redirection des liens

Question

Bonjour, 
voila, depuis quelques temps sur firefox lorseque je clic sur un lien, je suis redirigé sur d'autres liens tel que des sites pour adultes ou des sites de promotion de produits .
en plus, je n'arrive pas a faire toute mes mise a jour de windows car je recoie le messade d'erreur suivant FFFFFFFE


Configuration: Windows Vista / Internet Explorer 7.0

Malekal_morte- · Answer

Salut,

Passe un coup de TDSSKiller : https://forum.malekal.com/viewtopic.php?t=28637&start=
Lire ce qui est écrit au niveau des suppressions/réparation (delete et cure), ne pas supprimer n'importe quoi.
Poste le rapport ici.

~~

Passe un coup d'aswmbr : https://forum.malekal.com/viewtopic.php?t=31619&start=
Télécharge le et mets le sur ton bureau.
Accepte l'installation des définitions virales d'Avast! et fais un scan.
Quand c'est terminé, fais save logs, ouvre le rapport et poste le ici.
Poste le rapport ici.

barbelle333 · Answer

merci malekal_morte,
voici le rapport:
07:44:20.0148 10192	TDSS rootkit removing tool 2.7.18.0 Mar  2 2012 09:40:07
07:44:20.0616 10192	============================================================
07:44:20.0616 10192	Current date / time: 2012/03/03 07:44:20.0616
07:44:20.0616 10192	SystemInfo:
07:44:20.0616 10192	
07:44:20.0616 10192	OS Version: 6.0.6002 ServicePack: 2.0
07:44:20.0616 10192	Product type: Workstation
07:44:20.0616 10192	ComputerName: FRANCE
07:44:20.0616 10192	UserName: France
07:44:20.0616 10192	Windows directory: C:\Windows
07:44:20.0616 10192	System windows directory: C:\Windows
07:44:20.0616 10192	Processor architecture: Intel x86
07:44:20.0616 10192	Number of processors: 2
07:44:20.0616 10192	Page size: 0x1000
07:44:20.0616 10192	Boot type: Normal boot
07:44:20.0616 10192	============================================================
07:44:22.0551 10192	Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:44:22.0597 10192	\Device\Harddisk0\DR0:
07:44:22.0597 10192	MBR used
07:44:22.0597 10192	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x124F6BF3
07:44:22.0597 10192	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x124F7000, BlocksNum 0x12F37000
07:44:23.0596 10192	Initialize success
07:44:23.0596 10192	============================================================
07:44:37.0574 7456	============================================================
07:44:37.0574 7456	Scan started
07:44:37.0574 7456	Mode: Manual; 
07:44:37.0574 7456	============================================================
07:44:40.0727 7456	ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
07:44:40.0805 7456	ACPI - ok
07:44:40.0867 7456	adp94xx         (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
07:44:40.0883 7456	adp94xx - ok
07:44:40.0976 7456	adpahci         (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
07:44:40.0992 7456	adpahci - ok
07:44:41.0054 7456	adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
07:44:41.0085 7456	adpu160m - ok
07:44:41.0163 7456	adpu320         (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
07:44:41.0195 7456	adpu320 - ok
07:44:41.0366 7456	AFD             (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
07:44:41.0429 7456	AFD - ok
07:44:41.0507 7456	agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
07:44:41.0538 7456	agp440 - ok
07:44:41.0585 7456	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
07:44:41.0616 7456	aic78xx - ok
07:44:41.0647 7456	aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
07:44:41.0678 7456	aliide - ok
07:44:41.0741 7456	amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
07:44:41.0756 7456	amdagp - ok
07:44:41.0787 7456	amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
07:44:41.0803 7456	amdide - ok
07:44:41.0834 7456	AmdK7           (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
07:44:41.0865 7456	AmdK7 - ok
07:44:41.0897 7456	AmdK8           (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
07:44:41.0912 7456	AmdK8 - ok
07:44:42.0037 7456	arc             (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
07:44:42.0053 7456	arc - ok
07:44:42.0084 7456	arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
07:44:42.0115 7456	arcsas - ok
07:44:42.0177 7456	AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
07:44:42.0177 7456	AsyncMac - ok
07:44:42.0209 7456	atapi           (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
07:44:42.0240 7456	atapi - ok
07:44:42.0318 7456	avgntflt        (7713e4eb0276702faa08e52a6e23f2a6) C:\Windows\system32\DRIVERS\avgntflt.sys
07:44:42.0333 7456	avgntflt - ok
07:44:42.0396 7456	avipbb          (13b02b9b969dde270cd7c351203dad3c) C:\Windows\system32\DRIVERS\avipbb.sys
07:44:42.0427 7456	avipbb - ok
07:44:42.0474 7456	avkmgr          (271cfd1a989209b1964e24d969552bf7) C:\Windows\system32\DRIVERS\avkmgr.sys
07:44:42.0505 7456	avkmgr - ok
07:44:42.0583 7456	Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
07:44:42.0599 7456	Beep - ok
07:44:42.0661 7456	blbdrive - ok
07:44:42.0723 7456	bowser          (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
07:44:42.0755 7456	bowser - ok
07:44:42.0817 7456	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
07:44:42.0848 7456	BrFiltLo - ok
07:44:42.0895 7456	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
07:44:42.0895 7456	BrFiltUp - ok
07:44:42.0926 7456	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
07:44:42.0957 7456	Brserid - ok
07:44:42.0989 7456	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
07:44:43.0004 7456	BrSerWdm - ok
07:44:43.0020 7456	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
07:44:43.0035 7456	BrUsbMdm - ok
07:44:43.0067 7456	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
07:44:43.0098 7456	BrUsbSer - ok
07:44:43.0129 7456	btaudio - ok
07:44:43.0176 7456	BTDriver - ok
07:44:43.0254 7456	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
07:44:43.0269 7456	BTHMODEM - ok
07:44:43.0316 7456	BTWDNDIS - ok
07:44:43.0363 7456	btwhid - ok
07:44:43.0394 7456	BTWUSB - ok
07:44:43.0457 7456	cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
07:44:43.0488 7456	cdfs - ok
07:44:43.0550 7456	cdrom           (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
07:44:43.0581 7456	cdrom - ok
07:44:43.0628 7456	circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
07:44:43.0644 7456	circlass - ok
07:44:43.0691 7456	CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
07:44:43.0737 7456	CLFS - ok
07:44:43.0800 7456	cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
07:44:43.0831 7456	cmdide - ok
07:44:43.0862 7456	Compbatt        (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
07:44:43.0893 7456	Compbatt - ok
07:44:43.0925 7456	crcdisk         (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
07:44:43.0940 7456	crcdisk - ok
07:44:43.0971 7456	Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
07:44:43.0971 7456	Crusoe - ok
07:44:44.0065 7456	DfsC            (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
07:44:44.0081 7456	DfsC - ok
07:44:44.0221 7456	disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
07:44:44.0252 7456	disk - ok
07:44:44.0408 7456	Dot4            (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
07:44:44.0439 7456	Dot4 - ok
07:44:44.0502 7456	Dot4Print       (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
07:44:44.0517 7456	Dot4Print - ok
07:44:44.0549 7456	dot4usb         (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
07:44:44.0564 7456	dot4usb - ok
07:44:44.0611 7456	drmkaud         (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
07:44:44.0642 7456	drmkaud - ok
07:44:44.0705 7456	DXGKrnl         (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
07:44:44.0720 7456	DXGKrnl - ok
07:44:44.0783 7456	E1G60           (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
07:44:44.0798 7456	E1G60 - ok
07:44:44.0861 7456	Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
07:44:44.0892 7456	Ecache - ok
07:44:44.0954 7456	elxstor         (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
07:44:44.0985 7456	elxstor - ok
07:44:45.0079 7456	exfat           (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
07:44:45.0095 7456	exfat - ok
07:44:45.0157 7456	fastfat         (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
07:44:45.0173 7456	fastfat - ok
07:44:45.0235 7456	fdc             (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
07:44:45.0297 7456	fdc - ok
07:44:45.0360 7456	FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
07:44:45.0391 7456	FileInfo - ok
07:44:45.0422 7456	Filetrace       (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
07:44:45.0453 7456	Filetrace - ok
07:44:45.0547 7456	flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
07:44:45.0563 7456	flpydisk - ok
07:44:45.0625 7456	FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
07:44:45.0687 7456	FltMgr - ok
07:44:45.0765 7456	fssfltr         (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
07:44:45.0781 7456	fssfltr - ok
07:44:45.0859 7456	Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
07:44:45.0890 7456	Fs_Rec - ok
07:44:45.0937 7456	gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
07:44:45.0953 7456	gagp30kx - ok
07:44:46.0015 7456	GEARAspiWDM     (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:44:46.0031 7456	GEARAspiWDM - ok
07:44:46.0140 7456	HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
07:44:46.0155 7456	HdAudAddService - ok
07:44:46.0233 7456	HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
07:44:46.0233 7456	HDAudBus - ok
07:44:46.0280 7456	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
07:44:46.0311 7456	HidBth - ok
07:44:46.0343 7456	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
07:44:46.0343 7456	HidIr - ok
07:44:46.0389 7456	HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
07:44:46.0389 7456	HidUsb - ok
07:44:46.0436 7456	HpCISSs         (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
07:44:46.0467 7456	HpCISSs - ok
07:44:46.0577 7456	HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
07:44:46.0592 7456	HTTP - ok
07:44:46.0623 7456	i2omp           (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
07:44:46.0639 7456	i2omp - ok
07:44:46.0701 7456	i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
07:44:46.0717 7456	i8042prt - ok
07:44:46.0748 7456	iaStorV         (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
07:44:46.0779 7456	iaStorV - ok
07:44:46.0811 7456	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
07:44:46.0826 7456	iirsp - ok
07:44:46.0873 7456	intelide        (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
07:44:46.0889 7456	intelide - ok
07:44:46.0920 7456	intelppm        (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
07:44:46.0951 7456	intelppm - ok
07:44:46.0998 7456	IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:44:47.0029 7456	IpFilterDriver - ok
07:44:47.0060 7456	IpInIp - ok
07:44:47.0091 7456	IPMIDRV         (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
07:44:47.0123 7456	IPMIDRV - ok
07:44:47.0169 7456	IPNAT           (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
07:44:47.0169 7456	IPNAT - ok
07:44:47.0232 7456	IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
07:44:47.0247 7456	IRENUM - ok
07:44:47.0294 7456	isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
07:44:47.0294 7456	isapnp - ok
07:44:47.0341 7456	iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
07:44:47.0341 7456	iScsiPrt - ok
07:44:47.0372 7456	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
07:44:47.0372 7456	iteatapi - ok
07:44:47.0403 7456	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
07:44:47.0435 7456	iteraid - ok
07:44:47.0481 7456	kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
07:44:47.0513 7456	kbdclass - ok
07:44:47.0559 7456	kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
07:44:47.0575 7456	kbdhid - ok
07:44:47.0622 7456	KSecDD          (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
07:44:47.0669 7456	KSecDD - ok
07:44:47.0809 7456	lgmdbus         (54fec13b60914784aa06685f352aed70) C:\Windows\system32\DRIVERS\lgmdbus.sys
07:44:47.0825 7456	lgmdbus - ok
07:44:47.0887 7456	lgmdmdfl        (97b52613f0b621fc9eae007668da7b01) C:\Windows\system32\DRIVERS\lgmdmdfl.sys
07:44:47.0918 7456	lgmdmdfl - ok
07:44:47.0965 7456	lgmdmdm         (b9cc203836509083d8be07b6a5b40862) C:\Windows\system32\DRIVERS\lgmdmdm.sys
07:44:47.0996 7456	lgmdmdm - ok
07:44:48.0043 7456	lgmdmgmt        (b5e3263ca8173f9619075898df5d4718) C:\Windows\system32\DRIVERS\lgmdmgmt.sys
07:44:48.0090 7456	lgmdmgmt - ok
07:44:48.0152 7456	lgmdobex        (a218c22fd0c4b8ac3ce38e08d1ac9e88) C:\Windows\system32\DRIVERS\lgmdobex.sys
07:44:48.0168 7456	lgmdobex - ok
07:44:48.0230 7456	lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
07:44:48.0261 7456	lltdio - ok
07:44:48.0386 7456	LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
07:44:48.0402 7456	LSI_FC - ok
07:44:48.0449 7456	LSI_SAS         (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
07:44:48.0464 7456	LSI_SAS - ok
07:44:48.0667 7456	LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
07:44:48.0698 7456	LSI_SCSI - ok
07:44:48.0776 7456	luafv           (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
07:44:48.0792 7456	luafv - ok
07:44:48.0839 7456	MBAMSwissArmy   (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
07:44:48.0870 7456	MBAMSwissArmy - ok
07:44:48.0932 7456	megasas         (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
07:44:48.0963 7456	megasas - ok
07:44:49.0010 7456	Modem           (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
07:44:49.0026 7456	Modem - ok
07:44:49.0057 7456	monitor         (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
07:44:49.0073 7456	monitor - ok
07:44:49.0119 7456	mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
07:44:49.0135 7456	mouclass - ok
07:44:49.0182 7456	mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
07:44:49.0197 7456	mouhid - ok
07:44:49.0244 7456	MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
07:44:49.0244 7456	MountMgr - ok
07:44:49.0275 7456	mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
07:44:49.0307 7456	mpio - ok
07:44:49.0338 7456	mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
07:44:49.0369 7456	mpsdrv - ok
07:44:49.0400 7456	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
07:44:49.0416 7456	Mraid35x - ok
07:44:49.0463 7456	MREMP50 - ok
07:44:49.0463 7456	MREMPR5 - ok
07:44:49.0478 7456	MRENDIS5 - ok
07:44:49.0494 7456	MRESP50 - ok
07:44:49.0541 7456	MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
07:44:49.0572 7456	MRxDAV - ok
07:44:49.0619 7456	mrxsmb          (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
07:44:49.0634 7456	mrxsmb - ok
07:44:49.0712 7456	mrxsmb10        (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:44:49.0743 7456	mrxsmb10 - ok
07:44:49.0790 7456	mrxsmb20        (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:44:49.0806 7456	mrxsmb20 - ok
07:44:49.0868 7456	msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
07:44:49.0868 7456	msahci - ok
07:44:49.0899 7456	msdsm           (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
07:44:49.0931 7456	msdsm - ok
07:44:49.0977 7456	Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
07:44:50.0009 7456	Msfs - ok
07:44:50.0055 7456	msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
07:44:50.0087 7456	msisadrv - ok
07:44:50.0165 7456	MSKSSRV         (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
07:44:50.0180 7456	MSKSSRV - ok
07:44:50.0227 7456	MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
07:44:50.0227 7456	MSPCLOCK - ok
07:44:50.0274 7456	MSPQM           (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
07:44:50.0274 7456	MSPQM - ok
07:44:50.0336 7456	MsRPC           (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
07:44:50.0367 7456	MsRPC - ok
07:44:50.0414 7456	mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
07:44:50.0414 7456	mssmbios - ok
07:44:50.0445 7456	MSTEE           (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
07:44:50.0461 7456	MSTEE - ok
07:44:50.0633 7456	Mup             (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
07:44:50.0664 7456	Mup - ok
07:44:50.0757 7456	NativeWifiP     (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS
wifi.sys
07:44:50.0773 7456	NativeWifiP - ok
07:44:50.0913 7456	NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers
dis.sys
07:44:50.0929 7456	NDIS - ok
07:44:50.0991 7456	NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS
distapi.sys
07:44:51.0023 7456	NdisTapi - ok
07:44:51.0069 7456	Ndisuio         (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS
disuio.sys
07:44:51.0101 7456	Ndisuio - ok
07:44:51.0147 7456	NdisWan         (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS
diswan.sys
07:44:51.0179 7456	NdisWan - ok
07:44:51.0225 7456	NDProxy         (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
07:44:51.0241 7456	NDProxy - ok
07:44:51.0303 7456	NetBIOS         (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS
etbios.sys
07:44:51.0335 7456	NetBIOS - ok
07:44:51.0381 7456	netbt           (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS
etbt.sys
07:44:51.0397 7456	netbt - ok
07:44:51.0459 7456	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers
frd960.sys
07:44:51.0475 7456	nfrd960 - ok
07:44:51.0506 7456	Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
07:44:51.0537 7456	Npfs - ok
07:44:51.0600 7456	nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers
siproxy.sys
07:44:51.0631 7456	nsiproxy - ok
07:44:51.0693 7456	Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
07:44:51.0756 7456	Ntfs - ok
07:44:51.0803 7456	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers
trigdigi.sys
07:44:51.0803 7456	ntrigdigi - ok
07:44:51.0834 7456	Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
07:44:51.0865 7456	Null - ok
07:44:52.0099 7456	nvlddmkm        (ff58c7a7da6116c1f71e883cb088d598) C:\Windows\system32\DRIVERS
vlddmkm.sys
07:44:52.0349 7456	nvlddmkm - ok
07:44:52.0473 7456	nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers
vraid.sys
07:44:52.0489 7456	nvraid - ok
07:44:52.0536 7456	nvstor          (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers
vstor.sys
07:44:52.0536 7456	nvstor - ok
07:44:52.0598 7456	nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers
v_agp.sys
07:44:52.0614 7456	nv_agp - ok
07:44:52.0676 7456	NwlnkFlt - ok
07:44:52.0707 7456	NwlnkFwd - ok
07:44:52.0817 7456	ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
07:44:52.0817 7456	ohci1394 - ok
07:44:52.0863 7456	Parport         (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
07:44:52.0895 7456	Parport - ok
07:44:52.0973 7456	partmgr         (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
07:44:53.0004 7456	partmgr - ok
07:44:53.0066 7456	Parvdm          (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
07:44:53.0066 7456	Parvdm - ok
07:44:53.0097 7456	pci             (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
07:44:53.0113 7456	pci - ok
07:44:53.0144 7456	pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
07:44:53.0144 7456	pciide - ok
07:44:53.0207 7456	pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
07:44:53.0238 7456	pcmcia - ok
07:44:53.0316 7456	pcouffin        (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
07:44:53.0331 7456	pcouffin - ok
07:44:53.0472 7456	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
07:44:53.0534 7456	PEAUTH - ok
07:44:53.0643 7456	PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERSaspptp.sys
07:44:53.0675 7456	PptpMiniport - ok
07:44:53.0706 7456	Processor       (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
07:44:53.0737 7456	Processor - ok
07:44:53.0815 7456	PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
07:44:53.0815 7456	PSched - ok
07:44:53.0909 7456	ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
07:44:53.0987 7456	ql2300 - ok
07:44:54.0049 7456	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
07:44:54.0080 7456	ql40xx - ok
07:44:54.0143 7456	QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
07:44:54.0158 7456	QWAVEdrv - ok
07:44:54.0267 7456	RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERSasacd.sys
07:44:54.0299 7456	RasAcd - ok
07:44:54.0330 7456	Rasl2tp         (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERSasl2tp.sys
07:44:54.0361 7456	Rasl2tp - ok
07:44:54.0408 7456	RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERSaspppoe.sys
07:44:54.0423 7456	RasPppoe - ok
07:44:54.0455 7456	RasSstp         (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERSassstp.sys
07:44:54.0470 7456	RasSstp - ok
07:44:54.0501 7456	rdbss           (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERSdbss.sys
07:44:54.0548 7456	rdbss - ok
07:44:54.0579 7456	RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
07:44:54.0611 7456	RDPCDD - ok
07:44:54.0657 7456	rdpdr           (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\driversdpdr.sys
07:44:54.0689 7456	rdpdr - ok
07:44:54.0720 7456	RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\driversdpencdd.sys
07:44:54.0735 7456	RDPENCDD - ok
07:44:54.0782 7456	RDPWD           (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
07:44:54.0813 7456	RDPWD - ok
07:44:54.0876 7456	rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERSspndr.sys
07:44:54.0907 7456	rspndr - ok
07:44:54.0954 7456	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
07:44:54.0954 7456	sbp2port - ok
07:44:55.0016 7456	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
07:44:55.0032 7456	secdrv - ok
07:44:55.0079 7456	Serenum         (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
07:44:55.0094 7456	Serenum - ok
07:44:55.0141 7456	Serial          (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
07:44:55.0172 7456	Serial - ok
07:44:55.0219 7456	sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
07:44:55.0235 7456	sermouse - ok
07:44:55.0281 7456	sffdisk         (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
07:44:55.0297 7456	sffdisk - ok
07:44:55.0328 7456	sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
07:44:55.0359 7456	sffp_mmc - ok
07:44:55.0391 7456	sffp_sd         (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
07:44:55.0406 7456	sffp_sd - ok
07:44:55.0453 7456	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
07:44:55.0453 7456	sfloppy - ok
07:44:55.0515 7456	sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
07:44:55.0531 7456	sisagp - ok
07:44:55.0578 7456	SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
07:44:55.0593 7456	SiSRaid2 - ok
07:44:55.0625 7456	SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
07:44:55.0671 7456	SiSRaid4 - ok
07:44:55.0718 7456	Smb             (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
07:44:55.0734 7456	Smb - ok
07:44:55.0796 7456	spldr           (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
07:44:55.0796 7456	spldr - ok
07:44:55.0843 7456	srv             (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
07:44:55.0874 7456	srv - ok
07:44:55.0891 7456	srv2            (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
07:44:55.0922 7456	srv2 - ok
07:44:55.0938 7456	srvnet          (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
07:44:55.0953 7456	srvnet - ok
07:44:55.0984 7456	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
07:44:56.0016 7456	ssmdrv - ok
07:44:56.0094 7456	swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
07:44:56.0109 7456	swenum - ok
07:44:56.0187 7456	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
07:44:56.0218 7456	Symc8xx - ok
07:44:56.0250 7456	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
07:44:56.0265 7456	Sym_hi - ok
07:44:56.0281 7456	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
07:44:56.0312 7456	Sym_u3 - ok
07:44:56.0374 7456	Tcpip           (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers	cpip.sys
07:44:56.0452 7456	Tcpip - ok
07:44:56.0484 7456	Tcpip6          (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS	cpip.sys
07:44:56.0499 7456	Tcpip6 - ok
07:44:56.0530 7456	tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers	cpipreg.sys
07:44:56.0546 7456	tcpipreg - ok
07:44:56.0577 7456	TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers	dpipe.sys
07:44:56.0608 7456	TDPIPE - ok
07:44:56.0624 7456	TDTCP           (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers	dtcp.sys
07:44:56.0640 7456	TDTCP - ok
07:44:56.0686 7456	tdx             (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS	dx.sys
07:44:56.0686 7456	tdx - ok
07:44:56.0718 7456	TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS	ermdd.sys
07:44:56.0733 7456	TermDD - ok
07:44:56.0780 7456	tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS	ssecsrv.sys
07:44:56.0796 7456	tssecsrv - ok
07:44:56.0842 7456	TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
07:44:56.0874 7456	TuneUpUtilitiesDrv - ok
07:44:56.0936 7456	tunmp           (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS	unmp.sys
07:44:56.0952 7456	tunmp - ok
07:44:56.0983 7456	tunnel          (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS	unnel.sys
07:44:57.0014 7456	tunnel - ok
07:44:57.0045 7456	uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
07:44:57.0045 7456	uagp35 - ok
07:44:57.0123 7456	udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
07:44:57.0154 7456	udfs - ok
07:44:57.0217 7456	uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
07:44:57.0264 7456	uliagpkx - ok
07:44:57.0310 7456	uliahci         (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
07:44:57.0357 7456	uliahci - ok
07:44:57.0388 7456	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
07:44:57.0420 7456	UlSata - ok
07:44:57.0451 7456	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
07:44:57.0466 7456	ulsata2 - ok
07:44:57.0498 7456	umbus           (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
07:44:57.0529 7456	umbus - ok
07:44:57.0560 7456	USBAAPL         (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
07:44:57.0576 7456	USBAAPL - ok
07:44:57.0607 7456	usbccgp         (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
07:44:57.0607 7456	usbccgp - ok
07:44:57.0638 7456	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
07:44:57.0654 7456	usbcir - ok
07:44:57.0747 7456	usbehci         (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
07:44:57.0763 7456	usbehci - ok
07:44:57.0810 7456	usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
07:44:57.0841 7456	usbhub - ok
07:44:57.0872 7456	usbohci         (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
07:44:57.0888 7456	usbohci - ok
07:44:57.0934 7456	usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
07:44:57.0934 7456	usbprint - ok
07:44:57.0966 7456	usbscan         (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
07:44:57.0981 7456	usbscan - ok
07:44:58.0028 7456	USBSTOR         (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:44:58.0044 7456	USBSTOR - ok
07:44:58.0090 7456	usbuhci         (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
07:44:58.0122 7456	usbuhci - ok
07:44:58.0184 7456	vga             (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
07:44:58.0184 7456	vga - ok
07:44:58.0215 7456	VgaSave         (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
07:44:58.0246 7456	VgaSave - ok
07:44:58.0309 7456	viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
07:44:58.0340 7456	viaagp - ok
07:44:58.0371 7456	ViaC7           (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
07:44:58.0402 7456	ViaC7 - ok
07:44:58.0434 7456	viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
07:44:58.0449 7456	viaide - ok
07:44:58.0496 7456	volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
07:44:58.0527 7456	volmgr - ok
07:44:58.0558 7456	volmgrx         (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
07:44:58.0605 7456	volmgrx - ok
07:44:58.0636 7456	volsnap         (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
07:44:58.0668 7456	volsnap - ok
07:44:58.0699 7456	vsmraid         (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
07:44:58.0730 7456	vsmraid - ok
07:44:58.0777 7456	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
07:44:58.0792 7456	WacomPen - ok
07:44:58.0824 7456	Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
07:44:58.0839 7456	Wanarp - ok
07:44:58.0870 7456	Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
07:44:58.0870 7456	Wanarpv6 - ok
07:44:58.0902 7456	Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
07:44:58.0933 7456	Wd - ok
07:44:58.0995 7456	WDC_SAM         (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
07:44:58.0995 7456	WDC_SAM - ok
07:44:59.0042 7456	Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
07:44:59.0073 7456	Wdf01000 - ok
07:44:59.0198 7456	WmiAcpi         (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
07:44:59.0198 7456	WmiAcpi - ok
07:44:59.0260 7456	WpdUsb          (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
07:44:59.0292 7456	WpdUsb - ok
07:44:59.0323 7456	ws2ifsl         (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
07:44:59.0354 7456	ws2ifsl - ok
07:44:59.0432 7456	WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
07:44:59.0463 7456	WUDFRd - ok
07:44:59.0604 7456	yukonwlh        (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
07:44:59.0682 7456	yukonwlh - ok
07:44:59.0728 7456	MBR (0x1B8)     (04d4350ae5fb6fc2ad3e7c26b1323c68) \Device\Harddisk0\DR0
07:44:59.0744 7456	\Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - infected
07:44:59.0744 7456	\Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0)
07:44:59.0744 7456	Boot (0x1200)   (6a4389a22389772bf630391366d6d23c) \Device\Harddisk0\DR0\Partition0
07:44:59.0744 7456	\Device\Harddisk0\DR0\Partition0 - ok
07:44:59.0775 7456	Boot (0x1200)   (e5bcb4556c57ed7f47d24d5e76c6879f) \Device\Harddisk0\DR0\Partition1
07:44:59.0775 7456	\Device\Harddisk0\DR0\Partition1 - ok
07:44:59.0775 7456	============================================================
07:44:59.0775 7456	Scan finished
07:44:59.0775 7456	============================================================
07:44:59.0806 5304	Detected object count: 1
07:44:59.0806 5304	Actual detected object count: 1
07:45:57.0179 5304	\Device\Harddisk0\DR0\# - copied to quarantine
07:45:57.0181 5304	\Device\Harddisk0\DR0 - copied to quarantine
07:45:57.0188 5304	\Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
07:45:57.0191 5304	\Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
07:45:57.0225 5304	\Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
07:45:57.0247 5304	\Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
07:45:57.0251 5304	\Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
07:45:57.0256 5304	\Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
07:45:57.0262 5304	\Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
07:45:57.0299 5304	\Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
07:45:57.0321 5304	\Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
07:45:57.0382 5304	\Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
07:45:57.0408 5304	\Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine
07:45:57.0437 5304	\Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - will be cured on reboot
07:45:57.0438 5304	\Device\Harddisk0\DR0 - ok
07:45:57.0486 5304	\Device\Harddisk0\DR0 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Cure 
07:46:05.0323 6540	Deinitialize success

barbelle333 · Answer

salut malekal_morte,
voici le rapport mbr:

aswMBR version 0.9.9.1649 Copyright(c) 2011 AVAST Software
Run date: 2012-03-03 08:09:20
-----------------------------
08:09:20.441    OS Version: Windows 6.0.6002 Service Pack 2
08:09:20.441    Number of processors: 2 586 0x4B02
08:09:20.441    ComputerName: FRANCE  UserName: France
08:09:40.284    Initialize success
08:11:01.428    AVAST engine defs: 12030300
08:11:44.040    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000059
08:11:44.040    Disk 0 Vendor: ST332082 3.AA Size: 305245MB BusType: 8
08:11:44.072    Disk 0 MBR read successfully
08:11:44.072    Disk 0 MBR scan
08:11:44.103    Disk 0 Windows VISTA default MBR code
08:11:44.103    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       149997 MB offset 63
08:11:44.134    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       155246 MB offset 307195904
08:11:44.134    Disk 0 scanning sectors +625139712
08:11:44.243    Disk 0 scanning C:\Windows\system32\drivers
08:11:55.486    Service scanning
08:12:25.653    Modules scanning
08:12:35.746    Disk 0 trace - called modules:
08:12:35.778    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor.sys tcpip.sys NETIO.SYS ndis.sys yk60x86.sys afd.sys 
08:12:35.778    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a4daac8]
08:12:35.778    3 CLASSPNP.SYS[8bda58b3] -> nt!IofCallDriver -> [0x8964f8d0]
08:12:35.793    5 acpi.sys[86e116bc] -> nt!IofCallDriver -> \Device\00000059[0x8964d8a8]
08:12:36.370    AVAST engine scan C:\Windows
08:12:41.612    AVAST engine scan C:\Windows\system32
08:18:26.786    AVAST engine scan C:\Windows\system32\drivers
08:18:44.148    AVAST engine scan C:\Users\France
08:41:45.427    AVAST engine scan C:\ProgramData
08:44:21.396    Scan finished successfully
08:45:00.802    Disk 0 MBR has been saved successfully to "C:\Users\France\Documents\MBR.dat"
08:45:00.817    The log file has been saved successfully to "C:\Users\France\Documents\aswMBR.txt"


Merci beaucoup pour ton aide

Malekal_morte- · Answer

Regarde si tu as encore des redirections.

et :

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.    
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)    

* Lance OTL
* Sur OTL, sous Personnalisation, copie-colle le script ci-dessous : 
netsvcs 
msconfig 
safebootminimal 
safebootnetwork 
activex 
drivers32 
%ALLUSERSPROFILE%\Application Data\*. 
%ALLUSERSPROFILE%\Application Data\*.exe /s 
%APPDATA%\*. 
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe 
%systemroot%\*. /mp /s 
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles 
%systemroot%\System32\config\*.sav
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
/md5start 
explorer.exe 
winlogon.exe 
wininit.exe 
/md5stop
nslookup www.google.fr /c
CREATERESTOREPOINT    
* Clique sur le bouton Quick Scan.    
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent), donne le ou les liens pjjoint qui pointent vers ces rapports ici dans un nouveau message.

barbelle333 · Answer

Salut,
J'ai oublié de te dire que les redirection sont seulement avec fire foc et non explorer.
Et as tu lu aussi que je n'arrive pas a faire une mise a jour windows don j'ai l'erreur FFFFFFFE
Merci

barbelle333 · Answer

Bonne nouvelle,
J'ai reussit a faire mes mises a jours de windows ,merci .
et j'utilise explorer plutot que firefox

Malekal_morte- · Answer

fais OTL stp

barbelle333 · Answer

ok....

barbelle333 · Answer

voila le rapport OTL:

OTL logfile created on: 2012-03-03 09:53:22 - Run 1
OTL by OldTimer - Version 3.2.35.0 Folder = C:\Users\France\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000c0c | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

1,75 Gb Total Physical Memory | 0,89 Gb Available Physical Memory | 50,74% Memory free
3,74 Gb Paging File | 2,63 Gb Available in Paging File | 70,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146,48 Gb Total Space | 21,37 Gb Free Space | 14,59% Space Free | Partition Type: NTFS
Drive D: | 188,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 151,61 Gb Total Space | 77,53 Gb Free Space | 51,14% Space Free | Partition Type: NTFS

Computer Name: FRANCE | User Name: France | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012-03-03 09:51:52 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\France\Desktop\OTL.exe
PRC - [2012-02-09 08:13:28 | 001,220,928 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012-02-09 08:13:22 | 001,529,152 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2011-12-15 15:08:01 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011-12-15 15:07:44 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011-12-15 15:07:35 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2011-12-15 15:07:33 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
PRC - [2011-12-15 15:07:32 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011-12-15 15:07:32 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011-01-28 12:22:50 | 000,632,792 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2010-11-15 15:05:30 | 000,112,600 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2009-04-11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007-07-24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2010-03-15 10:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\rarext.dll

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2012-02-09 08:13:22 | 001,529,152 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012-02-09 08:13:18 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2011-12-15 15:07:44 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011-12-15 15:07:35 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011-12-15 15:07:33 | 000,342,480 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2011-12-15 15:07:32 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011-01-28 12:22:50 | 000,632,792 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2007-07-24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (MRESP50)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (MREMP50)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (btwhid)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (btaudio)
DRV - [2012-02-24 19:09:49 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012-02-15 03:55:05 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011-12-15 15:08:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011-12-15 15:08:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011-11-08 21:25:24 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010-06-17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009-02-13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008-07-08 14:55:56 | 000,121,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmdm.sys -- (lgmdmdm)
DRV - [2008-07-08 14:55:56 | 000,114,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmgmt.sys -- (lgmdmgmt) LG Mobile USB WMC Device Management Drivers (WDM)
DRV - [2008-07-08 14:55:56 | 000,111,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdobex.sys -- (lgmdobex)
DRV - [2008-07-08 14:55:56 | 000,089,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdbus.sys -- (lgmdbus) LG Mobile driver (WDM)
DRV - [2008-07-08 14:55:56 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgmdmdfl.sys -- (lgmdmdfl)
DRV - [2008-06-19 23:04:00 | 007,468,128 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://www1.search-results.com/web?l=dis&q=&o=APN10653&apn_dtid=%5EIME001%5EYY%5EFR&shad=s_0043&gct=ds&apn_ptnrs=%5EAG1&d=1-0&lang=en&atb=sysid%3D1%3Auid%3De9bce71abfb26d71%3Asrc%3Dieb%3Ao%3DAPN10653%3Ab%3DiMesh%3Atg%3D&p2=%5EAG1%5EIME001%5EYY%5EFR{searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR&FORM=WLETDF&pc=WLEM{searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://www.search.ask.com/?l=dis{searchTerms}&locale=fr_US&apn_ptnrs=L6&apn_dtid=YYYYYYKGCA&apn_uid=C710EA4B-C0E4-43A1-8E88-344BFB182888&apn_sauid=9C09AF9C-E6E5-4C8F-8BEA-2B663B252761
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://www1.search-results.com/web?l=dis&q=&o=APN10653&apn_dtid=%5EIME001%5EYY%5EFR&shad=s_0043&gct=ds&apn_ptnrs=%5EAG1&d=1-0&lang=en&atb=sysid%3D1%3Auid%3De9bce71abfb26d71%3Asrc%3Dieb%3Ao%3DAPN10653%3Ab%3DiMesh%3Atg%3D&p2=%5EAG1%5EIME001%5EYY%5EFR{searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultthis.engineName: "Google Powered Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.ca/?gws_rd=ssl"
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: Subscription@helper.com:2.9
FF - prefs.js..extensions.enabledItems: {000F1EA4-5E08-4564-A29B-29076F63A37A}:1.0.3.133
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..keyword.URL: "https://hp.mywebsearch.com/mywebsearch/index.html"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-02-17 21:18:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011-12-03 07:52:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\FireFox\Extensions\\Subscription@helper.com: C:\Program Files\SM\FF [2011-09-03 20:12:19 | 000,000,000 | ---D | M]

[2011-07-10 08:33:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\France\AppData\Roaming\mozilla\Extensions
[2009-10-15 17:28:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\France\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012-02-17 21:18:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\France\AppData\Roaming\mozilla\Firefox\Profiles\aujlpjjx.default\extensions
[2011-09-03 20:12:50 | 000,000,000 | ---D | M] () -- C:\Users\France\AppData\Roaming\mozilla\Firefox\Profiles\aujlpjjx.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2011-09-03 20:12:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\France\AppData\Roaming\mozilla\Firefox\Profiles\aujlpjjx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012-02-17 21:18:32 | 000,000,000 | ---D | M] (Vuze Remote Community Toolbar) -- C:\Users\France\AppData\Roaming\mozilla\Firefox\Profiles\aujlpjjx.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2011-09-03 20:12:50 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\France\AppData\Roaming\mozilla\Firefox\Profiles\aujlpjjx.default\extensions\battlefieldheroespatcher@ea.com
[2010-08-22 17:02:20 | 000,002,393 | ---- | M] () -- C:\Users\France\AppData\Roaming\Mozilla\Firefox\Profiles\aujlpjjx.default\searchplugins\askcom.xml
[2010-12-24 10:50:53 | 000,001,840 | ---- | M] () -- C:\Users\France\AppData\Roaming\Mozilla\Firefox\Profiles\aujlpjjx.default\searchplugins\bing.xml
[2010-12-24 10:50:55 | 000,000,911 | ---- | M] () -- C:\Users\France\AppData\Roaming\Mozilla\Firefox\Profiles\aujlpjjx.default\searchplugins\conduit.xml
[2010-09-02 03:09:28 | 000,002,486 | ---- | M] () -- C:\Users\France\AppData\Roaming\Mozilla\Firefox\Profiles\aujlpjjx.default\searchplugins\iMeshWebSearch.xml
[2010-10-25 05:57:36 | 000,010,017 | ---- | M] () -- C:\Users\France\AppData\Roaming\Mozilla\Firefox\Profiles\aujlpjjx.default\searchplugins\mywebsearch.xml
[2012-02-17 21:18:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012-02-17 21:18:07 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-11-10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012-02-17 21:18:04 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2012-02-17 21:18:04 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012-02-17 21:18:04 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2012-02-17 21:18:04 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010-09-02 03:09:28 | 000,002,486 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\iMeshWebSearch.xml
[2012-02-17 21:18:04 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2012-02-17 21:18:04 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

Hosts file not found
O2 - BHO: (PlaySushi) - {21608B66-026F-4DCB-9244-0DACA328DCED} - Reg Error: Value error. File not found
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {597A9974-8CB0-4f41-B61F-ED065738A397} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SignatureManagerBHO) - {C6CC9344-BC12-4EA7-9E37-46D61866C771} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Go to PlaySushi web site - {EBD24BD3-E272-4FA3-A8BA-C5D709757CAB} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{946CFF75-64F9-4B1F-A1DF-F78A6EE181C7}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img31.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-10-18 11:30:08 | 000,023,857 | ---- | M] () - C:\AutoColor.png -- [ NTFS ]
O32 - AutoRun File - [2006-10-18 14:52:20 | 000,000,157 | ---- | M] () - C:\AutoColorSel.png -- [ NTFS ]
O32 - AutoRun File - [2006-09-18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007-04-23 20:11:20 | 000,001,632 | ---- | M] () - C:\AutoFix.png -- [ NTFS ]
O32 - AutoRun File - [2011-09-04 13:33:35 | 000,004,150 | ---- | M] () - C:\autopsy_prank[1].jpg -- [ NTFS ]
O32 - AutoRun File - [2011-01-09 18:27:00 | 000,000,000 | ---D | M] - E:\Autodesk Maya 2010 X86 Full Pack[h33t][Dave3737] -- [ NTFS ]
O33 - MountPoints2\{0706b0a9-e147-11de-8421-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setupSNK.exe
O33 - MountPoints2\{41d5ceee-f3fd-11de-8f18-001921eab220}\Shell\AutoRun\command - "" = F:\setupSNK.exe
O33 - MountPoints2\{5ed86fb9-a7e1-11de-ac00-001921eab220}\Shell - "" = AutoRun
O33 - MountPoints2\{5ed86fb9-a7e1-11de-ac00-001921eab220}\Shell\AutoRun\command - "" = J:\EasySuite.exe
O33 - MountPoints2\{9d33f765-0ee9-11e0-bb96-001921eab220}\Shell - "" = AutoRun
O33 - MountPoints2\{9d33f765-0ee9-11e0-bb96-001921eab220}\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a
O33 - MountPoints2\{cf5b2bb1-a7d7-11de-b6ef-001921eab220}\Shell - "" = AutoRun
O33 - MountPoints2\{cf5b2bb1-a7d7-11de-b6ef-001921eab220}\Shell\AutoRun\command - "" = J:\EasySuite.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpReg: [b]BellCanada_McciTrayApp[/b] - hkey= - key= - Reg Error: Value error. File not found
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - Service
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012-03-03 09:51:51 | 000,585,216 | ---- | C] (OldTimer Tools) -- C:\Users\France\Desktop\OTL.exe
[2012-03-03 09:41:09 | 000,000,000 | ---D | C] -- C:\Users\France\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flying Model Simulator
[2012-03-03 09:41:06 | 000,000,000 | ---D | C] -- C:\Program Files\FMS
[2012-03-03 08:08:21 | 004,730,880 | ---- | C] (AVAST Software) -- C:\Users\France\Desktop\aswMBR.exe
[2012-03-03 07:45:56 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012-02-29 12:47:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flying Model Simulator
[2012-02-24 19:09:49 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012-02-18 08:40:49 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2012-02-07 16:21:42 | 000,000,000 | ---D | C] -- C:\Users\France\AppData\Roaming\Malwarebytes
[2012-02-07 16:21:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-02-07 09:15:24 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2012-02-07 09:15:24 | 000,000,000 | ---D | C] -- C:\Users\France\Documents\Anti-Malware
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\France\Documents\*.tmp files -> C:\Users\France\Documents\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012-03-03 09:51:52 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\France\Desktop\OTL.exe
[2012-03-03 09:41:09 | 000,000,732 | ---- | M] () -- C:\Users\France\Desktop\FMS.lnk
[2012-03-03 09:38:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-03-03 09:18:31 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-03-03 09:17:19 | 000,003,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-03-03 09:17:19 | 000,003,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-03-03 09:17:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-03-03 08:45:00 | 000,000,512 | ---- | M] () -- C:\Users\France\Documents\MBR.dat
[2012-03-03 08:08:29 | 004,730,880 | ---- | M] (AVAST Software) -- C:\Users\France\Desktop\aswMBR.exe
[2012-02-29 12:46:40 | 000,175,104 | ---- | M] () -- C:\Users\France\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-02-24 19:09:49 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012-02-19 11:03:00 | 000,681,560 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2012-02-19 11:03:00 | 000,598,702 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-02-19 11:03:00 | 000,127,298 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2012-02-19 11:03:00 | 000,104,716 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-02-18 08:42:23 | 000,001,875 | ---- | M] () -- C:\Users\France\Desktop\TuneUp Utilities 2012.lnk
[2012-02-15 03:55:05 | 000,137,416 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012-02-15 03:28:51 | 000,403,544 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-02-15 03:10:19 | 000,000,129 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2012-02-09 08:13:28 | 000,031,552 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2012-02-09 08:13:18 | 000,028,992 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2012-02-09 08:13:18 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2012-02-07 11:54:25 | 182,189,532 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012-02-04 21:13:04 | 000,099,484 | ---- | M] () -- C:\Users\France\Documents\classes affaires.odt
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\France\Documents\*.tmp files -> C:\Users\France\Documents\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2075-05-04 03:58:08 | 000,007,892 | ---- | C] () -- C:\splash.gif
[2012-03-03 09:41:09 | 000,000,732 | ---- | C] () -- C:\Users\France\Desktop\FMS.lnk
[2012-03-03 08:45:00 | 000,000,512 | ---- | C] () -- C:\Users\France\Documents\MBR.dat
[2012-02-18 08:42:23 | 000,001,875 | ---- | C] () -- C:\Users\France\Desktop\TuneUp Utilities 2012.lnk
[2012-02-07 11:54:25 | 182,189,532 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012-02-04 18:00:52 | 000,099,484 | ---- | C] () -- C:\Users\France\Documents\classes affaires.odt
[2011-11-04 19:38:59 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011-11-02 17:07:53 | 000,000,001 | ---- | C] () -- C:\ProgramData\08UkM0oV.exe_.b
[2011-11-02 17:07:53 | 000,000,001 | ---- | C] () -- C:\ProgramData\08UkM0oV.exe.b
[2011-10-29 09:25:17 | 000,000,112 | ---- | C] () -- C:\ProgramData\e2Tx3qGV.dat
[2011-10-15 02:14:36 | 000,000,129 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011-10-08 20:46:34 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2011-09-03 16:07:38 | 000,001,140 | -HS- | C] () -- C:\ProgramData\kd6qmqgj1004gq13o6n53elvlk7hr265l15352v687hv
[2011-09-02 10:10:02 | 000,000,456 | -H-- | C] () -- C:\ProgramData\P1kAlMiG2Kb7Fz
[2011-08-26 21:06:35 | 000,013,060 | -HS- | C] () -- C:\Users\France\AppData\Local\4254957553
[2011-08-26 20:54:59 | 000,012,958 | -HS- | C] () -- C:\Users\France\AppData\Local\hu5kyylf3361cn45n1p52fyalc6cb678o83278v415fl
[2011-08-26 20:54:59 | 000,012,958 | -HS- | C] () -- C:\ProgramData\hu5kyylf3361cn45n1p52fyalc6cb678o83278v415fl
[2011-08-26 20:54:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\wfir.exe
[2011-08-26 20:54:55 | 000,000,000 | ---- | C] () -- C:\Users\France\AppData\Local\ugfn.exe
[2011-08-26 20:54:55 | 000,000,000 | ---- | C] () -- C:\Users\France\AppData\Local\raex.exe
[2011-08-26 20:54:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\qbdg.exe
[2011-08-26 20:54:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\obks.exe
[2011-08-26 20:54:55 | 000,000,000 | ---- | C] () -- C:\Users\France\AppData\Local\nbvw.exe
[2011-08-26 20:54:55 | 000,000,000 | ---- | C] () -- C:\Users\France\AppData\Local\mnpg.exe
[2011-08-26 20:54:55 | 000,000,000 | ---- | C] () -- C:\ProgramData\cccw.exe
[2011-02-21 05:43:36 | 000,138,056 | ---- | C] () -- C:\Users\France\AppData\Roaming\PnkBstrK.sys
[2011-01-09 20:17:24 | 000,158,795 | ---- | C] () -- C:\Windows\hpoins15.dat
[2011-01-09 20:17:24 | 000,001,039 | ---- | C] () -- C:\Windows\hpomdl15.dat
[2011-01-09 19:22:45 | 000,119,515 | ---- | C] () -- C:\Windows\hpqins00.dat
[2010-08-03 14:34:29 | 000,000,680 | ---- | C] () -- C:\Users\France\AppData\Local\d3d9caps.dat
[2010-06-23 22:28:07 | 000,000,088 | RHS- | C] () -- C:\ProgramData\7004D65125.sys
[2010-06-23 22:28:06 | 000,005,018 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010-06-13 12:38:51 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010-06-12 13:50:51 | 000,000,067 | ---- | C] () -- C:\Windows\DVDRegionFree.INI

[color=#E56717]========== LOP Check ==========[/color]

[2011-08-20 19:38:16 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Alawar
[2012-01-08 18:01:09 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Azureus
[2011-12-30 15:39:36 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\BeachPartyCraze
[2011-10-05 19:07:42 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Bell
[2012-01-02 16:04:32 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Boolat Games
[2012-01-04 22:53:47 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Boomzap
[2009-12-09 11:45:48 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\cerasus.media
[2011-09-03 20:12:48 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\CopyTransPhoto
[2010-02-10 05:22:01 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Druide
[2012-01-01 17:57:54 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Elephant Games
[2011-12-30 21:51:11 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Floodlight Games
[2012-01-07 17:35:00 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\GameInvest
[2011-09-03 20:12:48 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\GetRightToGo
[2011-09-03 20:12:48 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\iCloner
[2010-07-08 17:14:20 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\IrfanView
[2010-03-07 21:58:41 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Jasc
[2012-01-01 12:36:33 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\LegacyInteractive
[2011-03-01 16:46:55 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\LG Electronics
[2009-12-13 17:27:16 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\MA
[2010-12-29 18:58:13 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\MusicNet
[2010-12-30 10:55:55 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\NCH Swift Sound
[2009-10-30 11:41:18 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\OpenOffice.org
[2012-01-04 17:54:14 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Orneon
[2011-12-30 16:32:11 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\PlayFirst
[2009-10-12 20:22:20 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Playrix Entertainment
[2011-10-08 20:57:07 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Registry Mechanic
[2009-11-26 18:40:54 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\SanDisk
[2012-01-03 17:26:10 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Specialbit
[2011-11-26 20:27:25 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\TuneUp Software
[2011-02-01 19:17:13 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Ubisoft
[2011-07-10 07:52:49 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Ulead Systems
[2012-01-01 17:53:39 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Urban Legends The Maze Strategy Guide
[2012-02-24 11:13:15 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\uTorrent
[2011-09-03 20:12:50 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\VampireSaga
[2011-04-17 18:27:59 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Vso
[2010-01-11 21:33:27 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\WindSolutions
[2011-10-11 17:00:59 | 000,000,256 | ---- | M] () -- C:\Windows\Tasks\RMSchedule.job
[2012-03-03 09:15:24 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011-10-08 20:55:00 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{533F50F1-2860-4112-8BE7-5E993945708A}.job

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2009-11-27 14:19:35 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Adobe
[2009-11-08 09:03:46 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Ahead
[2011-08-20 19:38:16 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Alawar
[2011-11-04 16:25:04 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Apple Computer
[2012-01-03 16:51:29 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Avira
[2011-12-31 14:45:20 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\AVS4YOU
[2012-01-08 18:01:09 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Azureus
[2011-12-30 15:39:36 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\BeachPartyCraze
[2011-10-05 19:07:42 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Bell
[2012-01-02 16:04:32 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Boolat Games
[2012-01-04 22:53:47 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Boomzap
[2009-12-09 11:45:48 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\cerasus.media
[2011-09-03 20:12:48 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\CopyTransPhoto
[2011-11-26 19:55:23 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Corel
[2010-06-13 12:15:05 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\DivX
[2010-02-10 05:22:01 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Druide
[2011-09-03 20:12:48 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\dvdcss
[2012-01-01 17:57:54 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Elephant Games
[2011-12-30 21:51:11 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Floodlight Games
[2012-01-07 17:35:00 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\GameInvest
[2011-09-03 20:12:48 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\GetRightToGo
[2010-04-23 20:14:30 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\HP
[2011-07-10 07:37:39 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\HpUpdate
[2011-09-03 20:12:48 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\iCloner
[2009-09-17 20:38:58 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Identities
[2011-11-27 12:06:09 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\InstallShield
[2010-07-08 17:14:20 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\IrfanView
[2010-03-07 21:58:41 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Jasc
[2012-01-01 12:36:33 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\LegacyInteractive
[2011-03-01 16:46:55 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\LG Electronics
[2009-12-13 17:27:16 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\MA
[2009-10-07 17:50:41 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Macromedia
[2012-02-07 16:21:42 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Malwarebytes
[2006-11-02 07:37:34 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Media Center Programs
[2011-11-19 17:21:59 | 000,000,000 | --SD | M] -- C:\Users\France\AppData\Roaming\Microsoft
[2010-07-11 19:50:40 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Motive
[2009-09-17 21:29:32 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Mozilla
[2010-12-29 18:58:13 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\MusicNet
[2010-12-30 11:05:02 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\NCH Software
[2010-12-30 10:55:55 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\NCH Swift Sound
[2009-10-30 11:41:18 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\OpenOffice.org
[2012-01-04 17:54:14 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Orneon
[2011-12-30 16:32:11 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\PlayFirst
[2009-10-12 20:22:20 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Playrix Entertainment
[2011-10-08 20:57:07 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Registry Mechanic
[2009-11-26 18:40:54 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\SanDisk
[2012-01-03 17:26:10 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Specialbit
[2011-11-26 20:27:25 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\TuneUp Software
[2011-10-16 12:03:42 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\U3
[2011-02-01 19:17:13 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Ubisoft
[2011-07-10 07:52:49 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Ulead Systems
[2012-01-01 17:53:39 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Urban Legends The Maze Strategy Guide
[2012-02-24 11:13:15 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\uTorrent
[2011-09-03 20:12:50 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\VampireSaga
[2012-02-04 11:34:52 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\vlc
[2011-04-17 18:27:59 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\Vso
[2010-01-11 21:33:27 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\WindSolutions
[2010-04-25 12:31:04 | 000,000,000 | ---D | M] -- C:\Users\France\AppData\Roaming\WinRAR

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2009-10-10 08:48:14 | 000,087,608 | ---- | M] () -- C:\Users\France\AppData\Roaming\inst.exe
[2011-12-04 09:58:53 | 000,469,304 | ---- | M] () -- C:\Users\France\AppData\Roaming\Azureus\plugins\azburn_v\bin\cdrecord.exe
[2011-12-04 09:58:54 | 000,451,544 | ---- | M] () -- C:\Users\France\AppData\Roaming\Azureus\plugins\azburn_v\bin\dvdauthor070.exe
[2011-12-04 09:58:54 | 000,449,720 | ---- | M] () -- C:\Users\France\AppData\Roaming\Azureus\plugins\azburn_v\bin\mkisofs.exe
[2011-12-04 09:58:55 | 000,349,632 | ---- | M] () -- C:\Users\France\AppData\Roaming\Azureus\plugins\azburn_v\bin\mpeg2enc.exe
[2011-12-04 09:58:55 | 000,194,496 | ---- | M] () -- C:\Users\France\AppData\Roaming\Azureus\plugins\azburn_v\bin\mplex.exe
[2011-12-04 09:58:55 | 000,173,504 | ---- | M] () -- C:\Users\France\AppData\Roaming\Azureus\plugins\azburn_v\bin\p2y.exe
[2011-12-04 09:58:55 | 000,368,304 | ---- | M] () -- C:\Users\France\AppData\Roaming\Azureus\plugins\azburn_v\bin\spumux070.exe
[2011-12-04 09:58:55 | 000,051,648 | ---- | M] () -- C:\Users\France\AppData\Roaming\Azureus\plugins\azburn_v\bin\vzspath.exe
[2010-12-23 20:33:59 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Users\France\AppData\Roaming\Azureus\plugins\mlab\ShaperProbeC.exe
[2011-12-04 09:58:39 | 007,288,256 | ---- | M] () -- C:\Users\France\AppData\Roaming\Azureus\plugins\vuzexcode\ffmpeg.exe
[2011-12-04 09:58:39 | 004,146,688 | ---- | M] () -- C:\Users\France\AppData\Roaming\Azureus\plugins\vuzexcode\mediainfo.exe
[2009-07-28 07:50:00 | 000,271,600 | ---- | M] (Radialpoint Inc.) -- C:\Users\France\AppData\Roaming\Bell\Internet Service Advisor\downloads\Bell-Spa2-Vaspos-Silent_v1001.29358.zip.dir\VasposProfileUpdater.exe
[2009-12-06 14:17:08 | 000,068,608 | ---- | M] (Radialpoint Inc.) -- C:\Users\France\AppData\Roaming\Bell\Internet Service Advisor\downloads\Bell-Spa3-RpsFulfillmentActivation2.23281.zip.dir\all\tools\RpsInstallerFinder.exe
[2011-01-14 15:37:34 | 000,216,064 | ---- | M] (Radialpoint Inc.) -- C:\Users\France\AppData\Roaming\Bell\Internet Service Advisor\downloads\BellVasDetectionScripts-v6-IE-R48-T20.18467.zip.dir\CampaignEmulator\CampaignEmulator.exe
[2010-07-11 19:12:06 | 135,335,648 | ---- | M] (Bell) -- C:\Users\France\AppData\Roaming\Bell\Sympatico Security Advisor\downloads\SuiteDeSecuriteInternetDeBell.41.exe.dir\SuiteDeSecuriteInternetDeBell.exe
[2012-01-05 11:18:21 | 008,111,264 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\France\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2011-11-04 19:42:15 | 000,025,214 | R--- | M] () -- C:\Users\France\AppData\Roaming\Microsoft\Installer\{534803A0-780C-4011-AB72-DAAB0CB82FD6}\ARPPRODUCTICON.exe
[2011-11-04 19:42:15 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Users\France\AppData\Roaming\Microsoft\Installer\{534803A0-780C-4011-AB72-DAAB0CB82FD6}\NewShortcut1_42182C8BEB0E4AD58FA011E69FA4EA3C.exe
[2011-08-26 20:54:55 | 000,000,000 | ---- | M] () -- C:\Users\France\AppData\Roaming\Microsoft\Windows\Templates\swcs.exe
[2011-08-26 20:54:55 | 000,000,000 | ---- | M] () -- C:\Users\France\AppData\Roaming\Microsoft\Windows\Templates\thtf.exe
[2011-08-26 20:54:55 | 000,000,000 | ---- | M] () -- C:\Users\France\AppData\Roaming\Microsoft\Windows\Templates\tvpa.exe
[2011-08-26 20:54:55 | 000,000,000 | ---- | M] () -- C:\Users\France\AppData\Roaming\Microsoft\Windows\Templates\vwhp.exe
[2010-08-19 23:46:28 | 001,312,120 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\France\AppData\Roaming\Mozilla\Firefox\Profiles\aujlpjjx.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe
[2007-08-29 15:36:00 | 000,110,592 | ---- | M] () -- C:\Users\France\AppData\Roaming\NCH Software\Components\mp3el\mp3enc.exe
[2007-10-23 08:27:20 | 000,110,592 | ---- | M] () -- C:\Users\France\AppData\Roaming\U3\4323600CB8D1D869\cleanup.exe
[2008-05-02 09:41:48 | 003,493,888 | ---- | M] (SanDisk Corporation) -- C:\Users\France\AppData\Roaming\U3\4323600CB8D1D869\Launchpad Removal.exe
[2008-05-04 15:02:26 | 004,603,904 | ---- | M] () -- C:\Users\France\AppData\Roaming\U3\4323600CB8D1D869\LaunchPad.exe
[2007-10-23 08:44:48 | 000,054,584 | ---- | M] () -- C:\Users\France\AppData\Roaming\U3\4323600CB8D1D869\U3AccessGrant.exe
[2008-05-02 09:41:48 | 003,493,888 | ---- | M] (SanDisk Corporation) -- C:\Users\France\AppData\Roaming\U3\temp\Launchpad Removal.exe

[color=#A23BEC]< %temp%\.exe /s >[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2008-01-19 02:34:08 | 000,347,136 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dxtmsft.dll
[2008-01-19 02:34:08 | 000,214,528 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\system32\dxtrans.dll

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2006-11-02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006-11-02 05:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006-11-02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006-11-02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006-11-02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s >[/color]
"Debug" =
"" = mnmsrvc
"Kmode" = \SystemRoot\System32\win32k.sys
"Optional" = Posix [binary data]
"Posix" = %SystemRoot%\system32\psxss.exe
"Required" = DebugWindows [binary data]
"Windows" = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\CSRSS]
"CsrSrvSharedSectionBase" = 2137980928

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2009-09-17 22:35:12 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009-09-17 22:35:12 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009-09-17 22:35:11 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009-09-17 23:13:13 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2009-09-17 23:13:13 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009-04-11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009-04-11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009-09-17 22:35:12 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006-11-02 04:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008-01-19 02:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2008-01-19 02:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008-01-19 02:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006-11-02 04:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009-04-11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009-04-11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006-11-02 04:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008-01-19 02:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

[color=#A23BEC]< nslookup www.google.fr /c >[/color]
Serveur : mymodem
Address: 192.168.2.1
Nom : www-cctld.l.google.com
Address: 74.125.226.184
Aliases: WWW.GOOGLE.FR

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:2F141B68
@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:870649A4
@Alternate Data Stream - 171 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 159 bytes -> C:\ProgramData\TEMP:1604D047
@Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:08D8BB20
@Alternate Data

Malekal_morte- · Answer

rapport traonqué faut utiliser pjjoint, comme cela est indiqué.

barbelle333 · Answer

voila c'est fait!
Merci

barbelle333 · Answer

maintenant je fais quoi??

Redirection des liens

12 réponses

Votre réponse

Discussions similaires

Newsletters