Driver Group

SafeBootMin: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: Dhcp - C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: ndiscap - C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS - File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation)

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Dossiers Web

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {AA60F483-BB49-4141-0CB3-C13CBDF648C4} - Browser Customizations

ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker 2.6

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()

Drivers32: msacm.avis - C:\Windows\System32\ff_acm.acm ()

Drivers32: msacm.divxa32 - C:\Windows\System32\DivXa32.acm (Hacked With Joy !)

Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.lameacm - C:\Windows\System32\LameACM.acm (http://www.mp3dev.org/)

Drivers32: msacm.mpegacm - C:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)

Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)

Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)

Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()

Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)

Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()

Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)

NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/02/01 21:39:07 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Géraldine\Desktop\OTL.exe

[2011/01/17 02:49:26 | 000,000,000 | ---D | C] -- C:\Users\Géraldine\Documents\ultrasurf

[2011/01/14 12:48:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com

[2011/01/12 12:40:37 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll

[2011/01/12 12:40:30 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll

[2011/01/12 12:40:30 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll

[2011/01/12 12:40:30 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll

[2011/01/12 12:40:30 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll

[2011/01/12 12:40:29 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll

[2011/01/12 12:40:29 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll

[2011/01/12 12:40:28 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll

[2011/01/12 12:40:28 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll

[2011/01/12 12:40:28 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys

[2011/01/12 12:40:28 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll

[2011/01/12 12:40:28 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll

[2011/01/12 12:40:27 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll

[2011/01/09 13:38:24 | 000,000,000 | ---D | C] -- C:\FreudUsers

[2011/01/09 13:31:11 | 015,047,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll

[2011/01/09 13:31:11 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll

[2011/01/09 13:31:11 | 010,466,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

[2011/01/09 13:31:11 | 004,941,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll

[2011/01/09 13:31:11 | 002,895,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll

[2011/01/09 13:31:11 | 002,251,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll

[2011/01/09 13:31:11 | 000,941,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322090.dll

[2011/01/09 13:31:11 | 000,837,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322040.dll

[2011/01/09 13:31:11 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2011/01/09 13:31:11 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

[2011/01/09 00:52:44 | 000,000,000 | ---D | C] -- C:\Users\Géraldine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux

[2011/01/09 00:52:42 | 000,000,000 | ---D | C] -- C:\Users\Géraldine\AppData\Local\Apps

[2011/01/08 23:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2011/01/08 23:35:39 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2011/01/08 23:35:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2011/01/08 23:34:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple

[2011/01/08 23:34:24 | 000,000,000 | ---D | C] -- C:\Users\Géraldine\AppData\Local\Apple

[2011/01/08 23:34:20 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update

[2011/01/08 23:34:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple

[2011/01/07 00:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn

[2011/01/07 00:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn

 

========== Files - Modified Within 30 Days ==========

 

[2011/02/01 21:39:12 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Géraldine\Desktop\OTL.exe

[2011/02/01 21:33:15 | 000,155,219 | ---- | M] () -- C:\Users\Géraldine\Desktop\bubbles.jpg

[2011/02/01 17:05:28 | 000,000,435 | ---- | M] () -- C:\Users\Géraldine\AppData\Roaming\SamsungLiveUpdateConfig.ini

[2011/02/01 17:05:14 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job

[2011/02/01 17:05:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/02/01 17:04:59 | 1609,375,744 | -HS- | M] () -- C:\hiberfil.sys

[2011/02/01 16:56:34 | 001,830,472 | ---- | M] () -- C:\Users\Géraldine\Desktop\tournois.pdf

[2011/01/29 11:53:30 | 000,000,600 | ---- | M] () -- C:\Users\Géraldine\PUTTY.RND

[2011/01/28 02:29:53 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/01/28 02:29:53 | 000,009,584 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/01/26 11:27:56 | 000,704,480 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2011/01/26 11:27:56 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/01/26 11:27:56 | 000,130,754 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2011/01/26 11:27:56 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/01/14 16:09:19 | 000,015,872 | ---- | M] () -- C:\Users\Géraldine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/01/09 20:58:01 | 000,001,409 | ---- | M] () -- C:\Windows\System32\tmpECA4F.FOT

[2011/01/09 20:58:01 | 000,001,409 | ---- | M] () -- C:\Windows\System32\tmp7CB4F.FOT

[2011/01/09 20:58:01 | 000,001,409 | ---- | M] () -- C:\Windows\System32\tmp0EC4F.FOT

[2011/01/09 03:20:04 | 686,630,912 | ---- | M] () -- C:\Users\Géraldine\Desktop\Le psy c'est vous cas n°2.ISO

[2011/01/09 03:05:44 | 732,606,464 | ---- | M] () -- C:\Users\Géraldine\Desktop\Le psy c'est vous cas n°1.ISO

[2011/01/08 23:36:02 | 000,001,775 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2011/01/07 00:13:53 | 000,000,863 | ---- | M] () -- C:\Users\Géraldine\Desktop\ImgBurn.lnk

 

========== Files Created - No Company Name ==========

 

[2011/02/01 16:56:34 | 001,830,472 | ---- | C] () -- C:\Users\Géraldine\Desktop\tournois.pdf

[2011/01/17 22:34:32 | 000,155,219 | ---- | C] () -- C:\Users\Géraldine\Desktop\bubbles.jpg

[2011/01/17 02:50:37 | 000,000,600 | ---- | C] () -- C:\Users\Géraldine\PUTTY.RND

[2011/01/09 20:58:01 | 000,001,409 | ---- | C] () -- C:\Windows\System32\tmpECA4F.FOT

[2011/01/09 20:58:01 | 000,001,409 | ---- | C] () -- C:\Windows\System32\tmp7CB4F.FOT

[2011/01/09 20:58:01 | 000,001,409 | ---- | C] () -- C:\Windows\System32\tmp0EC4F.FOT

[2011/01/09 03:06:44 | 686,630,912 | ---- | C] () -- C:\Users\Géraldine\Desktop\Le psy c'est vous cas n°2.ISO

[2011/01/09 02:50:28 | 732,606,464 | ---- | C] () -- C:\Users\Géraldine\Desktop\Le psy c'est vous cas n°1.ISO

[2011/01/08 23:36:02 | 000,001,775 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2011/01/08 23:34:21 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

[2011/01/07 00:13:53 | 000,000,863 | ---- | C] () -- C:\Users\Géraldine\Desktop\ImgBurn.lnk

[2011/01/02 20:04:39 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys

[2010/12/31 13:39:41 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI

[2010/12/31 13:07:39 | 000,262,123 | ---- | C] () -- C:\Users\Géraldine\AppData\Roaming\Error.log

[2010/12/31 10:18:13 | 000,000,435 | ---- | C] () -- C:\Users\Géraldine\AppData\Roaming\SamsungLiveUpdateConfig.ini

[2010/12/04 20:10:51 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll

[2010/12/04 16:17:14 | 000,008,472 | ---- | C] () -- C:\Users\Géraldine\AppData\Roaming\PStrip.bko

[2010/12/04 11:00:45 | 000,008,495 | ---- | C] () -- C:\Users\Géraldine\AppData\Roaming\PStrip.bk!

[2010/12/04 11:00:39 | 000,008,472 | ---- | C] () -- C:\Users\Géraldine\AppData\Roaming\PStrip.bak

[2010/12/03 18:16:29 | 000,008,495 | ---- | C] () -- C:\Users\Géraldine\AppData\Roaming\PStrip.ini

[2010/10/24 13:16:52 | 000,000,128 | ---- | C] () -- C:\Windows\ulead32.ini

[2010/10/24 13:16:08 | 000,015,872 | ---- | C] () -- C:\Users\Géraldine\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/10/21 20:43:15 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll

[2010/10/21 20:43:15 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys

[2010/09/29 12:45:57 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

[2010/08/26 15:13:54 | 000,004,484 | ---- | C] () -- C:\Windows\System32\drivers\cpuidlep.sys

[2010/08/24 13:18:57 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI

[2010/08/24 12:54:46 | 000,000,017 | ---- | C] () -- C:\Users\Géraldine\AppData\Local\resmon.resmoncfg

[2010/08/24 12:24:52 | 000,210,456 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll

[2010/08/24 12:24:52 | 000,206,360 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll

[2010/08/24 12:24:52 | 000,198,168 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll

[2010/08/24 12:24:52 | 000,198,168 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll

[2010/08/24 12:24:52 | 000,194,072 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll

[2010/08/24 12:24:52 | 000,026,136 | ---- | C] () -- C:\Windows\System32\IVIresize.dll

[2010/08/23 22:40:37 | 000,058,792 | ---- | C] () -- C:\Windows\System32\wbload.dll

[2010/06/23 11:35:52 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2010/06/23 11:35:52 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2010/04/25 02:33:48 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2009/08/16 09:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2009/07/14 01:55:09 | 000,587,776 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll

[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2008/12/07 11:44:54 | 000,030,088 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys

[2008/09/19 22:57:34 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll

[2007/10/25 16:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys

[2007/02/05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI

[2005/02/05 20:46:00 | 000,004,608 | ---- | C] () -- C:\Windows\fgexec.dll

[2003/09/16 16:52:28 | 000,147,456 | ---- | C] () -- C:\Windows\System32\vorbis.dll

[2003/09/16 16:43:31 | 000,884,736 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll

[2003/09/16 16:41:43 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll

[1999/01/22 19:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL

[1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

 

========== LOP Check ==========

 

[2010/08/26 15:27:51 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\BatteryCare

[2010/12/05 23:08:09 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Broad Intelligence

[2011/01/02 20:12:02 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\DAEMON Tools Lite

[2010/12/04 15:30:49 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\DeepBurner

[2010/10/24 14:59:10 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\DVDVideoSoft

[2010/12/28 17:08:58 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\FreeBurner

[2010/10/24 15:04:00 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\GeoVid

[2010/08/24 12:52:00 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\GlarySoft

[2010/12/28 14:41:08 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\ImgBurn

[2011/01/02 20:13:48 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Merscom

[2010/12/29 18:12:39 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Mipony

[2010/12/05 16:23:03 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\mkvtoolnix

[2010/12/22 18:28:51 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\ooVoo Details

[2010/12/22 18:27:54 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\oovooinstaller

[2010/08/23 18:44:16 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Opera

[2010/10/21 20:58:12 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\PC Suite

[2010/12/05 23:02:25 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\QuickStoresToolbar

[2010/12/22 18:26:03 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\QuteCom

[2010/10/21 21:32:21 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Samsung

[2010/09/17 14:43:09 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\SecondLife

[2010/08/24 13:39:13 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\TomTom

[2010/12/31 13:30:13 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Twan Wintjes

[2010/10/28 12:39:19 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Tyre

[2010/08/24 12:26:37 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Ulead Systems

[2010/12/22 18:20:45 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\WengoPhone

[2010/08/23 19:50:36 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Win7codecs

[2010/10/29 11:39:41 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\X-Chat 2

[2011/02/01 17:05:14 | 000,000,320 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job

[2011/01/01 17:38:37 | 000,032,482 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

[2011/01/02 20:04:39 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys

 

< %ALLUSERSPROFILE%\Application Data\*. >

 

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

 

< %APPDATA%\*. >

[2011/02/01 21:33:18 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Adobe

[2010/08/26 14:11:16 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Avira

[2010/08/26 15:27:51 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\BatteryCare

[2010/12/05 23:08:09 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Broad Intelligence

[2011/01/02 20:12:02 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\DAEMON Tools Lite

[2010/12/04 15:30:49 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\DeepBurner

[2010/12/05 00:09:24 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\DivX

[2010/10/24 14:59:10 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\DVDVideoSoft

[2010/12/28 17:08:58 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\FreeBurner

[2010/10/24 15:04:00 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\GeoVid

[2010/08/24 12:52:00 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\GlarySoft

[2010/08/23 15:43:03 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Identities

[2010/12/28 14:41:08 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\ImgBurn

[2010/08/23 16:30:36 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\InstallShield

[2010/08/23 16:29:54 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Intel

[2010/08/23 16:35:46 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Intel Corporation

[2010/08/23 16:17:50 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Macromedia

[2010/08/23 18:50:27 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Malwarebytes

[2009/07/14 10:00:32 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Media Center Programs

[2011/01/25 03:27:33 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Media Player Classic

[2011/01/02 20:13:48 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Merscom

[2011/01/01 14:26:35 | 000,000,000 | --SD | M] -- C:\Users\Géraldine\AppData\Roaming\Microsoft

[2010/08/24 13:15:51 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Microsoft Web Folders

[2010/12/29 18:12:39 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Mipony

[2010/12/05 16:23:03 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\mkvtoolnix

[2010/08/23 16:06:09 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Mozilla

[2011/01/01 14:22:36 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Nero

[2010/10/16 10:21:54 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\NVIDIA 3D Vision Video Player

[2010/12/22 18:28:51 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\ooVoo Details

[2010/12/22 18:27:54 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\oovooinstaller

[2010/08/23 18:44:16 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Opera

[2010/10/21 20:58:12 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\PC Suite

[2010/12/05 23:02:25 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\QuickStoresToolbar

[2010/12/22 18:26:03 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\QuteCom

[2010/10/21 21:32:21 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Samsung

[2010/09/17 14:43:09 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\SecondLife

[2011/02/01 21:26:58 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Skype

[2011/02/01 16:04:26 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\skypePM

[2010/08/24 13:39:13 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\TomTom

[2010/12/31 13:30:13 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Twan Wintjes

[2010/10/28 12:39:19 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Tyre

[2010/08/24 12:26:37 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Ulead Systems

[2010/12/01 14:48:13 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\vlc

[2010/12/22 18:20:45 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\WengoPhone

[2010/08/23 19:50:36 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\Win7codecs

[2010/08/23 20:11:04 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\WinRAR

[2010/10/29 11:39:41 | 000,000,000 | ---D | M] -- C:\Users\Géraldine\AppData\Roaming\X-Chat 2

 

< %APPDATA%\*.exe /s >

[2006/12/01 09:13:48 | 000,040,960 | ---- | M] () -- C:\Users\Géraldine\AppData\Roaming\Tyre\appstop.exe

 

< %SYSTEMDRIVE%\*.exe >

 

< %SYSTEMDRIVE%\*.exe >

 

 

< MD5 for: AGP440.SYS >

[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys

[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys

[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

 

< MD5 for: ATAPI.SYS >

[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys

[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys

[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

 

< MD5 for: CDROM.SYS >

[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys

[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys

[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

 

< MD5 for: CNGAUDIT.DLL >

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

 

< MD5 for: DISK.SYS >

[2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys

[2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys

[2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys

 

< MD5 for: EXPLORER.EXE >

[2009/11/13 16:04:59 | 002,951,168 | ---- | M] (Microsoft Corporation) MD5=0371A06EF950BCDFC8A78E7B571869B3 -- C:\Users\Géraldine\Documents\Thèmes\Dynamic_Black_____by_DjabyTown\Dynamic Black\System Files\RTM\x86 (32-bit)\Big Taskbar\explorer.exe

[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe

[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe

[2009/11/10 15:15:21 | 003,206,144 | ---- | M] (Microsoft Corporation) MD5=2BB457EDBA37215C7EBC0057674A5E48 -- C:\Users\Géraldine\Documents\Thèmes\Dynamic_Black_____by_DjabyTown\Dynamic Black\System Files\RTM\x64 (64-bit)\explorer.exe

[2009/11/13 16:04:42 | 002,951,168 | ---- | M] (Microsoft Corporation) MD5=554EF8D42873217844CB12E433B6066A -- C:\Users\Géraldine\Documents\Thèmes\Dynamic_Black_____by_DjabyTown\Dynamic Black\System Files\RTM\x86 (32-bit)\explorer.exe

[2009/10/31 06:45:39 | 002,131,456 | ---- | M] (Microsoft Corporation) MD5=5EFFF5789BC55EDDC0885DE3BE96F232 -- C:\Windows\explorer.exe

[2009/11/10 15:21:11 | 003,206,144 | ---- | M] (Microsoft Corporation) MD5=66C7686E9779056F3A0B83996B4A3A11 -- C:\Users\Géraldine\Documents\Thèmes\Dynamic_Black_____by_DjabyTown\Dynamic Black\System Files\RTM\x64 (64-bit)\big taskbar\explorer.exe

[2010/02/23 15:48:17 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=91329F5339F3943E35FBBF5F934F077C -- C:\Users\Géraldine\Documents\Thèmes\ProjectX 2 port to Windows 7\Orb_NeoN_v2_by_Oxygendelta\explorer.exe

[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe

[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe

[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

[2010/02/05 21:31:56 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1D20B79F600E89F3D29EA3528719013 -- C:\Users\Géraldine\Documents\Thèmes\ProjectX 2 port to Windows 7\system files\explorer.exe

 

< MD5 for: IASTOR.SYS >

[2010/11/05 23:39:18 | 000,354,840 | ---- | M] (Intel Corporation) MD5=F4037A3FEDB92DD97C95F320766EA5C9 -- C:\Windows\System32\drivers\iaStor.sys

[2010/11/05 23:39:18 | 000,354,840 | ---- | M] (Intel Corporation) MD5=F4037A3FEDB92DD97C95F320766EA5C9 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_c1d4bb208009ee37\iaStor.sys

 

< MD5 for: IASTORV.SYS >

[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys

[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys

[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

 

< MD5 for: NDIS.SYS >

[2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys

[2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

 

< MD5 for: NETLOGON.DLL >

[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll

[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

 

< MD5 for: NVSTOR.SYS >

[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys

[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys

[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

 

< MD5 for: RASACD.SYS >

[2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\System32\drivers\rasacd.sys

[2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_0fb054d9c6a6b4d4\rasacd.sys

 

< MD5 for: RDPWD.SYS >

[2009/07/14 01:01:55 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=801371BA9782282892D00AADB08EE367 -- C:\Windows\System32\drivers\rdpwd.sys

[2009/07/14 01:01:55 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=801371BA9782282892D00AADB08EE367 -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_4b4bde6b36561dcb\rdpwd.sys

 

< MD5 for: SCECLI.DLL >

[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll

[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

 

< MD5 for: SFLOPPY.SYS >

[2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\drivers\sfloppy.sys

[2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_x86_neutral_2102f5344367a352\sfloppy.sys

[2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_e6e06650dbcf54b4\sfloppy.sys

 

< MD5 for: TCPIP.SYS >

[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys

[2010/06/14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys

[2010/06/14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\System32\drivers\tcpip.sys

[2010/06/14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys

 

< MD5 for: TDPIPE.SYS >

[2009/07/14 01:01:37 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1875C1490D99E70E449E3AFAE9FCBADF -- C:\Windows\System32\drivers\tdpipe.sys

[2009/07/14 01:01:37 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1875C1490D99E70E449E3AFAE9FCBADF -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_db828d8fa60ad848\tdpipe.sys

 

< MD5 for: TDTCP.SYS >

[2009/07/14 01:01:37 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=7551E91EA999EE9A8E9C331D5A9C31F3 -- C:\Windows\System32\drivers\tdtcp.sys

[2009/07/14 01:01:37 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=7551E91EA999EE9A8E9C331D5A9C31F3 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_db828d8fa60ad848\tdtcp.sys

 

< MD5 for: USBPRINT.SYS >

[2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\drivers\usbprint.sys

[2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_x86_neutral_203e16627752a160\usbprint.sys

[2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_32d0188e22bd908f\usbprint.sys

 

< MD5 for: USBSCAN.SYS >

[2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\System32\drivers\usbscan.sys

[2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_x86_neutral_6a74c91c1f723826\usbscan.sys

[2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_59b5278c421a3644\usbscan.sys

 

< MD5 for: USERINIT.EXE >

[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe

[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

 

< MD5 for: WININIT.EXE >

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

 

< MD5 for: WINLOGON.EXE >

[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe

[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe

[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe

[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2009/07/14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll

[2009/07/14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll

[2010/11/04 06:48:18 | 000,185,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll

[2009/07/14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\LocationApi.dll

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< End of report >

 

 

 

 

 

 

 

OTL Extras logfile created on: 01/02/2011 21:41:22 - Run 1

OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Géraldine\Desktop

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 141,58 Gb Total Space | 57,47 Gb Free Space | 40,59% Space Free | Partition Type: NTFS

Drive D: | 7,46 Gb Total Space | 2,31 Gb Free Space | 30,96% Space Free | Partition Type: NTFS

 

Computer Name: GÉRALDINE-PC | User Name: Géraldine | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-1927437801-3944909697-2610780679-1001\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [Force Uninstall] -- C:\Program Files\Perfect Uninstaller\PU.exe "%1" ()

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\xchat\xchat.exe" = C:\Program Files\xchat\xchat.exe:*:Enabled:XChat IRC Client

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional

"{0004040C-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 CD-ROM 2

"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{11F5D779-7BD9-465A-BBC4-10701386BCB9}" = FW LiveUpdate

"{1EE88B84-7BE5-4FB5-8DEA-B81D5409D62E}" = Opera 11.00

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0

"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java 6 Update 23

"{26DB09BC-6EB5-4CE0-A05D-D4DECE60E189}_is1" = Phoenix Viewer 1.5.0.168

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{4D83E500-4D0C-11DF-A750-005056C00008}" = Paragon Alignment Tool 2.0 Covermount (English)

"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{5F194F8F-5DD1-4726-90DA-7A0B2BEBE842}}_is1" = Aneesoft HD Video Converter

"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger

"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant

"{61F25370-7465-4404-BE28-4629BF808699}" = LightScribe Applications

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{75ADEFA2-D4FF-4B37-9E93-4306E6AC176B}_is1" = ImgBurn 2.3.2.0 Fr

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver

"{83258E90-1F76-4E13-9F60-A0F8ED41E76F}" = PC Connectivity Solution

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules

"{93665FB0-2A3D-47E1-AB9A-1925130924BB}" = Ma-Config.com

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{A10F672B-01C4-498F-ADBD-3E5B144284B7}_is1" = Tomtomax Maxi-Box V2.0.21

"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.1 - Français

"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 266.35

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 266.35

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Logiciel système PhysX 9.10.0514

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6

"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser

"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX

"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{CCC4E428-411E-4605-B515-317D50ABD477}" = Ulead DVD MovieFactory 6

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D75AEB5B-FA18-4BD4-9EED-54CA46DB5AE8}" = Logiciel Intel® PROSet/Wireless WiFi

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype 5.1

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support

"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F5CC2EF8-20A4-4366-A681-3FE849E65809}" = RICOH Media Driver

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo

"{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}" = LightScribe System Software

"504244733D18C8F63FF584AEB290E3904E791693" = Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)

"7-Zip" = 7-Zip 4.65

"AC3Filter" = AC3Filter (remove only)

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"AviSynth" = AviSynth 2.5

"CCleaner" = CCleaner

"CoreAAC Audio Decoder" = CoreAAC Audio Decoder (remove only)

"DivX Setup.divx.com" = Configuration DivX

"DIVXAudioCompressor4.02" = DivX ;-) Audio Compressor 4.02

"DriverAgent.exe" = DriverAgent by eSupport.com

"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders

"EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v5.50

"ffdshow_is1" = ffdshow v1.1.3517 [2010-07-31]

"Free Video to Flash Converter_is1" = Free Video to Flash Converter version 4.7.16

"Glary Utilities_is1" = Glary Utilities 2.28.0.1011

"HaaliMkx" = Haali Media Splitter

"iCare Data Recovery_is1" = iCare Data Recovery 4.0

"InstallShield_{CCC4E428-411E-4605-B515-317D50ABD477}" = Ulead DVD MovieFactory 6 TBYB

"JetBee_is1" = JetBee FREE 4.0.7 (build 324)

"LameACM" = Lame ACM MP3 Codec

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"MiPony" = MiPony 1.2.0

"mIRC" = mIRC

"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)

"Ncesoft Flip Book Maker_is1" = Ncesoft Flip Book Maker 2.3.1

"OggDS" = Direct Show Ogg Vorbis Filter (remove only)

"Perfect Uninstaller_is1" = Perfect Uninstaller v6.3.3.5

"RealAlt_is1" = Real Alternative 1.9.0

"Satsuki Decoder Pack" = Satsuki Decoder Pack

"SpeedFan" = SpeedFan (remove only)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"TeamScripT 4" = TeamScripT 4

"TomTom HOME" = TomTom HOME 2.7.6.2056

"Tyre_is1" = Tyre

"Uninstall_is1" = Uninstall 1.0.0.1

"Unlocker" = Unlocker 1.9.0

"VidGIF_is1" = VidGIF

"VLC media player" = VLC media player 1.1.5

"WBFS Manager 3.0" = WBFS Manager 3.0

"WinLiveSuite" = Windows Live

"WinRAR archiver" = Logiciel d'archivage WinRAR

"Wondershare DVD Slideshow Builder Deluxe_is1" = Wondershare DVD Slideshow Builder Deluxe(Build 6.0.0.22)

"Wondershare Flash Gallery Factory Standard_is1" = Wondershare Flash Gallery Factory Standard 4.8.0.1

"Xvid_is1" = Xvid 1.2.1 VAQ final uninstall

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-1927437801-3944909697-2610780679-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Flux" = F.lux

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 29/01/2011 20:22:19 | Computer Name = Géraldine-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante Skype.exe, version : 5.1.0.104, horodatage

: 0x4d21d204 Nom du module défaillant : Skype.exe, version : 5.1.0.104, horodatage

: 0x4d21d204 Code d’exception : 0xc0000005 Décalage d’erreur : 0x001a22c9 ID du processus

défaillant : 0xf0c Heure de début de l’application défaillante : 0x01cbbfa0c3041b80

Chemin

d’accès de l’application défaillante : C:\Program Files\Skype\Phone\Skype.exe Chemin

d’accès du module défaillant: C:\Program Files\Skype\Phone\Skype.exe ID de rapport

: ff7cf328-2c06-11e0-adf3-001b249a3db5

 

Error - 30/01/2011 06:48:23 | Computer Name = Géraldine-PC | Source = Winlogon | ID = 4103

Description = Échec de l’activation de la licence Windows. Erreur 0x80070005.

 

Error - 30/01/2011 17:41:01 | Computer Name = Géraldine-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante mirc.exe, version : 6.1.6.0, horodatage

: 0x40ec154b Nom du module défaillant : ntdll.dll, version : 6.1.7600.16559, horodatage

: 0x4ba9b21e Code d’exception : 0xc0000005 Décalage d’erreur : 0x000555f3 ID du processus

défaillant : 0x15d8 Heure de début de l’application défaillante : 0x01cbc0b6bf1d0362

Chemin

d’accès de l’application défaillante : C:\TeamScripT4\mirc.exe Chemin d’accès du

module défaillant: C:\Windows\SYSTEM32\ntdll.dll ID de rapport : a0f05df2-2cb9-11e0-b179-001b249a3db5

 

Error - 31/01/2011 07:01:20 | Computer Name = Géraldine-PC | Source = Winlogon | ID = 4103

Description = Échec de l’activation de la licence Windows. Erreur 0x80070005.

 

Error - 31/01/2011 18:04:25 | Computer Name = Géraldine-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante mirc.exe, version : 6.1.6.0, horodatage

: 0x40ec154b Nom du module défaillant : ntdll.dll, version : 6.1.7600.16559, horodatage

: 0x4ba9b21e Code d’exception : 0xc0000005 Décalage d’erreur : 0x000555f3 ID du processus

défaillant : 0xf14 Heure de début de l’application défaillante : 0x01cbc180e25b917b

Chemin

d’accès de l’application défaillante : C:\TeamScripT4\mirc.exe Chemin d’accès du

module défaillant: C:\Windows\SYSTEM32\ntdll.dll ID de rapport : 103f92ef-2d86-11e0-b13b-001b249a3db5

 

Error - 01/02/2011 06:22:46 | Computer Name = Géraldine-PC | Source = Winlogon | ID = 4103

Description = Échec de l’activation de la licence Windows. Erreur 0x80070005.

 

Error - 01/02/2011 09:42:30 | Computer Name = Géraldine-PC | Source = Winlogon | ID = 4103

Description = Échec de l’activation de la licence Windows. Erreur 0x80070005.

 

Error - 01/02/2011 12:01:34 | Computer Name = Géraldine-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante Skype.exe, version : 5.1.0.104, horodatage

: 0x4d21d204 Nom du module défaillant : Skype.exe, version : 5.1.0.104, horodatage

: 0x4d21d204 Code d’exception : 0xc0000005 Décalage d’erreur : 0x001a22c9 ID du processus

défaillant : 0xa10 Heure de début de l’application défaillante : 0x01cbc21d1c6cbbd4

Chemin

d’accès de l’application défaillante : C:\Program Files\Skype\Phone\Skype.exe Chemin

d’accès du module défaillant: C:\Program Files\Skype\Phone\Skype.exe ID de rapport

: 8a8671cc-2e1c-11e0-a7f5-001b249a3db5

 

Error - 01/02/2011 12:03:14 | Computer Name = Géraldine-PC | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante Skype.exe, version : 5.1.0.104, horodatage

: 0x4d21d204 Nom du module défaillant : Skype.exe, version : 5.1.0.104, horodatage

: 0x4d21d204 Code d’exception : 0xc0000005 Décalage d’erreur : 0x001a22c9 ID du processus

défaillant : 0x42c Heure de début de l’application défaillante : 0x01cbc2297f0b1478

Chemin

d’accès de l’application défaillante : C:\Program Files\Skype\Phone\Skype.exe Chemin

d’accès du module défaillant: C:\Program Files\Skype\Phone\Skype.exe ID de rapport

: c61c7b83-2e1c-11e0-a7f5-001b249a3db5

 

Error - 01/02/2011 12:05:09 | Computer Name = Géraldine-PC | Source = Winlogon | ID = 4103

Description = Échec de l’activation de la licence Windows. Erreur 0x80070005.

 

[ System Events ]

Error - 01/01/2011 12:39:07 | Computer Name = Géraldine-PC | Source = nvlddmkm | ID = 11141134

Description =

 

Error - 01/01/2011 14:03:36 | Computer Name = Géraldine-PC | Source = Service Control Manager | ID = 7034

Description = Le service InCD Helper s’est terminé de façon inattendue pour la 1ème

fois.

 

Error - 01/01/2011 15:10:18 | Computer Name = Géraldine-PC | Source = Service Control Manager | ID = 7034

Description = Le service LightScribeService Direct Disc Labeling Service s’est terminé

de façon inattendue pour la 1ème fois.

 

Error - 01/01/2011 15:10:24 | Computer Name = Géraldine-PC | Source = Service Control Manager | ID = 7034

Description = Le service Nero Update s’est terminé de façon inattendue pour la 1ème

fois.

 

Error - 01/01/2011 15:10:30 | Computer Name = Géraldine-PC | Source = Service Control Manager | ID = 7034

Description = Le service Nero Registry InCD Service s’est terminé de façon inattendue

pour la 1ème fois.

 

Error - 02/01/2011 07:17:12 | Computer Name = Géraldine-PC | Source = DCOM | ID = 10001

Description =

 

Error - 03/01/2011 07:19:43 | Computer Name = Géraldine-PC | Source = DCOM | ID = 10001

Description =

 

Error - 04/01/2011 06:57:39 | Computer Name = Géraldine-PC | Source = DCOM | ID = 10001

Description =

 

Error - 04/01/2011 10:58:51 | Computer Name = Géraldine-PC | Source = volsnap | ID = 393252

Description = Les clichés instantanés du volume C: ont été annulés car le stockage

du cliché instantané n’a pas pu s’agrandir en raison d’une limite utilisateur.

 

Error - 05/01/2011 07:20:03 | Computer Name = Géraldine-PC | Source = DCOM | ID = 10001

Description =

 

 

< End of report >

jeanmimigab Extrem Member

jeanmimigab

Posté(e)
Posté(e)

Bonsoir ;)

 

Apparemment tu as pas mal de modules de Néro qui bug, cela pourrait expliquer certains ralentissements

 

fais cela stp...

 

* Fais un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

 

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

 

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

 

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

 

 

:OTL

O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)

O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)

O3 - HKU\S-1-5-21-1927437801-3944909697-2610780679-1001\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)

 

:Commands

[emptytemp]

[EMPTYFLASH]

[PURITY]

[RESETHOSTS]

 

 

 

* Cliques sur l'icône "Correction" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un rapport va s'ouvrir "OTL.Txt"

* Copie et colle le rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL

 

ensuite dit moi si tu perçois une amélioration ;)

zebb_17 Power Member

zebb_17

Posté(e)
  • Auteur
Posté(e)

Bonsoir et merci pour ta réponse, voici le rapport:

Je reviendrai dire s'il y a une amélioration.

 

All processes killed

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.

C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.

File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.

Registry value HKEY_USERS\S-1-5-21-1927437801-3944909697-2610780679-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.

File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Géraldine

 

User: Géraldine

->Temp folder emptied: 29026 bytes

->Temporary Internet Files folder emptied: 109447 bytes

->Java cache emptied: 366479 bytes

->FireFox cache emptied: 97475574 bytes

->Opera cache emptied: 0 bytes

->Flash cache emptied: 4941 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 608 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 93,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default

 

User: Default User

 

User: Géraldine

 

User: Géraldine

->Flash cache emptied: 0 bytes

 

User: Public

 

Total Flash Files Cleaned = 0,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.20.6 log created on 02032011_010856

 

Files\Folders moved on Reboot...

 

Registry entries deleted on Reboot...

jeanmimigab Extrem Member

jeanmimigab

Posté(e)
Posté(e)

hello,

 

Pour les portables, faut pas oublier de passer par la case dépoussiérage au moins tous les deux ans ( ça vaut pas bien chère, donc vaut mieux passer par un pro pour ça);

les symptômes>> le pc est très rapide les 5 premières minutes et ensuite il devient bruyant et baisse en performance ;)

 

Relance OTL est clique sur "purge outils" pour le désinstaller.

 

Merci d'avoir donné des nouvelles :super:

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...