Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Messages recommandés

Posté(e)

Et bien j'ai déjà lancé AskRemover et il m'a mis que Ask Toolbar avait été supprimée et j'ai désinstallé Shareaza depuis longtemps, ça devait juste être des clefs restantes dans le registre (enfin je sais pas.. mais j'ai plus aucun fichier de ce machin que j'ai pas utilisé il y a des lustres.)

Quand à µTorrent je le garde car je l'utilise beaucoup pour télécharger quelques séries (qui ne sont pas sur des sites de warez).

Posté(e)

Bonjour,

 

Merci pour les infos. Là je saurai quoi mettre ou pas mettre quand j'aurai des items à te faire enlever.

--

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

 

Brancher et allumer tous les médias amovibles (Disques externes, clés USB etc...).

Fermer toutes les applications et fenêtres ouvertes et cliquer-droit sur OTL.exe => Exécuter en tant qu'Admininistrateur.

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

 

netsvcs

drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

SAVEMBR:0

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

 

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

Posté(e) (modifié)

OTL logfile created on: 24/05/2011 12:13:24 - Run 1

OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Sky\Desktop

Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,99 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 64,23% Memory free

5,99 Gb Paging File | 4,40 Gb Available in Paging File | 73,48% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 226,48 Gb Total Space | 105,59 Gb Free Space | 46,62% Space Free | Partition Type: NTFS

Drive D: | 226,51 Gb Total Space | 158,49 Gb Free Space | 69,97% Space Free | Partition Type: NTFS

 

Computer Name: PC-DE-GEO | User Name: Sky | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/05/24 12:11:01 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Sky\Desktop\OTL.exe

PRC - [2011/04/14 18:47:17 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2011/02/02 11:40:20 | 003,265,944 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe

PRC - [2010/11/22 22:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files\Tunngle\TnglCtrl.exe

PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2010/11/20 14:17:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

PRC - [2010/10/27 22:21:54 | 001,155,072 | ---- | M] (Last.fm) -- D:\Program Files\Last.fm\LastFM.exe

PRC - [2010/09/22 18:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- D:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

PRC - [2010/08/18 18:44:27 | 000,340,520 | ---- | M] (Kaspersky Lab) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe

PRC - [2010/05/25 23:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe

PRC - [2010/04/01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe

PRC - [2009/11/20 23:04:49 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Sky\AppData\Local\Temp\RtkBtMnt.exe

PRC - [2009/11/06 14:24:52 | 000,195,176 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe

PRC - [2009/11/06 14:13:20 | 000,191,080 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe

PRC - [2009/11/06 14:13:16 | 000,133,736 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe

PRC - [2009/08/27 10:12:54 | 001,218,056 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe

PRC - [2009/07/14 03:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\program files\windows defender\MpCmdRun.exe

PRC - [2009/06/16 12:11:40 | 000,122,880 | ---- | M] (Acer Incorporated) -- C:\Acer\Mobility Center\MobilityService.exe

PRC - [2009/04/13 15:47:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

PRC - [2009/04/13 15:47:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

PRC - [2009/01/13 16:38:32 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

PRC - [2008/10/16 17:26:20 | 000,860,160 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe

PRC - [2008/10/16 16:54:34 | 000,466,944 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

PRC - [2008/10/04 05:09:02 | 000,069,632 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

PRC - [2007/10/23 11:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/05/24 12:11:01 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Sky\Desktop\OTL.exe

MOD - [2010/11/20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

MOD - [2010/11/03 22:39:40 | 000,034,208 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\idmmkb.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [On_Demand | Stopped] -- -- (npggsvc)

SRV - [2011/05/17 00:57:05 | 003,275,864 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai\netsession_win_8832f4b.dll -- (Akamai)

SRV - [2011/05/11 23:01:01 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2011/04/12 10:11:26 | 000,311,744 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)

SRV - [2010/11/22 22:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)

SRV - [2010/08/18 18:44:27 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)

SRV - [2010/06/22 03:01:07 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2009/11/06 14:24:52 | 000,195,176 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)

SRV - [2009/11/06 14:13:20 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)

SRV - [2009/10/20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)

SRV - [2009/10/01 16:45:34 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2009/06/16 12:11:40 | 000,122,880 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)

SRV - [2009/04/13 15:47:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)

SRV - [2009/01/13 16:38:32 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)

SRV - [2008/10/16 17:26:20 | 000,860,160 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)

SRV - [2008/10/16 16:54:34 | 000,466,944 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)

SRV - [2008/10/04 05:09:02 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2011/04/08 07:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2011/01/25 18:40:06 | 000,085,768 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)

DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2010/10/08 16:57:54 | 000,100,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)

DRV - [2010/07/22 21:15:22 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)

DRV - [2010/07/22 21:15:22 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)

DRV - [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)

DRV - [2009/12/27 16:44:12 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)

DRV - [2009/12/08 22:24:26 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys -- (VSPerfDrv100)

DRV - [2009/11/29 12:52:09 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)

DRV - [2009/11/03 17:33:40 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)

DRV - [2009/10/20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)

DRV - [2009/10/14 21:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg)

DRV - [2009/10/02 19:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)

DRV - [2009/09/16 07:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)

DRV - [2009/09/15 14:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvoclock.sys -- (nvoclock)

DRV - [2009/09/13 17:02:23 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)

DRV - [2009/09/01 15:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)

DRV - [2009/08/21 22:24:03 | 000,066,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)

DRV - [2009/07/21 08:13:24 | 000,005,632 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidshim.sys -- (hidshim)

DRV - [2009/07/21 08:13:22 | 000,022,528 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nuvotonhidgeneric.sys -- (nuvotonhidgeneric)

DRV - [2009/07/14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\serial.sys -- (Serial)

DRV - [2009/07/14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Pilote de carte de liaison WiFi sans fil Intel®

DRV - [2009/03/30 04:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)

DRV - [2009/03/25 17:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)

DRV - [2009/03/25 17:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)

DRV - [2009/03/25 17:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)

DRV - [2009/03/25 17:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)

DRV - [2009/03/25 17:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)

DRV - [2009/03/25 17:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)

DRV - [2009/03/25 17:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)

DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)

DRV - [2008/10/01 11:04:16 | 000,012,832 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)

DRV - [2007/02/16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)

DRV - [2006/11/29 02:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1208&m=aspire_8730

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1208&m=aspire_8730

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = exnet.3il.fr;<local>

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 172.16.105.254:8082

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"

FF - prefs.js..network.proxy.ftp: "172.16.105.254"

FF - prefs.js..network.proxy.ftp_port: 8082

FF - prefs.js..network.proxy.http: "172.16.105.254"

FF - prefs.js..network.proxy.http_port: 8082

FF - prefs.js..network.proxy.no_proxies_on: "exnet.3il.fr,localhost,127.0.0.1"

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.socks: "172.16.105.254"

FF - prefs.js..network.proxy.socks_port: 8082

FF - prefs.js..network.proxy.ssl: "172.16.105.254"

FF - prefs.js..network.proxy.ssl_port: 8082

FF - prefs.js..network.proxy.type: 0

 

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/10 21:20:43 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/23 01:43:27 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/25 23:56:26 | 000,000,000 | ---D | M]

 

[2011/05/23 01:44:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sky\AppData\Roaming\mozilla\Extensions

[2011/05/23 01:43:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2010/05/21 11:36:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/08/02 20:41:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/12/10 18:01:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2009/11/29 12:53:12 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru

File not found (No name found) --

[2011/02/18 19:52:18 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\SKY\APPDATA\ROAMING\IDM\IDMMZCC3

[2009/11/20 22:11:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

[2011/04/14 18:47:17 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2006/01/02 18:01:02 | 000,053,248 | ---- | M] (Giganology Inc.) -- C:\Program Files\mozilla firefox\components\GigagetComponent.dll

[2010/09/15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2011/05/21 17:59:04 | 000,000,734 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)

O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)

O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Programme d'assistance de Microsoft Web Test Recorder 10.0) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - D:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)

O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)

O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)

O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe (Egis Incorporated)

O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()

O4 - HKLM..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)

O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()

O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10p_Plugin.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Users\Sky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Warkeys Update.lnk = D:\Program Files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Ajouter à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()

O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()

O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()

O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)

O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://www.ma-config.com/activex/MaConfig_3_5_3_0.cab ("Ma-Config.com control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O24 - Desktop WallPaper: C:\Users\Sky\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Sky\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{c60b7ac3-9018-11df-ad50-00216b09d40c}\Shell - "" = AutoRun

O33 - MountPoints2\{c60b7ac3-9018-11df-ad50-00216b09d40c}\Shell\AutoRun\command - "" = G:\Startme.exe

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

 

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)

Drivers32: msacm.divxa32 - C:\Windows\System32\DivXa32.acm (Hacked With Joy !)

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)

Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.DIV3 - C:\Windows\System32\DivXc32.dll (Hacked with Joy !)

Drivers32: vidc.DIV4 - C:\Windows\System32\DivXc32f.dll (Hacked with Joy !)

Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)

Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()

Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)

Drivers32: VIDC.HFYU - C:\Windows\System32\HUFFYUV.DLL (Disappearing Inc.)

Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)

Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)

Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()

Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)

Drivers32: VIDC.ZMBV - C:\Windows\System32\zmbv.dll ()

 

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/05/24 12:10:59 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Sky\Desktop\OTL.exe

[2011/05/23 19:58:17 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{C4D28F14-334D-49FA-AFE3-2D506EBCEAEB}

[2011/05/23 10:16:53 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Malwarebytes

[2011/05/23 10:16:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011/05/23 10:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/05/23 10:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/05/23 10:16:36 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011/05/23 10:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/05/22 22:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag

[2011/05/22 22:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

[2011/05/22 14:38:59 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{F790CAEC-1530-4F77-A2F8-3EC78ADA981E}

[2011/05/22 13:17:03 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++

[2011/05/22 13:17:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

[2011/05/22 13:16:50 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Notepad++

[2011/05/22 13:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++

[2011/05/21 20:07:53 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{C6819AE8-1386-4E1F-A7BA-51B5CF392F1B}

[2011/05/21 17:43:13 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{364F19E3-F6AA-4A0F-83A2-4BD6F0FE57B3}

[2011/05/21 17:28:55 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe

[2011/05/21 17:28:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe

[2011/05/20 18:15:23 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{3F966BFB-8992-4822-8DAB-1B00ACC42802}

[2011/05/19 12:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace

[2011/05/19 12:32:58 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll

[2011/05/19 12:32:56 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2011/05/19 12:32:56 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2011/05/19 12:32:55 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2011/05/18 18:04:14 | 000,000,000 | ---D | C] -- C:\Users\Sky\LOLReplay

[2011/05/18 17:58:36 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{C6382986-20A0-4DA5-A29C-F729DEAF85E6}

[2011/05/17 17:04:59 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{D062D4D1-AFCD-4286-BFDC-804A2302C636}

[2011/05/16 05:58:26 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Media Player Classic

[2011/05/15 14:44:09 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{5164E0EF-6181-4682-BCFE-9FAFA0141698}

[2011/05/15 14:42:28 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs

[2011/05/15 14:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit

[2011/05/14 01:57:32 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{9EB49D72-63C2-41E9-8EAB-8848E5C0F648}

[2011/05/12 19:16:47 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{9A9452BA-7FA0-48DE-B479-C14B4ED7FFA1}

[2011/05/11 22:31:49 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{2E02B9E8-54C2-4919-A235-947F31F11C14}

[2011/05/09 18:06:23 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{DA4799ED-96DE-4FBF-9869-948930E26AC9}

[2011/05/05 22:57:32 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{9E5385F5-8471-4F60-BB5D-5E13879CDD5A}

[2011/05/05 22:56:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared

[2011/05/05 21:55:29 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames

[2011/05/05 21:44:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai

[2011/05/01 12:37:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dofus

[2011/04/29 04:26:48 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2011/04/29 04:25:26 | 015,227,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll

[2011/04/29 04:25:26 | 006,299,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll

[2011/04/29 04:25:26 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2011/04/29 04:25:25 | 010,690,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

[2011/04/29 04:25:25 | 000,855,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322060.dll

[2011/04/29 04:25:24 | 000,944,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3220140.dll

[2011/04/29 04:25:23 | 010,071,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll

[2011/04/29 04:25:22 | 002,765,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll

[2011/04/29 04:25:22 | 002,074,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll

[2011/04/29 04:25:21 | 013,007,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll

[2011/04/29 04:25:21 | 005,180,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll

[2011/04/29 04:25:21 | 002,034,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll

[2011/04/29 04:25:21 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

[2011/04/29 04:16:52 | 000,022,872 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\System32\AdobePDFUI.dll

[2011/04/29 04:04:37 | 000,485,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuhda.exe

[2011/04/29 04:04:37 | 000,066,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys

[2011/04/29 04:04:37 | 000,057,344 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\nvapo32v.dll

[2011/04/29 04:04:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nvhdap32.dll

[2011/04/29 03:57:35 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\InfraRecorder

[2011/04/29 03:57:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfraRecorder

[2011/04/29 03:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com

[2011/04/29 03:35:11 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{6D60ACFB-5747-4FF1-A624-DED3D32B71C3}

[2011/04/29 03:33:29 | 000,000,000 | ---D | C] -- C:\Users\Sky\Ableton

[2011/04/29 03:33:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Ableton

[2011/04/29 03:33:28 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Ableton

[2011/04/29 03:20:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ableton

[2011/04/29 03:20:13 | 000,233,472 | ---- | C] (Propellerhead Software AB) -- C:\Windows\System32\REX Shared Library.dll

[2011/04/29 03:20:12 | 000,368,640 | ---- | C] (Propellerhead Software AB) -- C:\Windows\System32\ReWire.dll

[2011/04/29 03:12:41 | 000,000,000 | ---D | C] -- C:\Program Files\Ableton

[2011/04/27 15:42:39 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{E81B0BFF-2E16-4F26-9B8C-002E55E8AA93}

[2009/07/21 14:47:46 | 000,315,392 | ---- | C] ( ) -- C:\Windows\System32\sbcrreag.dll

[2008/12/17 02:08:05 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll

 

========== Files - Modified Within 30 Days ==========

 

[2011/05/24 12:14:38 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/05/24 12:11:01 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Sky\Desktop\OTL.exe

[2011/05/24 12:11:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3527931086-2340578112-719595152-1000UA.job

[2011/05/24 12:09:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/05/23 20:19:24 | 000,001,018 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3527931086-2340578112-719595152-1000Core.job

[2011/05/23 17:36:19 | 000,115,369 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat

[2011/05/23 17:02:00 | 000,000,512 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job

[2011/05/23 10:16:40 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/05/23 01:43:42 | 000,001,100 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011/05/22 22:12:55 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/05/22 22:08:37 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk

[2011/05/22 22:08:37 | 000,000,953 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk

[2011/05/22 22:08:37 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk

[2011/05/22 22:05:06 | 000,011,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/05/22 22:05:06 | 000,011,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/05/22 22:03:23 | 000,001,362 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LManager.exe - Raccourci.lnk

[2011/05/22 21:40:45 | 2411,888,640 | -HS- | M] () -- C:\hiberfil.sys

[2011/05/22 15:51:47 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat

[2011/05/22 13:17:09 | 000,001,005 | ---- | M] () -- C:\Users\Sky\Desktop\Notepad++.lnk

[2011/05/21 17:59:04 | 000,000,734 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2011/05/19 00:24:10 | 000,000,700 | ---- | M] () -- C:\Users\Public\Desktop\Team Fortress 2.lnk

[2011/05/18 18:04:44 | 000,000,826 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk

[2011/05/18 18:04:44 | 000,000,772 | ---- | M] () -- C:\Users\Sky\Desktop\LOL Recorder.lnk

[2011/05/17 13:44:40 | 002,290,088 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/05/12 07:22:19 | 000,363,226 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2011/05/12 07:22:19 | 000,299,718 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/05/12 07:22:19 | 000,044,944 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2011/05/12 07:22:19 | 000,037,582 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/05/07 20:01:07 | 000,046,742 | ---- | M] () -- C:\Users\Sky\AppData\Roaming\room.dat

[2011/04/29 03:57:30 | 000,000,726 | ---- | M] () -- C:\Users\Sky\Application Data\Microsoft\Internet Explorer\Quick Launch\InfraRecorder.lnk

[2011/04/29 03:57:30 | 000,000,726 | ---- | M] () -- C:\Users\Public\Desktop\InfraRecorder.lnk

[2011/04/29 03:20:17 | 000,001,175 | ---- | M] () -- C:\Users\Sky\Desktop\Live 8.0.4.lnk

[2011/04/25 17:53:51 | 000,053,488 | ---- | M] () -- C:\Windows\War3Unin.dat

[2011/04/24 18:59:33 | 000,007,604 | ---- | M] () -- C:\Users\Sky\AppData\Local\resmon.resmoncfg

 

========== Files Created - No Company Name ==========

 

[2011/05/24 12:14:38 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/05/23 10:16:40 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/05/23 01:43:41 | 000,001,112 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2011/05/23 01:43:41 | 000,001,100 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011/05/22 22:12:55 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin

[2011/05/22 22:08:37 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk

[2011/05/22 22:08:37 | 000,000,953 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk

[2011/05/22 22:08:37 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk

[2011/05/22 22:03:23 | 000,001,362 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LManager.exe - Raccourci.lnk

[2011/05/22 13:17:09 | 000,001,005 | ---- | C] () -- C:\Users\Sky\Desktop\Notepad++.lnk

[2011/05/18 18:04:14 | 000,000,826 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk

[2011/05/18 18:04:14 | 000,000,772 | ---- | C] () -- C:\Users\Sky\Desktop\LOL Recorder.lnk

[2011/05/18 18:04:14 | 000,000,772 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk

[2011/05/07 04:47:43 | 000,000,700 | ---- | C] () -- C:\Users\Public\Desktop\Team Fortress 2.lnk

[2011/04/29 04:04:36 | 000,001,481 | ---- | C] () -- C:\Windows\System32\nvhda.nvu

[2011/04/29 03:57:30 | 000,000,726 | ---- | C] () -- C:\Users\Sky\Application Data\Microsoft\Internet Explorer\Quick Launch\InfraRecorder.lnk

[2011/04/29 03:57:30 | 000,000,726 | ---- | C] () -- C:\Users\Public\Desktop\InfraRecorder.lnk

[2011/04/29 03:20:17 | 000,001,175 | ---- | C] () -- C:\Users\Sky\Desktop\Live 8.0.4.lnk

[2011/04/14 01:36:26 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat

[2011/04/10 00:47:47 | 000,046,742 | ---- | C] () -- C:\Users\Sky\AppData\Roaming\room.dat

[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

[2011/03/26 19:54:23 | 000,000,175 | ---- | C] () -- C:\Windows\Wininit.ini

[2011/01/10 21:05:05 | 000,245,776 | ---- | C] () -- C:\Windows\hpoins19.dat

[2011/01/10 21:05:05 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat

[2011/01/10 20:27:52 | 000,019,696 | ---- | C] () -- C:\Windows\hpomdl05.dat

[2011/01/10 20:06:58 | 000,070,095 | ---- | C] () -- C:\Windows\hpoins05.dat.temp

[2011/01/10 20:06:58 | 000,019,696 | ---- | C] () -- C:\Windows\hpomdl05.dat.temp

[2010/09/26 00:27:05 | 000,007,604 | ---- | C] () -- C:\Users\Sky\AppData\Local\resmon.resmoncfg

[2010/08/05 14:21:30 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib

[2010/07/22 21:15:22 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys

[2010/06/05 12:36:18 | 000,000,197 | ---- | C] () -- C:\Windows\MORDOR.INI

[2010/06/05 12:36:06 | 000,090,702 | ---- | C] () -- C:\Windows\SETUP1.EXE

[2010/06/05 12:36:06 | 000,002,573 | ---- | C] () -- C:\Windows\WAVEMIX.INI

[2010/06/02 20:40:38 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys

[2010/04/09 21:08:26 | 000,094,208 | ---- | C] () -- C:\Windows\System32\zmbv.dll

[2010/01/03 19:15:38 | 000,053,488 | ---- | C] () -- C:\Windows\War3Unin.dat

[2010/01/01 12:24:25 | 000,008,192 | ---- | C] () -- C:\Users\Sky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/12/27 16:47:47 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll

[2009/11/29 12:53:00 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat

[2009/11/29 12:53:00 | 000,097,859 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat

[2009/11/29 12:20:31 | 000,023,432 | ---- | C] () -- C:\Users\Sky\AppData\Roaming\UserTile.png

[2009/11/20 22:41:46 | 000,123,780 | R--- | C] () -- C:\Windows\System32\drivers\RtConvEQ.DAT

[2009/11/20 22:41:46 | 000,001,496 | R--- | C] () -- C:\Windows\System32\drivers\RtkAcerM.dat

[2009/11/20 22:41:46 | 000,000,728 | R--- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat

[2009/11/20 22:38:47 | 000,000,091 | ---- | C] () -- C:\Users\Sky\AppData\Local\fusioncache.dat

[2009/11/20 22:23:22 | 000,022,292 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat

[2009/10/20 20:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll

[2009/10/19 16:47:23 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2009/10/19 16:47:22 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2009/10/19 16:47:15 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll

[2009/10/19 16:47:15 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2009/10/19 16:47:15 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2009/10/19 16:47:13 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2009/10/16 21:54:03 | 000,040,960 | ---- | C] () -- C:\Windows\System32\MMAVILNG.exe

[2009/10/16 21:52:47 | 000,001,890 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys

[2009/10/16 21:52:47 | 000,000,056 | RHS- | C] () -- C:\Windows\System32\E43A1514AE.sys

[2009/09/19 22:23:37 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat

[2009/09/13 16:12:37 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009/09/10 20:49:37 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE

[2009/09/09 19:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat

[2009/09/07 22:53:11 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini

[2009/09/02 20:24:58 | 000,000,552 | ---- | C] () -- C:\Windows\maplev4.ini

[2009/09/02 08:02:45 | 000,000,000 | ---- | C] () -- C:\Windows\WB.ini

[2009/09/02 00:17:58 | 000,058,792 | ---- | C] () -- C:\Windows\System32\wbload.dll

[2009/08/31 19:49:40 | 000,022,328 | ---- | C] () -- C:\Users\Sky\AppData\Roaming\PnkBstrK.sys

[2009/08/25 22:28:19 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2009/07/14 10:39:49 | 000,363,226 | ---- | C] () -- C:\Windows\System32\perfh00C.dat

[2009/07/14 10:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat

[2009/07/14 10:39:49 | 000,044,944 | ---- | C] () -- C:\Windows\System32\perfc00C.dat

[2009/07/14 10:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat

[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 06:33:53 | 002,290,088 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2009/07/14 04:05:48 | 000,299,718 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2009/07/14 04:05:48 | 000,037,582 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2008/12/16 17:18:52 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe

[2008/12/16 17:18:52 | 000,105,984 | ---- | C] () -- C:\Windows\FixUVC.exe

[2008/12/16 17:18:52 | 000,000,057 | ---- | C] () -- C:\Windows\PidList.ini

[2008/12/16 17:17:49 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini

[2008/12/16 17:17:49 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat

[2008/12/16 17:17:49 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat

[2008/12/16 17:17:49 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat

[2008/12/16 17:17:49 | 000,000,008 | R--- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat

[2008/11/20 02:34:45 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll

[2008/11/20 02:34:45 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll

[2008/11/11 05:27:31 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

[2008/11/11 05:27:24 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll

[2008/11/11 05:27:24 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll

[2008/11/11 05:26:52 | 000,000,041 | ---- | C] () -- C:\Windows\Prelaunch.ini

[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll

[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll

[2001/12/26 17:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll

[2001/09/04 00:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll

[2001/07/30 17:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll

[2001/07/23 23:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2010/12/11 14:35:31 | 000,078,550 | ---- | M] () -- C:\aaw7boot.log

[2009/06/10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2010/11/20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr

[2009/11/20 21:56:45 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2009/06/10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys

[2011/05/22 21:40:45 | 2411,888,640 | -HS- | M] () -- C:\hiberfil.sys

[2009/09/02 20:23:22 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2008/12/16 17:23:39 | 000,000,020 | ---- | M] () -- C:\Medion.ini

[2009/09/02 20:23:22 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2009/11/20 20:32:19 | 000,000,419 | ---- | M] () -- C:\netfxlog.txt

[2011/05/22 21:40:50 | 3215,851,520 | -HS- | M] () -- C:\pagefile.sys

[2008/12/16 17:20:21 | 000,000,058 | ---- | M] () -- C:\Partition.txt

[2008/12/05 00:45:00 | 000,001,256 | -HS- | M] () -- C:\Patch.rev

[2011/05/22 22:12:55 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/05/24 12:14:38 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2008/11/21 02:43:54 | 000,000,147 | RHS- | M] () -- C:\preload.rev

[2009/11/20 22:42:08 | 000,003,016 | ---- | M] () -- C:\RHDSetup.log

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

[2009/07/14 03:15:20 | 000,380,957 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\expsrv.dll

[2009/07/14 03:15:50 | 001,386,496 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\msvbvm60.dll

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

 

< %systemroot%\system32\drivers\*.sys /90 >

[2011/04/08 07:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-05-21 15:32:12

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 24 bytes -> C:\Windows:69D6E838C162D06E

@Alternate Data Stream - 16 bytes -> C:\Users\Sky\Downloads:Shareaza.GUID

 

< End of report >

 

OTL Extras logfile created on: 24/05/2011 12:13:24 - Run 1

OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Sky\Desktop

Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,99 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 64,23% Memory free

5,99 Gb Paging File | 4,40 Gb Available in Paging File | 73,48% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 226,48 Gb Total Space | 105,59 Gb Free Space | 46,62% Space Free | Partition Type: NTFS

Drive D: | 226,51 Gb Total Space | 158,49 Gb Free Space | 69,97% Space Free | Partition Type: NTFS

 

Computer Name: PC-DE-GEO | User Name: Sky | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- Reg Error: Key error.

htmlfile [opennew] -- Reg Error: Key error.

http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- Reg Error: Key error.

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring" = 1

"" =

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)

"C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4

"{0266CCBE-BBD8-416C-A48F-7FC47C6DB566}" = Microsoft SQL Server System CLR Types

"{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)

"{043F86B7-EE12-3399-B2CA-D0B603D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack

"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4

"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store

"{0E9C6F05-A8E5-482F-B7D5-78943BCC6073}" = Ragnarok

"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status

"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan

"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In

"{11C2292E-65CB-4533-ABFC-24E39C4211CD}" = Adobe Dreamweaver CS4

"{14C87AA7-08E6-419F-A165-998EBE5023D7}" = Oblivion - Knights of the Nine

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{16D919E6-F019-4E15-BFBE-4A85EF19DA57}" = Oblivion - Spell Tomes

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB

"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch

"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2

"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1

"{1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2}" = Upgrade Kit

"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F25F81F-AFC4-4A38-9CD0-7F321BFDEDBC}" = Microsoft SQL Server VSS Writer

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare

"{20C640F8-4703-4B78-9EC5-D43E42E92E90}" = XSplit

"{23D448C7-7DC7-4C15-B47D-C99364501F07}" = Microsoft SQL Server 2008 Database Engine Services

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 24

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{2A7F0737-99DD-4D56-8866-C4FE96F44F2A}" = TES Construction Set

"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm

"{2F2E3D62-8B8C-448F-8900-451325E50948}" = Oblivion - Wizard's Tower

"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery

"{302E9B7B-2B6A-4C29-9A02-9F2110649779}" = Nuvoton EC Generic HID Driver

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{348CEF9D-95C7-4CA1-89ED-174900821CB4}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - FRA

"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Logiciel Intel® PROSet/Wireless WiFi

"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3ABEBD00-299D-4DCA-967F-B912163AB5EA}" = Oblivion - Horse Armor Pack

"{3BA7E387-9401-3371-9464-5E224D243FC5}" = Outils Microsoft Visual Studio 2010 ADO.NET Entity Framework

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy

"{3CAC9760-14F6-4539-A75F-F240EC55FEE9}" = Ma-Config.com

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin

"{3FD4B9B7-9F73-4753-967C-B909929EAD60}" = Microsoft Sync Framework SDK v1.0 SP1 fr

"{3FF37A38-3781-493E-8EBF-BB143C843796}" = Microsoft Silverlight 3 SDK - Français

"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools

"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call of Pripyat [v1.6.02]

"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition

"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit

"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg

"{4401409D-25F1-4E85-8A3C-6BA6FFCFBFED}" = Microsoft SQL Server 2008 Browser

"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax

"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0

"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files

"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter

"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace

"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform

"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport

"{4EE2EF4B-25D3-4D44-8384-A2B96F811F55}" = OpenOffice.org 3.2

"{4EE72E74-53A6-4E82-905E-C2D19311287E}" = Microsoft ASP.NET MVC 2 - FRA

"{51DE0B73-7A33-41B8-9183-8321D40815E0}" = Microsoft SQL Server 2008 Common Files

"{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}" = Oblivion - Vile Lair

"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs

"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features

"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support

"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4

"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter

"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes

"{5F907BE8-0033-31EA-B83F-18405837AA8F}" = Microsoft Visual Studio 2010 SharePoint Developer Tools

"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger

"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support

"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4

"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2

"{6577657B-A10C-47A1-A50D-512C7748CB2C}" = Adobe Setup

"{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update

"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content

"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{690DFF6B-82E9-41B0-9794-71BCEED98F09}" = Adobe Flash CS4 Extension - Flash Lite STI fr

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319

"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply

"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox

"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools

"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker

"{6F6D6F36-0B0A-4C88-AB1D-986046435A24}" = Dotfuscator Software Services - Community Edition - FRA

"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update

"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime

"{73E17122-EC84-45B4-943B-735257B5CBDC}" = Adobe Photoshop CS4 Support

"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network

"{76B91CF8-2A5C-3BFD-B95B-D718D52088C4}" = Module linguistique Microsoft Visual F# 2.0 Runtime - FRA

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver

"{7A78C597-9D23-3C25-AE57-132F62D62F02}" = Microsoft Visual Studio Macro Tools - FRA Language Pack

"{7AD4FE43-6F4E-4DD5-AE2E-02F367192BE0}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project

"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance

"{7CCA1688-6F09-49AE-887B-E29A552A187A}" = Morrowind

"{7F30941A-F236-4DD0-A245-A5B09991633B}" = Smart Mod Manager

"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{83E0F08C-C476-3987-B57E-7F45C177E1D7}" = Microsoft Visual Studio 2010 Office Developer Tools (x86) Language Pack - FRA

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology

"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends

"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer

"{92975DF9-EA36-4F36-A9AC-D412BC1D709E}" = Nuvoton EC Generic HID Driver

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{93074803-3F61-4595-AC67-FFC20B3BE06A}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4

"{93F07BB2-BAD8-4638-AFB6-0A1EE5624DAE}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) fr

"{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{96D33319-C14C-3070-A464-CE8416E46487}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support

"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab

"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175

"{A1FE2467-01B8-3666-BA44-91D44342BAD7}" = Microsoft Team Foundation Server 2010 Object Model - FRA

"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management

"{A6CB9620-444F-4B8B-B088-C2BD3FD0A587}_is1" = Counter-Strike 1.6 V42 No-Steam

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio

"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch

"{AC76BA86-1033-F400-7760-000000000004}_944" = Adobe Acrobat 9.4.4 - CPSID_83708

"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4

"{AD5CE491-1257-3FF3-9A00-BBEBD57932F4}" = Microsoft Visual Studio 2010 Performance Collection Tools - FRA

"{AF6919D0-5691-4F35-9D65-54F981013514}" = Microsoft SQL Server Compact 3.5 SP2 FRA

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B01A7AFC-0356-43AF-A333-C65912AEA8DC}" = Objets de gestion Microsoft SQL Server 2008 R2

"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6

"{B466A9C8-CF42-49E6-A211-A80A3AA272FC}" = Infra. d'app. de la couche Données Microsoft SQL Server 2008 R2

"{B4B6D2ED-1D71-326E-8E61-AD6778046C47}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA

"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services

"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B

"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation®Network Downloader

"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{BC398BE9-C1DC-374B-90B1-460CB70C7CDD}" = Microsoft Help Viewer 1.0 Language Pack - FRA

"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations

"{C17F6CF7-6C7D-4A45-B75E-C3E33A24E773}" = Adobe Flash CS4

"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX

"{C5E05888-7559-3A01-A3A7-739AC400E1C1}" = Microsoft Visual Studio 2010 Ultimate - FRA

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program

"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CEA5BAEC-4E75-4803-9C43-4B0D14D6F4BC}" = IDM 6.05 Build 1 Final Precracked by thienthanty for win 32bit

"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack

"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.57.409

"{D0EE7809-8F5E-46EF-95DC-B30DCE22653F}" = Adobe Creative Suite 4 Master Collection

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype 4.1

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D60023FA-3DF1-4537-93DD-13024CC4E366}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 FRA

"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential

"{DB3A97C0-EEC1-43FE-AB56-E2EA972CF111}" = 1600

"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader

"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting

"{DD8E9F7D-0FD7-4984-9459-40C86F01EC2C}" = Fichiers de support d'installation de Microsoft SQL Server 2008

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E1951CF4-91CE-46F0-A1BD-3A4A67069097}" = Adobe Premiere Pro CS4 Third Party Content

"{E2E01E91-2314-42BC-B5E3-1715DAE84F98}" = Adobe Photoshop CS4

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

"{E5FCED12-3E77-4C0E-A305-5AEB38A52A70}" = AdobeColorCommonSetCMYK

"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext

"{E989D16F-0B39-4E74-8BD5-149BEE1477FE}" = Microsoft SQL Server 2008 RsFx Driver

"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor

"{EA79DC46-98B0-4A26-A76F-448A032E5E4D}" = 1600Trb

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EC425CFC-EE78-4A91-AA25-3BFA65B75364}" = Oblivion - Orrery

"{EE393EE6-708F-43AC-B9B8-E1191DC353D9}" = Microsoft SQL Server 2008 Native Client

"{EF295F5C-7B57-47AA-8889-6B3E8E214E89}" = Oblivion - Mehrunes Razor

"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.60.13

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F0FD00FD-CE66-474F-A116-72B4880E8B47}" = Microsoft SQL Server 2008 Database Engine Shared

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F1CBC6F7-D82D-4DC5-B81C-9A14F418593A}_is1" = WC3Banlist

"{F1DF9BCC-C974-4339-A628-7F6418931F2F}" = Adobe Flash CS4 STI-fr

"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared

"{F37AADAE-7560-42BE-96E2-B968E6DAFC62}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86) fr

"{F870B987-18BC-45FC-9BE8-35C02DCDA10F}" = Broadcom Gigabit Integrated Controller

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs

"{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner

"{FEA5A8ED-93A1-44EE-9A7D-43103DB3F78D}" = 1600_Help

"{FF63E956-55FC-42B6-80A3-1B1666AA82D8}" = Microsoft Sync Framework Services v1.0 SP1 (x86) fr

"{FFFFFD17-B460-41EB-93F1-C48ABAD63828}" = Oblivion - Thieves Den

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe_b2b1c7c62c4ae0a954789ed71d36a7a" = Adobe Creative Suite 4 Master Collection

"AIMP2" = AIMP2

"AIMP2at" = AIMP2: Audio Tools

"Akamai" = Akamai NetSession Interface

"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)

"CCleaner" = CCleaner

"CloneCD" = CloneCD

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP

"DotAzilla" = DotAzilla

"FormatFactory" = FormatFactory 2.10

"Garena" = Garena

"GridVista" = Acer GridVista

"Guitar Pro 5_is1" = Guitar Pro 5.2

"HijackThis" = HijackThis 2.0.2

"HP Imaging Device Functions" = HP Imaging Device Functions 13.0

"HP Photosmart Essential" = HP Photosmart Essential 3.5

"HP Smart Web Printing" = HP Smart Web Printing 4.51

"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0

"HPExtendedCapabilities" = HP Customer Participation Program 13.0

"HPOCR" = OCR Software by I.R.I.S. 13.0

"InfraRecorder" = InfraRecorder

"InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}" = NVIDIA System Update

"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance

"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor

"InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.2.0

"L4D2SP" = Left 4 Dead 2 Standalone Patch

"L4D2SPUC" = Left 4 Dead 2 Standalone Patch

"LastFM_is1" = Last.fm 1.5.4.27091

"Live 8.0.4" = Live 8.0.4

"LManager" = Launch Manager

"Magicka_is1" = Magicka

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Messenger Plus!" = Messenger Plus! 5

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA

"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0

"Microsoft Help Viewer 1.0 Language Pack - FRA" = Module linguistique de la visionneuse d'aide Microsoft 1.0 - FRA

"Microsoft SQL Server 10" = Microsoft SQL Server 2008

"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008

"Microsoft Team Foundation Server 2010 Object Model - FRA" = Modèle objet Microsoft Team Foundation Server 2010 - Français

"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)

"Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - FRA" = Module linguistique Microsoft Visual Studio 2010 Tools pour Office Runtime (x86) - FRA

"Microsoft Visual Studio 2010 Ultimate - FRA" = Microsoft Visual Studio 2010 Ultimate - Français

"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools

"Microsoft Visual Studio Macro Tools - FRA Language Pack" = Microsoft Visual Studio Macro Tools - FRA Language Pack

"Mozilla Firefox 4.0.1 (x86 fr)" = Mozilla Firefox 4.0.1 (x86 fr)

"Mumble" = Mumble and Murmur

"Notepad++" = Notepad++

"NVIDIA Display Control Panel" = NVIDIA Display Control Panel

"NVIDIA Drivers" = NVIDIA Drivers

"ProInst" = Intel PROSet Wireless

"Shockwave" = Shockwave

"Shop for HP Supplies" = Shop for HP Supplies

"Steam App 240" = Counter-Strike: Source

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"SystemRequirementsLab" = System Requirements Lab

"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"Tunngle beta_is1" = Tunngle beta

"uTorrent" = µTorrent

"VLC media player" = VLC media player 1.0.1

"Warkeys" = Warkeys 1.18.1.0b

"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner

"WinLiveSuite" = Windows Live

"WinPcapInst" = WinPcap 4.1.1

"ZHPDiag_is1" = ZHPDiag 1.27

"ZMBV" = Zip Motion Block Video codec (Remove Only)

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"FileZilla Client" = FileZilla Client 3.3.5.1

"Google Chrome" = Google Chrome

"I-Doser v4" = I-Doser v4

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 29/01/2011 07:13:42 | Computer Name = PC-de-Geo | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante PLFSetI.exe, version : 1.0.1.0, horodatage

: 0x471d62d0 Nom du module défaillant : PLFSetI.exe, version : 1.0.1.0, horodatage

: 0x471d62d0 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00001afe ID du processus

défaillant : 0xe30 Heure de début de l’application défaillante : 0x01cbbfa594936ca6

Chemin

d’accès de l’application défaillante : C:\Windows\PLFSetI.exe Chemin d’accès du

module défaillant: C:\Windows\PLFSetI.exe ID de rapport : d3feada9-2b98-11e0-ab09-001d72ecffa0

 

Error - 29/01/2011 07:17:45 | Computer Name = PC-de-Geo | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Les chaînes de performance dans la valeur de Registre Performance

sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance.

La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans

la section Données, la valeur LastCounter est le deuxième DWORD dans la section

Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

 

Error - 29/01/2011 07:17:46 | Computer Name = PC-de-Geo | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Les chaînes de performance dans la valeur de Registre Performance

sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance.

La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans

la section Données, la valeur LastCounter est le deuxième DWORD dans la section

Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

 

Error - 29/01/2011 07:17:46 | Computer Name = PC-de-Geo | Source = Microsoft-Windows-LoadPerf | ID = 3011

Description = Le déchargement des chaînes de compteurs de performances pour le service

WmiApRpl (WmiApRpl) a échoué. Le premier DWORD de la section Data contient le code

d’erreur.

 

Error - 29/01/2011 08:28:13 | Computer Name = PC-de-Geo | Source = SideBySide | ID = 16842785

Description = La création du contexte d’activation a échoué pour « C:\Program Files\Acer\Empowering

Technology\eDataSecurity\x64\eDScsp.exe ». Assembly dépendant Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"

introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

 

Error - 30/01/2011 07:41:17 | Computer Name = PC-de-Geo | Source = WinMgmt | ID = 10

Description =

 

Error - 30/01/2011 07:42:42 | Computer Name = PC-de-Geo | Source = Application Error | ID = 1000

Description = Nom de l’application défaillante PLFSetI.exe, version : 1.0.1.0, horodatage

: 0x471d62d0 Nom du module défaillant : PLFSetI.exe, version : 1.0.1.0, horodatage

: 0x471d62d0 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00001afe ID du processus

défaillant : 0xc3c Heure de début de l’application défaillante : 0x01cbc072c62e1ad6

Chemin

d’accès de l’application défaillante : C:\Windows\PLFSetI.exe Chemin d’accès du

module défaillant: C:\Windows\PLFSetI.exe ID de rapport : 0bf31f87-2c66-11e0-8222-001d72ecffa0

 

Error - 30/01/2011 07:45:55 | Computer Name = PC-de-Geo | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Les chaînes de performance dans la valeur de Registre Performance

sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance.

La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans

la section Données, la valeur LastCounter est le deuxième DWORD dans la section

Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

 

Error - 30/01/2011 07:45:55 | Computer Name = PC-de-Geo | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Les chaînes de performance dans la valeur de Registre Performance

sont endommagées lors du traitement du fournisseur de compteurs d’extension Performance.

La valeur BaseIndex à partir du Registre de performance est le premier DWORD dans

la section Données, la valeur LastCounter est le deuxième DWORD dans la section

Données, et la valeur LastHelp est le troisième DWORD dans la section Données.

 

Error - 30/01/2011 07:45:55 | Computer Name = PC-de-Geo | Source = Microsoft-Windows-LoadPerf | ID = 3011

Description = Le déchargement des chaînes de compteurs de performances pour le service

WmiApRpl (WmiApRpl) a échoué. Le premier DWORD de la section Data contient le code

d’erreur.

 

 

========== Last 10 Event Log Errors ==========

 

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

 

< End of report >

 

_________________

 

Voila le tout, ça à l'air long et chiant à analyser alors je te remercie encore et te souhaite bon courage !

Sky.

Si tu as besoin que je fasse certaines choses pour te faciliter le travail, n'hésite pas à me le dire.

Modifié par Sky.Death
Posté(e)

...

Si tu as besoin que je fasse certaines choses pour te faciliter le travail, n'hésite pas à me le dire.

C'est sympa, merci! On a l'habitude :)

 

>>> Très important: Les antivirus actuels incluent une protection antispyware et il est inutile et même risqué d'avoir d'autres antispyware actifs en même temps. Pour ton cas supprime Ad-Aware et/ ou ces traces, Tu peux garder Malwarebytes' Anti-Malware pour des analyses occasionnelles mais inutile de le faire lancer en même temps que Windows (à moins d'avoir la version payante).

--

 

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment.

 

>>> StartUpLite: Il y a toujours des programmes qui se lancent INUTILEMENT en même temps que Windows.

Télécharger, sur le Bureau MBAM' StartUpLite depuis ici

Cliquer-droit sur StartUpLite.exe => "Exécuter en tant qu'administrateur" mbamuplite1.png pour lancer le programme.

Il affichera toutes les entrées inutiles en démarrage automatique. Sélectionner TOUTES les entrées affichées et cliquer sur Continue.

S'il affiche "No unnecessary startups found!", c'est qu'il n'y a rien à faire.

 

>>> Lancer OTL et copier la liste suivante (commençant par :OTL) et la coller dans l'espace sous "Personnalisation" (les : au début et le ] à la fin sont très important, merci de vérifier).

 

:OTL

SRV - File not found [On_Demand | Stopped] -- -- (npggsvc)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = exnet.3il.fr;<local>

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 172.16.105.254:8082

FF - prefs.js..network.proxy.ftp: "172.16.105.254"

FF - prefs.js..network.proxy.ftp_port: 8082

FF - prefs.js..network.proxy.http: "172.16.105.254"

FF - prefs.js..network.proxy.http_port: 8082

FF - prefs.js..network.proxy.no_proxies_on: "exnet.3il.fr,localhost,127.0.0.1"

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.socks: "172.16.105.254"

FF - prefs.js..network.proxy.socks_port: 8082

FF - prefs.js..network.proxy.ssl: "172.16.105.254"

FF - prefs.js..network.proxy.ssl_port: 8082

FF - prefs.js..network.proxy.type: 0

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O33 - MountPoints2\{c60b7ac3-9018-11df-ad50-00216b09d40c}\Shell - "" = AutoRun

O33 - MountPoints2\{c60b7ac3-9018-11df-ad50-00216b09d40c}\Shell\AutoRun\command - "" = G:\Startme.exe

@Alternate Data Stream - 24 bytes -> C:\Windows:69D6E838C162D06E

@Alternate Data Stream - 16 bytes -> C:\Users\Sky\Downloads:Shareaza.GUID

 

:Services

 

:Reg

 

:Files

ipconfig /flushdns /c

C:\WINDOWS\tasks\*.job

C:\*.sqm

 

:Commands

[EMPTYTEMP]

[EMPTYFLASH]

[RESETHOSTS]

ATTENTION: Les lignes en bleu concernent un proxy. Si c'est toi ou ton administrateur qui avez, volontairement, paramétré un proxy, supprimes ces lignes de la liste après avoir collé le tout.

 

Cliquer sur le bouton rouge Correction et laisser faire.

Si un ou plusieurs fichiers ne peuvent pas être supprimés normalement, le programme demandera de redémarrer la machine pour finir le processus, cliquer sur Oui.

A la fin un rapport s'ouvre dans le bloc-note. Copier son contenu et le coller dans une nouvelle réponse. Fermer le rapport et OTL.

 

 

Rapports demandés:

  • OTL.txt

Est-ce mieux et as-tu encore des symptômes à vérifier?

Posté(e) (modifié)

Aucun changement pour le démarrage, voici le log.

Edit : A noter que le service audio est toujours désactivé au démarrage mais revient quand je le démarre sans aucun problème (?).

Par contre je n'ai pas revu le message sur le service journal d'évènements (mais j'ai peut-être manque le message vu le lag du démarrage).

_______________________________________________

 

All processes killed

========== OTL ==========

Service npggsvc stopped successfully!

Service npggsvc deleted successfully!

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Acrobat Speed Launcher deleted successfully.

D:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe moved successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS4ServiceManager deleted successfully.

C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe moved successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c60b7ac3-9018-11df-ad50-00216b09d40c}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c60b7ac3-9018-11df-ad50-00216b09d40c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c60b7ac3-9018-11df-ad50-00216b09d40c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c60b7ac3-9018-11df-ad50-00216b09d40c}\ not found.

File G:\Startme.exe not found.

ADS C:\Windows:69D6E838C162D06E deleted successfully.

Unable to delete ADS C:\Users\Sky\Downloads:Shareaza.GUID .

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

========== FILES ==========

< ipconfig /flushdns /c >

Configuration IP de Windows

Cache de r‚solution DNS vid‚.

C:\Users\Sky\Desktop\cmd.bat deleted successfully.

C:\Users\Sky\Desktop\cmd.txt deleted successfully.

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully.

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3527931086-2340578112-719595152-1000Core.job moved successfully.

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3527931086-2340578112-719595152-1000UA.job moved successfully.

File\Folder C:\*.sqm not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 56579 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Invité

->Temp folder emptied: 16416576 bytes

->Temporary Internet Files folder emptied: 407761 bytes

->Java cache emptied: 25493375 bytes

->FireFox cache emptied: 101350840 bytes

->Flash cache emptied: 3392 bytes

 

User: Public

 

User: Sky

->Temp folder emptied: 69936617 bytes

->Temporary Internet Files folder emptied: 7554486 bytes

->Java cache emptied: 55542246 bytes

->FireFox cache emptied: 45901967 bytes

->Google Chrome cache emptied: 22518967 bytes

->Flash cache emptied: 13259416 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 1182769 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 343,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default

->Flash cache emptied: 0 bytes

 

User: Default User

->Flash cache emptied: 0 bytes

 

User: Invité

->Flash cache emptied: 0 bytes

 

User: Public

 

User: Sky

->Flash cache emptied: 0 bytes

 

Total Flash Files Cleaned = 0,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.23.0 log created on 05252011_031709

 

Files\Folders moved on Reboot...

 

Registry entries deleted on Reboot...

Modifié par Sky.Death
Posté(e)

Aucun changement pour le démarrage, voici le log.

Edit : A noter que le service audio est toujours désactivé au démarrage mais revient quand je le démarre sans aucun problème (?).

J'étais au courant de ça moi? :)

C'est quoi exactement le problème en pratique. Tu n'as pas de son au démarrage du PC?

Depuis où tu le démarres?

 

La startUp t'as supprimé quelque chose ou pas?

Les fichiers du proxy mentionné t'en as fait quoi?

--

 

Télécharger, sur le Bureau, aswMBR.exe et désactiver tous les programmes de protection (antivirus, pare-feu et antispyware.

Fermer toutes les fenêtres ouvertes et cliquer-droit sur aswMBR.exe => "Exécuter en tant qu'administrateur" puis cliquer sur le bouton "Scan".

Patienter jusqu'à la fin et cliquer sur le bouton "Save log". L'enregistrer sur le Bureau et poster son contenu .

NE fixer rien avant ma réponse.

--

 

Fermer toutes les applications et fenêtres ouvertes et cliquer-droit sur OTL.exe => "Exécuter en tant qu'Administrateur".

Sans rien changer ni rien ajouter, cliquer sur le bouton bleu Analyse et laisser faire.

Copier/ Coller le contenu du rapport généré.

 

Rapports demandés:

  • aswmbr.txt
  • OTL.txt
Posté(e)

OTL logfile created on: 25/05/2011 17:18:23 - Run 2

OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Sky\Desktop

Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

 

2,99 Gb Total Physical Memory | 1,88 Gb Available Physical Memory | 62,67% Memory free

5,99 Gb Paging File | 4,67 Gb Available in Paging File | 78,05% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 226,48 Gb Total Space | 109,12 Gb Free Space | 48,18% Space Free | Partition Type: NTFS

Drive D: | 226,51 Gb Total Space | 158,49 Gb Free Space | 69,97% Space Free | Partition Type: NTFS

 

Computer Name: PC-DE-GEO | User Name: Sky | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2011/05/25 03:35:39 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Sky\AppData\Local\Temp\RtkBtMnt.exe

PRC - [2011/05/24 12:11:01 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Sky\Desktop\OTL.exe

PRC - [2011/05/04 08:13:16 | 000,202,240 | ---- | M] () -- D:\Program Files\LOLReplay\LOLRecorder.exe

PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2011/02/02 11:40:20 | 003,265,944 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe

PRC - [2010/11/22 22:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files\Tunngle\TnglCtrl.exe

PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2010/11/20 14:17:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

PRC - [2010/09/22 18:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- D:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

PRC - [2010/05/25 23:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe

PRC - [2010/04/01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe

PRC - [2009/11/06 14:24:52 | 000,195,176 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe

PRC - [2009/11/06 14:13:20 | 000,191,080 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe

PRC - [2009/11/06 14:13:16 | 000,133,736 | ---- | M] (NVIDIA) -- C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe

PRC - [2009/08/27 10:12:54 | 001,218,056 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe

PRC - [2009/06/16 12:11:40 | 000,122,880 | ---- | M] (Acer Incorporated) -- C:\Acer\Mobility Center\MobilityService.exe

PRC - [2009/04/13 15:47:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

PRC - [2009/04/13 15:47:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

PRC - [2009/01/13 16:38:32 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

PRC - [2008/10/16 17:26:20 | 000,860,160 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe

PRC - [2008/10/16 16:54:34 | 000,466,944 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

PRC - [2008/10/04 05:09:02 | 000,069,632 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

PRC - [2007/10/23 11:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe

 

 

========== Modules (SafeList) ==========

 

MOD - [2011/05/24 12:11:01 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Sky\Desktop\OTL.exe

MOD - [2010/11/20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

MOD - [2010/11/03 22:39:40 | 000,034,208 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\idmmkb.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2011/05/17 00:57:05 | 003,275,864 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai\netsession_win_8832f4b.dll -- (Akamai)

SRV - [2011/05/11 23:01:01 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2011/04/12 10:11:26 | 000,311,744 | ---- | M] (CybelSoft) [On_Demand | Stopped] -- C:\Program Files\ma-config.com\maconfservice.exe -- (maconfservice)

SRV - [2010/11/22 22:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)

SRV - [2010/08/18 18:44:27 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Stopped] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)

SRV - [2010/06/22 03:01:07 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2009/11/06 14:24:52 | 000,195,176 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)

SRV - [2009/11/06 14:13:20 | 000,191,080 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)

SRV - [2009/10/20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)

SRV - [2009/10/01 16:45:34 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2009/06/16 12:11:40 | 000,122,880 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)

SRV - [2009/04/13 15:47:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)

SRV - [2009/01/13 16:38:32 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)

SRV - [2008/10/16 17:26:20 | 000,860,160 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)

SRV - [2008/10/16 16:54:34 | 000,466,944 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)

SRV - [2008/10/04 05:09:02 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)

 

 

========== Driver Services (SafeList) ==========

 

DRV - [2011/04/08 07:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2011/01/25 18:40:06 | 000,085,768 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)

DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2010/10/08 16:57:54 | 000,100,560 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

DRV - [2010/08/30 12:19:54 | 000,014,336 | ---- | M] (CybelSoft) [Kernel | On_Demand | Stopped] -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys -- (driverhardwarev2)

DRV - [2010/07/22 21:15:22 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)

DRV - [2010/07/22 21:15:22 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)

DRV - [2010/02/03 15:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)

DRV - [2009/12/27 16:44:12 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)

DRV - [2009/12/08 22:24:26 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys -- (VSPerfDrv100)

DRV - [2009/11/29 12:52:09 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)

DRV - [2009/11/03 17:33:40 | 000,021,520 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)

DRV - [2009/10/20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)

DRV - [2009/10/14 21:18:34 | 000,036,880 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\klbg.sys -- (klbg)

DRV - [2009/10/02 19:39:36 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)

DRV - [2009/09/16 07:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)

DRV - [2009/09/15 14:59:28 | 000,038,248 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvoclock.sys -- (nvoclock)

DRV - [2009/09/13 17:02:23 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)

DRV - [2009/09/01 15:29:50 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)

DRV - [2009/08/21 22:24:03 | 000,066,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)

DRV - [2009/07/21 08:13:24 | 000,005,632 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidshim.sys -- (hidshim)

DRV - [2009/07/21 08:13:22 | 000,022,528 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nuvotonhidgeneric.sys -- (nuvotonhidgeneric)

DRV - [2009/07/14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\serial.sys -- (Serial)

DRV - [2009/07/14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Pilote de carte de liaison WiFi sans fil Intel®

DRV - [2009/03/30 04:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)

DRV - [2009/03/25 17:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)

DRV - [2009/03/25 17:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)

DRV - [2009/03/25 17:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)

DRV - [2009/03/25 17:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)

DRV - [2009/03/25 17:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)

DRV - [2009/03/25 17:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)

DRV - [2009/03/25 17:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)

DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)

DRV - [2008/10/01 11:04:16 | 000,012,832 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)

DRV - [2007/02/16 02:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)

DRV - [2006/11/29 02:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1208&m=aspire_8730

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1208&m=aspire_8730

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Acer.com Worldwide - Select your local country or region [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = exnet.3il.fr;<local>

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 172.16.105.254:8082

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "http://www.google.com/"

FF - prefs.js..network.proxy.ftp: "172.16.105.254"

FF - prefs.js..network.proxy.ftp_port: 8082

FF - prefs.js..network.proxy.http: "172.16.105.254"

FF - prefs.js..network.proxy.http_port: 8082

FF - prefs.js..network.proxy.no_proxies_on: "exnet.3il.fr,localhost,127.0.0.1"

FF - prefs.js..network.proxy.share_proxy_settings: true

FF - prefs.js..network.proxy.socks: "172.16.105.254"

FF - prefs.js..network.proxy.socks_port: 8082

FF - prefs.js..network.proxy.ssl: "172.16.105.254"

FF - prefs.js..network.proxy.ssl_port: 8082

FF - prefs.js..network.proxy.type: 0

 

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/10 21:20:43 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/23 01:43:27 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/25 23:56:26 | 000,000,000 | ---D | M]

 

[2011/05/23 01:44:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sky\AppData\Roaming\mozilla\Extensions

[2011/05/23 01:43:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2010/05/21 11:36:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/08/02 20:41:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/12/10 18:01:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

[2009/11/29 12:53:12 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\mozilla firefox\extensions\linkfilter@kaspersky.ru

File not found (No name found) --

[2011/02/18 19:52:18 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\SKY\APPDATA\ROAMING\IDM\IDMMZCC3

[2009/11/20 22:11:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

[2011/04/14 18:47:17 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2006/01/02 18:01:02 | 000,053,248 | ---- | M] (Giganology Inc.) -- C:\Program Files\mozilla firefox\components\GigagetComponent.dll

[2010/09/15 05:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2010/01/01 10:00:00 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml

[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2010/01/01 10:00:00 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/01/01 10:00:00 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml

[2010/01/01 10:00:00 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml

[2010/01/01 10:00:00 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

 

O1 HOSTS File: ([2011/05/25 03:17:48 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)

O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)

O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Programme d'assistance de Microsoft Web Test Recorder 10.0) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - D:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)

O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Acrobat Assistant 8.0] D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)

O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)

O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe (Egis Incorporated)

O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()

O4 - HKLM..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)

O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()

O4 - Startup: C:\Users\Sky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Warkeys Update.lnk = D:\Program Files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Ajouter à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()

O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm ()

O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()

O9 - Extra Button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)

O9 - Extra Button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://www.ma-config.com/activex/MaConfig_3_5_3_0.cab ("Ma-Config.com control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O24 - Desktop WallPaper: C:\Users\Sky\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Sky\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/05/25 17:16:00 | 000,589,632 | ---- | C] (AVAST Software) -- C:\Users\Sky\Desktop\aswMBR.exe

[2011/05/25 03:37:39 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2011/05/25 03:17:09 | 000,000,000 | ---D | C] -- C:\_OTL

[2011/05/24 19:53:46 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{4C979CAE-49BD-40AE-8FD6-C8F34FE554BB}

[2011/05/24 17:08:09 | 000,204,496 | ---- | C] (Malwarebytes) -- C:\Users\Sky\Desktop\StartUpLite.exe

[2011/05/24 12:10:59 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Sky\Desktop\OTL.exe

[2011/05/23 19:58:17 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{C4D28F14-334D-49FA-AFE3-2D506EBCEAEB}

[2011/05/23 10:16:53 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Malwarebytes

[2011/05/23 10:16:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011/05/23 10:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/05/23 10:16:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/05/23 10:16:36 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011/05/23 10:16:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/05/22 22:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag

[2011/05/22 22:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

[2011/05/22 14:38:59 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{F790CAEC-1530-4F77-A2F8-3EC78ADA981E}

[2011/05/22 13:17:03 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++

[2011/05/22 13:17:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

[2011/05/22 13:16:50 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Notepad++

[2011/05/22 13:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++

[2011/05/21 20:07:53 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{C6819AE8-1386-4E1F-A7BA-51B5CF392F1B}

[2011/05/21 17:43:13 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{364F19E3-F6AA-4A0F-83A2-4BD6F0FE57B3}

[2011/05/21 17:28:55 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe

[2011/05/21 17:28:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe

[2011/05/20 18:15:23 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{3F966BFB-8992-4822-8DAB-1B00ACC42802}

[2011/05/19 12:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace

[2011/05/19 12:32:58 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll

[2011/05/19 12:32:56 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2011/05/19 12:32:56 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2011/05/19 12:32:55 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2011/05/18 18:04:14 | 000,000,000 | ---D | C] -- C:\Users\Sky\LOLReplay

[2011/05/18 17:58:36 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{C6382986-20A0-4DA5-A29C-F729DEAF85E6}

[2011/05/17 17:04:59 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{D062D4D1-AFCD-4286-BFDC-804A2302C636}

[2011/05/16 05:58:26 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Media Player Classic

[2011/05/15 14:44:09 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{5164E0EF-6181-4682-BCFE-9FAFA0141698}

[2011/05/15 14:42:28 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs

[2011/05/15 14:41:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit

[2011/05/14 01:57:32 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{9EB49D72-63C2-41E9-8EAB-8848E5C0F648}

[2011/05/12 19:16:47 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{9A9452BA-7FA0-48DE-B479-C14B4ED7FFA1}

[2011/05/11 22:31:49 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{2E02B9E8-54C2-4919-A235-947F31F11C14}

[2011/05/09 18:06:23 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{DA4799ED-96DE-4FBF-9869-948930E26AC9}

[2011/05/05 22:57:32 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{9E5385F5-8471-4F60-BB5D-5E13879CDD5A}

[2011/05/05 22:56:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared

[2011/05/05 21:55:29 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames

[2011/05/05 21:44:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai

[2011/05/01 12:37:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dofus

[2011/04/29 04:26:48 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2011/04/29 04:25:26 | 015,227,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll

[2011/04/29 04:25:26 | 006,299,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll

[2011/04/29 04:25:26 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2011/04/29 04:25:25 | 010,690,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

[2011/04/29 04:25:25 | 000,855,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322060.dll

[2011/04/29 04:25:24 | 000,944,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3220140.dll

[2011/04/29 04:25:23 | 010,071,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll

[2011/04/29 04:25:22 | 002,765,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll

[2011/04/29 04:25:22 | 002,074,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll

[2011/04/29 04:25:21 | 013,007,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll

[2011/04/29 04:25:21 | 005,180,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll

[2011/04/29 04:25:21 | 002,034,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll

[2011/04/29 04:25:21 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

[2011/04/29 04:16:52 | 000,022,872 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\System32\AdobePDFUI.dll

[2011/04/29 04:04:37 | 000,485,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuhda.exe

[2011/04/29 04:04:37 | 000,066,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys

[2011/04/29 04:04:37 | 000,057,344 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\nvapo32v.dll

[2011/04/29 04:04:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nvhdap32.dll

[2011/04/29 03:57:35 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\InfraRecorder

[2011/04/29 03:57:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfraRecorder

[2011/04/29 03:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com

[2011/04/29 03:35:11 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{6D60ACFB-5747-4FF1-A624-DED3D32B71C3}

[2011/04/29 03:33:29 | 000,000,000 | ---D | C] -- C:\Users\Sky\Ableton

[2011/04/29 03:33:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Ableton

[2011/04/29 03:33:28 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Roaming\Ableton

[2011/04/29 03:20:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ableton

[2011/04/29 03:20:13 | 000,233,472 | ---- | C] (Propellerhead Software AB) -- C:\Windows\System32\REX Shared Library.dll

[2011/04/29 03:20:12 | 000,368,640 | ---- | C] (Propellerhead Software AB) -- C:\Windows\System32\ReWire.dll

[2011/04/29 03:12:41 | 000,000,000 | ---D | C] -- C:\Program Files\Ableton

[2011/04/27 15:42:39 | 000,000,000 | ---D | C] -- C:\Users\Sky\AppData\Local\{E81B0BFF-2E16-4F26-9B8C-002E55E8AA93}

[2009/07/21 14:47:46 | 000,315,392 | ---- | C] ( ) -- C:\Windows\System32\sbcrreag.dll

[2008/12/17 02:08:05 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll

 

========== Files - Modified Within 30 Days ==========

 

[2011/05/25 17:17:38 | 000,000,512 | ---- | M] () -- C:\Users\Sky\Desktop\MBR.dat

[2011/05/25 17:16:00 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Users\Sky\Desktop\aswMBR.exe

[2011/05/25 12:58:41 | 000,011,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/05/25 12:58:41 | 000,011,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/05/25 12:55:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/05/25 03:37:39 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2011/05/25 03:19:19 | 2411,888,640 | -HS- | M] () -- C:\hiberfil.sys

[2011/05/25 03:18:22 | 000,000,000 | ---- | M] () -- C:\Windows\System32\Access.dat

[2011/05/25 03:17:48 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts

[2011/05/24 17:08:09 | 000,204,496 | ---- | M] (Malwarebytes) -- C:\Users\Sky\Desktop\StartUpLite.exe

[2011/05/24 12:14:38 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/05/24 12:11:01 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Sky\Desktop\OTL.exe

[2011/05/23 17:36:19 | 000,115,369 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat

[2011/05/23 10:16:40 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/05/23 01:43:42 | 000,001,100 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011/05/22 22:12:55 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/05/22 22:08:37 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk

[2011/05/22 22:08:37 | 000,000,953 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk

[2011/05/22 22:08:37 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk

[2011/05/22 22:03:23 | 000,001,362 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LManager.exe - Raccourci.lnk

[2011/05/22 13:17:09 | 000,001,005 | ---- | M] () -- C:\Users\Sky\Desktop\Notepad++.lnk

[2011/05/19 00:24:10 | 000,000,700 | ---- | M] () -- C:\Users\Public\Desktop\Team Fortress 2.lnk

[2011/05/18 18:04:44 | 000,000,826 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk

[2011/05/18 18:04:44 | 000,000,772 | ---- | M] () -- C:\Users\Sky\Desktop\LOL Recorder.lnk

[2011/05/17 13:44:40 | 002,290,088 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/05/12 07:22:19 | 000,363,226 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2011/05/12 07:22:19 | 000,299,718 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/05/12 07:22:19 | 000,044,944 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2011/05/12 07:22:19 | 000,037,582 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/05/07 20:01:07 | 000,046,742 | ---- | M] () -- C:\Users\Sky\AppData\Roaming\room.dat

[2011/04/29 03:57:30 | 000,000,726 | ---- | M] () -- C:\Users\Sky\Application Data\Microsoft\Internet Explorer\Quick Launch\InfraRecorder.lnk

[2011/04/29 03:57:30 | 000,000,726 | ---- | M] () -- C:\Users\Public\Desktop\InfraRecorder.lnk

[2011/04/29 03:20:17 | 000,001,175 | ---- | M] () -- C:\Users\Sky\Desktop\Live 8.0.4.lnk

[2011/04/25 17:53:51 | 000,053,488 | ---- | M] () -- C:\Windows\War3Unin.dat

 

========== Files Created - No Company Name ==========

 

[2011/05/25 17:17:38 | 000,000,512 | ---- | C] () -- C:\Users\Sky\Desktop\MBR.dat

[2011/05/24 12:14:38 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/05/23 10:16:40 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/05/23 01:43:41 | 000,001,112 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2011/05/23 01:43:41 | 000,001,100 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011/05/22 22:12:55 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin

[2011/05/22 22:08:37 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk

[2011/05/22 22:08:37 | 000,000,953 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk

[2011/05/22 22:08:37 | 000,000,948 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk

[2011/05/22 22:03:23 | 000,001,362 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LManager.exe - Raccourci.lnk

[2011/05/22 13:17:09 | 000,001,005 | ---- | C] () -- C:\Users\Sky\Desktop\Notepad++.lnk

[2011/05/18 18:04:14 | 000,000,826 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk

[2011/05/18 18:04:14 | 000,000,772 | ---- | C] () -- C:\Users\Sky\Desktop\LOL Recorder.lnk

[2011/05/18 18:04:14 | 000,000,772 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOL Recorder.lnk

[2011/05/07 04:47:43 | 000,000,700 | ---- | C] () -- C:\Users\Public\Desktop\Team Fortress 2.lnk

[2011/04/29 04:04:36 | 000,001,481 | ---- | C] () -- C:\Windows\System32\nvhda.nvu

[2011/04/29 03:57:30 | 000,000,726 | ---- | C] () -- C:\Users\Sky\Application Data\Microsoft\Internet Explorer\Quick Launch\InfraRecorder.lnk

[2011/04/29 03:57:30 | 000,000,726 | ---- | C] () -- C:\Users\Public\Desktop\InfraRecorder.lnk

[2011/04/29 03:20:17 | 000,001,175 | ---- | C] () -- C:\Users\Sky\Desktop\Live 8.0.4.lnk

[2011/04/14 01:36:26 | 000,000,000 | ---- | C] () -- C:\Windows\System32\Access.dat

[2011/04/10 00:47:47 | 000,046,742 | ---- | C] () -- C:\Users\Sky\AppData\Roaming\room.dat

[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

[2011/03/26 19:54:23 | 000,000,175 | ---- | C] () -- C:\Windows\Wininit.ini

[2011/01/10 21:05:05 | 000,245,776 | ---- | C] () -- C:\Windows\hpoins19.dat

[2011/01/10 21:05:05 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat

[2011/01/10 20:27:52 | 000,019,696 | ---- | C] () -- C:\Windows\hpomdl05.dat

[2011/01/10 20:06:58 | 000,070,095 | ---- | C] () -- C:\Windows\hpoins05.dat.temp

[2011/01/10 20:06:58 | 000,019,696 | ---- | C] () -- C:\Windows\hpomdl05.dat.temp

[2010/09/26 00:27:05 | 000,007,604 | ---- | C] () -- C:\Users\Sky\AppData\Local\resmon.resmoncfg

[2010/08/05 14:21:30 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib

[2010/07/22 21:15:22 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys

[2010/06/05 12:36:18 | 000,000,197 | ---- | C] () -- C:\Windows\MORDOR.INI

[2010/06/05 12:36:06 | 000,090,702 | ---- | C] () -- C:\Windows\SETUP1.EXE

[2010/06/05 12:36:06 | 000,002,573 | ---- | C] () -- C:\Windows\WAVEMIX.INI

[2010/06/02 20:40:38 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys

[2010/04/09 21:08:26 | 000,094,208 | ---- | C] () -- C:\Windows\System32\zmbv.dll

[2010/01/03 19:15:38 | 000,053,488 | ---- | C] () -- C:\Windows\War3Unin.dat

[2010/01/01 12:24:25 | 000,008,192 | ---- | C] () -- C:\Users\Sky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/12/27 16:47:47 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll

[2009/11/29 12:53:00 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat

[2009/11/29 12:53:00 | 000,097,859 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat

[2009/11/29 12:20:31 | 000,023,432 | ---- | C] () -- C:\Users\Sky\AppData\Roaming\UserTile.png

[2009/11/20 22:41:46 | 000,123,780 | R--- | C] () -- C:\Windows\System32\drivers\RtConvEQ.DAT

[2009/11/20 22:41:46 | 000,001,496 | R--- | C] () -- C:\Windows\System32\drivers\RtkAcerM.dat

[2009/11/20 22:41:46 | 000,000,728 | R--- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat

[2009/11/20 22:38:47 | 000,000,091 | ---- | C] () -- C:\Users\Sky\AppData\Local\fusioncache.dat

[2009/11/20 22:23:22 | 000,022,292 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat

[2009/10/20 20:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll

[2009/10/19 16:47:23 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2009/10/19 16:47:22 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2009/10/19 16:47:15 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll

[2009/10/19 16:47:15 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2009/10/19 16:47:15 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2009/10/19 16:47:13 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2009/10/16 21:54:03 | 000,040,960 | ---- | C] () -- C:\Windows\System32\MMAVILNG.exe

[2009/10/16 21:52:47 | 000,001,890 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys

[2009/10/16 21:52:47 | 000,000,056 | RHS- | C] () -- C:\Windows\System32\E43A1514AE.sys

[2009/09/19 22:23:37 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat

[2009/09/13 16:12:37 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009/09/10 20:49:37 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE

[2009/09/09 19:01:40 | 000,027,675 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat

[2009/09/07 22:53:11 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini

[2009/09/02 20:24:58 | 000,000,552 | ---- | C] () -- C:\Windows\maplev4.ini

[2009/09/02 08:02:45 | 000,000,000 | ---- | C] () -- C:\Windows\WB.ini

[2009/09/02 00:17:58 | 000,058,792 | ---- | C] () -- C:\Windows\System32\wbload.dll

[2009/08/31 19:49:40 | 000,022,328 | ---- | C] () -- C:\Users\Sky\AppData\Roaming\PnkBstrK.sys

[2009/08/25 22:28:19 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2009/07/14 10:39:49 | 000,363,226 | ---- | C] () -- C:\Windows\System32\perfh00C.dat

[2009/07/14 10:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat

[2009/07/14 10:39:49 | 000,044,944 | ---- | C] () -- C:\Windows\System32\perfc00C.dat

[2009/07/14 10:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat

[2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 06:33:53 | 002,290,088 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2009/07/14 04:05:48 | 000,299,718 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2009/07/14 04:05:48 | 000,037,582 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2008/12/16 17:18:52 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe

[2008/12/16 17:18:52 | 000,105,984 | ---- | C] () -- C:\Windows\FixUVC.exe

[2008/12/16 17:18:52 | 000,000,057 | ---- | C] () -- C:\Windows\PidList.ini

[2008/12/16 17:17:49 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini

[2008/12/16 17:17:49 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat

[2008/12/16 17:17:49 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat

[2008/12/16 17:17:49 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat

[2008/12/16 17:17:49 | 000,000,008 | R--- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat

[2008/11/20 02:34:45 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll

[2008/11/20 02:34:45 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll

[2008/11/11 05:27:31 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

[2008/11/11 05:27:24 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll

[2008/11/11 05:27:24 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll

[2008/11/11 05:26:52 | 000,000,041 | ---- | C] () -- C:\Windows\Prelaunch.ini

[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll

[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll

[2001/12/26 17:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll

[2001/09/04 00:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll

[2001/07/30 17:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll

[2001/07/23 23:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 16 bytes -> C:\Users\Sky\Downloads:Shareaza.GUID

 

< End of report >

__________________________________________

 

aswMBR version 0.9.5.256 Copyright© 2011 AVAST Software

Run date: 2011-05-25 17:17:05

-----------------------------

17:17:05.539 OS Version: Windows 6.1.7601 Service Pack 1

17:17:05.539 Number of processors: 2 586 0x170A

17:17:05.541 ComputerName: PC-DE-GEO UserName: Sky

17:17:06.455 Initialize success

17:17:14.350 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

17:17:14.353 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3

17:17:14.358 Disk 0 MBR read error 0

17:17:14.362 Disk 0 MBR scan

17:17:14.366 Disk 0 unknown MBR code

17:17:14.371 MBR BIOS signature not found 0

17:17:14.377 Disk 0 scanning sectors +976771072

17:17:14.383 Disk 0 scanning C:\Windows\system32\drivers

17:17:21.239 Service scanning

17:17:22.534 Disk 0 trace - called modules:

17:17:22.572 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys spui.sys halmacpi.dll >>UNKNOWN [0x86954938]<<

17:17:22.579 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8816f030]

17:17:22.587 3 CLASSPNP.SYS[8cbac59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x876a0028]

17:17:22.595 Scan finished successfully

17:17:38.898 Disk 0 MBR has been saved successfully to "C:\Users\Sky\Desktop\MBR.dat"

17:17:38.905 The log file has been saved successfully to "C:\Users\Sky\Desktop\aswMBR.txt"

___________________________________

 

Oups désolé, j'ai du omettre ce détail.

Le problème qui me gène le plus c'est que mon ordi met 30 min à démarrer.

Le son je peux le remettre sans problème dans la barre des tâches : juste à cliquer sur l'icone audio et lancer le service.

 

Le startup m'a supprimé les maj auto pour java, le quicktime launcher et le launcher de mon imprimante aussi (et c'est très bien, pour Java je peux faire les MAJ manuellement, QT j'utilise jamais et mon imprimante non plus).

 

Pour le proxy je l'ai gardé, c'est celui que j'utilise pour me connecter à l'école.

Posté(e)

La bonne nouvelle est que visiblement tu n'as pas de rootkit.

Je te propose de:

 

  • >>> Mises à jour: Toute ancienne version d'un programme quel qu'il soit peut comporter des vulnérabilités susceptibles d'être exploitées pour infecter un PC:
    Java: Utiliser, IMPÉRATIVEMENT, Internet Explorer pour téléchargez (sur le Bureau) la dernière version qui correspond à votre Système d'exploitation (32 ou 64 bits): Téléchargements Java pour tous les systèmes d'exploitation.
     
    java.png


     
    Avant l'installation il est important de commencer par supprimer TOUTES les anciennes versions dans votre machine parce qu'elles peuvent contenir des vulnérabilités de sécurité:
    Cliquer sur "Démarrer" => "Panneau de Configuration" => "Ajout/ Suppr des Programmes".
    Chercher, dans la liste les lignes concernant Java (J2SE Runtime Environment.... ) et repérables avec cette icône java01.jpg.
    Sélectionner une ligne à la fois et cliquer sur Modifier/ Supprimer.
    Quand il n'y en a plus fermez tout et installez la nouvelle version en cliquant sur le fichier que vous avez téléchargé.
     

  • >>> Supprimer les utilitaires:
    - Lancer OTL et cliquer sur Purge outils. Laisser faire et redémarrer le PC.
    - Pour supprimer les autres utilitaires et leur rapports, cliquer-droit dessus => "Supprimer".
     
  • >>> Ré-initialiser les Points de Restauration parce qu'elles peuvent contenir des traces d'infection:
    Cliquer-droit sur "Ordinateur" => "Propriétés" => "Protection Système". Cliquer sur le nom de la partition système (généralement C:) puis sur "Configurer" => "Supprimer" => "Continuer" (pour confirmer).
    Cliquer sur "Fermer" puis "OK" => "OK" et attendre un moment.
    Retourner dans "Protection système" et cliquer sur la partition => "Configurer" et sélectionner "Restaurer les paramètres système et les versions précédentes des fichiers"
    Cliquer sur "OK" => "OK" et fermer la fenêtre.
    Un nouveau point de restauration sera créé.
     
  • >>> Vérifier/ Activer l'UAC: Parce qu'il y a de plus en plus de malware qui exploitent la désactivation de l'UAC (contrôle de compte utilisateur) de Windows (Vista et W7) pour installer des rootkits, garder ce module activé même s'il paraît, des fois, énervant:
    Cliquer sur "Démarrer" => "Panneau de configuration". Cliquer sur " Comptes d'utilisateurs..." => "Modifier les paramètres de contrôle de compte utilisateur."
    Régler le curseur comme indiqué sur l'image.
     
    uac-w7_fr.png


     

  • Lancer CCleaner => "Outils" => "Démarrage" et désactiver ces entrée (inutiles à ce lancer en même temps que Windows:
     
    - [Acrobat Assistant 8.0] D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
    - [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
    - [PLFSetI] C:\Windows\PLFSetI.exe () <= Uses excessive system and memory resources with no corresponding benefit.
    - [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer) <= It's the PopUp Window that asks you to register the Acer product
    - [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
    - [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
    - [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
     
    Redémarre ta machine et vérifie si cela gène le fonctionnement de tes programmes. Rectifier si nécessaire.
     
  • Faire un nettoyage disque avec CCleaner
     
  • Fais une défragmentation de ta partition système (C:)

 

Tiens-moi au courant!

Posté(e)

Coucou, après avoir tout fait (ça a pris du temps..)

 

J'ai encore plus de blems qui apparaissent :

Quand j'ai voulu ouvrir cette page Zebulon, j'ai ceci qui est apparu :

370955wtf.png

et au démarrage j'ai le message du service d'évènements qui est revenu ET mon affichage à changé (je suis sous Seven et ai le thème "normal", je suis revenu au thème Win98 j'ai l'impression... :

249728startup.jpg

 

 

Ehm, ça se présente mal. (et j'oubliais, ça met toujours 30min à s'allumer au moins).

Rejoindre la conversation

Vous publiez en tant qu’invité. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...