Trojan : DNS CHANGER
Fermé
Mjlm52
Messages postés
70
Date d'inscription
mardi 24 février 2009
Statut
Membre
Dernière intervention
5 mars 2009
-
24 févr. 2009 à 23:09
Mjlm52 Messages postés 70 Date d'inscription mardi 24 février 2009 Statut Membre Dernière intervention 5 mars 2009 - 27 févr. 2009 à 17:02
Mjlm52 Messages postés 70 Date d'inscription mardi 24 février 2009 Statut Membre Dernière intervention 5 mars 2009 - 27 févr. 2009 à 17:02
A voir également:
- Trojan : DNS CHANGER
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Csrss.exe trojan - Forum Virus
- Trojan win32 - Forum Virus
- Csrss.exe : processus suspect/virus ? - Forum Virus
- Trojan b901 system32 win config 34 ✓ - Forum Virus
107 réponses
Mjlm52
Messages postés
70
Date d'inscription
mardi 24 février 2009
Statut
Membre
Dernière intervention
5 mars 2009
26 févr. 2009 à 20:13
26 févr. 2009 à 20:13
Oui il se porte très bien , rien a signaler a part l'installation pour avira .
Le rapport ZHPDiag.Txt :
Rapport de ZHPDiag v1.16.6 par Nicolas Coolman
Enregistré le 26/02/2009 19:38:05
Platform : Windows Vista (TM) Ultimate (6.0.6001) Service Pack 1
MSIE: Internet Explorer v7.0.6001.18000
MFIE: Mozilla Firefox (3.0.6)
---\\ Processus lancés
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
%ProgramFiles%\TOSHIBA\TBS\HSON.exe
%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Windows\System32\TUProgSt.exe
---\\ Modification d'une valeur System.ini (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKLM\..\policies\Explorer: [NoDrives] Data="0"
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: inetcpl.cpl=no
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll,211
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
---\\ Clé de Registre autorun SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030}
---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Planificateur Avira AntiVir Premium (AntiVirScheduler) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: (Ati External Event Utility) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service d'assistance Avira AntiVir Premium MailGuard (AVEService) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: @%SystemRoot%\system32\PresentationHost.exe,-3309 (FontCache3.0.0.0) - C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
O23 - Service: Google Software Updater (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - C:\Windows\system32\SLsvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - C:\Windows\System32\TUProgSt.exe
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Browser Customizations - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: (no name) - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - (not file)
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\system32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\system32\themeui.dll
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
O40 - ASIC: (no name) - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.7 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Address Book 7 - {7790769C-0471-11d2-AF11-00C04FA35D02} - (not file)
O40 - ASIC: .NET Framework - {7C028AF8-F614-47B3-82DA-BA94E41B1089} - (not file)
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\system32\Macromed\Flash\Flash10a.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: TOSHIBA V92 Software Modem (AgereSoftModem) - C:\WINDOWS\system32\DRIVERS\AGRSM.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32000 (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgio.sys
O41 - Driver: avgntflt (avgntflt) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgntflt.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: Pilote pour Batterie à méthode de contrôle ACPI Microsoft (CmBatt) - C:\WINDOWS\system32\DRIVERS\CmBatt.sys
O41 - Driver: driverhardwarev2 (driverhardwarev2) - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: Pilote de carte Intel (R) PRO (E100B) - C:\WINDOWS\system32\DRIVERS\e100b325.sys
O41 - Driver: Intel(R) PRO/1000 NDIS 6 Adapter Driver (E1G60) - C:\WINDOWS\system32\DRIVERS\E1G60I32.sys
O41 - Driver: FwLnk Driver (FwLnk) - C:\WINDOWS\system32\DRIVERS\FwLnk.sys
O41 - Driver: GEAR ASPI Filter Driver (GEARAspiWDM) - C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
O41 - Driver: Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio (HdAudAddService) - C:\WINDOWS\system32\drivers\HdAudio.sys
O41 - Driver: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHDA.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32013 (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: IP in IP Tunnel Driver (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Link-Layer Topology Discovery Mapper I/O Driver (lltdio) - C:\WINDOWS\system32\DRIVERS\lltdio.sys
O41 - Driver: Service Pilote de fonction de classe Moniteur Microsoft (monitor) - C:\WINDOWS\system32\DRIVERS\monitor.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: Filtre NativeWiFi (NativeWifiP) - C:\WINDOWS\system32\DRIVERS\nwifi.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32001 (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS Usermode I/O Protocol (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32002 (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: Pilote de carte Intel(R) PRO/sans fil 3945ABG pour Windows Vista 32 bits (NETw3v32) - C:\WINDOWS\system32\DRIVERS\NETw3v32.sys
O41 - Driver: Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits (NETw4v32) - C:\WINDOWS\system32\DRIVERS\NETw4v32.sys
O41 - Driver: Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit (NETw5v32) - C:\WINDOWS\system32\DRIVERS\NETw5v32.sys
O41 - Driver: IPX Traffic Filter Driver (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: IPX Traffic Forwarder Driver (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32006 (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (PSched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O41 - Driver: (no object) (R300) - C:\WINDOWS\system32\DRIVERS\atikmdag.sys
O41 - Driver: Remote Access Auto Connection Driver (RasAcd) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32005 (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32007 (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: @%systemroot%\system32\sstpsvc.dll,-202 (RasSstp) - C:\WINDOWS\system32\DRIVERS\rassstp.sys
O41 - Driver: Link-Layer Topology Discovery Responder (rspndr) - C:\WINDOWS\system32\DRIVERS\rspndr.sys
O41 - Driver: (no object) (sdbus) - C:\WINDOWS\system32\DRIVERS\sdbus.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50005 (Smb) - C:\WINDOWS\system32\DRIVERS\smb.sys
O41 - Driver: (no object) (sptd) - C:\WINDOWS\System32\Drivers\sptd.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: SAMSUNG Mobile USB Device II 1.0 driver (WDM) (ssm_bus) - C:\WINDOWS\system32\DRIVERS\ssm_bus.sys
O41 - Driver: SAMSUNG Mobile USB Modem II 1.0 Filter (ssm_mdfl) - C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys
O41 - Driver: SAMSUNG Mobile USB Modem II 1.0 Drivers (ssm_mdm) - C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys
O41 - Driver: Microsoft IPv6 Protocol Driver (Tcpip6) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de carte miniport Microsoft Tun (tunmp) - C:\WINDOWS\system32\DRIVERS\tunmp.sys
O41 - Driver: Pilote de carte miniport Microsoft IPv6 Tunnel (tunnel) - C:\WINDOWS\system32\DRIVERS\tunnel.sys
O41 - Driver: TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver (TVALZ) - C:\WINDOWS\system32\DRIVERS\TVALZ_O.SYS
O41 - Driver: Apple Mobile USB Driver (USBAAPL) - C:\WINDOWS\System32\Drivers\usbaapl.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Carte RNDIS USB (usb_rndisx) - C:\WINDOWS\system32\DRIVERS\usb8023x.sys
O41 - Driver: (no object) (vga) - C:\WINDOWS\system32\DRIVERS\vgapnp.sys
O41 - Driver: Remote Access IP ARP Driver (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Remote Access IPv6 ARP Driver (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Pilote WinUsb (WINUSB) - C:\WINDOWS\system32\DRIVERS\WinUSB.SYS
O41 - Driver: (no object) (WUDFRd) - C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Avira AntiVir Premium
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: CoreAVC Professional Edition (remove only)
O42 - Logiciel: CSV2ASC
O42 - Logiciel: Dropbox
O42 - Logiciel: EVEREST Ultimate Edition v5.00
O42 - Logiciel: Foxit Reader
O42 - Logiciel: Free Video Converter V 1.5
O42 - Logiciel: Haali Media Splitter
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: TOSHIBA Value Added Package
O42 - Logiciel: K-Lite Codec Pack 4.4.5 (Full)
O42 - Logiciel: Lexmark 5200 Series
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Mozilla Firefox (3.0.6)
O42 - Logiciel: Nero 7 Lite 7.10.1.0
O42 - Logiciel: NFO Creator
O42 - Logiciel: NFO viewer v 2.1
O42 - Logiciel: Logiciel Intel(R) PROSet/Wireless
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set
O42 - Logiciel: Samsung Mobile phone USB driver Software
O42 - Logiciel: SAMSUNG Mobile USB Modem Software
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software
O42 - Logiciel: SpeedCams_Serveur
O42 - Logiciel: Counter-Strike: Source
O42 - Logiciel: StuffPlug 3
O42 - Logiciel: Uniblue DriverScanner 2009
O42 - Logiciel: VLC media player 0.9.8a
O42 - Logiciel: Manuel de l'appareil Windows Mobile®
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Steam
O42 - Logiciel: Bonjour
O42 - Logiciel: WD Diagnostics
O42 - Logiciel: Google Earth
O42 - Logiciel: Java(TM) 6 Update 11
O42 - Logiciel: Vista x86 OneClick Activator
O42 - Logiciel: Sonic Update Manager
O42 - Logiciel: iTunes
O42 - Logiciel: Java(TM) 6 Update 7
O42 - Logiciel: Visionneuse Journal Windows Microsoft
O42 - Logiciel: TuneUp Utilities 2009
O42 - Logiciel: Toshiba TEMPRO
O42 - Logiciel: OpenOffice.org 3.0
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Windows Media Player Firefox Plugin
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: VC80CRTRedist - 8.0.50727.762
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: mPfMgr
O42 - Logiciel: mHelp
O42 - Logiciel: Gestionnaire pour appareils Windows Mobile
O42 - Logiciel: WD FAT32 Formatter
O42 - Logiciel: mDriver
O42 - Logiciel: mCorev32.ism_new
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: Spybot - Search & Destroy
O42 - Logiciel: DivX Web Player
O42 - Logiciel: TOSHIBA Hardware Setup
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Samsung PC Studio 3
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: VDownloader 0.77
O42 - Logiciel: ATI Catalyst Control Center Ex
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
O42 - Logiciel: Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
O42 - Logiciel: Windows Mobile Device Center Driver Update
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer
O42 - Logiciel: TOSHIBA SD Memory Utilities
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Ma-Config.com
O42 - Logiciel: mMHouse
O42 - Logiciel: mCPlug
O42 - Logiciel: QuickTime
O42 - Logiciel: Windows Live installer
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\microsoft shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Steam
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\WindowsLiveInstaller
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Wise Installation Wizard
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Ahead
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory - C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Java
O43 - CFD:Common File Directory - C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Steam
O43 - CFD:Common File Directory - C:\Program Files\Common Files\System
O43 - CFD:Common File Directory - C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Wise Installation Wizard
---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\Windows\System32\authuitu.dll -->11/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\CurrentName.dat -->14/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\decdll.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\deploytk.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\dns-sd.exe -->12/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\dnssd.dll -->12/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\EncDec.dll -->05/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\ff_vfw.dll -->08/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\FNTCACHE.DAT -->26/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\ieframe.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\iertutil.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\java.exe -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\javaw.exe -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\javaws.exe -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\jsproxy.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\jupdate-1.6.0_07-b06.log -->18/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\license.rtf -->11/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\mpg2splt.ax -->05/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\MRT.exe -->04/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\msfeeds.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\mshtml.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\mshtml.tlb -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\MSNP.ax -->05/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\mstime.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\perfc009.dat -->25/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\perfc00C.dat -->26/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\perfh009.dat -->25/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\perfh00C.dat -->26/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\PerfStringBackup.INI -->25/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\psisdecd.dll -->05/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\psisrndr.ax -->05/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\tmp.txt -->25/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\TuneUpDefragService.exe -->14/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\TUProgSt.exe -->14/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\urlmon.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\uxtuneup.dll -->11/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\wininet.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\xvidcore.dll -->07/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\xvidvfw.dll -->07/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\mbam.sys -->11/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\drivers\mbamswissarmy.sys -->11/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf -->11/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf -->27/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\drivers\srv.sys -->16/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\StarOpen.sys -->14/02/2009
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgAppLaunch.db -->11/01/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_S1_S-1-5-21-4288227596-898626440-2863562291-1000.snp.db -->25/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_S2_S-1-5-21-4288227596-898626440-2863562291-1000.snp.db -->24/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_S2_S-1-5-21-4288227596-898626440-2863562291-1002.snp.db -->25/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_S3_S-1-5-21-4288227596-898626440-2863562291-1002.snp.db -->25/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC1.db -->23/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC1.db.trx -->23/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC2.db -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC3_715A2C21.db -->25/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC3_B3F7B133.db -->25/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlFaultHistory.db -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlFgAppHistory.db -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlGlobalHistory.db -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4288227596-898626440-2863562291-1000.db -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-4288227596-898626440-2863562291-1000.db -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgRobust.db -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ANTIVIR_WORKSTATION_WINU_FR_H-96A49185.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AVWSC.EXE-E17B693C.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CCLEANER.EXE-CC440CDB.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CMD.EXE-89305D47.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-71214090.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DRVINST.EXE-5F8E77CD.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\EXPLORER.EXE-7A3328DA.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FDSV.CFEXE-6EDDAE3D.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FINDSTR.CFEXE-A5361DC8.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FIREFOX.EXE-E60C0AA7.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GMER.EXE-A5C4C463.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GMER.EXE-A8D0DEFB.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GMER.EXE-B6BA3975.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GOOGLEUPDATERSERVICE.EXE-600E0B48.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GREP.CFEXE-65A59E2C.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\IEXPLORE.EXE-1B894AFB.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\Layout.ini -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\LOGONUI.EXE-1BEE4A84.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MOBSYNC.EXE-D8BC6ED2.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MSIEXEC.EXE-B5AFA339.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\NIRCMD.CFEXE-24C714CF.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\NOTEPAD.EXE-EB1B961A.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ONECLICKSTARTER.EXE-A28183C2.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PfSvPerfStats.bin -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PV.CFEXE-D998B1C4.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-7BF4CE40.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-908418F6.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-9085A41C.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-F452D79D.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SCANROOT.EXE-482C8019.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf -->18/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SED.CFEXE-3C529032.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SETUP.EXE-8DA1087B.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SORT.EXE-CDAF7663.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SSVAGENT.EXE-B025FA52.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SVCHOST.EXE-8FD92526.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SWREG.CFEXE-29DC6B86.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TASKENG.EXE-5BAF290C.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-031B6478.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\UTORRENT.EXE-07DD3997.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\VERCLSID.EXE-4D95F5A7.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\VLC.EXE-CE8E9BE1.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\VSSVC.EXE-04D079CC.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WERFAULT.EXE-B7E27BE5.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WINRAR.EXE-6F42D4E7.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WLLOGINPROXY.EXE-E9051163.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WLMAIL.EXE-718CF2A1.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMIADAP.EXE-369DF1CD.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMIPRVSE.EXE-43972D0F.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMPLAYER.EXE-9DE758AE.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMPNSCFG.EXE-DF1DD51A.pf -->26/02/2009
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export - "C:\Windows\system32\wininit.exe"="C:\Windows\system32\wininit.exe:*:enabled:@shell32.dll,-1"
O47 - AAKE:Key Export - "C:\Windows\system32\winlogon.exe"="C:\Windows\system32\winlogon.exe:*:enabled:@shell32.dll,-1"
---\\ Déni du service Local Security Authority (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\Windows\System32\scecli.dll
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgrx.sys
End of the scan:
Il y a un problème avec l'analyse OAD , j'ai fait se que ta dit mais pendant l'analyse il y les lignes qui défilent suivit de "est trop long" 1 minute après la fenêtre disparait sans aucune raison :s et sa avec les 3 noms que tu ma dit
Le rapport ZHPDiag.Txt :
Rapport de ZHPDiag v1.16.6 par Nicolas Coolman
Enregistré le 26/02/2009 19:38:05
Platform : Windows Vista (TM) Ultimate (6.0.6001) Service Pack 1
MSIE: Internet Explorer v7.0.6001.18000
MFIE: Mozilla Firefox (3.0.6)
---\\ Processus lancés
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
%ProgramFiles%\TOSHIBA\TBS\HSON.exe
%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Windows\System32\TUProgSt.exe
---\\ Modification d'une valeur System.ini (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKLM\..\policies\Explorer: [NoDrives] Data="0"
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: inetcpl.cpl=no
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll,211
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
---\\ Clé de Registre autorun SharedTaskScheduler (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030}
---\\ Services NT non Microsoft et non désactivés (O23)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Planificateur Avira AntiVir Premium (AntiVirScheduler) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: (Ati External Event Utility) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service d'assistance Avira AntiVir Premium MailGuard (AVEService) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: @%SystemRoot%\system32\PresentationHost.exe,-3309 (FontCache3.0.0.0) - C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
O23 - Service: Google Software Updater (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - C:\Windows\system32\SLsvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - C:\Windows\System32\TUProgSt.exe
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Browser Customizations - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: (no name) - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - (not file)
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\system32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\system32\themeui.dll
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
O40 - ASIC: (no name) - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file)
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft Windows Script 5.7 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Address Book 7 - {7790769C-0471-11d2-AF11-00C04FA35D02} - (not file)
O40 - ASIC: .NET Framework - {7C028AF8-F614-47B3-82DA-BA94E41B1089} - (not file)
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: .NET Framework - {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\system32\Macromed\Flash\Flash10a.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: TOSHIBA V92 Software Modem (AgereSoftModem) - C:\WINDOWS\system32\DRIVERS\AGRSM.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32000 (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: avgio (avgio) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgio.sys
O41 - Driver: avgntflt (avgntflt) - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgntflt.sys
O41 - Driver: avipbb (avipbb) - C:\WINDOWS\system32\DRIVERS\avipbb.sys
O41 - Driver: Pilote pour Batterie à méthode de contrôle ACPI Microsoft (CmBatt) - C:\WINDOWS\system32\DRIVERS\CmBatt.sys
O41 - Driver: driverhardwarev2 (driverhardwarev2) - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: Pilote de carte Intel (R) PRO (E100B) - C:\WINDOWS\system32\DRIVERS\e100b325.sys
O41 - Driver: Intel(R) PRO/1000 NDIS 6 Adapter Driver (E1G60) - C:\WINDOWS\system32\DRIVERS\E1G60I32.sys
O41 - Driver: FwLnk Driver (FwLnk) - C:\WINDOWS\system32\DRIVERS\FwLnk.sys
O41 - Driver: GEAR ASPI Filter Driver (GEARAspiWDM) - C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
O41 - Driver: Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio (HdAudAddService) - C:\WINDOWS\system32\drivers\HdAudio.sys
O41 - Driver: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHDA.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32013 (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: IP in IP Tunnel Driver (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Link-Layer Topology Discovery Mapper I/O Driver (lltdio) - C:\WINDOWS\system32\DRIVERS\lltdio.sys
O41 - Driver: Service Pilote de fonction de classe Moniteur Microsoft (monitor) - C:\WINDOWS\system32\DRIVERS\monitor.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: Filtre NativeWiFi (NativeWifiP) - C:\WINDOWS\system32\DRIVERS\nwifi.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32001 (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS Usermode I/O Protocol (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32002 (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: Pilote de carte Intel(R) PRO/sans fil 3945ABG pour Windows Vista 32 bits (NETw3v32) - C:\WINDOWS\system32\DRIVERS\NETw3v32.sys
O41 - Driver: Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits (NETw4v32) - C:\WINDOWS\system32\DRIVERS\NETw4v32.sys
O41 - Driver: Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit (NETw5v32) - C:\WINDOWS\system32\DRIVERS\NETw5v32.sys
O41 - Driver: IPX Traffic Filter Driver (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: IPX Traffic Forwarder Driver (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32006 (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (PSched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: PxHelp20 (PxHelp20) - C:\WINDOWS\System32\Drivers\PxHelp20.sys
O41 - Driver: (no object) (R300) - C:\WINDOWS\system32\DRIVERS\atikmdag.sys
O41 - Driver: Remote Access Auto Connection Driver (RasAcd) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32005 (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: @%systemroot%\system32\rascfg.dll,-32007 (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: @%systemroot%\system32\sstpsvc.dll,-202 (RasSstp) - C:\WINDOWS\system32\DRIVERS\rassstp.sys
O41 - Driver: Link-Layer Topology Discovery Responder (rspndr) - C:\WINDOWS\system32\DRIVERS\rspndr.sys
O41 - Driver: (no object) (sdbus) - C:\WINDOWS\system32\DRIVERS\sdbus.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50005 (Smb) - C:\WINDOWS\system32\DRIVERS\smb.sys
O41 - Driver: (no object) (sptd) - C:\WINDOWS\System32\Drivers\sptd.sys
O41 - Driver: ssmdrv (ssmdrv) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
O41 - Driver: SAMSUNG Mobile USB Device II 1.0 driver (WDM) (ssm_bus) - C:\WINDOWS\system32\DRIVERS\ssm_bus.sys
O41 - Driver: SAMSUNG Mobile USB Modem II 1.0 Filter (ssm_mdfl) - C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys
O41 - Driver: SAMSUNG Mobile USB Modem II 1.0 Drivers (ssm_mdm) - C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys
O41 - Driver: Microsoft IPv6 Protocol Driver (Tcpip6) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de carte miniport Microsoft Tun (tunmp) - C:\WINDOWS\system32\DRIVERS\tunmp.sys
O41 - Driver: Pilote de carte miniport Microsoft IPv6 Tunnel (tunnel) - C:\WINDOWS\system32\DRIVERS\tunnel.sys
O41 - Driver: TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver (TVALZ) - C:\WINDOWS\system32\DRIVERS\TVALZ_O.SYS
O41 - Driver: Apple Mobile USB Driver (USBAAPL) - C:\WINDOWS\System32\Drivers\usbaapl.sys
O41 - Driver: Pilote de scanneur USB (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys
O41 - Driver: Carte RNDIS USB (usb_rndisx) - C:\WINDOWS\system32\DRIVERS\usb8023x.sys
O41 - Driver: (no object) (vga) - C:\WINDOWS\system32\DRIVERS\vgapnp.sys
O41 - Driver: Remote Access IP ARP Driver (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Remote Access IPv6 ARP Driver (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Pilote WinUsb (WINUSB) - C:\WINDOWS\system32\DRIVERS\WinUSB.SYS
O41 - Driver: (no object) (WUDFRd) - C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Avira AntiVir Premium
O42 - Logiciel: CCleaner (remove only)
O42 - Logiciel: CoreAVC Professional Edition (remove only)
O42 - Logiciel: CSV2ASC
O42 - Logiciel: Dropbox
O42 - Logiciel: EVEREST Ultimate Edition v5.00
O42 - Logiciel: Foxit Reader
O42 - Logiciel: Free Video Converter V 1.5
O42 - Logiciel: Haali Media Splitter
O42 - Logiciel: HijackThis 2.0.2
O42 - Logiciel: TOSHIBA Value Added Package
O42 - Logiciel: K-Lite Codec Pack 4.4.5 (Full)
O42 - Logiciel: Lexmark 5200 Series
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 3.5 SP1
O42 - Logiciel: Mozilla Firefox (3.0.6)
O42 - Logiciel: Nero 7 Lite 7.10.1.0
O42 - Logiciel: NFO Creator
O42 - Logiciel: NFO viewer v 2.1
O42 - Logiciel: Logiciel Intel(R) PROSet/Wireless
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set
O42 - Logiciel: Samsung Mobile phone USB driver Software
O42 - Logiciel: SAMSUNG Mobile USB Modem Software
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software
O42 - Logiciel: SpeedCams_Serveur
O42 - Logiciel: Counter-Strike: Source
O42 - Logiciel: StuffPlug 3
O42 - Logiciel: Uniblue DriverScanner 2009
O42 - Logiciel: VLC media player 0.9.8a
O42 - Logiciel: Manuel de l'appareil Windows Mobile®
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Steam
O42 - Logiciel: Bonjour
O42 - Logiciel: WD Diagnostics
O42 - Logiciel: Google Earth
O42 - Logiciel: Java(TM) 6 Update 11
O42 - Logiciel: Vista x86 OneClick Activator
O42 - Logiciel: Sonic Update Manager
O42 - Logiciel: iTunes
O42 - Logiciel: Java(TM) 6 Update 7
O42 - Logiciel: Visionneuse Journal Windows Microsoft
O42 - Logiciel: TuneUp Utilities 2009
O42 - Logiciel: Toshiba TEMPRO
O42 - Logiciel: OpenOffice.org 3.0
O42 - Logiciel: Apple Software Update
O42 - Logiciel: Windows Media Player Firefox Plugin
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: VC80CRTRedist - 8.0.50727.762
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: mPfMgr
O42 - Logiciel: mHelp
O42 - Logiciel: Gestionnaire pour appareils Windows Mobile
O42 - Logiciel: WD FAT32 Formatter
O42 - Logiciel: mDriver
O42 - Logiciel: mCorev32.ism_new
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: Spybot - Search & Destroy
O42 - Logiciel: DivX Web Player
O42 - Logiciel: TOSHIBA Hardware Setup
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Samsung PC Studio 3
O42 - Logiciel: Windows Live Mail
O42 - Logiciel: VDownloader 0.77
O42 - Logiciel: ATI Catalyst Control Center Ex
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
O42 - Logiciel: Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
O42 - Logiciel: Windows Mobile Device Center Driver Update
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer
O42 - Logiciel: TOSHIBA SD Memory Utilities
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Ma-Config.com
O42 - Logiciel: mMHouse
O42 - Logiciel: mCPlug
O42 - Logiciel: QuickTime
O42 - Logiciel: Windows Live installer
---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Ahead
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Apple
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Java
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\microsoft shared
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Steam
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\WindowsLiveInstaller
O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Wise Installation Wizard
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Ahead
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory - C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Java
O43 - CFD:Common File Directory - C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Steam
O43 - CFD:Common File Directory - C:\Program Files\Common Files\System
O43 - CFD:Common File Directory - C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD:Common File Directory - C:\Program Files\Common Files\Wise Installation Wizard
---\\ Derniers fichiers modifiés ou crées sous System32 (O44)
O44 - LFC:Last File Created - C:\Windows\System32\authuitu.dll -->11/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\CurrentName.dat -->14/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\decdll.dll -->22/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\deploytk.dll -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\dns-sd.exe -->12/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\dnssd.dll -->12/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\EncDec.dll -->05/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\ff_vfw.dll -->08/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\FNTCACHE.DAT -->26/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\ieframe.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\iertutil.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\java.exe -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\javaw.exe -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\javaws.exe -->23/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\jsproxy.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\jupdate-1.6.0_07-b06.log -->18/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\license.rtf -->11/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\mpg2splt.ax -->05/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\MRT.exe -->04/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\msfeeds.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\mshtml.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\mshtml.tlb -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\MSNP.ax -->05/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\mstime.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\perfc009.dat -->25/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\perfc00C.dat -->26/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\perfh009.dat -->25/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\perfh00C.dat -->26/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\PerfStringBackup.INI -->25/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\psisdecd.dll -->05/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\psisrndr.ax -->05/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\tmp.txt -->25/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\TuneUpDefragService.exe -->14/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\TUProgSt.exe -->14/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\urlmon.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\uxtuneup.dll -->11/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\wininet.dll -->15/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\xvidcore.dll -->07/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\xvidvfw.dll -->07/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\mbam.sys -->11/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\drivers\mbamswissarmy.sys -->11/02/2009
O44 - LFC:Last File Created - C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf -->11/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf -->27/01/2009
O44 - LFC:Last File Created - C:\Windows\System32\drivers\srv.sys -->16/12/2008
O44 - LFC:Last File Created - C:\Windows\System32\drivers\StarOpen.sys -->14/02/2009
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgAppLaunch.db -->11/01/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_S1_S-1-5-21-4288227596-898626440-2863562291-1000.snp.db -->25/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_S2_S-1-5-21-4288227596-898626440-2863562291-1000.snp.db -->24/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_S2_S-1-5-21-4288227596-898626440-2863562291-1002.snp.db -->25/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_S3_S-1-5-21-4288227596-898626440-2863562291-1002.snp.db -->25/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC1.db -->23/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC1.db.trx -->23/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC2.db -->02/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC3_715A2C21.db -->25/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgCx_SC3_B3F7B133.db -->25/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlFaultHistory.db -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlFgAppHistory.db -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlGlobalHistory.db -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-4288227596-898626440-2863562291-1000.db -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-4288227596-898626440-2863562291-1000.db -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AgRobust.db -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ANTIVIR_WORKSTATION_WINU_FR_H-96A49185.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\AVWSC.EXE-E17B693C.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CCLEANER.EXE-CC440CDB.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\CMD.EXE-89305D47.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DLLHOST.EXE-71214090.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\DRVINST.EXE-5F8E77CD.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\EXPLORER.EXE-7A3328DA.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FDSV.CFEXE-6EDDAE3D.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FINDSTR.CFEXE-A5361DC8.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\FIREFOX.EXE-E60C0AA7.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GMER.EXE-A5C4C463.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GMER.EXE-A8D0DEFB.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GMER.EXE-B6BA3975.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GOOGLEUPDATERSERVICE.EXE-600E0B48.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\GREP.CFEXE-65A59E2C.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\IEXPLORE.EXE-1B894AFB.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\Layout.ini -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\LOGONUI.EXE-1BEE4A84.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MOBSYNC.EXE-D8BC6ED2.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\MSIEXEC.EXE-B5AFA339.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\NIRCMD.CFEXE-24C714CF.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\NOTEPAD.EXE-EB1B961A.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\ONECLICKSTARTER.EXE-A28183C2.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PfSvPerfStats.bin -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\PV.CFEXE-D998B1C4.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-7BF4CE40.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-908418F6.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-9085A41C.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\RUNDLL32.EXE-F452D79D.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SCANROOT.EXE-482C8019.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf -->18/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SED.CFEXE-3C529032.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SETUP.EXE-8DA1087B.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SORT.EXE-CDAF7663.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SSVAGENT.EXE-B025FA52.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SVCHOST.EXE-8FD92526.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\SWREG.CFEXE-29DC6B86.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TASKENG.EXE-5BAF290C.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-031B6478.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\UTORRENT.EXE-07DD3997.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\VERCLSID.EXE-4D95F5A7.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\VLC.EXE-CE8E9BE1.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\VSSVC.EXE-04D079CC.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WERFAULT.EXE-B7E27BE5.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WINRAR.EXE-6F42D4E7.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WLLOGINPROXY.EXE-E9051163.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WLMAIL.EXE-718CF2A1.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMIADAP.EXE-369DF1CD.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMIPRVSE.EXE-43972D0F.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMPLAYER.EXE-9DE758AE.pf -->26/02/2009
O45 - LFCP:Last File Created Prefetch - C:\Windows\Prefetch\WMPNSCFG.EXE-DF1DD51A.pf -->26/02/2009
---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export - "C:\Windows\system32\wininit.exe"="C:\Windows\system32\wininit.exe:*:enabled:@shell32.dll,-1"
O47 - AAKE:Key Export - "C:\Windows\system32\winlogon.exe"="C:\Windows\system32\winlogon.exe:*:enabled:@shell32.dll,-1"
---\\ Déni du service Local Security Authority (LSA) (O48)
O48 - LSA:Local Security Authority Authentication Packages - C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages - C:\Windows\System32\scecli.dll
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\volmgrx.sys
End of the scan:
Il y a un problème avec l'analyse OAD , j'ai fait se que ta dit mais pendant l'analyse il y les lignes qui défilent suivit de "est trop long" 1 minute après la fenêtre disparait sans aucune raison :s et sa avec les 3 noms que tu ma dit
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
26 févr. 2009 à 20:27
26 févr. 2009 à 20:27
Il y a un problème avec l'analyse OAD , j'ai fait se que ta dit mais pendant l'analyse il y les lignes qui défilent suivit de "est trop long" 1 minute après la fenêtre disparait sans aucune raison :s et sa avec les 3 noms que tu ma dit
Ca c'est pas normal .... Gmer marche pas , OAD marche pas, Rooter ne marche pas .... tout ce qui pourrait dénicher cette merdouille qui traine sur ton PC ne marche pas ... cela ne sent pas bon du tout ... -_- ...
essaye ceci :
Télécharge OTViewIt ( de Old Timer's ) sur ton bureau :
http://oldtimer.geekstogo.com/OTViewIt.exe
* Double clique sur " OTViewIt.exe " Pour lancer le prg .
Sous "File Age": Choisis "60 Days"
* Maintenant clique sur "Run Scan" pour lancer le scan .
Laisse travailler l'outil et ne touche à rien !
* Une fois le scan terminé , deux rapports s'ouvrent avec le bloc-note :
> OTViewIt.Txt
> Extras.Txt
Poste ces deux rapports pour analyse et attends la suite ...
Ca c'est pas normal .... Gmer marche pas , OAD marche pas, Rooter ne marche pas .... tout ce qui pourrait dénicher cette merdouille qui traine sur ton PC ne marche pas ... cela ne sent pas bon du tout ... -_- ...
essaye ceci :
Télécharge OTViewIt ( de Old Timer's ) sur ton bureau :
http://oldtimer.geekstogo.com/OTViewIt.exe
* Double clique sur " OTViewIt.exe " Pour lancer le prg .
Sous "File Age": Choisis "60 Days"
* Maintenant clique sur "Run Scan" pour lancer le scan .
Laisse travailler l'outil et ne touche à rien !
* Une fois le scan terminé , deux rapports s'ouvrent avec le bloc-note :
> OTViewIt.Txt
> Extras.Txt
Poste ces deux rapports pour analyse et attends la suite ...
Mjlm52
Messages postés
70
Date d'inscription
mardi 24 février 2009
Statut
Membre
Dernière intervention
5 mars 2009
26 févr. 2009 à 20:37
26 févr. 2009 à 20:37
Oui j'avoue sa craint ...
OTViewIt logfile created on: 26/02/2009 20:34:00 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\Chakib\Desktop
Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 70,93% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys;
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 48,73 Gb Free Space | 16,35% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC-DE-CHAKIB
Current User Name: Chakib
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
[color=orange]========== Processes ==========/color
[2008/01/21 03:21:52 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
[2008/01/21 03:21:54 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
[2008/06/20 02:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
[2008/01/21 03:23:10 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
[2006/11/24 22:36:02 | 00,557,056 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
[2008/01/21 03:21:37 | 00,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe
[2008/06/12 14:46:21 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
[2007/07/10 20:26:48 | 00,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
[2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2008/05/09 13:22:40 | 00,061,697 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
[2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2008/03/04 14:55:56 | 00,823,296 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
[2008/01/21 03:22:53 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2008/03/04 14:30:12 | 00,483,328 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
[2008/01/21 03:22:53 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
[2008/11/06 01:57:38 | 00,099,720 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
[2007/10/11 17:02:38 | 00,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
[2009/01/14 16:14:05 | 00,603,904 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TUProgSt.exe
[2008/01/21 03:22:53 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2008/11/06 01:57:56 | 00,103,824 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
[2007/10/11 17:02:56 | 00,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
[2007/12/03 14:17:04 | 00,509,888 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
[2007/10/11 13:02:02 | 00,733,184 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
[2007/05/31 09:21:28 | 00,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdc.exe
[2006/04/28 09:14:44 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
[2007/09/02 13:58:52 | 00,516,096 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
[2008/01/21 03:22:38 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
[2008/01/21 03:23:48 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
[2006/04/28 09:14:44 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
[2006/04/28 09:14:44 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
[2007/10/23 12:14:08 | 00,156,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Mail\wlmail.exe
[2008/01/21 03:23:48 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
[2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe
[2008/01/21 03:21:41 | 00,113,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
[2008/12/06 15:57:20 | 00,114,840 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\vlc.exe
[2009/01/20 07:34:44 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2007/10/18 11:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[2009/02/26 20:33:44 | 00,441,856 | ---- | M] (OldTimer Tools) -- C:\Users\Chakib\Desktop\OTViewIt.exe
[color=orange]========== (O23) Win32 Services ==========/color
[2007/07/10 20:26:48 | 00,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio [Auto | Running])
File not found -- -- (AntiVirMailService [Auto | Stopped])
File not found -- -- (AntiVirScheduler [Auto | Running])
File not found -- -- (AntiVirService [Auto | Stopped])
File not found -- -- (antivirwebservice [Auto | Stopped])
File not found -- -- (Apple Mobile Device [Auto | Running])
[2006/11/24 22:36:02 | 00,557,056 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility [Auto | Stopped])
File not found -- -- (AVEService [Auto | Start_Pending])
File not found -- -- (Bonjour Service [Auto | Running])
[2008/07/27 19:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
File not found -- -- (DcomLaunch [Unknown | Running])
[2008/01/21 03:22:43 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS [Unknown | Running])
File not found -- -- (EvtEng [Auto | Running])
[2008/06/20 02:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [Auto | Running])
[2008/01/21 03:23:02 | 00,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll -- (gpsvc [Unknown | Running])
File not found -- -- (gusvc [Auto | Stopped])
File not found -- -- (iPod Service [On_Demand | Stopped])
[2004/02/20 15:10:08 | 00,442,368 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\lxbtcoms.exe -- (lxbt_device [On_Demand | Stopped])
File not found -- -- (maconfservice [On_Demand | Stopped])
[2006/11/02 14:02:42 | 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [Unknown | Stopped])
[2008/06/20 02:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
File not found -- -- (RegSrvc [Auto | Running])
File not found -- -- (Schedule [Unknown | Running])
[2008/01/21 03:23:10 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto | Running])
[2006/11/02 10:45:46 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])
File not found -- -- (Steam Client Service [On_Demand | Stopped])
File not found -- -- (TempoMonitoringService [Auto | Running])
File not found -- -- (TosCoSrv [Auto | Running])
[2009/01/14 16:13:43 | 00,360,192 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag [On_Demand | Stopped])
[2009/01/14 16:14:05 | 00,603,904 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc [Auto | Running])
[2008/01/21 03:22:16 | 00,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand | Stopped])
File not found -- -- (usnjsvc [On_Demand | Running])
[2008/01/21 03:23:11 | 00,400,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand | Stopped])
[2008/01/21 03:21:36 | 00,934,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbengine.exe -- (wbengine [On_Demand | Stopped])
File not found -- -- (WdiServiceHost [Unknown | Stopped])
File not found -- -- (WdiSystemHost [Unknown | Running])
[2008/09/18 05:56:07 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wersvc.dll -- (WerSvc [Unknown | Running])
File not found -- -- (WLSetupSvc [On_Demand | Stopped])
[2008/05/27 06:18:43 | 00,457,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Disabled | Stopped])
[color=orange]========== Driver Services ==========/color
[2008/01/21 03:21:29 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
[2008/01/21 03:21:33 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
[2008/01/21 03:21:34 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
[2008/01/21 03:21:35 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
[2007/07/10 20:26:46 | 01,161,888 | ---- | M] (Agere Systems) -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
[2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,057,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand | Stopped])
[2008/01/21 03:21:09 | 00,017,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [Disabled | Stopped])
[2008/01/21 03:21:32 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Disabled | Stopped])
[2008/01/21 03:21:32 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
File not found -- -- (avgio [System | Running])
[2008/06/27 15:03:52 | 00,075,072 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb [System | Running])
[2008/01/21 03:21:10 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive [Disabled | Stopped])
[2008/01/21 03:22:00 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand | Running])
[2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])
[2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])
[2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [Disabled | Stopped])
[2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [Disabled | Stopped])
[2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [Disabled | Stopped])
[2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])
[2006/11/02 09:55:23 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [Disabled | Stopped])
[2008/01/21 03:21:34 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [Disabled | Stopped])
[2008/01/21 03:22:01 | 00,247,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys -- (CLFS [Unknown | Running])
[2008/01/21 03:21:09 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
[2008/01/21 03:21:30 | 00,024,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [Boot | Running])
[2008/01/21 03:21:09 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [Disabled | Stopped])
[2008/01/21 03:23:34 | 00,350,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\csc.sys -- (CSC [System | Running])
[2008/01/21 03:23:02 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [System | Running])
[2008/08/02 02:01:23 | 00,625,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])
[2008/01/21 03:21:11 | 00,159,744 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\e100b325.sys -- (E100B [On_Demand | Running])
[2008/01/21 03:21:33 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
[2008/01/21 03:21:47 | 00,143,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [Boot | Running])
[2008/01/21 03:21:30 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\errdev.sys -- (ErrDev [Disabled | Stopped])
[2008/01/21 03:23:12 | 00,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys -- (exfat [On_Demand | Stopped])
[2008/01/21 03:22:11 | 00,058,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [Boot | Running])
[2008/01/21 03:22:31 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand | Stopped])
[2008/01/21 03:23:41 | 00,145,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fvevol.sys -- (fvevol [Boot | Running])
[2006/11/19 22:11:14 | 00,007,168 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk [On_Demand | Running])
[2008/01/21 03:21:30 | 00,061,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand | Stopped])
[2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2006/11/02 08:36:49 | 00,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Running])
[2008/01/21 03:21:30 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2006/11/02 09:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [Disabled | Stopped])
[2006/11/02 09:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [Disabled | Stopped])
[2008/01/21 03:21:34 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Disabled | Stopped])
[2008/01/21 03:21:31 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Disabled | Stopped])
[2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
[2008/01/21 03:21:30 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [Disabled | Stopped])
[2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
[2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
[2008/01/21 03:21:31 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [Disabled | Stopped])
[2008/01/21 03:22:45 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto | Running])
[2008/01/21 03:21:31 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
[2008/01/21 03:21:33 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
[2008/01/21 03:21:31 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
[2008/01/21 03:22:45 | 00,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Disabled | Stopped])
[2008/01/21 03:21:35 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
[2008/01/21 03:21:35 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\System32\drivers\MegaSR.sys -- (MegaSR [Disabled | Stopped])
[2008/01/21 03:21:30 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand | Running])
[2008/01/21 03:21:28 | 00,105,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Disabled | Stopped])
[2008/01/21 03:22:55 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand | Running])
[2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Disabled | Stopped])
[2008/08/27 02:05:41 | 00,212,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand | Running])
[2008/01/21 03:22:37 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand | Running])
[2008/01/21 03:21:09 | 00,028,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [Disabled | Stopped])
[2008/01/21 03:21:29 | 00,094,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,016,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [Boot | Running])
[2008/01/21 03:22:36 | 00,163,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand | Stopped])
[2008/05/20 03:07:31 | 00,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand | Running])
[2008/01/21 03:21:28 | 02,225,664 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32 [On_Demand | Stopped])
[2008/03/13 03:36:42 | 02,555,392 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32 [On_Demand | Stopped])
[2008/08/28 23:48:46 | 03,664,384 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32 [On_Demand | Running])
[2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
[2008/01/21 03:22:55 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [System | Running])
[2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
[2008/01/21 03:21:29 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
[2008/01/21 03:21:29 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,109,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand | Stopped])
[2007/03/02 08:19:42 | 00,240,128 | ---- | M] (PARADOX) -- C:\Windows\System32\drivers\royal.sys -- (OemBiosDevice [Boot | Stopped])
[2006/11/02 10:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto | Running])
[2008/04/05 02:21:42 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [System | Running])
[2008/01/21 03:21:40 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand | Stopped])
[2006/11/24 22:46:38 | 02,085,888 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys -- (R300 [On_Demand | Running])
[2008/01/21 03:23:13 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp [On_Demand | Running])
[2008/01/21 03:22:45 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto | Running])
[2006/11/02 10:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Disabled | Stopped])
[2008/01/21 03:21:29 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus [On_Demand | Running])
[2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
[2008/01/21 03:21:28 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [Disabled | Stopped])
[2008/01/21 03:21:31 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [Disabled | Stopped])
[2008/01/21 03:21:31 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand | Stopped])
[2008/01/21 03:21:31 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])
[2008/01/21 03:21:09 | 00,055,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp [On_Demand | Stopped])
[2008/01/21 03:21:34 | 00,041,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
[2008/01/21 03:21:34 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
[2008/01/21 03:23:10 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [System | Running])
[2008/01/21 03:22:19 | 00,021,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr [Boot | Running])
[2009/01/23 18:44:41 | 00,717,296 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys -- (sptd [Boot | Running])
[2008/01/21 03:23:10 | 00,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand | Running])
[2008/01/21 03:21:55 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand | Running])
[2007/11/08 19:03:26 | 00,021,248 | ---- | M] (AVIRA GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv [System | Running])
[2007/05/02 11:12:34 | 00,083,592 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_bus.sys -- (ssm_bus [On_Demand | Stopped])
[2007/05/02 11:12:36 | 00,015,112 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_mdfl.sys -- (ssm_mdfl [On_Demand | Stopped])
[2007/05/02 11:12:36 | 00,109,704 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_mdm.sys -- (ssm_mdm [On_Demand | Stopped])
[2009/02/14 20:33:37 | 00,005,632 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen [System | Running])
[2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
[2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
[2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
[2008/01/21 03:21:53 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto | Running])
[2008/01/21 03:23:00 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [System | Running])
[2008/01/21 03:22:35 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand | Running])
[2008/01/21 03:22:35 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand | Running])
[2006/10/05 22:22:14 | 00,016,768 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ [Boot | Running])
[2008/01/21 03:21:30 | 00,059,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [On_Demand | Stopped])
[2008/01/21 03:21:09 | 00,060,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand | Stopped])
[2008/01/21 03:21:28 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
[2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
[2008/01/21 03:21:31 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
[2008/01/21 03:21:30 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand | Running])
[2008/11/07 14:23:30 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
[2008/01/21 03:21:33 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023x.sys -- (usb_rndisx [On_Demand | Stopped])
[2008/01/21 03:21:11 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand | Stopped])
[2008/01/21 03:21:09 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,052,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [Boot | Running])
[2008/01/21 03:22:37 | 00,294,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [Boot | Running])
[2008/01/21 03:21:32 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
[2006/11/02 09:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [Disabled | Stopped])
[2008/01/21 03:21:33 | 00,022,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Disabled | Stopped])
[2008/01/21 03:21:58 | 00,503,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [Boot | Running])
[2008/01/21 03:21:34 | 00,031,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB [On_Demand | Stopped])
[2008/01/21 03:21:09 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [Disabled | Stopped])
[2008/01/21 03:22:55 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [System | Running])
[color=orange]========== (R ) Internet Explorer ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=https://www.msn.com/fr-fr/?ocid=iehp
"Default_Search_URL"=https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=C:\windows\system32\blank.htm
"Search Page"=https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchAssistant"=https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Local Page"=C:\windows\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://home.microsoft.com/access/autosearch.asp?p=%s
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local
[color=orange]========== (O1) Hosts File ==========/color
HOSTS File = (27 bytes) - C:\Windows\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
[color=orange]========== (O2) BHO's ==========/color
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Programmes\Java\jre6\bin\ssv.dll File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Programmes\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll File not found
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Programmes\Java\jre6\bin\jp2ssv.dll File not found
[color=orange]========== (O4) Run Keys ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"00TCrdMain"=%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe File not found
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" File not found
"HSON"=%ProgramFiles%\TOSHIBA\TBS\HSON.exe File not found
"SmoothView"=%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe File not found
"Toshiba TEMPO"=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe File not found
"TPwrMain"=%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE File not found
"Windows Mobile Device Center"=%windir%\WindowsMobile\wmdc.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background File not found
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" File not found
[color=orange]========== (O6 & O7) Current Version Policies ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=0
"EnableInstallerDetection"=0
"EnableLUA"=0
"EnableSecureUIAPaths"=1
"EnableVirtualization"=1
"PromptOnSecureDesktop"=1
"ValidateAdminCodeSignatures"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"scforceoption"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=0
"EnableUIADesktopToggle"=0
"DisableRegistryTools"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=1
"CF_BITMAP"=2
"CF_OEMTEXT"=7
"CF_DIB"=8
"CF_PALETTE"=9
"CF_UNICODETEXT"=13
"CF_DIBV5"=17
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FF FF FF FF [binary data]
"NoDrives"=0
[color=orange]========== (O9) IE Extensions ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}: Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 -- %SystemRoot%\WindowsMobile\INetRepl.dll [2007/05/31 09:21:16 | 00,176,520 | ---- | M] (Microsoft Corporation)
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}: Menu: @C:\Windows\WindowsMobile\INetRepl.dll,-223 -- %SystemRoot%\WindowsMobile\INetRepl.dll [2007/05/31 09:21:16 | 00,176,520 | ---- | M] (Microsoft Corporation)
{85d1f590-48f4-11d9-9669-0800200c9a66}: Menu: Uninstall BitDefender Online Scanner v8 -- %SystemRoot%\bdoscandel.exe [2006/05/25 01:22:06 | 00,077,784 | ---- | M] ()
[color=orange]========== (O12) Internet Explorer Plugins ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery
[color=orange]========== (O13) Default Prefixes ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://
[color=orange]========== (O15) Trusted Sites ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
48 domain(s) and sub-domain(s) not assigned to a zone.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
48 domain(s) and sub-domain(s) not assigned to a zone.
[color=orange]========== (O16) DPF ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{17492023-C23A-453E-A040-C7C580BBF700}: http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab -- Windows Genuine Advantage Validation Tool
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}: http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab -- BDSCANONLINE Control
{867E13F2-7F31-44FB-AC97-CD38E0DC46EF}: https://www.touslesdrivers.com/index.php?v_page=29 -- HardwareDetection Control
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object
[color=orange]========== (O17) DNS Name Servers ==========/color
{0399EC24-3C2B-467A-A58C-94A46CE9CCA6} (Servers: | Description: Microsoft Windows Mobile Remote Adapter)
{AEA8B627-C895-477D-A568-BCA2208AAA6E} (Servers: | Description: Intel(R) PRO/Wireless 3945ABG Network Connection)
{AF5E05D8-F374-4ACA-818D-9DA6A5194C86} (Servers: | Description: Connexion réseau Intel(R) PRO/100)
[color=orange]========== HKLM *SecurityProviders* ==========/color
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=credssp.dll
>[2008/01/21 03:22:44 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll
[color=orange]========== LSA *Security Packages* ==========/color
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Security Packages"=kerberos,msv1_0,schannel,wdigest,tspkg,
>[2008/01/21 03:22:44 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll
[color=orange]========== Safeboot Options ==========/color
"AlternateShell"=cmd.exe
[color=orange]========== CDRom AutoRun Settings ==========/color
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
[color=orange]========== Autorun Files on Drives ==========/color
autoexec.bat [REM Dummy file for NTVDM | ]
[2006/09/18 22:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]
autorun.inf []
[2009/02/25 15:45:58 | 00,000,000 | RHSD | M] -- C:\autorun.inf -- [ NTFS ]
[color=orange]========== Files/Folders - Created Within 30 Days ==========/color
[2040/01/14 16:24:08 | 00,006,136 | ---- | C] () -- C:\Users\Chakib\AppData\Local\TimerStop64.sys
[2040/01/14 16:24:08 | 00,004,096 | ---- | C] () -- C:\Users\Chakib\AppData\Local\TimerStop.sys
[2009/02/26 20:33:43 | 00,441,856 | ---- | C] (OldTimer Tools) -- C:\Users\Chakib\Desktop\OTViewIt.exe
[2009/02/26 19:41:42 | 00,152,934 | ---- | C] (changelog.fr ) -- C:\Users\Chakib\Desktop\OAD.exe
[2009/02/26 19:06:43 | 00,831,488 | ---- | C] () -- C:\Users\Chakib\Desktop\scanroot.exe
[2009/02/26 15:19:44 | 00,747,873 | ---- | C] () -- C:\Users\Chakib\Desktop\gmer.zip
[2009/02/26 14:32:23 | 01,811,618 | ---- | C] () -- C:\Users\Chakib\Documents\rad_csv2asc.zip
[2009/02/26 04:07:01 | 00,000,000 | ---D | C] -- C:\rsit
[2009/02/26 04:06:40 | 00,781,851 | ---- | C] () -- C:\Users\Chakib\Desktop\RSIT.exe
[2009/02/26 03:55:06 | 00,000,000 | ---D | C] -- C:\Windows\temp
[2009/02/26 03:51:52 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/02/26 03:49:17 | 02,925,817 | R--- | C] () -- C:\Users\Chakib\Desktop\ComboFix.exe
[2009/02/26 02:10:16 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Local\ESET
[2009/02/26 02:07:41 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Roaming\ESET
[2009/02/26 02:06:03 | 00,000,000 | ---D | C] -- C:\ProgramData\ESET
[2009/02/26 00:39:05 | 00,229,376 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2009/02/26 00:16:15 | 02,210,333 | -H-- | C] () -- C:\Users\Chakib\AppData\Local\IconCache.db
[2009/02/25 23:31:35 | 00,094,465 | ---- | C] (Avira GmbH) -- C:\Windows\System32\avsda.dll
[2009/02/25 23:31:35 | 00,075,072 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2009/02/25 23:31:35 | 00,021,248 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2009/02/25 23:31:34 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/02/25 23:30:36 | 00,000,000 | ---D | C] -- C:\Users\Chakib\Documents\Avira AntiVir Premium 8.1.0.27- Fr + Key2011
[2009/02/25 23:29:29 | 00,000,000 | -HSD | C] -- C:\Users\Chakib\Documents\Mes vidéos
[2009/02/25 23:29:29 | 00,000,000 | -HSD | C] -- C:\Users\Chakib\Documents\Mes images
[2009/02/25 23:29:29 | 00,000,000 | -HSD | C] -- C:\Users\Chakib\Documents\Ma musique
[2009/02/25 21:56:06 | 26,823,14752 | -HS- | C] () -- C:\hiberfil.sys
[2009/02/25 21:07:15 | 00,000,000 | ---D | C] -- C:\Windows\Minidump
[2009/02/25 20:42:36 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira
[2009/02/25 16:15:06 | 00,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2009/02/25 15:45:58 | 00,000,000 | RHSD | C] -- C:\autorun.inf
[2009/02/25 00:12:36 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/02/25 00:12:35 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/02/24 23:20:27 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/02/24 22:42:59 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Roaming\Thinstall
[2009/02/24 22:42:59 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Local\Thinstall
[2009/02/24 22:10:09 | 00,000,000 | ---D | C] -- C:\Windows\System32\Kaspersky Lab
[2009/02/24 21:27:57 | 00,179,200 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2009/02/24 21:27:57 | 00,154,624 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2009/02/24 21:27:57 | 00,116,224 | ---- | C] () -- C:\Windows\sed.exe
[2009/02/24 21:27:57 | 00,109,984 | ---- | C] (Smallfrogs Studio) -- C:\Windows\fdsv.exe
[2009/02/24 21:27:57 | 00,097,820 | ---- | C] () -- C:\Windows\grep.exe
[2009/02/24 21:27:57 | 00,085,504 | ---- | C] () -- C:\Windows\zip.exe
[2009/02/24 21:27:57 | 00,072,548 | ---- | C] () -- C:\Windows\VFIND.exe
[2009/02/24 21:27:57 | 00,048,640 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2009/02/24 21:27:52 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/02/24 21:13:55 | 00,000,035 | ---- | C] () -- C:\Users\Chakib\AppData\Roaming\SetValue.bat
[2009/02/24 21:13:54 | 00,000,691 | ---- | C] () -- C:\Users\Chakib\AppData\Roaming\GetValue.vbs
[2009/02/24 20:42:51 | 00,000,000 | ---D | C] -- C:\ProgramData\Grisoft
[2009/02/24 20:15:13 | 00,000,000 | ---D | C] -- C:\Program Files\Grisoft
[2009/02/24 19:23:21 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Roaming\CopyTrans
[2009/02/24 19:10:53 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Roaming\Malwarebytes
[2009/02/24 19:10:51 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/02/24 19:10:49 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/02/24 19:10:48 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/02/24 19:10:48 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/02/24 13:53:55 | 00,244,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSFLXGRD.OCX
[2009/02/24 13:53:55 | 00,209,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TABCTL32.OCX
[2009/02/24 13:53:55 | 00,203,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RICHTX32.OCX
[2009/02/24 13:53:55 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RCHTXFR.DLL
[2009/02/24 13:53:55 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TABCTFR.DLL
[2009/02/24 13:53:53 | 00,644,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[2009/02/24 13:53:53 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCFR.DLL
[2009/02/24 13:53:53 | 00,090,112 | ---- | C] () -- C:\Windows\System32\GkSui18.EXE
[2009/02/24 13:53:53 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2FR.DLL
[2009/02/24 13:53:53 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FLXGDFR.DLL
[2009/02/24 13:53:53 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CMDLGFR.DLL
[2009/02/24 13:53:53 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETFR.DLL
[2009/02/24 13:53:53 | 00,000,000 | ---D | C] -- C:\Program Files\CyberLeadingCorp
[2009/02/23 20:30:15 | 00,000,000 | ---D | C] -- C:\Program Files\Orban
[2009/02/23 15:47:08 | 00,000,000 | -H-D | C] -- C:\RECYCLER
[2009/02/21 18:48:29 | 00,000,000 | ---D | C] -- C:\Program Files\Haali
[2009/02/21 18:47:54 | 00,000,000 | ---D | C] -- C:\Program Files\CoreCodec
[2009/02/15 18:32:12 | 00,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2009/02/15 18:32:12 | 00,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2009/02/15 18:32:11 | 00,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2009/02/15 18:32:11 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2009/02/15 18:32:11 | 00,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2009/02/15 18:32:11 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2009/02/15 18:32:09 | 00,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2009/02/15 18:32:07 | 00,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2009/02/15 18:24:34 | 00,096,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfshim.dll
[2009/02/15 18:24:32 | 00,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll
[2009/02/15 18:24:30 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2009/02/15 18:24:07 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2009/02/15 18:23:58 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2009/02/15 18:23:09 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2009/02/15 18:21:48 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2009/02/15 18:21:47 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2009/02/15 18:21:47 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2009/02/15 18:21:47 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2009/02/15 18:21:47 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2009/02/15 03:27:39 | 00,160,332 | ---- | C] () -- C:\Windows\nod32_v3.0.621.0_Fr Uninstaller.exe
[2009/02/15 01:18:13 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Roaming\Mozilla
[2009/02/15 01:18:13 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Local\Mozilla
[2009/02/14 20:35:07 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Roaming\Samsung
[2009/02/14 20:33:53 | 00,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2009/02/14 20:19:41 | 00,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009/02/14 20:11:05 | 00,109,704 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_mdm.sys
[2009/02/14 20:11:05 | 00,083,592 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_bus.sys
[2009/02/14 20:11:05 | 00,015,112 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_mdfl.sys
[2009/02/14 20:11:05 | 00,012,424 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_whnt.sys
[2009/02/14 20:11:05 | 00,012,424 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_wh.sys
[2009/02/14 20:11:05 | 00,012,424 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_cmnt.sys
[2009/02/14 20:11:05 | 00,012,424 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_cm.sys
[2009/02/14 20:09:57 | 00,000,000 | ---D | C] -- C:\Windows\System32\Samsung_USB_Drivers
[2009/02/14 20:09:56 | 00,000,766 | ---- | C] () -- C:\Windows\System32\Uninstall.ico
[2009/02/14 17:30:55 | 00,000,032 | ---- | C] () -- C:\Windows\go
[2009/02/14 15:30:01 | 00,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2009/02/14 00:20:20 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Local\Cooliris
[2009/02/11 03:04:16 | 03,580,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/02/11 03:04:14 | 06,069,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/02/11 03:04:14 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/02/11 03:04:13 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/02/11 03:04:13 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/02/11 03:04:13 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/02/11 03:04:13 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/02/11 03:04:13 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/02/11 03:04:12 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/02/07 22:54:09 | 00,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
[2009/02/04 19:41:24 | 00,000,000 | -H-D | C] -- C:\Users\Chakib\Documents\Dossier
[2009/02/01 02:30:20 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Local\PoiEdit
[2009/02/01 01:27:07 | 00,000,000 | ---D | C] -- C:\Program Files\CSV2ASC
[2009/01/31 21:18:56 | 00,086,016 | ---- | C] (Giganology Inc.) -- C:\Windows\System32\gigagetbho_v10.dll
[2009/01/31 21:18:53 | 00,000,000 | ---D | C] -- C:\Program Files\Giganology
[2009/01/31 21:09:28 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Roaming\DMCache
[2009/01/31 20:48:34 | 00,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
[2009/01/31 20:48:32 | 00,000,000 | ---D | C] -- C:\Program Files\Free Video Converter
[2009/01/31 17:50:10 | 00,000,000 | ---D | C] -- C:\Program Files\DivX
[2009/01/31 00:34:33 | 04,869,538 | ---- | C] () -- C:\Windows\i900-Screeensaver.scr
[2009/01/30 11:00:02 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2009/01/29 18:58:10 | 00,000,000 | ---D | C] -- C:\Windows\System32\SDA
[2009/01/28 15:57:18 | 00,000,000 | ---D | C] -- C:\Program Files\SpeedCams_Serveur
[2009/01/28 15:57:12 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2009/01/28 15:57:11 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2009/01/28 00:10:32 | 00,000,860 | ---- | C] () -- C:\Windows\setup.iss
[color=orange]========== Files - Modified Within 30 Days ==========/color
[2040/01/14 16:24:08 | 00,006,136 | ---- | M] () -- C:\Users\Chakib\AppData\Local\TimerStop64.sys
[2040/01/14 16:24:08 | 00,004,096 | ---- | M] () -- C:\Users\Chakib\AppData\Local\TimerStop.sys
[2009/02/26 20:33:44 | 00,441,856 | ---- | M] (OldTimer Tools) -- C:\Users\Chakib\Desktop\OTViewIt.exe
[2009/02/26 20:21:56 | 00,003,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/02/26 20:21:56 | 00,003,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/02/26 20:13:37 | 00,000,504 | -H-- | M] () -- C:\Users\Chakib\Documents\Mes dossiers de partage.lnk
[2009/02/26 20:00:00 | 00,000,510 | ---- | M] () -- C:\Windows\tasks\Maintenance en 1 clic.job
[2009/02/26 19:41:42 | 00,152,934 | ---- | M] (changelog.fr ) -- C:\Users\Chakib\Desktop\OAD.exe
[2009/02/26 15:19:45 | 00,747,873 | ---- | M] () -- C:\Users\Chakib\Desktop\gmer.zip
[2009/02/26 14:32:25 | 01,811,618 | ---- | M] () -- C:\Users\Chakib\Documents\rad_csv2asc.zip
[2009/02/26 04:22:01 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/02/26 04:21:49 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/02/26 04:21:46 | 26,823,14752 | -HS- | M] () -- C:\hiberfil.sys
[2009/02/26 04:17:36 | 02,210,333 | -H-- | M] () -- C:\Users\Chakib\AppData\Local\IconCache.db
[2009/02/26 04:06:42 | 00,781,851 | ---- | M] () -- C:\Users\Chakib\Desktop\RSIT.exe
[2009/02/26 03:58:20 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini
[2009/02/26 03:58:09 | 00,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2009/02/26 03:49:45 | 02,925,817 | R--- | M] () -- C:\Users\Chakib\Desktop\ComboFix.exe
[2009/02/26 01:56:52 | 00,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20090226-032942.backup
[2009/02/26 00:17:24 | 00,198,552 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/02/25 22:44:31 | 00,000,532 | ---- | M] () -- C:\Windows\wininit.ini
[2009/02/25 16:44:27 | 00,175,616 | ---- | M] () -- C:\Users\Chakib\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/25 16:33:44 | 00,291,205 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.bak
[2009/02/25 01:41:07 | 00,825,352 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/02/25 01:41:07 | 00,698,326 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/02/25 01:41:07 | 00,329,632 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/02/24 21:17:05 | 00,000,691 | ---- | M] () -- C:\Users\Chakib\AppData\Roaming\GetValue.vbs
[2009/02/24 21:17:05 | 00,000,035 | ---- | M] () -- C:\Users\Chakib\AppData\Roaming\SetValue.bat
[2009/02/24 20:44:11 | 00,001,356 | ---- | M] () -- C:\Users\Chakib\AppData\Local\d3d9caps.dat
[2009/02/15 03:27:39 | 00,160,332 | ---- | M] () -- C:\Windows\nod32_v3.0.621.0_Fr Uninstaller.exe
[2009/02/14 20:33:53 | 00,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt
[2009/02/14 20:33:37 | 00,005,632 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009/02/14 17:30:55 | 00,000,032 | ---- | M] () -- C:\Windows\go
[2009/02/11 10:19:42 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/02/11 10:19:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/02/04 00:21:12 | 21,244,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRT.exe
[2009/01/31 00:34:34 | 04,869,538 | ---- | M] () -- C:\Windows\i900-Screeensaver.scr
[2009/01/28 15:57:13 | 00,274,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2009/01/28 15:57:12 | 00,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2009/01/28 00:35:10 | 00,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2009/01/28 00:12:24 | 00,000,860 | ---- | M] () -- C:\Windows\setup.iss
< End of report >
OTViewIt logfile created on: 26/02/2009 20:34:00 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\Chakib\Desktop
Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 70,93% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys;
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 48,73 Gb Free Space | 16,35% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC-DE-CHAKIB
Current User Name: Chakib
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
[color=orange]========== Processes ==========/color
[2008/01/21 03:21:52 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininit.exe
[2008/01/21 03:21:54 | 00,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsm.exe
[2008/06/20 02:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
[2008/01/21 03:23:10 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe
[2006/11/24 22:36:02 | 00,557,056 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
[2008/01/21 03:21:37 | 00,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanext.exe
[2008/06/12 14:46:21 | 00,068,865 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
[2007/07/10 20:26:48 | 00,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
[2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[2008/05/09 13:22:40 | 00,061,697 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
[2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
[2008/03/04 14:55:56 | 00,823,296 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
[2008/01/21 03:22:53 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2008/03/04 14:30:12 | 00,483,328 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
[2008/01/21 03:22:53 | 00,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
[2008/11/06 01:57:38 | 00,099,720 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
[2007/10/11 17:02:38 | 00,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
[2009/01/14 16:14:05 | 00,603,904 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TUProgSt.exe
[2008/01/21 03:22:53 | 00,169,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
[2008/11/06 01:57:56 | 00,103,824 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
[2007/10/11 17:02:56 | 00,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
[2007/12/03 14:17:04 | 00,509,888 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
[2007/10/11 13:02:02 | 00,733,184 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
[2007/05/31 09:21:28 | 00,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdc.exe
[2006/04/28 09:14:44 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
[2007/09/02 13:58:52 | 00,516,096 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
[2008/01/21 03:22:38 | 00,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
[2008/01/21 03:23:48 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
[2006/04/28 09:14:44 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
[2006/04/28 09:14:44 | 00,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
[2007/10/23 12:14:08 | 00,156,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Mail\wlmail.exe
[2008/01/21 03:23:48 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
[2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe
[2008/01/21 03:21:41 | 00,113,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
[2008/12/06 15:57:20 | 00,114,840 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\vlc.exe
[2009/01/20 07:34:44 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2007/10/18 11:34:04 | 05,724,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
[2009/02/26 20:33:44 | 00,441,856 | ---- | M] (OldTimer Tools) -- C:\Users\Chakib\Desktop\OTViewIt.exe
[color=orange]========== (O23) Win32 Services ==========/color
[2007/07/10 20:26:48 | 00,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio [Auto | Running])
File not found -- -- (AntiVirMailService [Auto | Stopped])
File not found -- -- (AntiVirScheduler [Auto | Running])
File not found -- -- (AntiVirService [Auto | Stopped])
File not found -- -- (antivirwebservice [Auto | Stopped])
File not found -- -- (Apple Mobile Device [Auto | Running])
[2006/11/24 22:36:02 | 00,557,056 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility [Auto | Stopped])
File not found -- -- (AVEService [Auto | Start_Pending])
File not found -- -- (Bonjour Service [Auto | Running])
[2008/07/27 19:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
File not found -- -- (DcomLaunch [Unknown | Running])
[2008/01/21 03:22:43 | 00,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dps.dll -- (DPS [Unknown | Running])
File not found -- -- (EvtEng [Auto | Running])
[2008/06/20 02:14:44 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [Auto | Running])
[2008/01/21 03:23:02 | 00,574,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpsvc.dll -- (gpsvc [Unknown | Running])
File not found -- -- (gusvc [Auto | Stopped])
File not found -- -- (iPod Service [On_Demand | Stopped])
[2004/02/20 15:10:08 | 00,442,368 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\lxbtcoms.exe -- (lxbt_device [On_Demand | Stopped])
File not found -- -- (maconfservice [On_Demand | Stopped])
[2006/11/02 14:02:42 | 00,000,000 | ---D | M] -- C:\Windows\System32\Msdtc -- (MSDTC [Unknown | Stopped])
[2008/06/20 02:14:31 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
File not found -- -- (RegSrvc [Auto | Running])
File not found -- -- (Schedule [Unknown | Running])
[2008/01/21 03:23:10 | 02,623,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLsvc.exe -- (slsvc [Auto | Running])
[2006/11/02 10:45:46 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\snmptrap.exe -- (SNMPTRAP [On_Demand | Stopped])
File not found -- -- (Steam Client Service [On_Demand | Stopped])
File not found -- -- (TempoMonitoringService [Auto | Running])
File not found -- -- (TosCoSrv [Auto | Running])
[2009/01/14 16:13:43 | 00,360,192 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag [On_Demand | Stopped])
[2009/01/14 16:14:05 | 00,603,904 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc [Auto | Running])
[2008/01/21 03:22:16 | 00,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UI0Detect.exe -- (UI0Detect [On_Demand | Stopped])
File not found -- -- (usnjsvc [On_Demand | Running])
[2008/01/21 03:23:11 | 00,400,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vds.exe -- (vds [On_Demand | Stopped])
[2008/01/21 03:21:36 | 00,934,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbengine.exe -- (wbengine [On_Demand | Stopped])
File not found -- -- (WdiServiceHost [Unknown | Stopped])
File not found -- -- (WdiSystemHost [Unknown | Running])
[2008/09/18 05:56:07 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wersvc.dll -- (WerSvc [Unknown | Running])
File not found -- -- (WLSetupSvc [On_Demand | Stopped])
[2008/05/27 06:18:43 | 00,457,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchIndexer.exe -- (WSearch [Disabled | Stopped])
[color=orange]========== Driver Services ==========/color
[2008/01/21 03:21:29 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
[2008/01/21 03:21:33 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
[2008/01/21 03:21:34 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
[2008/01/21 03:21:35 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
[2007/07/10 20:26:46 | 01,161,888 | ---- | M] (Agere Systems) -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem [On_Demand | Running])
[2006/11/02 10:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\System32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,057,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\AMDAGP.SYS -- (amdagp [On_Demand | Stopped])
[2008/01/21 03:21:09 | 00,017,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdide.sys -- (amdide [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk7.sys -- (AmdK7 [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\amdk8.sys -- (AmdK8 [Disabled | Stopped])
[2008/01/21 03:21:32 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arc.sys -- (arc [Disabled | Stopped])
[2008/01/21 03:21:32 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\System32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
File not found -- -- (avgio [System | Running])
[2008/06/27 15:03:52 | 00,075,072 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb [System | Running])
[2008/01/21 03:21:10 | 00,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive [Disabled | Stopped])
[2008/01/21 03:22:00 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bowser.sys -- (bowser [On_Demand | Running])
[2006/11/02 09:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltLo.sys -- (BrFiltLo [On_Demand | Stopped])
[2006/11/02 09:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\System32\drivers\BrFiltUp.sys -- (BrFiltUp [On_Demand | Stopped])
[2006/11/02 09:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid [Disabled | Stopped])
[2006/11/02 09:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrSerWdm.sys -- (BrSerWdm [Disabled | Stopped])
[2006/11/02 09:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbMdm.sys -- (BrUsbMdm [Disabled | Stopped])
[2006/11/02 09:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Stopped])
[2006/11/02 09:55:23 | 00,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\bthmodem.sys -- (BTHMODEM [Disabled | Stopped])
[2008/01/21 03:21:34 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\circlass.sys -- (circlass [Disabled | Stopped])
[2008/01/21 03:22:01 | 00,247,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys -- (CLFS [Unknown | Running])
[2008/01/21 03:21:09 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\System32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
[2008/01/21 03:21:30 | 00,024,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crcdisk.sys -- (crcdisk [Boot | Running])
[2008/01/21 03:21:09 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\crusoe.sys -- (Crusoe [Disabled | Stopped])
[2008/01/21 03:23:34 | 00,350,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\csc.sys -- (CSC [System | Running])
[2008/01/21 03:23:02 | 00,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC [System | Running])
[2008/08/02 02:01:23 | 00,625,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgkrnl.sys -- (DXGKrnl [On_Demand | Running])
[2008/01/21 03:21:11 | 00,159,744 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\e100b325.sys -- (E100B [On_Demand | Running])
[2008/01/21 03:21:33 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
[2008/01/21 03:21:47 | 00,143,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ecache.sys -- (Ecache [Boot | Running])
[2008/01/21 03:21:30 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\System32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\errdev.sys -- (ErrDev [Disabled | Stopped])
[2008/01/21 03:23:12 | 00,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\exfat.sys -- (exfat [On_Demand | Stopped])
[2008/01/21 03:22:11 | 00,058,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fileinfo.sys -- (FileInfo [Boot | Running])
[2008/01/21 03:22:31 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\filetrace.sys -- (Filetrace [On_Demand | Stopped])
[2008/01/21 03:23:41 | 00,145,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fvevol.sys -- (fvevol [Boot | Running])
[2006/11/19 22:11:14 | 00,007,168 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk [On_Demand | Running])
[2008/01/21 03:21:30 | 00,061,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\GAGP30KX.SYS -- (gagp30kx [On_Demand | Stopped])
[2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2006/11/02 08:36:49 | 00,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Running])
[2008/01/21 03:21:30 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hdaudbus.sys -- (HDAudBus [On_Demand | Running])
[2006/11/02 09:55:22 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidbth.sys -- (HidBth [Disabled | Stopped])
[2006/11/02 09:55:01 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidir.sys -- (HidIr [Disabled | Stopped])
[2008/01/21 03:21:34 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\System32\drivers\HpCISSs.sys -- (HpCISSs [Disabled | Stopped])
[2008/01/21 03:21:31 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorV.sys -- (iaStorV [Disabled | Stopped])
[2006/11/02 10:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\System32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
[2008/01/21 03:21:30 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\IPMIDrv.sys -- (IPMIDRV [Disabled | Stopped])
[2006/11/02 10:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
[2006/11/02 10:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\System32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
[2008/01/21 03:21:31 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\kbdhid.sys -- (kbdhid [Disabled | Stopped])
[2008/01/21 03:22:45 | 00,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\lltdio.sys -- (lltdio [Auto | Running])
[2008/01/21 03:21:31 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
[2008/01/21 03:21:33 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
[2008/01/21 03:21:31 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
[2008/01/21 03:22:45 | 00,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\luafv.sys -- (luafv [Disabled | Stopped])
[2008/01/21 03:21:35 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\System32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
[2008/01/21 03:21:35 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\System32\drivers\MegaSR.sys -- (MegaSR [Disabled | Stopped])
[2008/01/21 03:21:30 | 00,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\monitor.sys -- (monitor [On_Demand | Running])
[2008/01/21 03:21:28 | 00,105,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpio.sys -- (mpio [Disabled | Stopped])
[2008/01/21 03:22:55 | 00,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mpsdrv.sys -- (mpsdrv [On_Demand | Running])
[2006/11/02 10:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\System32\drivers\Mraid35x.sys -- (Mraid35x [Disabled | Stopped])
[2008/08/27 02:05:41 | 00,212,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb10.sys -- (mrxsmb10 [On_Demand | Running])
[2008/01/21 03:22:37 | 00,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mrxsmb20.sys -- (mrxsmb20 [On_Demand | Running])
[2008/01/21 03:21:09 | 00,028,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msahci.sys -- (msahci [Disabled | Stopped])
[2008/01/21 03:21:29 | 00,094,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msdsm.sys -- (msdsm [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,016,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msisadrv.sys -- (msisadrv [Boot | Running])
[2008/01/21 03:22:36 | 00,163,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\msrpc.sys -- (MsRPC [On_Demand | Stopped])
[2008/05/20 03:07:31 | 00,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nwifi.sys -- (NativeWifiP [On_Demand | Running])
[2008/01/21 03:21:28 | 02,225,664 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32 [On_Demand | Stopped])
[2008/03/13 03:36:42 | 02,555,392 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32 [On_Demand | Stopped])
[2008/08/28 23:48:46 | 03,664,384 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32 [On_Demand | Running])
[2006/11/02 10:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\System32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
[2008/01/21 03:22:55 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\nsiproxy.sys -- (nsiproxy [System | Running])
[2006/11/02 08:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\System32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
[2008/01/21 03:21:29 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
[2008/01/21 03:21:29 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,109,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\NV_AGP.SYS -- (nv_agp [On_Demand | Stopped])
[2007/03/02 08:19:42 | 00,240,128 | ---- | M] (PARADOX) -- C:\Windows\System32\drivers\royal.sys -- (OemBiosDevice [Boot | Stopped])
[2006/11/02 10:04:35 | 00,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\PEAuth.sys -- (PEAUTH [Auto | Running])
[2008/04/05 02:21:42 | 00,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pacer.sys -- (PSched [System | Running])
[2008/01/21 03:21:40 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\qwavedrv.sys -- (QWAVEdrv [On_Demand | Stopped])
[2006/11/24 22:46:38 | 02,085,888 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys -- (R300 [On_Demand | Running])
[2008/01/21 03:23:13 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rassstp.sys -- (RasSstp [On_Demand | Running])
[2008/01/21 03:22:45 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rspndr.sys -- (rspndr [Auto | Running])
[2006/11/02 10:50:16 | 00,076,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sbp2port.sys -- (sbp2port [Disabled | Stopped])
[2008/01/21 03:21:29 | 00,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus [On_Demand | Running])
[2006/11/02 07:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])
[2008/01/21 03:21:28 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sermouse.sys -- (sermouse [Disabled | Stopped])
[2008/01/21 03:21:31 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffdisk.sys -- (sffdisk [Disabled | Stopped])
[2008/01/21 03:21:31 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_mmc.sys -- (sffp_mmc [On_Demand | Stopped])
[2008/01/21 03:21:31 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sffp_sd.sys -- (sffp_sd [On_Demand | Stopped])
[2008/01/21 03:21:09 | 00,055,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\SISAGP.SYS -- (sisagp [On_Demand | Stopped])
[2008/01/21 03:21:34 | 00,041,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
[2008/01/21 03:21:34 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\System32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
[2008/01/21 03:23:10 | 00,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\smb.sys -- (Smb [System | Running])
[2008/01/21 03:22:19 | 00,021,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\spldr.sys -- (spldr [Boot | Running])
[2009/01/23 18:44:41 | 00,717,296 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys -- (sptd [Boot | Running])
[2008/01/21 03:23:10 | 00,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys -- (srv2 [On_Demand | Running])
[2008/01/21 03:21:55 | 00,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\srvnet.sys -- (srvnet [On_Demand | Running])
[2007/11/08 19:03:26 | 00,021,248 | ---- | M] (AVIRA GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv [System | Running])
[2007/05/02 11:12:34 | 00,083,592 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_bus.sys -- (ssm_bus [On_Demand | Stopped])
[2007/05/02 11:12:36 | 00,015,112 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_mdfl.sys -- (ssm_mdfl [On_Demand | Stopped])
[2007/05/02 11:12:36 | 00,109,704 | ---- | M] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_mdm.sys -- (ssm_mdm [On_Demand | Stopped])
[2009/02/14 20:33:37 | 00,005,632 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen [System | Running])
[2006/11/02 10:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
[2006/11/02 10:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
[2006/11/02 10:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\System32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
[2008/01/21 03:21:53 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tcpipreg.sys -- (tcpipreg [Auto | Running])
[2008/01/21 03:23:00 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdx.sys -- (tdx [System | Running])
[2008/01/21 03:22:35 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\TUNMP.SYS -- (tunmp [On_Demand | Running])
[2008/01/21 03:22:35 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\tunnel.sys -- (tunnel [On_Demand | Running])
[2006/10/05 22:22:14 | 00,016,768 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ [Boot | Running])
[2008/01/21 03:21:30 | 00,059,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\UAGP35.SYS -- (uagp35 [On_Demand | Stopped])
[2008/01/21 03:21:09 | 00,060,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ULIAGPKX.SYS -- (uliagpkx [On_Demand | Stopped])
[2008/01/21 03:21:28 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\System32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
[2006/11/02 10:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
[2008/01/21 03:21:31 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\System32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
[2008/01/21 03:21:30 | 00,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\umbus.sys -- (umbus [On_Demand | Running])
[2008/11/07 14:23:30 | 00,032,000 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL [On_Demand | Stopped])
[2008/01/21 03:21:33 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023x.sys -- (usb_rndisx [On_Demand | Stopped])
[2008/01/21 03:21:11 | 00,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vgapnp.sys -- (vga [On_Demand | Stopped])
[2008/01/21 03:21:09 | 00,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\viac7.sys -- (ViaC7 [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
[2008/01/21 03:21:09 | 00,052,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgr.sys -- (volmgr [Boot | Running])
[2008/01/21 03:22:37 | 00,294,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\volmgrx.sys -- (volmgrx [Boot | Running])
[2008/01/21 03:21:32 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\System32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
[2006/11/02 09:52:52 | 00,020,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wacompen.sys -- (WacomPen [Disabled | Stopped])
[2008/01/21 03:21:33 | 00,022,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wd.sys -- (Wd [Disabled | Stopped])
[2008/01/21 03:21:58 | 00,503,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\Wdf01000.sys -- (Wdf01000 [Boot | Running])
[2008/01/21 03:21:34 | 00,031,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB [On_Demand | Stopped])
[2008/01/21 03:21:09 | 00,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wmiacpi.sys -- (WmiAcpi [Disabled | Stopped])
[2008/01/21 03:22:55 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ws2ifsl.sys -- (ws2ifsl [System | Running])
[color=orange]========== (R ) Internet Explorer ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=https://www.msn.com/fr-fr/?ocid=iehp
"Default_Search_URL"=https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=C:\windows\system32\blank.htm
"Search Page"=https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"SearchAssistant"=https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Local Page"=C:\windows\system32\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Start Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://home.microsoft.com/access/autosearch.asp?p=%s
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\Windows\System32\ieframe.dll (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = *.local
[color=orange]========== (O1) Hosts File ==========/color
HOSTS File = (27 bytes) - C:\Windows\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost
[color=orange]========== (O2) BHO's ==========/color
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Programmes\Java\jre6\bin\ssv.dll File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} (HKLM) -- C:\Programmes\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll File not found
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Programmes\Java\jre6\bin\jp2ssv.dll File not found
[color=orange]========== (O4) Run Keys ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"00TCrdMain"=%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe File not found
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" File not found
"HSON"=%ProgramFiles%\TOSHIBA\TBS\HSON.exe File not found
"SmoothView"=%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe File not found
"Toshiba TEMPO"=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe File not found
"TPwrMain"=%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE File not found
"Windows Mobile Device Center"=%windir%\WindowsMobile\wmdc.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background File not found
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" File not found
[color=orange]========== (O6 & O7) Current Version Policies ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=0
"EnableInstallerDetection"=0
"EnableLUA"=0
"EnableSecureUIAPaths"=1
"EnableVirtualization"=1
"PromptOnSecureDesktop"=1
"ValidateAdminCodeSignatures"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"scforceoption"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=0
"EnableUIADesktopToggle"=0
"DisableRegistryTools"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=1
"CF_BITMAP"=2
"CF_OEMTEXT"=7
"CF_DIB"=8
"CF_PALETTE"=9
"CF_UNICODETEXT"=13
"CF_DIBV5"=17
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FF FF FF FF [binary data]
"NoDrives"=0
[color=orange]========== (O9) IE Extensions ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}: Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 -- %SystemRoot%\WindowsMobile\INetRepl.dll [2007/05/31 09:21:16 | 00,176,520 | ---- | M] (Microsoft Corporation)
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}: Menu: @C:\Windows\WindowsMobile\INetRepl.dll,-223 -- %SystemRoot%\WindowsMobile\INetRepl.dll [2007/05/31 09:21:16 | 00,176,520 | ---- | M] (Microsoft Corporation)
{85d1f590-48f4-11d9-9669-0800200c9a66}: Menu: Uninstall BitDefender Online Scanner v8 -- %SystemRoot%\bdoscandel.exe [2006/05/25 01:22:06 | 00,077,784 | ---- | M] ()
[color=orange]========== (O12) Internet Explorer Plugins ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery
[color=orange]========== (O13) Default Prefixes ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://
[color=orange]========== (O15) Trusted Sites ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
48 domain(s) and sub-domain(s) not assigned to a zone.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
48 domain(s) and sub-domain(s) not assigned to a zone.
[color=orange]========== (O16) DPF ==========/color
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{17492023-C23A-453E-A040-C7C580BBF700}: http://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab -- Windows Genuine Advantage Validation Tool
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}: http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab -- BDSCANONLINE Control
{867E13F2-7F31-44FB-AC97-CD38E0DC46EF}: https://www.touslesdrivers.com/index.php?v_page=29 -- HardwareDetection Control
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab -- Java Plug-in 1.6.0_07
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab -- Java Plug-in 1.6.0_11
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab -- Shockwave Flash Object
[color=orange]========== (O17) DNS Name Servers ==========/color
{0399EC24-3C2B-467A-A58C-94A46CE9CCA6} (Servers: | Description: Microsoft Windows Mobile Remote Adapter)
{AEA8B627-C895-477D-A568-BCA2208AAA6E} (Servers: | Description: Intel(R) PRO/Wireless 3945ABG Network Connection)
{AF5E05D8-F374-4ACA-818D-9DA6A5194C86} (Servers: | Description: Connexion réseau Intel(R) PRO/100)
[color=orange]========== HKLM *SecurityProviders* ==========/color
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=credssp.dll
>[2008/01/21 03:22:44 | 00,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll
[color=orange]========== LSA *Security Packages* ==========/color
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Security Packages"=kerberos,msv1_0,schannel,wdigest,tspkg,
>[2008/01/21 03:22:44 | 00,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSpkg.dll
[color=orange]========== Safeboot Options ==========/color
"AlternateShell"=cmd.exe
[color=orange]========== CDRom AutoRun Settings ==========/color
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1
[color=orange]========== Autorun Files on Drives ==========/color
autoexec.bat [REM Dummy file for NTVDM | ]
[2006/09/18 22:43:36 | 00,000,024 | ---- | M] () -- C:\autoexec.bat -- [ NTFS ]
autorun.inf []
[2009/02/25 15:45:58 | 00,000,000 | RHSD | M] -- C:\autorun.inf -- [ NTFS ]
[color=orange]========== Files/Folders - Created Within 30 Days ==========/color
[2040/01/14 16:24:08 | 00,006,136 | ---- | C] () -- C:\Users\Chakib\AppData\Local\TimerStop64.sys
[2040/01/14 16:24:08 | 00,004,096 | ---- | C] () -- C:\Users\Chakib\AppData\Local\TimerStop.sys
[2009/02/26 20:33:43 | 00,441,856 | ---- | C] (OldTimer Tools) -- C:\Users\Chakib\Desktop\OTViewIt.exe
[2009/02/26 19:41:42 | 00,152,934 | ---- | C] (changelog.fr ) -- C:\Users\Chakib\Desktop\OAD.exe
[2009/02/26 19:06:43 | 00,831,488 | ---- | C] () -- C:\Users\Chakib\Desktop\scanroot.exe
[2009/02/26 15:19:44 | 00,747,873 | ---- | C] () -- C:\Users\Chakib\Desktop\gmer.zip
[2009/02/26 14:32:23 | 01,811,618 | ---- | C] () -- C:\Users\Chakib\Documents\rad_csv2asc.zip
[2009/02/26 04:07:01 | 00,000,000 | ---D | C] -- C:\rsit
[2009/02/26 04:06:40 | 00,781,851 | ---- | C] () -- C:\Users\Chakib\Desktop\RSIT.exe
[2009/02/26 03:55:06 | 00,000,000 | ---D | C] -- C:\Windows\temp
[2009/02/26 03:51:52 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/02/26 03:49:17 | 02,925,817 | R--- | C] () -- C:\Users\Chakib\Desktop\ComboFix.exe
[2009/02/26 02:10:16 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Local\ESET
[2009/02/26 02:07:41 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Roaming\ESET
[2009/02/26 02:06:03 | 00,000,000 | ---D | C] -- C:\ProgramData\ESET
[2009/02/26 00:39:05 | 00,229,376 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2009/02/26 00:16:15 | 02,210,333 | -H-- | C] () -- C:\Users\Chakib\AppData\Local\IconCache.db
[2009/02/25 23:31:35 | 00,094,465 | ---- | C] (Avira GmbH) -- C:\Windows\System32\avsda.dll
[2009/02/25 23:31:35 | 00,075,072 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2009/02/25 23:31:35 | 00,021,248 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2009/02/25 23:31:34 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/02/25 23:30:36 | 00,000,000 | ---D | C] -- C:\Users\Chakib\Documents\Avira AntiVir Premium 8.1.0.27- Fr + Key2011
[2009/02/25 23:29:29 | 00,000,000 | -HSD | C] -- C:\Users\Chakib\Documents\Mes vidéos
[2009/02/25 23:29:29 | 00,000,000 | -HSD | C] -- C:\Users\Chakib\Documents\Mes images
[2009/02/25 23:29:29 | 00,000,000 | -HSD | C] -- C:\Users\Chakib\Documents\Ma musique
[2009/02/25 21:56:06 | 26,823,14752 | -HS- | C] () -- C:\hiberfil.sys
[2009/02/25 21:07:15 | 00,000,000 | ---D | C] -- C:\Windows\Minidump
[2009/02/25 20:42:36 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira
[2009/02/25 16:15:06 | 00,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2009/02/25 15:45:58 | 00,000,000 | RHSD | C] -- C:\autorun.inf
[2009/02/25 00:12:36 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/02/25 00:12:35 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/02/24 23:20:27 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/02/24 22:42:59 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Roaming\Thinstall
[2009/02/24 22:42:59 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Local\Thinstall
[2009/02/24 22:10:09 | 00,000,000 | ---D | C] -- C:\Windows\System32\Kaspersky Lab
[2009/02/24 21:27:57 | 00,179,200 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2009/02/24 21:27:57 | 00,154,624 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2009/02/24 21:27:57 | 00,116,224 | ---- | C] () -- C:\Windows\sed.exe
[2009/02/24 21:27:57 | 00,109,984 | ---- | C] (Smallfrogs Studio) -- C:\Windows\fdsv.exe
[2009/02/24 21:27:57 | 00,097,820 | ---- | C] () -- C:\Windows\grep.exe
[2009/02/24 21:27:57 | 00,085,504 | ---- | C] () -- C:\Windows\zip.exe
[2009/02/24 21:27:57 | 00,072,548 | ---- | C] () -- C:\Windows\VFIND.exe
[2009/02/24 21:27:57 | 00,048,640 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2009/02/24 21:27:52 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/02/24 21:13:55 | 00,000,035 | ---- | C] () -- C:\Users\Chakib\AppData\Roaming\SetValue.bat
[2009/02/24 21:13:54 | 00,000,691 | ---- | C] () -- C:\Users\Chakib\AppData\Roaming\GetValue.vbs
[2009/02/24 20:42:51 | 00,000,000 | ---D | C] -- C:\ProgramData\Grisoft
[2009/02/24 20:15:13 | 00,000,000 | ---D | C] -- C:\Program Files\Grisoft
[2009/02/24 19:23:21 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Roaming\CopyTrans
[2009/02/24 19:10:53 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Roaming\Malwarebytes
[2009/02/24 19:10:51 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/02/24 19:10:49 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/02/24 19:10:48 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/02/24 19:10:48 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/02/24 13:53:55 | 00,244,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSFLXGRD.OCX
[2009/02/24 13:53:55 | 00,209,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TABCTL32.OCX
[2009/02/24 13:53:55 | 00,203,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RICHTX32.OCX
[2009/02/24 13:53:55 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RCHTXFR.DLL
[2009/02/24 13:53:55 | 00,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TABCTFR.DLL
[2009/02/24 13:53:53 | 00,644,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[2009/02/24 13:53:53 | 00,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCFR.DLL
[2009/02/24 13:53:53 | 00,090,112 | ---- | C] () -- C:\Windows\System32\GkSui18.EXE
[2009/02/24 13:53:53 | 00,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2FR.DLL
[2009/02/24 13:53:53 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FLXGDFR.DLL
[2009/02/24 13:53:53 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CMDLGFR.DLL
[2009/02/24 13:53:53 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETFR.DLL
[2009/02/24 13:53:53 | 00,000,000 | ---D | C] -- C:\Program Files\CyberLeadingCorp
[2009/02/23 20:30:15 | 00,000,000 | ---D | C] -- C:\Program Files\Orban
[2009/02/23 15:47:08 | 00,000,000 | -H-D | C] -- C:\RECYCLER
[2009/02/21 18:48:29 | 00,000,000 | ---D | C] -- C:\Program Files\Haali
[2009/02/21 18:47:54 | 00,000,000 | ---D | C] -- C:\Program Files\CoreCodec
[2009/02/15 18:32:12 | 00,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2009/02/15 18:32:12 | 00,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2009/02/15 18:32:11 | 00,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2009/02/15 18:32:11 | 00,043,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2009/02/15 18:32:11 | 00,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2009/02/15 18:32:11 | 00,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2009/02/15 18:32:09 | 00,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2009/02/15 18:32:07 | 00,326,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2009/02/15 18:24:34 | 00,096,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfshim.dll
[2009/02/15 18:24:32 | 00,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll
[2009/02/15 18:24:30 | 00,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2009/02/15 18:24:07 | 00,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2009/02/15 18:23:58 | 00,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2009/02/15 18:23:09 | 00,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2009/02/15 18:21:48 | 00,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2009/02/15 18:21:47 | 00,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2009/02/15 18:21:47 | 00,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2009/02/15 18:21:47 | 00,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2009/02/15 18:21:47 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2009/02/15 03:27:39 | 00,160,332 | ---- | C] () -- C:\Windows\nod32_v3.0.621.0_Fr Uninstaller.exe
[2009/02/15 01:18:13 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Roaming\Mozilla
[2009/02/15 01:18:13 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Local\Mozilla
[2009/02/14 20:35:07 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Roaming\Samsung
[2009/02/14 20:33:53 | 00,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2009/02/14 20:19:41 | 00,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009/02/14 20:11:05 | 00,109,704 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_mdm.sys
[2009/02/14 20:11:05 | 00,083,592 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_bus.sys
[2009/02/14 20:11:05 | 00,015,112 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_mdfl.sys
[2009/02/14 20:11:05 | 00,012,424 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_whnt.sys
[2009/02/14 20:11:05 | 00,012,424 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_wh.sys
[2009/02/14 20:11:05 | 00,012,424 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_cmnt.sys
[2009/02/14 20:11:05 | 00,012,424 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssm_cm.sys
[2009/02/14 20:09:57 | 00,000,000 | ---D | C] -- C:\Windows\System32\Samsung_USB_Drivers
[2009/02/14 20:09:56 | 00,000,766 | ---- | C] () -- C:\Windows\System32\Uninstall.ico
[2009/02/14 17:30:55 | 00,000,032 | ---- | C] () -- C:\Windows\go
[2009/02/14 15:30:01 | 00,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2009/02/14 00:20:20 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Local\Cooliris
[2009/02/11 03:04:16 | 03,580,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/02/11 03:04:14 | 06,069,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/02/11 03:04:14 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/02/11 03:04:13 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/02/11 03:04:13 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2009/02/11 03:04:13 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/02/11 03:04:13 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/02/11 03:04:13 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/02/11 03:04:12 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/02/07 22:54:09 | 00,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
[2009/02/04 19:41:24 | 00,000,000 | -H-D | C] -- C:\Users\Chakib\Documents\Dossier
[2009/02/01 02:30:20 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Local\PoiEdit
[2009/02/01 01:27:07 | 00,000,000 | ---D | C] -- C:\Program Files\CSV2ASC
[2009/01/31 21:18:56 | 00,086,016 | ---- | C] (Giganology Inc.) -- C:\Windows\System32\gigagetbho_v10.dll
[2009/01/31 21:18:53 | 00,000,000 | ---D | C] -- C:\Program Files\Giganology
[2009/01/31 21:09:28 | 00,000,000 | ---D | C] -- C:\Users\Chakib\AppData\Roaming\DMCache
[2009/01/31 20:48:34 | 00,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
[2009/01/31 20:48:32 | 00,000,000 | ---D | C] -- C:\Program Files\Free Video Converter
[2009/01/31 17:50:10 | 00,000,000 | ---D | C] -- C:\Program Files\DivX
[2009/01/31 00:34:33 | 04,869,538 | ---- | C] () -- C:\Windows\i900-Screeensaver.scr
[2009/01/30 11:00:02 | 00,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2009/01/29 18:58:10 | 00,000,000 | ---D | C] -- C:\Windows\System32\SDA
[2009/01/28 15:57:18 | 00,000,000 | ---D | C] -- C:\Program Files\SpeedCams_Serveur
[2009/01/28 15:57:12 | 00,274,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2009/01/28 15:57:11 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2009/01/28 00:10:32 | 00,000,860 | ---- | C] () -- C:\Windows\setup.iss
[color=orange]========== Files - Modified Within 30 Days ==========/color
[2040/01/14 16:24:08 | 00,006,136 | ---- | M] () -- C:\Users\Chakib\AppData\Local\TimerStop64.sys
[2040/01/14 16:24:08 | 00,004,096 | ---- | M] () -- C:\Users\Chakib\AppData\Local\TimerStop.sys
[2009/02/26 20:33:44 | 00,441,856 | ---- | M] (OldTimer Tools) -- C:\Users\Chakib\Desktop\OTViewIt.exe
[2009/02/26 20:21:56 | 00,003,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/02/26 20:21:56 | 00,003,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/02/26 20:13:37 | 00,000,504 | -H-- | M] () -- C:\Users\Chakib\Documents\Mes dossiers de partage.lnk
[2009/02/26 20:00:00 | 00,000,510 | ---- | M] () -- C:\Windows\tasks\Maintenance en 1 clic.job
[2009/02/26 19:41:42 | 00,152,934 | ---- | M] (changelog.fr ) -- C:\Users\Chakib\Desktop\OAD.exe
[2009/02/26 15:19:45 | 00,747,873 | ---- | M] () -- C:\Users\Chakib\Desktop\gmer.zip
[2009/02/26 14:32:25 | 01,811,618 | ---- | M] () -- C:\Users\Chakib\Documents\rad_csv2asc.zip
[2009/02/26 04:22:01 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/02/26 04:21:49 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/02/26 04:21:46 | 26,823,14752 | -HS- | M] () -- C:\hiberfil.sys
[2009/02/26 04:17:36 | 02,210,333 | -H-- | M] () -- C:\Users\Chakib\AppData\Local\IconCache.db
[2009/02/26 04:06:42 | 00,781,851 | ---- | M] () -- C:\Users\Chakib\Desktop\RSIT.exe
[2009/02/26 03:58:20 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini
[2009/02/26 03:58:09 | 00,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2009/02/26 03:49:45 | 02,925,817 | R--- | M] () -- C:\Users\Chakib\Desktop\ComboFix.exe
[2009/02/26 01:56:52 | 00,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20090226-032942.backup
[2009/02/26 00:17:24 | 00,198,552 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/02/25 22:44:31 | 00,000,532 | ---- | M] () -- C:\Windows\wininit.ini
[2009/02/25 16:44:27 | 00,175,616 | ---- | M] () -- C:\Users\Chakib\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/25 16:33:44 | 00,291,205 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.bak
[2009/02/25 01:41:07 | 00,825,352 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/02/25 01:41:07 | 00,698,326 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/02/25 01:41:07 | 00,329,632 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/02/24 21:17:05 | 00,000,691 | ---- | M] () -- C:\Users\Chakib\AppData\Roaming\GetValue.vbs
[2009/02/24 21:17:05 | 00,000,035 | ---- | M] () -- C:\Users\Chakib\AppData\Roaming\SetValue.bat
[2009/02/24 20:44:11 | 00,001,356 | ---- | M] () -- C:\Users\Chakib\AppData\Local\d3d9caps.dat
[2009/02/15 03:27:39 | 00,160,332 | ---- | M] () -- C:\Windows\nod32_v3.0.621.0_Fr Uninstaller.exe
[2009/02/14 20:33:53 | 00,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt
[2009/02/14 20:33:37 | 00,005,632 | ---- | M] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009/02/14 17:30:55 | 00,000,032 | ---- | M] () -- C:\Windows\go
[2009/02/11 10:19:42 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/02/11 10:19:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/02/04 00:21:12 | 21,244,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRT.exe
[2009/01/31 00:34:34 | 04,869,538 | ---- | M] () -- C:\Windows\i900-Screeensaver.scr
[2009/01/28 15:57:13 | 00,274,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe
[2009/01/28 15:57:12 | 00,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE
[2009/01/28 00:35:10 | 00,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2009/01/28 00:12:24 | 00,000,860 | ---- | M] () -- C:\Windows\setup.iss
< End of report >
Mjlm52
Messages postés
70
Date d'inscription
mardi 24 février 2009
Statut
Membre
Dernière intervention
5 mars 2009
26 févr. 2009 à 20:37
26 févr. 2009 à 20:37
OTViewIt Extras logfile created on: 26/02/2009 20:34:00 - Run
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\Chakib\Desktop
Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 70,93% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys;
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 48,73 Gb Free Space | 16,35% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC-DE-CHAKIB
Current User Name: Chakib
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
[color=orange]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Programmes\Internet Explorer\iexplore.exe File not found
[color=orange]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=1
"AntiVirusDisableNotify"=0x00000000
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0x00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride"=0
"AntiSpywareOverride"=0
"FirewallOverride"=0
"VistaSp1"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
"DisableNotifications"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]
[color=orange]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/01/21 03:21:52 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininit.exe:*:enabled:@shell32.dll,-1
[2008/01/21 03:22:59 | 00,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winlogon.exe:*:enabled:@shell32.dll,-1
[color=orange]========== (O10) Winsock2 Catalogs ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] -- C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] -- C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] -- C:\Windows\system32\pnrpnsp.dll File not found
NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] -- C:\Windows\system32\pnrpnsp.dll File not found
NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -- C:\Programmes\Bonjour\mdnsNSP.dll File not found
Protocol_Catalog9\Catalog_Entries\000000000001 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000002 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000003 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000004 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000005 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000006 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000007 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000008 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000009 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000010 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000011 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000012 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000013 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000014 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000015 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000016 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000017 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000018 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000019 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000020 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000021 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000022 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000023 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000024 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000025 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000026 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000027 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000028 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000029 -- File not found
[color=orange]========== HKEY_LOCAL_MACHINE Protocol Defaults ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults - Default Protocols
ldap -- 4 = Restricted sites (Not a Default Protocol)
news -- 4 = Restricted sites (Not a Default Protocol)
nntp -- 4 = Restricted sites (Not a Default Protocol)
oecmd -- 4 = Restricted sites (Not a Default Protocol)
snews -- 4 = Restricted sites (Not a Default Protocol)
[color=orange]========== (O18) Protocol Handlers ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
File not found C:\Programmes\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
File not found C:\Programmes\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
File not found C:\Programmes\Windows Live\Mail\mailcomm.dll (wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} (HKLM) [Windows Live Mail HTML Asynchronous Pluggable Protocol Handler])
[color=orange]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}"=Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}"=Bonjour
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}"=WD Diagnostics
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}"=Google Earth
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java(TM) 6 Update 11
"{2876AEE2-A9C9-4585-A46A-44CF451C960E}"=Vista x86 OneClick Activator
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}"=Sonic Update Manager
"{318AB667-3230-41B5-A617-CB3BF748D371}"=iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java(TM) 6 Update 7
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}"=ATI Catalyst Install Manager
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}"=Visionneuse Journal Windows Microsoft
"{55A29068-F2CE-456C-9148-C869879E2357}"=TuneUp Utilities 2009
"{5A46A02B-AC57-44AC-9501-145F7B12FF02}"=Toshiba TEMPRO
"{6860B340-530D-46B3-91F8-1AE1F70F7C33}"=OpenOffice.org 3.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}"=Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}"=VC80CRTRedist - 8.0.50727.762
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}"=mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}"=mHelp
"{904CCF62-818D-4675-BC76-D37EB399F917}"=Gestionnaire pour appareils Windows Mobile
"{A0D85877-DC09-4F08-9164-BE8381CB8E27}"=WD FAT32 Formatter
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}"=mDriver
"{A945BD16-4774-4A1F-96A7-118BEC004881}"=mCorev32.ism_new
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}"=Assistant de connexion Windows Live
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1"=Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}"=DivX Web Player
"{B77A308F-85F5-4D68-8CB5-313332CB2779}"=TOSHIBA Hardware Setup
"{BADF6744-3787-48F6-B8C9-4C4995401D65}"=Windows Live Messenger
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}"=Uniblue DriverScanner 2009
"{C4A4722E-79F9-417C-BD72-8D359A090C97}"=Samsung PC Studio 3
"{C514C594-23AA-4F13-A070-DB8BDB27594F}"=Windows Live Mail
"{C79A37F3-C076-48BE-B290-F4C8676ABD74}"=Samsung PC Studio 3
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1"=VDownloader 0.77
"{CCFC500F-36C8-67F6-B093-FB8D9F912203}"=ATI Catalyst Control Center Ex
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}"=Microsoft .NET Framework 3.5 SP1
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1"=Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{E7044E25-3038-4A76-9064-344AC038043E}"=Windows Mobile Device Center Driver Update
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}"=Samsung PC Studio 3 USB Driver Installer
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}"=TOSHIBA SD Memory Utilities
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}"=Apple Mobile Device Support
"{EC7FE2ED-F305-41B7-90B8-3DAE9E35307A}"=Ma-Config.com
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}"=mMHouse
"{F32ED8B1-2442-4B0E-8DEC-3F3BFC1C2B7F}"=mCPlug
"{F958CA02-BB40-4007-894B-258729456EE4}"=QuickTime
"{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}"=Windows Live installer
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}"=TOSHIBA Value Added Package
"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin
"AntiVir PersonalEdition Premium"=Avira AntiVir Premium
"CCleaner"=CCleaner (remove only)
"CoreAVC Professional Edition"=CoreAVC Professional Edition (remove only)
"CSV2ASC"=CSV2ASC
"Dropbox"=Dropbox
"EVEREST Ultimate Edition_is1"=EVEREST Ultimate Edition v5.00
"Foxit Reader"=Foxit Reader
"Free Video Converter_is1"=Free Video Converter V 1.5
"Google Updater"=Outil de mise à jour Google
"HaaliMkx"=Haali Media Splitter
"HijackThis"=HijackThis 2.0.2
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}"=TOSHIBA Value Added Package
"KLiteCodecPack_is1"=K-Lite Codec Pack 4.4.5 (Full)
"Lexmark 5200 Series"=Lexmark 5200 Series
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"Messenger Plus! Live"=Messenger Plus! Live
"Microsoft .NET Framework 3.5 SP1"=Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.6)"=Mozilla Firefox (3.0.6)
"Nero7Lite_is1"=Nero 7 Lite 7.10.1.0
"NFO Creator"=NFO Creator
"NFO viewer_is1"=NFO viewer v 2.1
"ProInst"=Logiciel Intel(R) PROSet/Wireless
"SAMSUNG Mobile Modem"=SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver"=Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem"=SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0"=SAMSUNG Mobile USB Modem 1.0 Software
"ST6UNST #1"=SpeedCams_Serveur
"Steam App 240"=Counter-Strike: Source
"StuffPlug3"=StuffPlug 3
"Uniblue DriverScanner 2009"=Uniblue DriverScanner 2009
"VLC media player"=VLC media player 0.9.8a
"Windows Mobile Device Handbook"=Manuel de l'appareil Windows Mobile®
"WinRAR archiver"=Archiveur WinRAR
[color=orange]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent"=µTorrent
[color=orange]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 26/02/2009 10:04:07 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 10:04:55 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 10:04:56 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 10:04:57 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 10:19:51 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 14:06:52 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 14:07:02 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 14:07:03 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 14:07:04 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 14:07:05 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
[ System Events ]
Error - 26/02/2009 13:51:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 14:01:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 14:11:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 14:21:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 14:31:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 14:41:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 14:51:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 15:01:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 15:11:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 15:21:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
[ TuneUp Events ]
Error - 14/01/2040 11:22:35 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: file is encrypted or is not a database; when executing
SQL: INSERT INTO MemApplications (Exe, Started, Ended, State, Resumed) SELECT Exe,
Started, '2040-01-14 16:22:35', 0, Resumed FROM ActiveApps WHERE ProcID=='4960';DELETE
FROM ActiveApps WHERE ProcID=='4960';
Error - 24/02/2009 14:11:00 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-24 19:11:00', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','2280',0)
Error - 24/02/2009 14:11:10 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-24 19:11:10', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','5040',0)
Error - 24/02/2009 15:25:57 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-24 20:25:57', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','5216',0)
Error - 24/02/2009 16:47:37 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-24 21:47:37', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','4776',0)
Error - 24/02/2009 18:49:44 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-24 23:49:44', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','5384',0)
Error - 24/02/2009 19:29:08 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-25 00:29:08', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','3956',0)
Error - 24/02/2009 20:33:58 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-25 01:33:58', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','1372',0)
Error - 25/02/2009 19:05:07 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-26 00:05:07', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','4912',0)
Error - 25/02/2009 19:17:44 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-26 00:17:44', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','1020',0)
< End of report >
OTViewIt by OldTimer - Version 1.0.21.0 Folder = C:\Users\Chakib\Desktop
Windows Vista Ultimate Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
2,00 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 70,93% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys;
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 48,73 Gb Free Space | 16,35% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC-DE-CHAKIB
Current User Name: Chakib
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
[color=orange]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Programmes\Internet Explorer\iexplore.exe File not found
[color=orange]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=1
"AntiVirusDisableNotify"=0x00000000
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0x00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride"=0
"AntiSpywareOverride"=0
"FirewallOverride"=0
"VistaSp1"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
"DisableNotifications"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging]
[color=orange]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/01/21 03:21:52 | 00,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininit.exe:*:enabled:@shell32.dll,-1
[2008/01/21 03:22:59 | 00,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winlogon.exe:*:enabled:@shell32.dll,-1
[color=orange]========== (O10) Winsock2 Catalogs ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] -- C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] -- C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] -- C:\Windows\system32\pnrpnsp.dll File not found
NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] -- C:\Windows\system32\pnrpnsp.dll File not found
NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] -- C:\Programmes\Bonjour\mdnsNSP.dll File not found
Protocol_Catalog9\Catalog_Entries\000000000001 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000002 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000003 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000004 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000005 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000006 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000007 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000008 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000009 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000010 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000011 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000012 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000013 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000014 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000015 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000016 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000017 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000018 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000019 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000020 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000021 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000022 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000023 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000024 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000025 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000026 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000027 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000028 -- File not found
Protocol_Catalog9\Catalog_Entries\000000000029 -- File not found
[color=orange]========== HKEY_LOCAL_MACHINE Protocol Defaults ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults - Default Protocols
ldap -- 4 = Restricted sites (Not a Default Protocol)
news -- 4 = Restricted sites (Not a Default Protocol)
nntp -- 4 = Restricted sites (Not a Default Protocol)
oecmd -- 4 = Restricted sites (Not a Default Protocol)
snews -- 4 = Restricted sites (Not a Default Protocol)
[color=orange]========== (O18) Protocol Handlers ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
File not found C:\Programmes\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
File not found C:\Programmes\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])
File not found C:\Programmes\Windows Live\Mail\mailcomm.dll (wlmailhtml:{03C514A3-1EFB-4856-9F99-10D7BE1653C0} (HKLM) [Windows Live Mail HTML Asynchronous Pluggable Protocol Handler])
[color=orange]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}"=Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}"=Bonjour
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}"=WD Diagnostics
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}"=Google Earth
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java(TM) 6 Update 11
"{2876AEE2-A9C9-4585-A46A-44CF451C960E}"=Vista x86 OneClick Activator
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}"=Sonic Update Manager
"{318AB667-3230-41B5-A617-CB3BF748D371}"=iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java(TM) 6 Update 7
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}"=ATI Catalyst Install Manager
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}"=Visionneuse Journal Windows Microsoft
"{55A29068-F2CE-456C-9148-C869879E2357}"=TuneUp Utilities 2009
"{5A46A02B-AC57-44AC-9501-145F7B12FF02}"=Toshiba TEMPRO
"{6860B340-530D-46B3-91F8-1AE1F70F7C33}"=OpenOffice.org 3.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}"=Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}"=Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}"=VC80CRTRedist - 8.0.50727.762
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}"=mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}"=mHelp
"{904CCF62-818D-4675-BC76-D37EB399F917}"=Gestionnaire pour appareils Windows Mobile
"{A0D85877-DC09-4F08-9164-BE8381CB8E27}"=WD FAT32 Formatter
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}"=mDriver
"{A945BD16-4774-4A1F-96A7-118BEC004881}"=mCorev32.ism_new
"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}"=Assistant de connexion Windows Live
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1"=Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}"=DivX Web Player
"{B77A308F-85F5-4D68-8CB5-313332CB2779}"=TOSHIBA Hardware Setup
"{BADF6744-3787-48F6-B8C9-4C4995401D65}"=Windows Live Messenger
"{C427E746-4EC9-4E3C-AACB-C6BB1F714D7F}"=Uniblue DriverScanner 2009
"{C4A4722E-79F9-417C-BD72-8D359A090C97}"=Samsung PC Studio 3
"{C514C594-23AA-4F13-A070-DB8BDB27594F}"=Windows Live Mail
"{C79A37F3-C076-48BE-B290-F4C8676ABD74}"=Samsung PC Studio 3
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1"=VDownloader 0.77
"{CCFC500F-36C8-67F6-B093-FB8D9F912203}"=ATI Catalyst Control Center Ex
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}"=Microsoft .NET Framework 3.5 SP1
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1"=Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{E7044E25-3038-4A76-9064-344AC038043E}"=Windows Mobile Device Center Driver Update
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}"=Samsung PC Studio 3 USB Driver Installer
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}"=TOSHIBA SD Memory Utilities
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}"=Apple Mobile Device Support
"{EC7FE2ED-F305-41B7-90B8-3DAE9E35307A}"=Ma-Config.com
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}"=mMHouse
"{F32ED8B1-2442-4B0E-8DEC-3F3BFC1C2B7F}"=mCPlug
"{F958CA02-BB40-4007-894B-258729456EE4}"=QuickTime
"{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}"=Windows Live installer
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}"=TOSHIBA Value Added Package
"Adobe Flash Player ActiveX"=Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin"=Adobe Flash Player 10 Plugin
"AntiVir PersonalEdition Premium"=Avira AntiVir Premium
"CCleaner"=CCleaner (remove only)
"CoreAVC Professional Edition"=CoreAVC Professional Edition (remove only)
"CSV2ASC"=CSV2ASC
"Dropbox"=Dropbox
"EVEREST Ultimate Edition_is1"=EVEREST Ultimate Edition v5.00
"Foxit Reader"=Foxit Reader
"Free Video Converter_is1"=Free Video Converter V 1.5
"Google Updater"=Outil de mise à jour Google
"HaaliMkx"=Haali Media Splitter
"HijackThis"=HijackThis 2.0.2
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}"=TOSHIBA Value Added Package
"KLiteCodecPack_is1"=K-Lite Codec Pack 4.4.5 (Full)
"Lexmark 5200 Series"=Lexmark 5200 Series
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"Messenger Plus! Live"=Messenger Plus! Live
"Microsoft .NET Framework 3.5 SP1"=Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.6)"=Mozilla Firefox (3.0.6)
"Nero7Lite_is1"=Nero 7 Lite 7.10.1.0
"NFO Creator"=NFO Creator
"NFO viewer_is1"=NFO viewer v 2.1
"ProInst"=Logiciel Intel(R) PROSet/Wireless
"SAMSUNG Mobile Modem"=SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver"=Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem"=SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0"=SAMSUNG Mobile USB Modem 1.0 Software
"ST6UNST #1"=SpeedCams_Serveur
"Steam App 240"=Counter-Strike: Source
"StuffPlug3"=StuffPlug 3
"Uniblue DriverScanner 2009"=Uniblue DriverScanner 2009
"VLC media player"=VLC media player 0.9.8a
"Windows Mobile Device Handbook"=Manuel de l'appareil Windows Mobile®
"WinRAR archiver"=Archiveur WinRAR
[color=orange]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent"=µTorrent
[color=orange]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 26/02/2009 10:04:07 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 10:04:55 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 10:04:56 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 10:04:57 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 10:19:51 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 14:06:52 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 14:07:02 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 14:07:03 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 14:07:04 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
Error - 26/02/2009 14:07:05 | Computer Name = PC-de-Chakib | Source = Application Error | ID = 1000
Description =
[ System Events ]
Error - 26/02/2009 13:51:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 14:01:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 14:11:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 14:21:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 14:31:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 14:41:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 14:51:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 15:01:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 15:11:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
Error - 26/02/2009 15:21:54 | Computer Name = PC-de-Chakib | Source = LSM | ID = 1050
Description =
[ TuneUp Events ]
Error - 14/01/2040 11:22:35 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: file is encrypted or is not a database; when executing
SQL: INSERT INTO MemApplications (Exe, Started, Ended, State, Resumed) SELECT Exe,
Started, '2040-01-14 16:22:35', 0, Resumed FROM ActiveApps WHERE ProcID=='4960';DELETE
FROM ActiveApps WHERE ProcID=='4960';
Error - 24/02/2009 14:11:00 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-24 19:11:00', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','2280',0)
Error - 24/02/2009 14:11:10 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-24 19:11:10', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','5040',0)
Error - 24/02/2009 15:25:57 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-24 20:25:57', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','5216',0)
Error - 24/02/2009 16:47:37 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-24 21:47:37', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','4776',0)
Error - 24/02/2009 18:49:44 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-24 23:49:44', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','5384',0)
Error - 24/02/2009 19:29:08 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-25 00:29:08', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','3956',0)
Error - 24/02/2009 20:33:58 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-25 01:33:58', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','1372',0)
Error - 25/02/2009 19:05:07 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-26 00:05:07', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','4912',0)
Error - 25/02/2009 19:17:44 | Computer Name = PC-de-Chakib | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-02-26 00:17:44', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','1020',0)
< End of report >
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
26 févr. 2009 à 20:42
26 févr. 2009 à 20:42
tient tient ...
peux-tu me vérifier ces deux fichier sur VirusTotal stp :
C:\Users\Chakib\AppData\Local\TimerStop64.sys
C:\Users\Chakib\AppData\Local\TimerStop.sys
poste moi les rapports obtenus stp ....
peux-tu me vérifier ces deux fichier sur VirusTotal stp :
C:\Users\Chakib\AppData\Local\TimerStop64.sys
C:\Users\Chakib\AppData\Local\TimerStop.sys
poste moi les rapports obtenus stp ....
Mjlm52
Messages postés
70
Date d'inscription
mardi 24 février 2009
Statut
Membre
Dernière intervention
5 mars 2009
26 févr. 2009 à 20:45
26 févr. 2009 à 20:45
Ok je fait sa ...
je sais se que sait , c'est un crack pour activer Windows vista ^^
je sais se que sait , c'est un crack pour activer Windows vista ^^
Mjlm52
Messages postés
70
Date d'inscription
mardi 24 février 2009
Statut
Membre
Dernière intervention
5 mars 2009
26 févr. 2009 à 20:50
26 févr. 2009 à 20:50
Fichier TimerStop64.sys reçu le 2009.02.26 20:45:58 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 1/39 (2.57%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 3.
L'heure estimée de démarrage est entre 50 et 72 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Formaté
Impression des résultats Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.02.26 -
AhnLab-V3 5.0.0.2 2009.02.26 -
AntiVir 7.9.0.93 2009.02.26 -
Authentium 5.1.0.4 2009.02.26 -
Avast 4.8.1335.0 2009.02.25 -
AVG 8.0.0.237 2009.02.26 -
BitDefender 7.2 2009.02.26 -
CAT-QuickHeal 10.00 2009.02.26 -
ClamAV 0.94.1 2009.02.26 -
Comodo 986 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.26 -
eSafe 7.0.17.0 2009.02.26 -
eTrust-Vet 31.6.6375 2009.02.26 -
F-Prot 4.4.4.56 2009.02.26 -
F-Secure 8.0.14470.0 2009.02.26 -
Fortinet 3.117.0.0 2009.02.26 -
GData 19 2009.02.26 -
Ikarus T3.1.1.45.0 2009.02.26 -
K7AntiVirus 7.10.648 2009.02.26 -
Kaspersky 7.0.0.125 2009.02.26 -
McAfee 5537 2009.02.26 -
McAfee+Artemis 5537 2009.02.26 -
Microsoft 1.4306 2009.02.26 -
NOD32 3893 2009.02.26 -
Norman 6.00.06 2009.02.26 -
nProtect 2009.1.8.0 2009.02.26 -
Panda 10.0.0.10 2009.02.26 -
PCTools 4.4.2.0 2009.02.26 -
Prevx1 V2 2009.02.26 High Risk Cloaked Malware
Rising 21.18.32.00 2009.02.26 -
SecureWeb-Gateway 6.0.0 2009.02.26 -
Sophos 4.39.0 2009.02.26 -
Sunbelt 3.2.1858.2 2009.02.25 -
Symantec 10 2009.02.26 -
TheHacker 6.3.2.5.265 2009.02.25 -
TrendMicro 8.700.0.1004 2009.02.26 -
VBA32 3.12.10.0 2009.02.26 -
ViRobot 2009.2.26.1625 2009.02.26 -
VirusBuster 4.5.11.0 2009.02.26 -
Information additionnelle
File size: 6136 bytes
MD5...: 2898fb2be37b758322b55bbc001f48eb
SHA1..: 485241d24d99bfdadae78b6263eef30171f77293
SHA256: 22c446818e884d4e7c37dac3c475e81d848393662ac9ccacd1553bf2c65f68c1
SHA512: e2dc4273200686f5eda90ff55b92c2995ff71ffb0812a5a59df6e64fe41d19ff
b153b99cdc976e751e5952447f4db21118825e6392a3432f6800d2457b693754
ssdeep: 48:aPdBpYWZ7wT4QKeLMQDEHrIam4ZMzOxX53iN7JRlLbd/6lvebdXaIp0zpAUwJ
3ff:edBZ7wT4QV68am4YGJ3i2Iqdg38c
PEiD..: -
TrID..: File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x15008
timedatestamp.....: 0x458c5fed (Fri Dec 22 22:45:01 2006)
machinetype.......: 0x8664 (AMD64)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x69d 0x800 5.45 1d1856bf8364db4866403b1d2c964a60
.rdata 0x2000 0x11c 0x200 2.90 e504abc03eb57f64e85c41401ae5e15d
.data 0x3000 0x218 0x200 1.30 879e818092a3af58e5f9bc9408394f04
.pdata 0x4000 0x3c 0x200 0.57 e1e386bfdf13698c4f725532aff16fdb
INIT 0x5000 0x1c2 0x200 4.41 fb04d18dc6cfd07ce220dfdccdb4bc78
( 1 imports )
> ntoskrnl.exe: _stricmp, ExAllocatePoolWithTag, ExFreePoolWithTag, NtQuerySystemInformation, memchr, KeInitializeDpc, RtlInitString, KeInitializeTimer, KeSetTimerEx, KeCancelTimer, KeBugCheckEx
( 0 exports )
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=94465C96F827123417F300D09220580046E0EB62' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=94465C96F827123417F300D09220580046E0EB62</a>
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=2898fb2be37b758322b55bbc001f48eb' target='_blank'>http://research.sunbelt-software.com/...
il a trouver un truc a ce que je vois ? pour C:\Users\Chakib\AppData\Local\TimerStop64.sys
Fichier TimerStop.sys reçu le 2009.02.26 20:49:17 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 0/38 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: ___.
L'heure estimée de démarrage est entre ___ et ___ .
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Formaté
Impression des résultats Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.02.26 -
AntiVir 7.9.0.93 2009.02.26 -
Authentium 5.1.0.4 2009.02.26 -
Avast 4.8.1335.0 2009.02.25 -
AVG 8.0.0.237 2009.02.26 -
BitDefender 7.2 2009.02.26 -
CAT-QuickHeal 10.00 2009.02.26 -
ClamAV 0.94.1 2009.02.26 -
Comodo 986 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.26 -
eSafe 7.0.17.0 2009.02.26 -
eTrust-Vet 31.6.6375 2009.02.26 -
F-Prot 4.4.4.56 2009.02.26 -
F-Secure 8.0.14470.0 2009.02.26 -
Fortinet 3.117.0.0 2009.02.26 -
GData 19 2009.02.26 -
Ikarus T3.1.1.45.0 2009.02.26 -
K7AntiVirus 7.10.648 2009.02.26 -
Kaspersky 7.0.0.125 2009.02.26 -
McAfee 5537 2009.02.26 -
McAfee+Artemis 5537 2009.02.26 -
Microsoft 1.4306 2009.02.26 -
NOD32 3893 2009.02.26 -
Norman 6.00.06 2009.02.26 -
nProtect 2009.1.8.0 2009.02.26 -
Panda 10.0.0.10 2009.02.26 -
PCTools 4.4.2.0 2009.02.26 -
Prevx1 V2 2009.02.26 -
Rising 21.18.32.00 2009.02.26 -
SecureWeb-Gateway 6.0.0 2009.02.26 -
Sophos 4.39.0 2009.02.26 -
Sunbelt 3.2.1858.2 2009.02.25 -
Symantec 10 2009.02.26 -
TheHacker 6.3.2.5.265 2009.02.25 -
TrendMicro 8.700.0.1004 2009.02.26 -
VBA32 3.12.10.0 2009.02.26 -
ViRobot 2009.2.26.1625 2009.02.26 -
VirusBuster 4.5.11.0 2009.02.26 -
Information additionnelle
File size: 4096 bytes
MD5...: ee50afab5e473da1dc5eaa5239b775f3
SHA1..: fb4272288cbc3cb7c50a6c5a4b3464141512052d
SHA256: 76dd151c50e6f5b81432a5ada37e2fd6376ba6c4b8407bb7738c509f9af524ef
SHA512: 7ee16e3c9c184ca8de7b655323715c5eeddb85127e91717b5fa56b22c3eae99e
229c91fefd77cf8a89ed3321db33782b277cb773c0e8def3b1b4ed4a9e568256
ssdeep: 24:eFGSaDiWlbWAu1nKc3+eYLPnKYoLxGzARkfEfSkq3+VrVbsYUs978JyCmg:i6
7WAu15iLyYoNGs/62BNUsuJB3
PEiD..: -
TrID..: File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x14005
timedatestamp.....: 0x458c5fd9 (Fri Dec 22 22:44:41 2006)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x2b6 0x400 4.67 708318f296564e2f8cbb19c98f638868
.rdata 0x2000 0xa3 0x200 1.83 e49a154ed8405d37175af0d88b995ddd
.data 0x3000 0xe8 0x200 1.17 2279501b22ceed58fdcfc9d46707d4c0
INIT 0x4000 0x17e 0x200 4.24 d61da0098122cb8e7b8d8f5b890c7872
.reloc 0x5000 0x7e 0x200 1.20 8c66f3069f05463b8a2e1a90b8be67c7
( 1 imports )
> ntoskrnl.exe: KeCancelTimer, memchr, ExFreePoolWithTag, _stricmp, ExAllocatePoolWithTag, NtQuerySystemInformation, RtlInitString, memset, KeSetTimerEx, KeInitializeDpc, KeInitializeTimer, KeTickCount
( 0 exports )
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=ee50afab5e473da1dc5eaa5239b775f3' target='_blank'>http://research.sunbelt-software.com/...
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 1/39 (2.57%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: 3.
L'heure estimée de démarrage est entre 50 et 72 secondes.
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Formaté
Impression des résultats Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.02.26 -
AhnLab-V3 5.0.0.2 2009.02.26 -
AntiVir 7.9.0.93 2009.02.26 -
Authentium 5.1.0.4 2009.02.26 -
Avast 4.8.1335.0 2009.02.25 -
AVG 8.0.0.237 2009.02.26 -
BitDefender 7.2 2009.02.26 -
CAT-QuickHeal 10.00 2009.02.26 -
ClamAV 0.94.1 2009.02.26 -
Comodo 986 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.26 -
eSafe 7.0.17.0 2009.02.26 -
eTrust-Vet 31.6.6375 2009.02.26 -
F-Prot 4.4.4.56 2009.02.26 -
F-Secure 8.0.14470.0 2009.02.26 -
Fortinet 3.117.0.0 2009.02.26 -
GData 19 2009.02.26 -
Ikarus T3.1.1.45.0 2009.02.26 -
K7AntiVirus 7.10.648 2009.02.26 -
Kaspersky 7.0.0.125 2009.02.26 -
McAfee 5537 2009.02.26 -
McAfee+Artemis 5537 2009.02.26 -
Microsoft 1.4306 2009.02.26 -
NOD32 3893 2009.02.26 -
Norman 6.00.06 2009.02.26 -
nProtect 2009.1.8.0 2009.02.26 -
Panda 10.0.0.10 2009.02.26 -
PCTools 4.4.2.0 2009.02.26 -
Prevx1 V2 2009.02.26 High Risk Cloaked Malware
Rising 21.18.32.00 2009.02.26 -
SecureWeb-Gateway 6.0.0 2009.02.26 -
Sophos 4.39.0 2009.02.26 -
Sunbelt 3.2.1858.2 2009.02.25 -
Symantec 10 2009.02.26 -
TheHacker 6.3.2.5.265 2009.02.25 -
TrendMicro 8.700.0.1004 2009.02.26 -
VBA32 3.12.10.0 2009.02.26 -
ViRobot 2009.2.26.1625 2009.02.26 -
VirusBuster 4.5.11.0 2009.02.26 -
Information additionnelle
File size: 6136 bytes
MD5...: 2898fb2be37b758322b55bbc001f48eb
SHA1..: 485241d24d99bfdadae78b6263eef30171f77293
SHA256: 22c446818e884d4e7c37dac3c475e81d848393662ac9ccacd1553bf2c65f68c1
SHA512: e2dc4273200686f5eda90ff55b92c2995ff71ffb0812a5a59df6e64fe41d19ff
b153b99cdc976e751e5952447f4db21118825e6392a3432f6800d2457b693754
ssdeep: 48:aPdBpYWZ7wT4QKeLMQDEHrIam4ZMzOxX53iN7JRlLbd/6lvebdXaIp0zpAUwJ
3ff:edBZ7wT4QV68am4YGJ3i2Iqdg38c
PEiD..: -
TrID..: File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x15008
timedatestamp.....: 0x458c5fed (Fri Dec 22 22:45:01 2006)
machinetype.......: 0x8664 (AMD64)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x69d 0x800 5.45 1d1856bf8364db4866403b1d2c964a60
.rdata 0x2000 0x11c 0x200 2.90 e504abc03eb57f64e85c41401ae5e15d
.data 0x3000 0x218 0x200 1.30 879e818092a3af58e5f9bc9408394f04
.pdata 0x4000 0x3c 0x200 0.57 e1e386bfdf13698c4f725532aff16fdb
INIT 0x5000 0x1c2 0x200 4.41 fb04d18dc6cfd07ce220dfdccdb4bc78
( 1 imports )
> ntoskrnl.exe: _stricmp, ExAllocatePoolWithTag, ExFreePoolWithTag, NtQuerySystemInformation, memchr, KeInitializeDpc, RtlInitString, KeInitializeTimer, KeSetTimerEx, KeCancelTimer, KeBugCheckEx
( 0 exports )
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=94465C96F827123417F300D09220580046E0EB62' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=94465C96F827123417F300D09220580046E0EB62</a>
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=2898fb2be37b758322b55bbc001f48eb' target='_blank'>http://research.sunbelt-software.com/...
il a trouver un truc a ce que je vois ? pour C:\Users\Chakib\AppData\Local\TimerStop64.sys
Fichier TimerStop.sys reçu le 2009.02.26 20:49:17 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 0/38 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: ___.
L'heure estimée de démarrage est entre ___ et ___ .
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Formaté
Impression des résultats Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:
Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.02.26 -
AntiVir 7.9.0.93 2009.02.26 -
Authentium 5.1.0.4 2009.02.26 -
Avast 4.8.1335.0 2009.02.25 -
AVG 8.0.0.237 2009.02.26 -
BitDefender 7.2 2009.02.26 -
CAT-QuickHeal 10.00 2009.02.26 -
ClamAV 0.94.1 2009.02.26 -
Comodo 986 2009.02.20 -
DrWeb 4.44.0.09170 2009.02.26 -
eSafe 7.0.17.0 2009.02.26 -
eTrust-Vet 31.6.6375 2009.02.26 -
F-Prot 4.4.4.56 2009.02.26 -
F-Secure 8.0.14470.0 2009.02.26 -
Fortinet 3.117.0.0 2009.02.26 -
GData 19 2009.02.26 -
Ikarus T3.1.1.45.0 2009.02.26 -
K7AntiVirus 7.10.648 2009.02.26 -
Kaspersky 7.0.0.125 2009.02.26 -
McAfee 5537 2009.02.26 -
McAfee+Artemis 5537 2009.02.26 -
Microsoft 1.4306 2009.02.26 -
NOD32 3893 2009.02.26 -
Norman 6.00.06 2009.02.26 -
nProtect 2009.1.8.0 2009.02.26 -
Panda 10.0.0.10 2009.02.26 -
PCTools 4.4.2.0 2009.02.26 -
Prevx1 V2 2009.02.26 -
Rising 21.18.32.00 2009.02.26 -
SecureWeb-Gateway 6.0.0 2009.02.26 -
Sophos 4.39.0 2009.02.26 -
Sunbelt 3.2.1858.2 2009.02.25 -
Symantec 10 2009.02.26 -
TheHacker 6.3.2.5.265 2009.02.25 -
TrendMicro 8.700.0.1004 2009.02.26 -
VBA32 3.12.10.0 2009.02.26 -
ViRobot 2009.2.26.1625 2009.02.26 -
VirusBuster 4.5.11.0 2009.02.26 -
Information additionnelle
File size: 4096 bytes
MD5...: ee50afab5e473da1dc5eaa5239b775f3
SHA1..: fb4272288cbc3cb7c50a6c5a4b3464141512052d
SHA256: 76dd151c50e6f5b81432a5ada37e2fd6376ba6c4b8407bb7738c509f9af524ef
SHA512: 7ee16e3c9c184ca8de7b655323715c5eeddb85127e91717b5fa56b22c3eae99e
229c91fefd77cf8a89ed3321db33782b277cb773c0e8def3b1b4ed4a9e568256
ssdeep: 24:eFGSaDiWlbWAu1nKc3+eYLPnKYoLxGzARkfEfSkq3+VrVbsYUs978JyCmg:i6
7WAu15iLyYoNGs/62BNUsuJB3
PEiD..: -
TrID..: File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x14005
timedatestamp.....: 0x458c5fd9 (Fri Dec 22 22:44:41 2006)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x2b6 0x400 4.67 708318f296564e2f8cbb19c98f638868
.rdata 0x2000 0xa3 0x200 1.83 e49a154ed8405d37175af0d88b995ddd
.data 0x3000 0xe8 0x200 1.17 2279501b22ceed58fdcfc9d46707d4c0
INIT 0x4000 0x17e 0x200 4.24 d61da0098122cb8e7b8d8f5b890c7872
.reloc 0x5000 0x7e 0x200 1.20 8c66f3069f05463b8a2e1a90b8be67c7
( 1 imports )
> ntoskrnl.exe: KeCancelTimer, memchr, ExFreePoolWithTag, _stricmp, ExAllocatePoolWithTag, NtQuerySystemInformation, RtlInitString, memset, KeSetTimerEx, KeInitializeDpc, KeInitializeTimer, KeTickCount
( 0 exports )
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=ee50afab5e473da1dc5eaa5239b775f3' target='_blank'>http://research.sunbelt-software.com/...
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
26 févr. 2009 à 21:05
26 févr. 2009 à 21:05
c'est un crack pour activer Windows vista
???? Faut arrèter le conneraie un jour .... -_-
tu peux être un peut plus précis la dessus stp ....
puis fait cet autre scan de diagnostique stp :
Télécharge SREng( System Repair Engineer ) par Smallfrogs qui est sur cette page :
http://www.kztechs.com/eng/download.html
Décompresse son contenu ( = clique droit sur le .zip/"extraire tout") sur ton Bureau (et pas ailleurs).
Ouvre le dossier sreng2 qui se trouve maintenant sur ton Bureau .
-> double-clique sur "SREng.exe" afin de lancer l'outil .
->Cliqus sur "Smart Scan" .
Ensuite, clique sur le bouton [Scan]
Lorsque complété, clique sur le bouton [Save Reports]
->Sauvegarde le rapport sur ton Bureau .
Copies/colle le contenu du fichier SREnglLOG.log dans ta prochaine réponse pour analyse ...
???? Faut arrèter le conneraie un jour .... -_-
tu peux être un peut plus précis la dessus stp ....
puis fait cet autre scan de diagnostique stp :
Télécharge SREng( System Repair Engineer ) par Smallfrogs qui est sur cette page :
http://www.kztechs.com/eng/download.html
Décompresse son contenu ( = clique droit sur le .zip/"extraire tout") sur ton Bureau (et pas ailleurs).
Ouvre le dossier sreng2 qui se trouve maintenant sur ton Bureau .
-> double-clique sur "SREng.exe" afin de lancer l'outil .
->Cliqus sur "Smart Scan" .
Ensuite, clique sur le bouton [Scan]
Lorsque complété, clique sur le bouton [Save Reports]
->Sauvegarde le rapport sur ton Bureau .
Copies/colle le contenu du fichier SREnglLOG.log dans ta prochaine réponse pour analyse ...
Mjlm52
Messages postés
70
Date d'inscription
mardi 24 février 2009
Statut
Membre
Dernière intervention
5 mars 2009
26 févr. 2009 à 21:15
26 févr. 2009 à 21:15
Encore un probleme :s j'ai extrait l'archive donc moi SREngLdr. exe pas "SREng.exe" comme tu la dit ...
Mais bon sa doit pas etre un soucis sa , quand je le lance il y a un message d'erreur :
https://imageshack.com/
décidément rien ne veut se lancer :s
Mais bon sa doit pas etre un soucis sa , quand je le lance il y a un message d'erreur :
https://imageshack.com/
décidément rien ne veut se lancer :s
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
26 févr. 2009 à 21:21
26 févr. 2009 à 21:21
Sur cette page :
http://www.kztechs.com/eng/download.html
c'est le deuxieme qu'il faut téléchargé ...
et tu n'as pas répondu à ma question ...
http://www.kztechs.com/eng/download.html
c'est le deuxieme qu'il faut téléchargé ...
et tu n'as pas répondu à ma question ...
Mjlm52
Messages postés
70
Date d'inscription
mardi 24 février 2009
Statut
Membre
Dernière intervention
5 mars 2009
26 févr. 2009 à 21:30
26 févr. 2009 à 21:30
Heuuu.... je sais lol c'est bien celui la que j'ai prit ...
Pour la réponse : C'est un crack que j'avais télécharger et qui n'était pas vérolé , pour activer windows vista , car j'ai une version piraté et il fallait bien l'activer avant 30 jours sinon j'avais plus de système d'exploitation ^^
Mais si je m'en souvient bien il marcher pas donc je l'ai supprimer ... mais a ce que je vois il est toujours dans le PC
Mais dit moi il a quoi mon PC il est infecté par quoi ?
Pour la réponse : C'est un crack que j'avais télécharger et qui n'était pas vérolé , pour activer windows vista , car j'ai une version piraté et il fallait bien l'activer avant 30 jours sinon j'avais plus de système d'exploitation ^^
Mais si je m'en souvient bien il marcher pas donc je l'ai supprimer ... mais a ce que je vois il est toujours dans le PC
Mais dit moi il a quoi mon PC il est infecté par quoi ?
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
26 févr. 2009 à 21:44
26 févr. 2009 à 21:44
très bien ...
donc faut pas s'étonner que plein de chose merde ^^
Juste pour info :
http://www.commentcamarche.net/faq/sujet 2981 windows j utilise une version piratee
donc on va arrèter là , tu peux nettoyer les dernier outil utiliser et refaire un coup de Toolscleaner :
http://pc-system.fr/
puis un coup de CCleaner ... garde aussi ton Nod32 piraté ...
toutes les embroulles qu'on a aux niveau des outil qui ne passe pas vienne surement de ta version bencale de Vista ...
passe un petit coup de cette outil ensuite :
Téléchargez Dr.Web CureIt! sur votre Bureau.
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
Double-cliquez sur "drweb-cureit.exe" et cliquez sur" Commencer" le scan.
Ce scan rapide permet l'analyse des processus chargés en mémoire; s'il trouve des processus infectés, cliquez sur le bouton "Oui pour Tout" à l'invite.
* Lorsque le scan rapide est terminé, cliquez sur Options > Changer la configuration.
* Choisissez l'onglet Scanner, et décochez Analyse heuristique.
* De retour à la fenêtre principale : choisissez Analyse complète.
* Cliquez la flèche verte sur la droite et le scan débutera. Une publicité apparaît quelquefois, fermez-la.
* Cliquez Oui pour Tout si un fichier est détecté.
* A la fin du scan, si des infections sont trouvées, cliquez sur Tout sélectionner, puis sur Désinfecter. Si la désinfection est impossible, cliquez sur Quarantaine.
* Au menu principal de l'outil, en haut à gauche, cliquez sur le menu Fichier et choisissez Enregistrer le rapport.
* Sauvegardez le rapport sur votre Bureau. Ce dernier se nommera DrWeb.csv.
* Fermez Dr.Web CureIt!
* Redémarrez votre ordinateur (très important) car certains fichiers peuvent être déplacés/réparés au redémarrage.
> poste le rapport sauvegarder pour contrôle ....
donc faut pas s'étonner que plein de chose merde ^^
Juste pour info :
http://www.commentcamarche.net/faq/sujet 2981 windows j utilise une version piratee
donc on va arrèter là , tu peux nettoyer les dernier outil utiliser et refaire un coup de Toolscleaner :
http://pc-system.fr/
puis un coup de CCleaner ... garde aussi ton Nod32 piraté ...
toutes les embroulles qu'on a aux niveau des outil qui ne passe pas vienne surement de ta version bencale de Vista ...
passe un petit coup de cette outil ensuite :
Téléchargez Dr.Web CureIt! sur votre Bureau.
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
Double-cliquez sur "drweb-cureit.exe" et cliquez sur" Commencer" le scan.
Ce scan rapide permet l'analyse des processus chargés en mémoire; s'il trouve des processus infectés, cliquez sur le bouton "Oui pour Tout" à l'invite.
* Lorsque le scan rapide est terminé, cliquez sur Options > Changer la configuration.
* Choisissez l'onglet Scanner, et décochez Analyse heuristique.
* De retour à la fenêtre principale : choisissez Analyse complète.
* Cliquez la flèche verte sur la droite et le scan débutera. Une publicité apparaît quelquefois, fermez-la.
* Cliquez Oui pour Tout si un fichier est détecté.
* A la fin du scan, si des infections sont trouvées, cliquez sur Tout sélectionner, puis sur Désinfecter. Si la désinfection est impossible, cliquez sur Quarantaine.
* Au menu principal de l'outil, en haut à gauche, cliquez sur le menu Fichier et choisissez Enregistrer le rapport.
* Sauvegardez le rapport sur votre Bureau. Ce dernier se nommera DrWeb.csv.
* Fermez Dr.Web CureIt!
* Redémarrez votre ordinateur (très important) car certains fichiers peuvent être déplacés/réparés au redémarrage.
> poste le rapport sauvegarder pour contrôle ....
Mjlm52
Messages postés
70
Date d'inscription
mardi 24 février 2009
Statut
Membre
Dernière intervention
5 mars 2009
26 févr. 2009 à 22:35
26 févr. 2009 à 22:35
Ok c'est en route ...
Mais c'est quoi le problème ? j'ai quoi comme infection ? sa fait longtemps quand même quand et la dessus ^^ t'en a pas marre ? a moins que t'est payer Lol
Mais c'est quoi le problème ? j'ai quoi comme infection ? sa fait longtemps quand même quand et la dessus ^^ t'en a pas marre ? a moins que t'est payer Lol
Mjlm52
Messages postés
70
Date d'inscription
mardi 24 février 2009
Statut
Membre
Dernière intervention
5 mars 2009
26 févr. 2009 à 23:00
26 févr. 2009 à 23:00
Ho pi merde la logiciel a planter je pouver pas cliquer sur tout sélectionner ...
je crois que je vais abandonner...
je crois que je vais abandonner...
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
26 févr. 2009 à 23:14
26 févr. 2009 à 23:14
Ho pi merde la logiciel a planter je pouver pas cliquer sur tout sélectionner ...
je crois que je vais abandonner...
Ca c'est toi qui voit ... ^^
mais dis moi ce qu'il avais déniché en gros ....
je crois que je vais abandonner...
Ca c'est toi qui voit ... ^^
mais dis moi ce qu'il avais déniché en gros ....
Mjlm52
Messages postés
70
Date d'inscription
mardi 24 février 2009
Statut
Membre
Dernière intervention
5 mars 2009
26 févr. 2009 à 23:25
26 févr. 2009 à 23:25
il avait trouver le logiciel daemons tools c'était marquer adaware ... mais celui la par contre le l'ai télécharger légalement sur clubic ...
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
26 févr. 2009 à 23:30
26 févr. 2009 à 23:30
mais celui la par contre le l'ai télécharger légalement sur clubic ...
oui il est légitime mais il installe un spyware au passage si tu ne fais pas attention .... ^^
fais ceci pour voir :
Télécharge ToolBar S&D ( de Eric_71/Team IDN ) sur ton bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
( Tuto : https://sites.google.com/site/toolbarsd/aideenimages )
!! Déconnecte toi et ferme toutes tes applications en cours le temps de la manipe !!
* Double-clique sur ToolBar SD.exe pour lancer l'outil et laisse toi guider ...
--> Tapes directement sur 2 ( option " suppression " ) puis tape sur [Entrée].
Le nettoyage commence .
! ne touche à rien lors de la suppression !
Un rapport sera généré à la fin du processus : poste son contenu dans ta prochaine réponse
pour analyse ...
( le rapport est en outre sauvegardé ici -> C:\TB.txt )
oui il est légitime mais il installe un spyware au passage si tu ne fais pas attention .... ^^
fais ceci pour voir :
Télécharge ToolBar S&D ( de Eric_71/Team IDN ) sur ton bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
( Tuto : https://sites.google.com/site/toolbarsd/aideenimages )
!! Déconnecte toi et ferme toutes tes applications en cours le temps de la manipe !!
* Double-clique sur ToolBar SD.exe pour lancer l'outil et laisse toi guider ...
--> Tapes directement sur 2 ( option " suppression " ) puis tape sur [Entrée].
Le nettoyage commence .
! ne touche à rien lors de la suppression !
Un rapport sera généré à la fin du processus : poste son contenu dans ta prochaine réponse
pour analyse ...
( le rapport est en outre sauvegardé ici -> C:\TB.txt )
Mjlm52
Messages postés
70
Date d'inscription
mardi 24 février 2009
Statut
Membre
Dernière intervention
5 mars 2009
26 févr. 2009 à 23:56
26 févr. 2009 à 23:56
Ok c'est en route ...
Dit moi Avira veut pas se désinstaller ni via Ccleaner ni par le panneau de config.... et quand je fait CTRL ALT SUPR dans le processus il y avira mais quand je veut terminer le processus sa veut pas il y a un message d'erreur , la je suis coincer .... comment je peut le désinstaller autrement ?
Dit moi Avira veut pas se désinstaller ni via Ccleaner ni par le panneau de config.... et quand je fait CTRL ALT SUPR dans le processus il y avira mais quand je veut terminer le processus sa veut pas il y a un message d'erreur , la je suis coincer .... comment je peut le désinstaller autrement ?
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
27 févr. 2009 à 00:12
27 févr. 2009 à 00:12
laisse tomber cela pour le moment ...et fais ce que je t'ai demandé d'abors ...
Mjlm52
Messages postés
70
Date d'inscription
mardi 24 février 2009
Statut
Membre
Dernière intervention
5 mars 2009
27 févr. 2009 à 00:16
27 févr. 2009 à 00:16
Ok c'est normal c'est long ? mais c'est jamais le même fichier .... c'est bon signe mais c'est lonnng :s
sKe69
Messages postés
21360
Date d'inscription
samedi 15 mars 2008
Statut
Contributeur sécurité
Dernière intervention
30 décembre 2012
463
27 févr. 2009 à 00:22
27 févr. 2009 à 00:22
normale , pas vraiment ... mais laisse tourner tranquil et poste le rapport ....
Mjlm52
Messages postés
70
Date d'inscription
mardi 24 février 2009
Statut
Membre
Dernière intervention
5 mars 2009
27 févr. 2009 à 12:48
27 févr. 2009 à 12:48
Ho mon dieu .... j'ai laisser tourner le scan toute la nuit , la je vient de voir le scan et fini mais veut pas lancer le rapport avec le bloc note pke le bloc note n'est plus installer sur le pc , et je regarde mes programe presque tous se sont désinstaller , surement a cause du scan , PUTAIN des logiciel windows comme bloc note windows live Internet explorer , windows media player , winrar , mon imprimante aussi ....
Je suis dégouté
Je suis dégouté
Mjlm52
Messages postés
70
Date d'inscription
mardi 24 février 2009
Statut
Membre
Dernière intervention
5 mars 2009
27 févr. 2009 à 12:52
27 févr. 2009 à 12:52
Je peut pas ouvrir le panneau de config aussi , tout mes programme windows sont désinstaller
tout aller bien jusqu'à je fait le scan avec toolbar ....
je pense que la c'est mort mon pc et vraiment dead , la seul solution le formatage :s
tout aller bien jusqu'à je fait le scan avec toolbar ....
je pense que la c'est mort mon pc et vraiment dead , la seul solution le formatage :s
