PC assemblé qui devient lent

zorbec · le 1 novembre 2011

Bonjour,

Bleuet m'a conseillé de poster un message dans cette section, car mon PC semble infecté.

Il y aurait : Le Crapware.SpyHunter, du FakeAlert, et TDL4 (TDSS Rootkit)? et voir si +.

Merci pour votre aide

Voici le lien vers ce post : Post

Et le texte du post d'origine:

Voici ma config :

WIn 7 familial Prémium

CM ABIT KN9 Ultra

Proc AMD 64 X2 4200

2 Go de mémoire

DD Samsung 400 Go

Je trouve que mon PC commence à ramer un peu. Windows est à jour. J'utilise CCleaner et Deffragler régulierement. MBM est exécuté régulierement. Norton 2012 est mon antivirus.

J'ai posté le rapport ZHPDiag ici :

Rapport

Merci

jeanmimigab · le 1 novembre 2011

Salut,

Fais cela stp...

Télécharge TDSSKiller (Kapersky Lab) sur ton bureau
Un tutoriel au cas ou tu aurais un souci
Dezzipe le et fais un double-clic dessus pour l'exécuter et si une détection apparait après le scanne,suis les instructions et autorise le redémarrage du pc
/!\ ne change pas l'action proposé par TDSSKiller en fin de scanne (skip, quarantine, cure ) /!\
Poste le rapport "C:\TDSSKiller_Quarantine\DATE_HEURE"

Ensuite...

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs

HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs

hklm\software\clients\startmenuinternet|command /rs

nslookup www.google.fr /c

SAVEMBR:0

NetSvcs

%systemroot%\system32\drivers\*.sys /lockedfiles

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

netsvcs

/md5start

dwm.exe

taskhost.exe

taskeng.exe

wscntfy.exe

ctfmon.exe

rdpclip.exe

volsnap.sys

sptd.sys

explorer.exe

userinit.exe

winlogon.exe

wininit.exe

tcpip.sys

Sfloppy.sys

Changer.sys

cdrom.sys

disk.sys

ndis.sys

usbscan.sys

usbprint.sys

tdtcp.sys

tdpipe.sys

swmidi.sys

splitter.sys

rdpwd.sys

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

sceclt.dll

ntelogon.dll

logevent.dll

RASACD.SYS

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

nvrd32.sys

/md5stop

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( réduit dans la barre des taches).

* Copie et colle les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL

Modifié le 1 novembre 2011 par jeanmimigab

zorbec · le 1 novembre 2011

Salut

Merci pour ton aide.

Voici les rapports

Rapport de Tdsskiller :

15:56:15.0550 1732 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01

15:56:15.0769 1732 ============================================================

15:56:15.0769 1732 Current date / time: 2011/11/01 15:56:15.0769

15:56:15.0769 1732 SystemInfo:

15:56:15.0769 1732

15:56:15.0769 1732 OS Version: 6.1.7601 ServicePack: 1.0

15:56:15.0769 1732 Product type: Workstation

15:56:15.0769 1732 ComputerName: ALAIN-PC

15:56:15.0769 1732 UserName: Alain

15:56:15.0769 1732 Windows directory: C:\Windows

15:56:15.0769 1732 System windows directory: C:\Windows

15:56:15.0769 1732 Processor architecture: Intel x86

15:56:15.0769 1732 Number of processors: 2

15:56:15.0769 1732 Page size: 0x1000

15:56:15.0769 1732 Boot type: Normal boot

15:56:15.0769 1732 ============================================================

15:56:16.0988 1732 Initialize success

15:56:37.0707 3732 ============================================================

15:56:37.0707 3732 Scan started

15:56:37.0707 3732 Mode: Manual;

15:56:37.0707 3732 ============================================================

15:56:38.0082 3732 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys

15:56:38.0082 3732 1394ohci - ok

15:56:38.0128 3732 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys

15:56:38.0144 3732 ACPI - ok

15:56:38.0160 3732 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys

15:56:38.0160 3732 AcpiPmi - ok

15:56:38.0253 3732 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

15:56:38.0269 3732 adp94xx - ok

15:56:38.0285 3732 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

15:56:38.0300 3732 adpahci - ok

15:56:38.0332 3732 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

15:56:38.0332 3732 adpu320 - ok

15:56:38.0410 3732 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys

15:56:38.0410 3732 AFD - ok

15:56:38.0441 3732 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys

15:56:38.0441 3732 agp440 - ok

15:56:38.0488 3732 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

15:56:38.0488 3732 aic78xx - ok

15:56:38.0550 3732 aklzrvcs - ok

15:56:38.0597 3732 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys

15:56:38.0597 3732 aliide - ok

15:56:38.0628 3732 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys

15:56:38.0628 3732 amdagp - ok

15:56:38.0675 3732 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys

15:56:38.0675 3732 amdide - ok

15:56:38.0707 3732 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

15:56:38.0707 3732 AmdK8 - ok

15:56:38.0738 3732 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

15:56:38.0738 3732 AmdPPM - ok

15:56:38.0769 3732 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys

15:56:38.0769 3732 amdsata - ok

15:56:38.0816 3732 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

15:56:38.0816 3732 amdsbs - ok

15:56:38.0847 3732 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys

15:56:38.0847 3732 amdxata - ok

15:56:38.0894 3732 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys

15:56:38.0894 3732 AppID - ok

15:56:38.0925 3732 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

15:56:38.0941 3732 arc - ok

15:56:38.0957 3732 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

15:56:38.0972 3732 arcsas - ok

15:56:39.0003 3732 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

15:56:39.0003 3732 AsyncMac - ok

15:56:39.0019 3732 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys

15:56:39.0019 3732 atapi - ok

15:56:39.0082 3732 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

15:56:39.0082 3732 b06bdrv - ok

15:56:39.0113 3732 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys

15:56:39.0113 3732 b57nd60x - ok

15:56:39.0144 3732 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

15:56:39.0144 3732 Beep - ok

15:56:39.0394 3732 BHDrvx86 (fe57ab6683f48264d1cd36f5d5ee95a8) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111014.001\BHDrvx86.sys

15:56:39.0410 3732 BHDrvx86 - ok

15:56:39.0472 3732 bkxjsjno - ok

15:56:39.0488 3732 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

15:56:39.0488 3732 blbdrive - ok

15:56:39.0535 3732 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys

15:56:39.0535 3732 bowser - ok

15:56:39.0550 3732 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

15:56:39.0550 3732 BrFiltLo - ok

15:56:39.0582 3732 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

15:56:39.0582 3732 BrFiltUp - ok

15:56:39.0613 3732 Bridge (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys

15:56:39.0613 3732 Bridge - ok

15:56:39.0628 3732 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys

15:56:39.0628 3732 BridgeMP - ok

15:56:39.0675 3732 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

15:56:39.0675 3732 Brserid - ok

15:56:39.0816 3732 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

15:56:39.0816 3732 BrSerWdm - ok

15:56:39.0847 3732 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

15:56:39.0847 3732 BrUsbMdm - ok

15:56:39.0847 3732 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

15:56:39.0847 3732 BrUsbSer - ok

15:56:39.0878 3732 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

15:56:39.0878 3732 BTHMODEM - ok

15:56:40.0003 3732 ccSet_NIS (2b2f9b4a08190334a9c36446b208bae9) C:\Windows\system32\drivers\NIS\1301010.003\ccSetx86.sys

15:56:40.0003 3732 ccSet_NIS - ok

15:56:40.0050 3732 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

15:56:40.0050 3732 cdfs - ok

15:56:40.0113 3732 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys

15:56:40.0113 3732 cdrom - ok

15:56:40.0144 3732 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

15:56:40.0160 3732 circlass - ok

15:56:40.0191 3732 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

15:56:40.0191 3732 CLFS - ok

15:56:40.0253 3732 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

15:56:40.0253 3732 CmBatt - ok

15:56:40.0285 3732 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys

15:56:40.0285 3732 cmdide - ok

15:56:40.0316 3732 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys

15:56:40.0332 3732 CNG - ok

15:56:40.0378 3732 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

15:56:40.0378 3732 Compbatt - ok

15:56:40.0410 3732 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys

15:56:40.0410 3732 CompositeBus - ok

15:56:40.0457 3732 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

15:56:40.0457 3732 crcdisk - ok

15:56:40.0519 3732 CrystalSysInfo - ok

15:56:40.0566 3732 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys

15:56:40.0566 3732 DfsC - ok

15:56:40.0582 3732 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

15:56:40.0582 3732 discache - ok

15:56:40.0613 3732 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

15:56:40.0613 3732 Disk - ok

15:56:40.0691 3732 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

15:56:40.0691 3732 drmkaud - ok

15:56:40.0753 3732 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys

15:56:40.0753 3732 DXGKrnl - ok

15:56:40.0878 3732 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

15:56:40.0894 3732 ebdrv - ok

15:56:41.0019 3732 eeCtrl (8f7dbc4be48f5388a6fe1f285e7948ef) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

15:56:41.0019 3732 eeCtrl - ok

15:56:41.0066 3732 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

15:56:41.0066 3732 elxstor - ok

15:56:41.0128 3732 EraserUtilRebootDrv (3ee14d400e0fdd0d214275a4a20b7022) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

15:56:41.0128 3732 EraserUtilRebootDrv - ok

15:56:41.0144 3732 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys

15:56:41.0144 3732 ErrDev - ok

15:56:41.0207 3732 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

15:56:41.0207 3732 exfat - ok

15:56:41.0238 3732 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

15:56:41.0238 3732 fastfat - ok

15:56:41.0285 3732 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

15:56:41.0285 3732 fdc - ok

15:56:41.0316 3732 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

15:56:41.0316 3732 FileInfo - ok

15:56:41.0332 3732 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

15:56:41.0332 3732 Filetrace - ok

15:56:41.0363 3732 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

15:56:41.0363 3732 flpydisk - ok

15:56:41.0410 3732 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

15:56:41.0410 3732 FltMgr - ok

15:56:41.0441 3732 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

15:56:41.0441 3732 FsDepends - ok

15:56:41.0488 3732 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys

15:56:41.0488 3732 Fs_Rec - ok

15:56:41.0535 3732 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys

15:56:41.0535 3732 fvevol - ok

15:56:41.0566 3732 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

15:56:41.0566 3732 gagp30kx - ok

15:56:41.0628 3732 GearAspiWDM (5dc17164f66380cbfefd895c18467773) C:\Windows\system32\drivers\GEARAspiWDM.sys

15:56:41.0628 3732 GearAspiWDM - ok

15:56:41.0707 3732 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

15:56:41.0707 3732 hcw85cir - ok

15:56:41.0769 3732 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys

15:56:41.0769 3732 HdAudAddService - ok

15:56:41.0800 3732 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys

15:56:41.0800 3732 HDAudBus - ok

15:56:41.0832 3732 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

15:56:41.0832 3732 HidBatt - ok

15:56:41.0863 3732 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

15:56:41.0863 3732 HidBth - ok

15:56:41.0894 3732 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

15:56:41.0894 3732 HidIr - ok

15:56:41.0957 3732 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys

15:56:41.0957 3732 HidUsb - ok

15:56:41.0988 3732 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys

15:56:41.0988 3732 HpSAMD - ok

15:56:42.0050 3732 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys

15:56:42.0066 3732 HTTP - ok

15:56:42.0082 3732 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys

15:56:42.0082 3732 hwpolicy - ok

15:56:42.0113 3732 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys

15:56:42.0113 3732 i8042prt - ok

15:56:42.0160 3732 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys

15:56:42.0160 3732 iaStorV - ok

15:56:42.0378 3732 IDSVix86 (9bc8840de4140e8e2a6fc3192e054a8c) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20111028.030\IDSvix86.sys

15:56:42.0378 3732 IDSVix86 - ok

15:56:42.0410 3732 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

15:56:42.0410 3732 iirsp - ok

15:56:42.0535 3732 IntcAzAudAddService (202350c0055a39cfca30b2942f7b10d2) C:\Windows\system32\drivers\RTKVHDA.sys

15:56:42.0550 3732 IntcAzAudAddService - ok

15:56:42.0628 3732 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys

15:56:42.0628 3732 intelide - ok

15:56:42.0660 3732 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

15:56:42.0660 3732 intelppm - ok

15:56:42.0691 3732 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:56:42.0691 3732 IpFilterDriver - ok

15:56:42.0769 3732 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys

15:56:42.0769 3732 IPMIDRV - ok

15:56:42.0800 3732 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

15:56:42.0816 3732 IPNAT - ok

15:56:42.0847 3732 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

15:56:42.0863 3732 IRENUM - ok

15:56:42.0894 3732 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys

15:56:42.0894 3732 isapnp - ok

15:56:42.0925 3732 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys

15:56:42.0925 3732 iScsiPrt - ok

15:56:42.0957 3732 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys

15:56:42.0957 3732 kbdclass - ok

15:56:43.0003 3732 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys

15:56:43.0003 3732 kbdhid - ok

15:56:43.0050 3732 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys

15:56:43.0050 3732 KSecDD - ok

15:56:43.0066 3732 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys

15:56:43.0066 3732 KSecPkg - ok

15:56:43.0128 3732 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

15:56:43.0128 3732 lltdio - ok

15:56:43.0191 3732 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

15:56:43.0191 3732 LSI_FC - ok

15:56:43.0207 3732 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

15:56:43.0207 3732 LSI_SAS - ok

15:56:43.0222 3732 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

15:56:43.0222 3732 LSI_SAS2 - ok

15:56:43.0253 3732 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

15:56:43.0253 3732 LSI_SCSI - ok

15:56:43.0285 3732 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

15:56:43.0285 3732 luafv - ok

15:56:43.0316 3732 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

15:56:43.0316 3732 megasas - ok

15:56:43.0347 3732 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

15:56:43.0347 3732 MegaSR - ok

15:56:43.0410 3732 Memctl - ok

15:56:43.0441 3732 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

15:56:43.0441 3732 Modem - ok

15:56:43.0488 3732 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

15:56:43.0488 3732 monitor - ok

15:56:43.0503 3732 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys

15:56:43.0503 3732 mouclass - ok

15:56:43.0535 3732 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

15:56:43.0535 3732 mouhid - ok

15:56:43.0566 3732 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys

15:56:43.0566 3732 mountmgr - ok

15:56:43.0613 3732 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys

15:56:43.0613 3732 mpio - ok

15:56:43.0660 3732 MpNWMon (bfd981f12c8c6beebdca70efbfdd0a08) C:\Windows\system32\DRIVERS\MpNWMon.sys

15:56:43.0660 3732 MpNWMon - ok

15:56:43.0691 3732 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

15:56:43.0691 3732 mpsdrv - ok

15:56:43.0738 3732 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys

15:56:43.0738 3732 MRxDAV - ok

15:56:43.0785 3732 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys

15:56:43.0800 3732 mrxsmb - ok

15:56:43.0832 3732 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:56:43.0832 3732 mrxsmb10 - ok

15:56:43.0863 3732 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:56:43.0863 3732 mrxsmb20 - ok

15:56:43.0894 3732 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys

15:56:43.0894 3732 msahci - ok

15:56:43.0941 3732 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys

15:56:43.0957 3732 msdsm - ok

15:56:43.0972 3732 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

15:56:43.0988 3732 Msfs - ok

15:56:44.0019 3732 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

15:56:44.0019 3732 mshidkmdf - ok

15:56:44.0035 3732 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys

15:56:44.0035 3732 msisadrv - ok

15:56:44.0082 3732 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

15:56:44.0082 3732 MSKSSRV - ok

15:56:44.0113 3732 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

15:56:44.0113 3732 MSPCLOCK - ok

15:56:44.0144 3732 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

15:56:44.0144 3732 MSPQM - ok

15:56:44.0175 3732 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

15:56:44.0175 3732 MsRPC - ok

15:56:44.0207 3732 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys

15:56:44.0207 3732 mssmbios - ok

15:56:44.0222 3732 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

15:56:44.0222 3732 MSTEE - ok

15:56:44.0238 3732 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

15:56:44.0253 3732 MTConfig - ok

15:56:44.0269 3732 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

15:56:44.0269 3732 Mup - ok

15:56:44.0316 3732 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

15:56:44.0332 3732 NativeWifiP - ok

15:56:44.0566 3732 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111031.034\NAVENG.SYS

15:56:44.0566 3732 NAVENG - ok

15:56:44.0644 3732 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111031.034\NAVEX15.SYS

15:56:44.0660 3732 NAVEX15 - ok

15:56:44.0722 3732 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys

15:56:44.0722 3732 NDIS - ok

15:56:44.0785 3732 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

15:56:44.0785 3732 NdisCap - ok

15:56:44.0816 3732 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

15:56:44.0816 3732 NdisTapi - ok

15:56:44.0878 3732 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys

15:56:44.0878 3732 Ndisuio - ok

15:56:44.0910 3732 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys

15:56:44.0910 3732 NdisWan - ok

15:56:44.0957 3732 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys

15:56:44.0957 3732 NDProxy - ok

15:56:45.0019 3732 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

15:56:45.0019 3732 NetBIOS - ok

15:56:45.0066 3732 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys

15:56:45.0066 3732 NetBT - ok

15:56:45.0113 3732 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

15:56:45.0113 3732 nfrd960 - ok

15:56:45.0160 3732 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

15:56:45.0160 3732 Npfs - ok

15:56:45.0191 3732 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

15:56:45.0191 3732 nsiproxy - ok

15:56:45.0253 3732 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys

15:56:45.0269 3732 Ntfs - ok

15:56:45.0285 3732 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

15:56:45.0285 3732 Null - ok

15:56:45.0332 3732 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys

15:56:45.0332 3732 NVENETFD - ok

15:56:45.0628 3732 nvlddmkm (4152708c0c24e30dae7fa87d5afe1d7b) C:\Windows\system32\DRIVERS\nvlddmkm.sys

15:56:45.0691 3732 nvlddmkm - ok

15:56:45.0769 3732 NVNET (5bf9c11586f4764446407f509f1beca8) C:\Windows\system32\DRIVERS\nvmf6232.sys

15:56:45.0769 3732 NVNET - ok

15:56:45.0847 3732 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys

15:56:45.0847 3732 nvraid - ok

15:56:45.0894 3732 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys

15:56:45.0894 3732 nvstor - ok

15:56:45.0925 3732 nvstor32 (e83233178dc8c0409f9aa5036bab7272) C:\Windows\system32\DRIVERS\nvstor32.sys

15:56:45.0925 3732 nvstor32 - ok

15:56:46.0035 3732 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys

15:56:46.0035 3732 nv_agp - ok

15:56:46.0066 3732 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys

15:56:46.0066 3732 ohci1394 - ok

15:56:46.0160 3732 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

15:56:46.0160 3732 Parport - ok

15:56:46.0191 3732 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys

15:56:46.0191 3732 partmgr - ok

15:56:46.0222 3732 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

15:56:46.0222 3732 Parvdm - ok

15:56:46.0269 3732 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys

15:56:46.0269 3732 pci - ok

15:56:46.0285 3732 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys

15:56:46.0285 3732 pciide - ok

15:56:46.0316 3732 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

15:56:46.0316 3732 pcmcia - ok

15:56:46.0347 3732 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

15:56:46.0347 3732 pcw - ok

15:56:46.0378 3732 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

15:56:46.0378 3732 PEAUTH - ok

15:56:46.0472 3732 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

15:56:46.0472 3732 PptpMiniport - ok

15:56:46.0503 3732 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

15:56:46.0503 3732 Processor - ok

15:56:46.0566 3732 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

15:56:46.0566 3732 Psched - ok

15:56:46.0628 3732 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

15:56:46.0644 3732 ql2300 - ok

15:56:46.0675 3732 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

15:56:46.0675 3732 ql40xx - ok

15:56:46.0691 3732 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

15:56:46.0691 3732 QWAVEdrv - ok

15:56:46.0722 3732 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

15:56:46.0722 3732 RasAcd - ok

15:56:46.0769 3732 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

15:56:46.0769 3732 RasAgileVpn - ok

15:56:46.0785 3732 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

15:56:46.0785 3732 Rasl2tp - ok

15:56:46.0816 3732 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

15:56:46.0816 3732 RasPppoe - ok

15:56:46.0832 3732 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

15:56:46.0832 3732 RasSstp - ok

15:56:46.0894 3732 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys

15:56:46.0894 3732 rdbss - ok

15:56:46.0910 3732 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

15:56:46.0910 3732 rdpbus - ok

15:56:46.0957 3732 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys

15:56:46.0957 3732 RDPCDD - ok

15:56:46.0988 3732 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

15:56:46.0988 3732 RDPENCDD - ok

15:56:47.0003 3732 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

15:56:47.0003 3732 RDPREFMP - ok

15:56:47.0050 3732 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys

15:56:47.0050 3732 RDPWD - ok

15:56:47.0082 3732 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys

15:56:47.0082 3732 rdyboost - ok

15:56:47.0113 3732 rlpqmwim - ok

15:56:47.0160 3732 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

15:56:47.0160 3732 rspndr - ok

15:56:47.0222 3732 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys

15:56:47.0222 3732 sbp2port - ok

15:56:47.0269 3732 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys

15:56:47.0269 3732 scfilter - ok

15:56:47.0300 3732 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

15:56:47.0300 3732 secdrv - ok

15:56:47.0332 3732 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

15:56:47.0332 3732 Serenum - ok

15:56:47.0378 3732 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

15:56:47.0378 3732 Serial - ok

15:56:47.0394 3732 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

15:56:47.0410 3732 sermouse - ok

15:56:47.0441 3732 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys

15:56:47.0441 3732 sffdisk - ok

15:56:47.0472 3732 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys

15:56:47.0472 3732 sffp_mmc - ok

15:56:47.0488 3732 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys

15:56:47.0488 3732 sffp_sd - ok

15:56:47.0519 3732 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

15:56:47.0519 3732 sfloppy - ok

15:56:47.0566 3732 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys

15:56:47.0566 3732 sisagp - ok

15:56:47.0597 3732 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

15:56:47.0597 3732 SiSRaid2 - ok

15:56:47.0628 3732 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

15:56:47.0628 3732 SiSRaid4 - ok

15:56:47.0675 3732 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

15:56:47.0675 3732 Smb - ok

15:56:47.0707 3732 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

15:56:47.0707 3732 spldr - ok

15:56:47.0785 3732 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys

15:56:47.0785 3732 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505

15:56:47.0785 3732 sptd ( LockedFile.Multi.Generic ) - warning

15:56:47.0785 3732 sptd - detected LockedFile.Multi.Generic (1)

15:56:47.0925 3732 SRTSP (2c5fbf6a00a4a3dcf643e46e8acb20c2) C:\Windows\System32\Drivers\NIS\1301010.003\SRTSP.SYS

15:56:47.0941 3732 SRTSP - ok

15:56:47.0972 3732 SRTSPX (9034ea58552b55f370e5293a7175c5ac) C:\Windows\system32\drivers\NIS\1301010.003\SRTSPX.SYS

15:56:47.0972 3732 SRTSPX - ok

15:56:48.0019 3732 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys

15:56:48.0019 3732 srv - ok

15:56:48.0066 3732 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys

15:56:48.0066 3732 srv2 - ok

15:56:48.0097 3732 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys

15:56:48.0097 3732 srvnet - ok

15:56:48.0144 3732 StarOpen - ok

15:56:48.0191 3732 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

15:56:48.0191 3732 stexstor - ok

15:56:48.0238 3732 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys

15:56:48.0238 3732 swenum - ok

15:56:48.0269 3732 SYMDNS - ok

15:56:48.0300 3732 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\Windows\system32\drivers\NIS\1301010.003\SYMDS.SYS

15:56:48.0300 3732 SymDS - ok

15:56:48.0378 3732 SymEFA (a0c7005387bb6f055bb50bd8e779368b) C:\Windows\system32\drivers\NIS\1301010.003\SYMEFA.SYS

15:56:48.0394 3732 SymEFA - ok

15:56:48.0425 3732 SymEvent (98d28d08e68145fb550ee7670b43baf2) C:\Windows\system32\Drivers\SYMEVENT.SYS

15:56:48.0425 3732 SymEvent - ok

15:56:48.0441 3732 SYMFW - ok

15:56:48.0472 3732 SymIRON (39c35ddbb570e9f334f239248e4de34d) C:\Windows\system32\drivers\NIS\1301010.003\Ironx86.SYS

15:56:48.0472 3732 SymIRON - ok

15:56:48.0488 3732 SYMNDISV - ok

15:56:48.0535 3732 SymNetS (af979b363126cf54efbc46bf61b7d540) C:\Windows\System32\Drivers\NIS\1301010.003\SYMNETS.SYS

15:56:48.0535 3732 SymNetS - ok

15:56:48.0550 3732 SYMREDRV - ok

15:56:48.0644 3732 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys

15:56:48.0660 3732 Tcpip - ok

15:56:48.0691 3732 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys

15:56:48.0707 3732 TCPIP6 - ok

15:56:48.0753 3732 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys

15:56:48.0753 3732 tcpipreg - ok

15:56:48.0800 3732 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys

15:56:48.0816 3732 TDPIPE - ok

15:56:48.0832 3732 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys

15:56:48.0832 3732 TDTCP - ok

15:56:48.0894 3732 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys

15:56:48.0894 3732 tdx - ok

15:56:48.0972 3732 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys

15:56:48.0972 3732 TermDD - ok

15:56:49.0035 3732 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys

15:56:49.0035 3732 tssecsrv - ok

15:56:49.0097 3732 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys

15:56:49.0097 3732 TsUsbFlt - ok

15:56:49.0144 3732 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys

15:56:49.0144 3732 tunnel - ok

15:56:49.0191 3732 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

15:56:49.0191 3732 uagp35 - ok

15:56:49.0222 3732 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys

15:56:49.0222 3732 udfs - ok

15:56:49.0285 3732 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys

15:56:49.0285 3732 uliagpkx - ok

15:56:49.0300 3732 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys

15:56:49.0316 3732 umbus - ok

15:56:49.0347 3732 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

15:56:49.0347 3732 UmPass - ok

15:56:49.0394 3732 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\drivers\usbccgp.sys

15:56:49.0394 3732 usbccgp - ok

15:56:49.0425 3732 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys

15:56:49.0425 3732 usbcir - ok

15:56:49.0472 3732 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys

15:56:49.0472 3732 usbehci - ok

15:56:49.0535 3732 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys

15:56:49.0535 3732 usbhub - ok

15:56:49.0582 3732 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys

15:56:49.0582 3732 usbohci - ok

15:56:49.0613 3732 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

15:56:49.0613 3732 usbprint - ok

15:56:49.0660 3732 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:56:49.0660 3732 USBSTOR - ok

15:56:49.0707 3732 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys

15:56:49.0707 3732 usbuhci - ok

15:56:49.0753 3732 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys

15:56:49.0753 3732 vdrvroot - ok

15:56:49.0800 3732 vflt (032a1f7357ba2c235c3ba8002d52f870) C:\Windows\system32\DRIVERS\vfilter.sys

15:56:49.0800 3732 vflt - ok

15:56:49.0816 3732 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

15:56:49.0816 3732 vga - ok

15:56:49.0847 3732 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

15:56:49.0847 3732 VgaSave - ok

15:56:49.0878 3732 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys

15:56:49.0878 3732 vhdmp - ok

15:56:49.0925 3732 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys

15:56:49.0925 3732 viaagp - ok

15:56:49.0941 3732 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

15:56:49.0941 3732 ViaC7 - ok

15:56:49.0988 3732 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys

15:56:49.0988 3732 viaide - ok

15:56:50.0035 3732 vnet (fbd7e0a5b543480a69896811cb66a1fb) C:\Windows\system32\DRIVERS\virtualnet.sys

15:56:50.0035 3732 vnet - ok

15:56:50.0050 3732 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys

15:56:50.0050 3732 volmgr - ok

15:56:50.0082 3732 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

15:56:50.0082 3732 volmgrx - ok

15:56:50.0113 3732 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys

15:56:50.0113 3732 volsnap - ok

15:56:50.0160 3732 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

15:56:50.0160 3732 vsmraid - ok

15:56:50.0191 3732 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys

15:56:50.0191 3732 vwifibus - ok

15:56:50.0222 3732 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

15:56:50.0222 3732 WacomPen - ok

15:56:50.0253 3732 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

15:56:50.0253 3732 WANARP - ok

15:56:50.0253 3732 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

15:56:50.0253 3732 Wanarpv6 - ok

15:56:50.0316 3732 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

15:56:50.0316 3732 Wd - ok

15:56:50.0363 3732 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

15:56:50.0363 3732 Wdf01000 - ok

15:56:50.0425 3732 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

15:56:50.0425 3732 WfpLwf - ok

15:56:50.0457 3732 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

15:56:50.0457 3732 WIMMount - ok

15:56:50.0503 3732 WINFLASH - ok

15:56:50.0613 3732 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys

15:56:50.0613 3732 WinUsb - ok

15:56:50.0644 3732 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys

15:56:50.0644 3732 WmiAcpi - ok

15:56:50.0691 3732 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

15:56:50.0691 3732 ws2ifsl - ok

15:56:50.0722 3732 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys

15:56:50.0738 3732 WudfPf - ok

15:56:50.0769 3732 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys

15:56:50.0769 3732 WUDFRd - ok

15:56:50.0816 3732 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

15:56:50.0816 3732 \Device\Harddisk0\DR0 - ok

15:56:50.0832 3732 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1

15:56:50.0832 3732 \Device\Harddisk1\DR1 - ok

15:56:50.0847 3732 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2

15:56:50.0847 3732 \Device\Harddisk2\DR2 - ok

15:56:50.0863 3732 Boot (0x1200) (34dc11460f9af2de95130a0f0acc2726) \Device\Harddisk0\DR0\Partition0

15:56:50.0863 3732 \Device\Harddisk0\DR0\Partition0 - ok

15:56:50.0863 3732 Boot (0x1200) (b52e74c708fed41be9becd85c264426f) \Device\Harddisk1\DR1\Partition0

15:56:50.0863 3732 \Device\Harddisk1\DR1\Partition0 - ok

15:56:50.0878 3732 Boot (0x1200) (2748ee8b30160ee34dcf1d4b0d2934f4) \Device\Harddisk2\DR2\Partition0

15:56:50.0878 3732 \Device\Harddisk2\DR2\Partition0 - ok

15:56:50.0878 3732 ============================================================

15:56:50.0878 3732 Scan finished

15:56:50.0878 3732 ============================================================

15:56:50.0894 5140 Detected object count: 1

15:56:50.0894 5140 Actual detected object count: 1

15:56:56.0285 5140 sptd ( LockedFile.Multi.Generic ) - skipped by user

15:56:56.0285 5140 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

15:57:53.0441 5392 Deinitialize success

Rapports de OTL

OTL logfile created on: 01/11/2011 16:01:31 - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Alain\Desktop

Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,79 Gb Available Physical Memory | 39,72% Memory free

4,00 Gb Paging File | 2,43 Gb Available in Paging File | 60,76% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 372,61 Gb Total Space | 237,62 Gb Free Space | 63,77% Space Free | Partition Type: NTFS

Drive D: | 82,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Drive F: | 372,61 Gb Total Space | 142,70 Gb Free Space | 38,30% Space Free | Partition Type: NTFS

Drive I: | 3,69 Gb Total Space | 3,67 Gb Free Space | 99,50% Space Free | Partition Type: FAT32

Computer Name: ALAIN-PC | User Name: Alain | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Alain\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe (Symantec Corporation)

PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)

PRC - C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation)

PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)

PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files\Giganews Accelerator\GiganewsAccelerator.exe (Giganews, Inc.)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Program Files\Cobian Backup 10\cbInterface.exe (Luis Cobian, CobianSoft)

PRC - C:\Program Files\Cobian Backup 10\cbService.exe (Luis Cobian, CobianSoft)

PRC - C:\Program Files\Cobian Backup 10\cbVSCService.exe (CobianSoft, Luis Cobian)

PRC - C:\Program Files\NETASQ\NETASQ Updater\autoupdate.exe ()

PRC - C:\Program Files\ShrewSoft\VPN Client\dtpd.exe ()

PRC - C:\Program Files\ShrewSoft\VPN Client\iked.exe ()

PRC - C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe ()

PRC - C:\Program Files\Moniteur neufbox\Moniteur neufbox.exe (Nicolas Vannier)

========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()

MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()

MOD - C:\Program Files\WinRAR\RarExt.dll ()

========== Win32 Services (SafeList) ==========

SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe (Symantec Corporation)

SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)

SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (CobianBackup10) -- C:\Program Files\Cobian Backup 10\cbService.exe (Luis Cobian, CobianSoft)

SRV - (cbVSCService) -- C:\Program Files\Cobian Backup 10\cbVSCService.exe (CobianSoft, Luis Cobian)

SRV - (NETASQ Updater) -- C:\Program Files\NETASQ\NETASQ Updater\autoupdate.exe ()

SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)

SRV - (dtpd) -- C:\Program Files\ShrewSoft\VPN Client\dtpd.exe ()

SRV - (iked) -- C:\Program Files\ShrewSoft\VPN Client\iked.exe ()

SRV - (ipsecd) -- C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe ()

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)

DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111031.034\NAVEX15.SYS (Symantec Corporation)

DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111031.034\NAVENG.SYS (Symantec Corporation)

DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20111028.030\IDSvix86.sys (Symantec Corporation)

DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20111014.001\BHDrvx86.sys (Symantec Corporation)

DRV - (ccSet_NIS) -- C:\Windows\system32\drivers\NIS\1301010.003\ccSetx86.sys (Symantec Corporation)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (SRTSP) -- C:\Windows\System32\Drivers\NIS\1301010.003\SRTSP.SYS (Symantec Corporation)

DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1301010.003\SRTSPX.SYS (Symantec Corporation)

DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1301010.003\SYMEFA.SYS (Symantec Corporation)

DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)

DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)

DRV - (SymNetS) -- C:\Windows\System32\Drivers\NIS\1301010.003\SYMNETS.SYS (Symantec Corporation)

DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1301010.003\SYMDS.SYS (Symantec Corporation)

DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1301010.003\Ironx86.SYS (Symantec Corporation)

DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)

DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys ()

DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()

DRV - (vflt) -- C:\Windows\System32\drivers\vfilter.sys (Shrew Soft Inc)

DRV - (vnet) -- C:\Windows\System32\drivers\virtualnet.sys (Shrew Soft Inc)

DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation)

DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)

DRV - (MpNWMon) -- C:\Windows\System32\drivers\MpNWMon.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = Le Complément de recherche d'Internet Explorer 6 n'est plus pris en charge.

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3C 5C 37 71 97 54 CA 01 [binary data]

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Alain\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Alain\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\ [2011/10/30 19:21:19 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\ [2011/11/01 12:12:35 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2010/11/29 23:50:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alain\AppData\Roaming\mozilla\Extensions

[2010/11/29 23:50:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alain\AppData\Roaming\mozilla\Extensions\MediaCoder-Setup-Wizard

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Alain\AppData\Local\Google\Chrome\Application\14.0.835.187\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = F:\PFiles\Plugins\np-mswmp.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Alain\AppData\Local\Google\Chrome\Application\14.0.835.187\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Alain\AppData\Local\Google\Chrome\Application\14.0.835.187\pdf.dll

CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll

CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Alain\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2010/05/03 18:02:38 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\CoIEPlg.dll (Symantec Corporation)

O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\IPS\IPSBHO.dll (Symantec Corporation)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.1.1.3\CoIEPlg.dll (Symantec Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O4 - HKLM..\Run: [Cobian Backup 10 Interface] C:\Program Files\Cobian Backup 10\cbInterface.exe (Luis Cobian, CobianSoft)

O4 - Startup: C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Moniteur neufbox.lnk = C:\Program Files\Moniteur neufbox\Moniteur neufbox.exe (Nicolas Vannier)

O4 - Startup: C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

O4 - Startup: C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VyprVPN - Raccourci.lnk = File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: &Envoyer à OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micro s oft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitChec k Control.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.s un.com/update/1.6.0/jin s tall-1_6_0_24-window s -i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.s un.com/update/1.6.0/jin s tall-1_6_0_24-window s -i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.s un.com/update/1.6.0/jin s tall-1_6_0_24-window s -i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NO S /getPlu s Plu s /1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2512F390-1BBF-4560-8598-0A358D92B9F8}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2512F390-1BBF-4560-8598-0A358D92B9F8}: NameServer = 192.168.1.1

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - F:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: MsMpSvc - Service

SafeBootMin: NTDS - File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: MsMpSvc - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS - File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/11/01 15:58:59 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Alain\Desktop\OTL.exe

[2011/11/01 12:26:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP

[2011/11/01 12:01:05 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2011/11/01 11:57:59 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\Adobe

[2011/11/01 11:23:25 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\Alain\Desktop\ATF-Cleaner.exe

[2011/11/01 11:12:32 | 000,000,000 | ---D | C] -- C:\ZHP

[2011/11/01 11:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\ZHPDiag

[2011/11/01 10:02:59 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{2EEF971B-1E03-4F02-8D7D-8CF8B99CC960}

[2011/11/01 10:02:42 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{C28C6846-B0C8-4213-80EA-F420851B177B}

[2011/10/31 11:53:19 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{8571C003-4DC2-42F6-9474-1FA59DD36E7F}

[2011/10/31 11:53:04 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{242177CB-5F4B-4D57-9E14-EAF93E5C91CE}

[2011/10/31 08:36:51 | 000,000,000 | ---D | C] -- C:\Users\Alain\Desktop\A copier

[2011/10/30 23:52:36 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{EC1039C8-400C-423D-9D99-F3D1551EE811}

[2011/10/30 23:52:29 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{D83F4AE7-5469-4FB0-8153-2CFAF89797F3}

[2011/10/30 10:44:11 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{87DC273E-7A41-40BE-A2CA-FC805D2647D1}

[2011/10/30 10:44:04 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{B2089892-D12D-4702-8B21-D37A13DD94C6}

[2011/10/29 17:37:06 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{30F34706-A7CD-492D-B451-B703F52C998B}

[2011/10/29 17:36:59 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{5CEC3454-1BA6-4C14-A6C0-BCC6C3F6EA26}

[2011/10/27 21:52:16 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{16670E59-B28A-4045-946C-AE4A8F8570A0}

[2011/10/27 21:51:58 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{E29B0E3E-54CD-4A19-A454-956B1023B34D}

[2011/10/26 21:49:05 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{B05B09E9-E6E4-4BC8-9908-2176D58BEC14}

[2011/10/26 21:49:02 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{6C088FEE-A441-4E84-973B-5A79B908B01F}

[2011/10/24 20:36:52 | 000,000,000 | ---D | C] -- C:\Site LP Bis

[2011/10/24 20:36:43 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{FA67AC26-0B34-4826-9705-60ABF3A0FB44}

[2011/10/24 20:36:37 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{BB06DB64-D522-454B-A191-685DA10A18DD}

[2011/10/23 18:47:23 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{8E45344C-0772-4EEF-9279-7837A5DAEC50}

[2011/10/23 18:47:15 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{5E21EE7E-5211-4B18-BAF5-B18FFFB22E18}

[2011/10/22 10:34:02 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{11A8BE26-A0F4-4D40-8982-E7E785F3A0EF}

[2011/10/22 10:33:54 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{131B196A-2DA3-4F96-9619-023B815B52C2}

[2011/10/21 18:38:24 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{0C510D7D-4613-4424-A280-FBF79DCB506F}

[2011/10/21 18:38:19 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{E99359E7-C357-4AF4-BCB9-E8C29F96F178}

[2011/10/20 21:40:53 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{55DFDD33-DF10-44A6-BF84-4B49F1C66F37}

[2011/10/20 21:40:48 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{1D4B255D-9138-497F-B170-BCAE88B138F7}

[2011/10/18 20:45:27 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{6C866337-C0EF-43E0-9E77-D7981A496EC9}

[2011/10/18 20:45:15 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{05C36271-C9EB-43C3-B9B2-E3072E742B99}

[2011/10/17 21:21:13 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{C715C641-9D54-41C7-8E66-0AAA2B313622}

[2011/10/17 21:20:56 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{D9F855F4-9BFD-44F7-8CC5-EF00577FBC56}

[2011/10/16 11:05:53 | 000,000,000 | ---D | C] -- C:\Users\Alain\Desktop\Foulée 2011 HD

[2011/10/16 11:00:10 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{C10B3F60-E0A8-4610-B248-5E01698BF053}

[2011/10/16 11:00:04 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{CDDF8012-CCB3-4EF6-89DA-F67A2FC1F516}

[2011/10/15 05:22:10 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{8A2E8BBF-000B-4EC9-9767-4CAE2C28FBE8}

[2011/10/15 05:21:58 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{892112FD-2A6A-4F0C-9186-2E56D9854F14}

[2011/10/14 02:06:40 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011/10/14 02:06:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2011/10/14 02:06:38 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2011/10/14 02:06:38 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011/10/14 02:06:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2011/10/13 20:35:39 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll

[2011/10/13 20:35:39 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax

[2011/10/13 20:35:15 | 002,334,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2011/10/13 20:14:04 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{262121F2-4604-4B6A-9EC1-CEAD055E96B5}

[2011/10/13 20:13:58 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{1152C3A9-4006-4A66-A8B3-0F4BDE20CDC4}

[2011/10/09 09:36:41 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{26EC5732-DB9B-4755-91A6-70BD5CFC3BC1}

[2011/10/09 09:36:37 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{30C029C3-30CE-49C4-A556-0C324A7E7363}

[2011/10/08 17:36:28 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{986592F1-C064-490B-A274-9EE969E33F16}

[2011/10/08 17:36:25 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{E8ED120F-3996-4845-96C7-5EB6634D4A58}

[2011/10/08 10:39:16 | 016,595,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll

[2011/10/08 10:39:16 | 010,304,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

[2011/10/08 10:39:16 | 000,875,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco32.dll

[2011/10/08 10:39:16 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2011/10/08 10:39:15 | 017,193,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll

[2011/10/08 10:39:15 | 005,404,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll

[2011/10/08 10:39:15 | 002,391,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll

[2011/10/08 10:39:15 | 002,090,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll

[2011/10/08 10:39:15 | 000,914,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll

[2011/10/08 05:36:01 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{7138CA8F-303C-4E7C-9231-621BC15DBFA6}

[2011/10/08 05:35:55 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{2A420AD5-1815-413A-B9E6-8779BD018C5B}

[2011/10/04 20:55:02 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{E49E2744-D41E-4818-912B-CA0EF3D091C7}

[2011/10/04 20:54:57 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{C56D2017-9AB7-4063-93F2-84A25FB725F8}

[2011/10/03 21:39:43 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{86839E3B-E1AE-4BF5-81A4-4640B50D94AA}

[2011/10/03 21:39:39 | 000,000,000 | ---D | C] -- C:\Users\Alain\AppData\Local\{3617C795-65AA-4044-8FA6-55057EEBE118}

[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/01 16:03:45 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/11/01 15:59:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Alain\Desktop\OTL.exe

[2011/11/01 15:59:02 | 000,001,078 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1031263749-3106254363-3016180105-1001UA.job

[2011/11/01 13:16:20 | 000,022,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/11/01 13:16:20 | 000,022,256 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/11/01 12:43:39 | 000,000,512 | ---- | M] () -- C:\PhysicalDisk0_MBR.bin

[2011/11/01 12:26:03 | 000,000,920 | ---- | M] () -- C:\Users\Public\Desktop\MBRCheck.lnk

[2011/11/01 12:26:03 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\ZHPDiag.lnk

[2011/11/01 12:26:03 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\ZHPFix.lnk

[2011/11/01 12:19:32 | 000,708,614 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2011/11/01 12:19:32 | 000,619,952 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/11/01 12:19:32 | 000,132,628 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2011/11/01 12:19:32 | 000,108,134 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/11/01 12:12:27 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl

[2011/11/01 12:12:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/11/01 12:11:49 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys

[2011/11/01 11:23:46 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\Alain\Desktop\ATF-Cleaner.exe

[2011/10/31 22:13:02 | 000,007,611 | ---- | M] () -- C:\Users\Alain\AppData\Local\Resmon.ResmonCfg

[2011/10/30 22:59:01 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1031263749-3106254363-3016180105-1001Core.job

[2011/10/30 18:41:44 | 000,004,782 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1301010.003\VT20111023.024

[2011/10/30 18:19:40 | 000,001,250 | ---- | M] () -- C:\Users\Alain\Desktop\Fichiers d’installation Norton.lnk

[2011/10/30 18:19:35 | 000,002,374 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk

[2011/10/30 18:19:09 | 001,348,541 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1301010.003\Cat.DB

[2011/10/30 18:14:31 | 000,127,096 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS

[2011/10/30 18:14:31 | 000,007,510 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT

[2011/10/30 18:14:31 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF

[2011/10/30 17:05:21 | 000,001,470 | ---- | M] () -- C:\Users\Alain\Desktop\PopCorn.lnk

[2011/10/30 11:40:13 | 000,000,931 | ---- | M] () -- C:\Users\Alain\Application Data\Microsoft\Internet Explorer\Quick Launch\NewsLeecher.lnk

[2011/10/30 11:40:13 | 000,000,907 | ---- | M] () -- C:\Users\Alain\Desktop\NewsLeecher.lnk

[2011/10/28 05:17:37 | 000,026,074 | ---- | M] () -- C:\index.php

[2011/10/28 05:14:25 | 000,001,204 | ---- | M] () -- C:\.htaccess

[2011/10/24 22:17:16 | 000,000,600 | ---- | M] () -- C:\Users\Alain\AppData\Local\PUTTY.RND

[2011/10/21 18:42:54 | 1475,164,527 | ---- | M] () -- C:\Users\Alain\Desktop\Foul2011HD.zip

[2011/10/14 04:37:10 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2011/10/14 02:25:36 | 000,437,840 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/10/08 14:16:00 | 000,001,827 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk

[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/01 16:03:45 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/11/01 12:26:03 | 000,000,920 | ---- | C] () -- C:\Users\Public\Desktop\MBRCheck.lnk

[2011/11/01 12:26:03 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\ZHPFix.lnk

[2011/11/01 12:26:02 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\ZHPDiag.lnk

[2011/11/01 11:32:56 | 000,000,512 | ---- | C] () -- C:\PhysicalDisk0_MBR.bin

[2011/10/30 17:39:45 | 000,001,250 | ---- | C] () -- C:\Users\Alain\Desktop\Fichiers d’installation Norton.lnk

[2011/10/30 17:05:21 | 000,001,470 | ---- | C] () -- C:\Users\Alain\Desktop\PopCorn.lnk

[2011/10/28 05:17:36 | 000,026,074 | ---- | C] () -- C:\index.php

[2011/10/24 21:23:35 | 000,001,204 | ---- | C] () -- C:\.htaccess

[2011/10/21 18:39:38 | 1475,164,527 | ---- | C] () -- C:\Users\Alain\Desktop\Foul2011HD.zip

[2010/10/30 18:21:55 | 000,000,028 | ---- | C] () -- C:\Windows\v2d.INI

[2010/02/06 19:45:17 | 000,000,334 | ---- | C] () -- C:\Users\Alain\AppData\Roaming\burnaware.ini

[2010/01/31 09:09:19 | 000,000,600 | ---- | C] () -- C:\Users\Alain\AppData\Local\PUTTY.RND

[2010/01/16 16:31:22 | 000,000,403 | ---- | C] () -- C:\Windows\CD Jaquette.ini

[2009/12/05 18:26:03 | 000,000,608 | ---- | C] () -- C:\Users\Alain\AppData\Roaming\AutoGK.ini

[2009/12/05 18:12:38 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll

[2009/11/22 18:29:01 | 000,007,611 | ---- | C] () -- C:\Users\Alain\AppData\Local\Resmon.ResmonCfg

[2009/11/08 13:03:55 | 000,005,120 | ---- | C] () -- C:\Users\Alain\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/11/07 18:00:22 | 000,006,136 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin

[2009/11/07 16:59:07 | 000,003,548 | ---- | C] () -- C:\Windows\System32\drivers\WinFlash.sys

[2009/10/27 21:46:18 | 000,175,104 | ---- | C] () -- C:\Users\Alain\AppData\Roaming\SQLite3.dll

[2009/08/04 17:43:40 | 000,213,024 | ---- | C] () -- C:\Windows\System32\drivers\nvstor32.sys

[2009/07/14 09:39:49 | 000,708,614 | ---- | C] () -- C:\Windows\System32\perfh00C.dat

[2009/07/14 09:39:49 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat

[2009/07/14 09:39:49 | 000,132,628 | ---- | C] () -- C:\Windows\System32\perfc00C.dat

[2009/07/14 09:39:49 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat

[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 05:33:53 | 000,437,840 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2009/07/14 03:05:48 | 000,619,952 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2009/07/14 03:05:48 | 000,108,134 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2002/10/15 23:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll

========== LOP Check ==========

[2010/01/16 16:40:49 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Acoustica

[2011/06/18 10:54:33 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Broad Intelligence

[2010/07/30 17:39:16 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Canneverbe Limited

[2009/12/13 11:01:19 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\DAEMON Tools Lite

[2010/11/29 23:38:33 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Dr. DivX 2.0 OSS

[2009/10/27 21:36:52 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\ESET

[2009/12/25 23:09:57 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Felix_Deimel

[2011/11/01 15:59:46 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\FileZilla

[2009/12/20 18:40:46 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Icones

[2009/10/27 22:09:47 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\IrfanView

[2010/11/06 12:50:52 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Mimo

[2011/11/01 12:12:57 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Moniteur neufbox

[2010/01/05 20:53:06 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Netasq

[2011/10/31 11:47:40 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\NewsLeecher

[2009/10/26 23:27:16 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\OpenOffice.org

[2011/02/20 11:32:44 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\TeamViewer

[2010/02/07 16:20:59 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\TuneUp Software

[2010/10/24 18:02:44 | 000,000,000 | ---D | M] -- C:\Users\Alain\AppData\Roaming\Windows Live Writer

[2011/07/27 07:10:41 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< hklm\software\clients\startmenuinternet|command /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Alain\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2011/10/26 09:10:47 | 001,036,344 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Alain\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2011/10/26 09:10:47 | 001,036,344 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Alain\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/10/26 09:10:47 | 001,036,344 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Alain\AppData\Local\Google\Chrome\Application\chrome.exe" [2011/10/26 09:10:47 | 001,036,344 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/03/30 21:02:28 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/03/30 21:02:28 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/03/30 21:02:28 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/03/30 21:02:29 | 000,748,336 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/03/30 21:02:29 | 000,748,336 | ---- | M] (Microsoft Corporation)

< nslookup www.google.fr /c >

Serveur : neufbox

Address: 192.168.1.1

Nom : www.l.google.com

Addresses: 74.125.39.105

74.125.39.103

74.125.39.106

74.125.39.147

74.125.39.99

74.125.39.104

Aliases: WWW.GOOGLE.FR

www.google.com

< %systemroot%\system32\drivers\*.sys /lockedfiles >

[2009/12/13 10:58:58 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %APPDATA%\*.exe /s >

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >

[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys

[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys

[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >

[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys

[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys

[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: CDROM.SYS >

[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

[2010/11/20 00:38:12 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys

[2010/11/20 00:38:12 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys

[2010/11/20 00:38:12 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CNGAUDIT.DLL >

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll

[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CTFMON.EXE >

[2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\System32\ctfmon.exe

[2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe

< MD5 for: DISK.SYS >

[2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys

[2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys

[2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys

< MD5 for: DWM.EXE >

[2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=505BF4D1CADEB8D4F8BCD08D944DE25D -- C:\Windows\System32\dwm.exe

[2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=505BF4D1CADEB8D4F8BCD08D944DE25D -- C:\Windows\winsxs\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7600.16385_none_8d79ea381e8590a8\dwm.exe

[2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=505BF4D1CADEB8D4F8BCD08D944DE25D -- C:\Windows\winsxs\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_8faafe001b741442\dwm.exe

< MD5 for: EXPLORER.EXE >

[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe

[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe

[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe

[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe

[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe

[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe

[2010/11/20 04:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe

[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe

[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe

[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe

[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: IASTORV.SYS >

[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys

[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys

[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys

[2011/03/11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys

[2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys

[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys

[2010/11/20 04:29:56 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys

[2010/11/20 04:29:56 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys

[2011/03/11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys

< MD5 for: NDIS.SYS >

[2009/07/14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

[2010/11/20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

[2010/11/20 04:30:08 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys

[2010/11/20 04:30:08 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NETLOGON.DLL >

[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll

[2010/11/20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll

[2010/11/20 04:20:30 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll

[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVSTOR.SYS >

[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys

[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys

[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys

[2011/03/11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys

[2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys

[2011/03/11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys

[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys

[2010/11/20 04:30:08 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys

[2010/11/20 04:30:08 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys

[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: NVSTOR32.SYS >

[2009/08/04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_40ee9c3d357e7b66\nvstor32.sys

[2009/12/24 19:00:04 | 000,213,024 | ---- | M] () MD5=E83233178DC8C0409F9AA5036BAB7272 -- C:\Windows\System32\drivers\nvstor32.sys

< MD5 for: RASACD.SYS >

[2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\System32\drivers\rasacd.sys

[2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_0fb054d9c6a6b4d4\rasacd.sys

< MD5 for: RDPCLIP.EXE >

[2010/11/20 13:17:31 | 000,173,568 | ---- | M] (Microsoft Corporation) MD5=5505592313B74F2E2C8727837750F66D -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7601.17514_none_03dd7a8e696443c0\rdpclip.exe

[2010/11/20 04:17:32 | 000,173,568 | ---- | M] (Microsoft Corporation) MD5=5505592313B74F2E2C8727837750F66D -- C:\Windows\winsxs\x86_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7601.17514_none_03dd7a8e696443c0\rdpclip.exe

[2009/07/14 02:14:30 | 000,172,032 | ---- | M] (Microsoft Corporation) MD5=7803379918DAFEDA5711390E1F83B829 -- C:\Windows\winsxs\x86_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7600.16385_none_01ac66c66c75c026\rdpclip.exe

< MD5 for: RDPWD.SYS >

[2010/11/20 11:22:29 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=288B06960D78428FF89E811632684E20 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_4d7cf2333344a165\rdpwd.sys

[2010/11/20 02:22:30 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=288B06960D78428FF89E811632684E20 -- C:\Windows\System32\drivers\rdpwd.sys

[2010/11/20 02:22:30 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=288B06960D78428FF89E811632684E20 -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_4d7cf2333344a165\rdpwd.sys

[2009/07/14 01:01:55 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=801371BA9782282892D00AADB08EE367 -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_4b4bde6b36561dcb\rdpwd.sys

< MD5 for: SCECLI.DLL >

[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

[2010/11/20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll

[2010/11/20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SFLOPPY.SYS >

[2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\drivers\sfloppy.sys

[2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_x86_neutral_2102f5344367a352\sfloppy.sys

[2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_e6e06650dbcf54b4\sfloppy.sys

< MD5 for: SPTD.SYS >

[2009/12/13 10:58:58 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys

< MD5 for: TASKENG.EXE >

[2010/11/02 05:24:43 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=41C52AF44FB96BDDB1EFB25D2D943BBA -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.20830_none_e63d55df39278cc6\taskeng.exe

[2010/11/20 13:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe

[2010/11/20 04:17:48 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\System32\taskeng.exe

[2010/11/20 04:17:48 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe

[2009/07/14 02:14:42 | 000,190,464 | ---- | M] (Microsoft Corporation) MD5=DE5DACEBD4C89834EC6D2C41C8643CDA -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16385_none_e582a352202e02c8\taskeng.exe

[2010/11/02 05:34:44 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=F8952E80B7F778DA2F7AA8393CA2D30E -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7600.16699_none_e57bda4020327b8a\taskeng.exe

< MD5 for: TASKHOST.EXE >

[2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=7FA8BA5A780E4757964AC9D4238302B9 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_2a461244b897f204\taskhost.exe

[2010/11/20 04:17:48 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=7FA8BA5A780E4757964AC9D4238302B9 -- C:\Windows\System32\taskhost.exe

[2010/11/20 04:17:48 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=7FA8BA5A780E4757964AC9D4238302B9 -- C:\Windows\winsxs\x86_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_2a461244b897f204\taskhost.exe

[2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=8F4F5A5C1BAE72CE6EAEEA1CA3F98CA2 -- C:\Windows\winsxs\x86_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7600.16385_none_2814fe7cbba96e6a\taskhost.exe

< MD5 for: TCPIP.SYS >

[2011/04/25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys

[2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\System32\drivers\tcpip.sys

[2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys

[2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys

[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys

[2010/11/20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys

[2010/11/20 04:30:14 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys

[2010/04/09 08:16:33 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys

[2010/04/09 08:24:54 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys

[2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys

[2011/04/25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys

[2011/06/21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys

[2010/06/14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys

[2010/06/14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys

[2011/06/21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys

[2011/06/21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys

< MD5 for: TDPIPE.SYS >

[2009/07/14 01:01:37 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1875C1490D99E70E449E3AFAE9FCBADF -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_db828d8fa60ad848\tdpipe.sys

[2010/11/20 11:21:10 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=1CB91B2BD8F6DD367DFC2EF26FD751B2 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdpipe.sys

[2010/11/20 02:21:12 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=1CB91B2BD8F6DD367DFC2EF26FD751B2 -- C:\Windows\System32\drivers\tdpipe.sys

[2010/11/20 02:21:12 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=1CB91B2BD8F6DD367DFC2EF26FD751B2 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdpipe.sys

< MD5 for: TDTCP.SYS >

[2010/11/20 11:21:10 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=2C10395BAA4847F83042813C515CC289 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdtcp.sys

[2010/11/20 02:21:12 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=2C10395BAA4847F83042813C515CC289 -- C:\Windows\System32\drivers\tdtcp.sys

[2010/11/20 02:21:12 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=2C10395BAA4847F83042813C515CC289 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdtcp.sys

[2009/07/14 01:01:37 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=7551E91EA999EE9A8E9C331D5A9C31F3 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_db828d8fa60ad848\tdtcp.sys

< MD5 for: USBPRINT.SYS >

[2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\drivers\usbprint.sys

[2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_x86_neutral_203e16627752a160\usbprint.sys

[2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_32d0188e22bd908f\usbprint.sys

< MD5 for: USBSCAN.SYS >

[2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_x86_neutral_6a74c91c1f723826\usbscan.sys

[2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_59b5278c421a3644\usbscan.sys

< MD5 for: USERINIT.EXE >

[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2010/11/20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe

[2010/11/20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: VOLSNAP.SYS >

[2009/07/14 02:19:10 | 000,245,328 | ---- | M] (Microsoft Corporation) MD5=58DF9D2481A56EDDE167E51B334D44FD -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_158d0da45d68903e\volsnap.sys

[2010/11/20 13:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys

[2010/11/20 04:30:18 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\drivers\volsnap.sys

[2010/11/20 04:30:18 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys

[2010/11/20 04:30:18 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys

< MD5 for: WININIT.EXE >

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe

[2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >

[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe

[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe

[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\e5556aeb28e014a0a0c9d20064d91946\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

[2010/11/20 04:17:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe

[2010/11/20 04:17:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

[2011/03/30 21:02:28 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll

[2011/03/30 21:02:28 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll

[2011/03/30 21:02:28 | 000,118,784 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\iepeers.dll

[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

========== Files - Unicode (All) ==========

[2009/01/12 19:49:36 | 000,015,062 | ---- | M] ()(C:\Users\Alain\Documents\demande de d?grevement 3) -- C:\Users\Alain\Documents\demande de d�grevement 3

[2009/01/12 19:44:38 | 000,015,062 | ---- | C] ()(C:\Users\Alain\Documents\demande de d?grevement 3) -- C:\Users\Alain\Documents\demande de d�grevement 3

[2008/12/23 06:30:11 | 000,014,812 | ---- | M] ()(C:\Users\Alain\Documents\R?clamation TPLM) -- C:\Users\Alain\Documents\R�clamation TPLM

[2008/12/23 06:30:11 | 000,014,812 | ---- | C] ()(C:\Users\Alain\Documents\R?clamation TPLM) -- C:\Users\Alain\Documents\R�clamation TPLM

[2008/12/21 18:15:40 | 000,015,057 | ---- | M] ()(C:\Users\Alain\Documents\R?clamation planet saturn) -- C:\Users\Alain\Documents\R�clamation planet saturn

[2008/12/21 18:02:19 | 000,015,057 | ---- | C] ()(C:\Users\Alain\Documents\R?clamation planet saturn) -- C:\Users\Alain\Documents\R�clamation planet saturn

[2008/10/27 21:50:57 | 000,018,253 | ---- | M] ()(C:\Users\Alain\Documents\demande d?grevement1.odt) -- C:\Users\Alain\Documents\demande d�grevement1.odt

[2008/10/27 21:48:03 | 000,014,990 | ---- | M] ()(C:\Users\Alain\Documents\demande d?grevement2.odt) -- C:\Users\Alain\Documents\demande d�grevement2.odt

[2008/10/27 21:48:03 | 000,014,990 | ---- | C] ()(C:\Users\Alain\Documents\demande d?grevement2.odt) -- C:\Users\Alain\Documents\demande d�grevement2.odt

[2008/10/27 21:40:17 | 000,018,253 | ---- | C] ()(C:\Users\Alain\Documents\demande d?grevement1.odt) -- C:\Users\Alain\Documents\demande d�grevement1.odt

< End of report >

OTL Extras logfile created on: 01/11/2011 16:01:31 - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Alain\Desktop

Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,79 Gb Available Physical Memory | 39,72% Memory free

4,00 Gb Paging File | 2,43 Gb Available in Paging File | 60,76% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 372,61 Gb Total Space | 237,62 Gb Free Space | 63,77% Space Free | Partition Type: NTFS

Drive D: | 82,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Drive F: | 372,61 Gb Total Space | 142,70 Gb Free Space | 38,30% Space Free | Partition Type: NTFS

Drive I: | 3,69 Gb Total Space | 3,67 Gb Free Space | 99,50% Space Free | Partition Type: FAT32

Computer Name: ALAIN-PC | User Name: Alain | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack

"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{20187EBD-71B1-4913-AEFF-6E2E2A444434}" = Giganews Accelerator

"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 24

"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{466A3335-4DEC-484A-8BC2-A96F8618291A}" = SmartViewer3.0

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90140000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2010

"{90140000-0015-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2010

"{90140000-0016-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2010

"{90140000-0018-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2010

"{90140000-0019-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2010

"{90140000-001A-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2010

"{90140000-001B-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2010

"{90140000-001F-0401-0000-0000000FF1CE}_Office14.SingleImage_{1A43C155-3DDA-43C9-92C5-0E7D0B2B156D}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010

"{90140000-001F-0413-0000-0000000FF1CE}_Office14.SingleImage_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2010

"{90140000-002C-040C-0000-0000000FF1CE}_Office14.SingleImage_{C8E4AA87-3E5A-4C70-8CB7-43FE25C99B74}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010

"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2010

"{90140000-006E-040C-0000-0000000FF1CE}_Office14.SingleImage_{7C5C7E8C-F6D2-43AC-93A4-89E4FF7367E6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2010

"{90140000-00A1-040C-0000-0000000FF1CE}_Office14.SingleImage_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Français

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Panneau de configuration NVIDIA 280.26

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Pilote graphique 280.26

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Pilote du contrôleur 3D Vision 280.19

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Mises à jour NVIDIA 1.4.28

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"7-Zip" = 7-Zip 9.17 beta

"845CCCCA-B77C-43EA-9A43-62DACEA4F902" = DreamStream E2

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe SVG Viewer" = Adobe SVG Viewer 3.0

"BurnAware Free_is1" = BurnAware Free 3.3.1

"CCleaner" = CCleaner

"CobBackup10" = Cobian Backup 10

"DAEMON Tools Toolbar" = DAEMON Tools Toolbar

"Defraggler" = Defraggler

"FileZilla Client" = FileZilla Client 3.5.1

"Free MKV Video2Dvd 3.20_is1" = Free MKV Video2Dvd 3.20

"Image HTML Integrator_is1" = Image HTML Integrator 3.27

"IrfanView" = IrfanView (remove only)

"MakeMKV" = MakeMKV v1.4.10_beta

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.0.1200

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA

"Mimo" = Mimo

"mRemote" = mRemote

"NETASQ Administration Suite_8.1" = NETASQ Administration Suite 8.1

"NETASQUpdater" = NETASQ Updater

"NewsLeecher_is1" = NewsLeecher v5.0 Beta 7

"NIS" = Norton Internet Security

"NVIDIA Drivers" = NVIDIA Drivers

"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver

"Office14.SingleImage" = Microsoft Office Famille et Étudiant 2010

"Picasa 3" = Picasa 3

"QuickPar" = QuickPar 0.9

"Shrew Soft VPN Client" = Shrew Soft VPN Client

"TeamViewer 6" = TeamViewer 6

"VLC media player" = VLC media player 1.1.11

"VobSub" = VobSub 2.23

"WinLiveSuite" = Windows Live

"WinRAR archiver" = WinRAR

"ZHPDiag_is1" = ZHPDiag 1.28

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

"Moniteur neufbox" = Moniteur neufbox

"WinDirStat" = WinDirStat 1.1.2

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

jeanmimigab · le 1 novembre 2011

re,

Très bien,

* Fais un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs

HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs

* Clique sur "Aucun" ( en dessous de "Analyse rapide" )

* Clique sur l'icône "Analyse" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scanne un rapport va s'ouvrir "OTL.Txt"

* Poste le rapport dans ta réponse stp...

Note: Cette fois ci tu n'auras pas de rapport "Extra.txt"

zorbec · le 1 novembre 2011

Re

Voici le résultat

OTL logfile created on: 01/11/2011 18:27:19 - Run 2

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Alain\Desktop

Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 49,55% Memory free

4,00 Gb Paging File | 2,75 Gb Available in Paging File | 68,76% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 372,61 Gb Total Space | 238,29 Gb Free Space | 63,95% Space Free | Partition Type: NTFS

Drive D: | 82,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Drive F: | 372,61 Gb Total Space | 142,70 Gb Free Space | 38,30% Space Free | Partition Type: NTFS

Drive I: | 3,69 Gb Total Space | 3,68 Gb Free Space | 100,00% Space Free | Partition Type: FAT32

Computer Name: ALAIN-PC | User Name: Alain | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Custom Scans ==========

< HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\prevhost.exe: 8000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\svchost.exe: 8000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\sllauncher.exe: 8000

< HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >

< HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >

< End of report >

Merci

jeanmimigab · le 1 novembre 2011

OK,

Fais cela stp...

* Fais un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O4 - Startup: C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VyprVPN - Raccourci.lnk = File not found

:Files

C:\Users\Alain\Desktop\Fichiers d’installation Norton.lnk

C:\Program Files\Enigma Software Group\SpyHunter

C:\Program Files\DAEMON Tools Toolbar

:Reg

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION]

"svchost.exe"=-

[-HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aklzrvcs]

[-HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\bkxjsjno]

[-HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\rlpqmwim]

[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aklzrvcs]

[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bkxjsjno]

[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rlpqmwim]

[-HKCU\Software\AppDataLow\Software\toolbar]

[-HKCU\Software\Ask&Record]

[-HKLM\Software\Classes\Toolbar.CT1060933]

[-HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{32099aac-c132-4136-9e9a-4e364a424e17}"=-

[HKLM\Software\Microsoft\Internet Explorer\Toolbar]

"{32099aac-c132-4136-9e9a-4e364a424e17}"=-

:Commands

[emptytemp]

* Cliques sur l'icône"Correction" (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un rapport va s'ouvrir

* Copie et colle le rapports dans ta réponse stp...

Ensuite...

télécharge Malwarebytes et installe le.
Après avoir effectué la mise à jour, Choisis "exécuter un examen rapide", à la fin du scan, coche tous les éléments trouvés,et clique sur supprimer la sélection.
Poste moi le rapport stp.

Modifié le 1 novembre 2011 par jeanmimigab

zorbec · le 1 novembre 2011

Re

Voici les résultats :

OTL :

All processes killed

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.

C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.

File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.

C:\Users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VyprVPN - Raccourci.lnk moved successfully.

========== FILES ==========

C:\Users\Alain\Desktop\Fichiers d’installation Norton.lnk moved successfully.

C:\Program Files\Enigma Software Group\SpyHunter\mon folder moved successfully.

C:\Program Files\Enigma Software Group\SpyHunter\Log folder moved successfully.

C:\Program Files\Enigma Software Group\SpyHunter\Downloads folder moved successfully.

C:\Program Files\Enigma Software Group\SpyHunter\Defs folder moved successfully.

C:\Program Files\Enigma Software Group\SpyHunter\Data folder moved successfully.

C:\Program Files\Enigma Software Group\SpyHunter folder moved successfully.

C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully.

C:\Program Files\DAEMON Tools Toolbar folder moved successfully.

========== REGISTRY ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\svchost.exe deleted successfully.

Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aklzrvcs\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\bkxjsjno\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\rlpqmwim\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aklzrvcs\ not found.

Registry key HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bkxjsjno\ not found.

Registry key HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rlpqmwim\ not found.

Registry key HKEY_CURRENT_USER\Software\AppDataLow\Software\toolbar\ deleted successfully.

Registry key HKEY_CURRENT_USER\Software\Ask&Record\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT1060933\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar\ deleted successfully.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099aac-c132-4136-9e9a-4e364a424e17} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099aac-c132-4136-9e9a-4e364a424e17}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099aac-c132-4136-9e9a-4e364a424e17} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099aac-c132-4136-9e9a-4e364a424e17}\ not found.

========== COMMANDS ==========

[EMPTYTEMP]

User: Alain

->Temp folder emptied: 1374952 bytes

->Temporary Internet Files folder emptied: 47616872 bytes

->Java cache emptied: 75687837 bytes

->Google Chrome cache emptied: 0 bytes

->Flash cache emptied: 470 bytes

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 820505 bytes

%systemroot%\System32 .tmp files removed: 5 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 120,00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 11012011_193512

Files\Folders moved on Reboot...

File\Folder C:\Users\Alain\AppData\Local\Temp\~DF4B6EB15D000F0C2A.TMP not found!

File\Folder C:\Users\Alain\AppData\Local\Temp\~DF5A7E1D825AEC7E5C.TMP not found!

File\Folder C:\Users\Alain\AppData\Local\Temp\~DF8B3DC2A748B68F9E.TMP not found!

File\Folder C:\Users\Alain\AppData\Local\Temp\~DFCBC6C0828388DAF8.TMP not found!

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOL4UT6D\ads[1].htm moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOL4UT6D\AP_ADV_300x250[1].htm moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOL4UT6D\si[1].htm moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SGN6CJH6\afr[1].htm moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SGN6CJH6\povh[1].htm moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\90QFPA5R\search[2].htm moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6FN17TGQ\ads[1].htm moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6FN17TGQ\ads[2].htm moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6FN17TGQ\afr[1].htm moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6FN17TGQ\AP_ADV_728x90[1].htm moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\67LWZ017\like[1].htm moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\67LWZ017\si[1].htm moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ZYMCWMK\AP_VIA_300x250[1].htm moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ZYMCWMK\AP_VIA_728x90[1].htm moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ZYMCWMK\pc-assemble-qui-devient-lent-t189044[1].htm moved successfully.

C:\Users\Alain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3ZYMCWMK\search[1].htm moved successfully.

Registry entries deleted on Reboot...

MalwareBytes :

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Version de la base de données: 8063

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

01/11/2011 20:01:01

mbam-log-2011-11-01 (20-01-01).txt

Type d'examen: Examen rapide

Elément(s) analysé(s): 176029

Temps écoulé: 5 minute(s), 39 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

Processus mémoire infecté(s):