Sujet Précédent Sujet Suivant

Pc bloqué à cause du virus UKASH

Fermé
thaclem Messages postés 11 Date d'inscription vendredi 8 mars 2013 Statut Membre Dernière intervention 9 mars 2013 - 8 mars 2013 à 22:32
 Utilisateur anonyme - 9 mars 2013 à 07:05
Bonjour,
mon pc portabe viens de se bloquer avec ce truc. jai essayé de redemarrer sans echec ..il prend le dessus
j'ai esayé avec sans echec avec prise reseau..... il prend le desus
j'ai essayé a partir d'une aute date ......il prend le dessus.
bref total bloqué ...
sacant quele pc est sous seven que antivirus était ouvert et que ce truc la fermé sans que je puisse faire quoi que ce soit.
bref une aide
merci



A voir également:

13 réponses

Réponse 1 / 13
Utilisateur anonyme
8 mars 2013 à 22:33
Bonsoir

Tu procèdes avec OTLPE sous environnement Seven.
Télécharge ici http://www.security-helpzone.com/Tools/g3n/7pe_x___86_E.exe => OTLPE sous environnement windows 7 en CD Live (Merci à "g3n-h@ckm@n")

double-clique sur le fichier , patiente quelques secondes , puis un logiciel de gravure va s'ouvrir

insère un cd dans ton graveur puis clique sur "BURN ISO"

(normalement le fichier à graver est déjà sélectionné)
Note : Le CD gravé, il faut maintenant redémarrer la machine sur le lecteur CDROM
Pour ce faire suivre ce lien : Booter sur un CD

Tu lances l'iso d'OTLPE que tu as gravé.
* Double-clique sur l'icone OTLPE
* Une fenêtre s'ouvre: « Choose Windows Directory »

Tu choisis le lecteur qui embarque Windows (C par défaut) et ensuite tu pointes vers ce fichier Windows.
Une autre fenêtre mentionne :"Do you wish to loadremote user profile(s) for scanning ?"
Tu cliques sur Oui
Tu choisis ensuite ta session (logiquement la première ligne de cette fenêtre)
La ligne en bas du tableau est cochée (sinon le faire)

Cliquer sur Ok


Tu cliques sur OK

Ensuite
* sous custom scans /fixes
1) copie_colle le contenu du cadre ci dessous:

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
cdrom.sys
disk.sys
ndis.sys
mountmgr.sys
aec.sys
rasacd.sys
mrxsmb10.sys
mrxsmb20.sys
termdd.sys
mrxsmb.sys
win32k.sys
storport.sys
IdeChnDr.sys
viasraid.sys
explorer.exe
winlogon.exe
wininit.exe
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT

* copie colle ce texte dans un fichier texte|bloc note que tu enregistres sur clé usb que tu brancheras sous reatogo tu pourras alors facilement le copier\coller.

* 2) Clic Run Scan pour démarrer le scan.
* Une fois terminé , le fichier se trouve là C:\OTL.txt
* Copie_colle le contenu dans ta prochaine réponse.



@+
0
Réponse 2 / 13
thaclem Messages postés 11 Date d'inscription vendredi 8 mars 2013 Statut Membre Dernière intervention 9 mars 2013
8 mars 2013 à 23:23
dons j'ai graver le cd 'ai lancé otlpe.exe
dans choose windows directory j'aicliquer sue l'enroit ou apparait winre(c:) et la des sous dossier s'affiche
-SRECYCL.BIN
-boot
-RECOVERY
-system volume information puis plus bas dossier ..winRE(c:) puis ok ou annuler
si je clique sur ok il marque
target is not windows 2000 or later

que faire ???
0
Utilisateur anonyme
8 mars 2013 à 23:26
C'est Windows qu'il faut choisir
0
Réponse 3 / 13
thaclem Messages postés 11 Date d'inscription vendredi 8 mars 2013 Statut Membre Dernière intervention 9 mars 2013
8 mars 2013 à 23:40
desole pour les fautes de frappe maisle clavier un prob bref je reprend
a l'ouverture de otlpe j'ai une fenetre
recherche de dossier
choosewindows directory
les choix proposer sont ordinateur (en GRAS)
- WinRE(C :)
- vista (d)
- Data (E:)
- lecteur de cd (f) win 7pe_ x86
- boot (x)
et en apuyant sur le c: j'ai le message avec s recylebin ou boot ou recovry ou systeme volumen information et enbas Win re c:etapre l ok puis le fameux message d'erreur
0
Utilisateur anonyme
8 mars 2013 à 23:47
Pour toi ce sera - vista (d)
0
Réponse 4 / 13
thaclem Messages postés 11 Date d'inscription vendredi 8 mars 2013 Statut Membre Dernière intervention 9 mars 2013
8 mars 2013 à 23:50
attend la j'ai cliquer sur d puis j'ai trouver windows fais ok puis a linvite du message
oyou wish remote... j'ai fait yes maintemat dans select use profile j'ai
localservice
networkservice
systemprofile
toshiba

je fais quoi encore mille excuse pour les faues et mon ignorance
0
Utilisateur anonyme
8 mars 2013 à 23:55
Une autre fenêtre mentionne :"Do you wish to loadremote user profile(s) for scanning ?"
Tu cliques sur Oui
Tu choisis ensuite ta session (logiquement la première ligne de cette fenêtre)
La ligne en bas du tableau est cochée (sinon le faire)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 13
thaclem Messages postés 11 Date d'inscription vendredi 8 mars 2013 Statut Membre Dernière intervention 9 mars 2013
8 mars 2013 à 23:53
sachant qu'habituellemnt jutilise le profile toshiba et le autres je sais pas ce que c'est
0
Réponse 6 / 13
thaclem Messages postés 11 Date d'inscription vendredi 8 mars 2013 Statut Membre Dernière intervention 9 mars 2013
9 mars 2013 à 00:03
question pour le copier /coller
je 'ecris du pc sain donc ts reponses son sur le pc sain commet je fas pour mettre tes lignes dans le portable par usb ca peut ce faire ???
0
Utilisateur anonyme
Modifié par Guillaume5188 le 9/03/2013 à 00:06
Si ton profil est Toshiba et bien choisis le
Essaie du PC à problèmes
Normalement Firefox fonctionne
Sinon via une clé Usb
0
Réponse 7 / 13
thaclem Messages postés 11 Date d'inscription vendredi 8 mars 2013 Statut Membre Dernière intervention 9 mars 2013
9 mars 2013 à 00:18
comment je fais avec une usb car sur le pc sain j'ai meme pas paint j'ai que un pense bete
0
Utilisateur anonyme
9 mars 2013 à 00:20
Et un éditeur de texte ???
0
Réponse 8 / 13
thaclem Messages postés 11 Date d'inscription vendredi 8 mars 2013 Statut Membre Dernière intervention 9 mars 2013
9 mars 2013 à 00:26
c'est bon j'ai reussi a mettre sur otl et j'ai fait run scan je crois que je m'affole dans mes questions alors que j'ai des solutions en cherchant bien en tout cas tu es tres patient merci encore
0
Réponse 9 / 13
thaclem Messages postés 11 Date d'inscription vendredi 8 mars 2013 Statut Membre Dernière intervention 9 mars 2013
9 mars 2013 à 00:36
voicile rapport otl
OTL logfile created on: 09/03/2013 00:22:45 - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Program Files\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 76,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 1,46 Gb Total Space | 1,25 Gb Free Space | 85,53% Space Free | Partition Type: NTFS
Drive D: | 297,85 Gb Total Space | 174,22 Gb Free Space | 58,49% Space Free | Partition Type: NTFS
Drive E: | 296,85 Gb Total Space | 288,37 Gb Free Space | 97,14% Space Free | Partition Type: NTFS
Drive F: | 327,34 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 7,52 Gb Total Space | 0,61 Gb Free Space | 8,08% Space Free | Partition Type: FAT32
Drive X: | 254,19 Mb Total Space | 251,76 Mb Free Space | 99,04% Space Free | Partition Type: NTFS

Computer Name: MININT-3VL6J4L | User Name: Système
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2013/02/19 13:56:14 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto] -- D:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV:[b]64bit:[/b] - [2013/02/19 13:53:32 | 000,218,760 | ---- | M] (McAfee, Inc.) [Auto] -- D:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:[b]64bit:[/b] - [2013/02/19 13:51:54 | 000,241,456 | ---- | M] (McAfee, Inc.) [Auto] -- D:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe -- (McShield)
SRV:[b]64bit:[/b] - [2012/11/16 21:10:22 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand] -- D:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:[b]64bit:[/b] - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto] -- D:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:[b]64bit:[/b] - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto] -- D:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:[b]64bit:[/b] - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto] -- D:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:[b]64bit:[/b] - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto] -- D:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:[b]64bit:[/b] - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto] -- D:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:[b]64bit:[/b] - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto] -- D:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:[b]64bit:[/b] - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto] -- D:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:[b]64bit:[/b] - [2010/03/17 16:00:44 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Auto] -- D:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:[b]64bit:[/b] - [2010/03/15 09:56:20 | 000,202,752 | ---- | M] (AMD) [Auto] -- D:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2010/02/23 17:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand] -- D:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:[b]64bit:[/b] - [2010/02/05 16:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand] -- D:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:[b]64bit:[/b] - [2009/11/05 22:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto] -- D:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:[b]64bit:[/b] - [2009/07/28 13:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto] -- D:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2013/03/04 07:34:27 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/09 11:21:24 | 000,161,536 | R--- | M] (Skype Technologies) [Auto] -- D:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/29 19:52:22 | 000,976,728 | ---- | M] (Trusteer Ltd.) [Auto] -- D:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2011/02/11 12:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand] -- D:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/10/12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand] -- D:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010/03/03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010/02/11 01:40:12 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto] -- D:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2010/01/28 16:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- D:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2010/01/15 13:08:38 | 000,935,208 | ---- | M] (Nero AG) [Auto] -- D:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- D:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2013/02/19 13:59:06 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV:[b]64bit:[/b] - [2013/02/19 13:56:26 | 000,340,216 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- D:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV:[b]64bit:[/b] - [2013/02/19 13:55:14 | 000,106,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV:[b]64bit:[/b] - [2013/02/19 13:54:32 | 000,771,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- D:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV:[b]64bit:[/b] - [2013/02/19 13:53:42 | 000,515,968 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV:[b]64bit:[/b] - [2013/02/19 13:53:02 | 000,309,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV:[b]64bit:[/b] - [2013/02/19 13:52:44 | 000,179,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV:[b]64bit:[/b] - [2012/09/14 15:26:40 | 000,073,096 | ---- | M] (McAfee, Inc.) [Kernel | Boot] -- D:\Windows\System32\drivers\McPvDrv.sys -- (McPvDrv)
DRV:[b]64bit:[/b] - [2012/07/29 19:52:38 | 000,101,688 | ---- | M] (Trusteer Ltd.) [Kernel | Boot] -- D:\Windows\System32\drivers\RapportKE64.sys -- (RapportKE64)
DRV:[b]64bit:[/b] - [2012/04/20 15:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\HipShieldK.sys -- (HipShieldK)
DRV:[b]64bit:[/b] - [2012/02/15 10:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2011/07/25 17:44:46 | 000,074,752 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand] -- D:\Windows\System32\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:[b]64bit:[/b] - [2011/07/20 12:58:22 | 000,044,032 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand] -- D:\Windows\System32\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:[b]64bit:[/b] - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010/04/27 01:23:08 | 001,103,904 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV:[b]64bit:[/b] - [2010/03/31 14:50:16 | 000,724,536 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:[b]64bit:[/b] - [2010/03/15 10:06:28 | 006,403,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2010/03/15 09:00:58 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2010/03/05 11:11:30 | 000,720,952 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\CHDMI64.sys -- (CnxtHdmiAudService)
DRV:[b]64bit:[/b] - [2010/02/22 18:03:42 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2010/02/01 09:29:48 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:[b]64bit:[/b] - [2009/09/17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:[b]64bit:[/b] - [2009/07/30 18:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:[b]64bit:[/b] - [2009/07/14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- D:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:[b]64bit:[/b] - [2009/07/14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:[b]64bit:[/b] - [2009/07/14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\usb8023x.sys -- (usb_rndisx)
DRV:[b]64bit:[/b] - [2009/07/07 07:51:42 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\FwLnk.sys -- (FwLnk)
DRV:[b]64bit:[/b] - [2009/06/22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV:[b]64bit:[/b] - [2009/06/19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto] -- D:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)
DRV:[b]64bit:[/b] - [2009/06/10 22:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand] -- D:\Windows\System32\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:[b]64bit:[/b] - [2009/06/10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV - [2012/11/05 09:07:03 | 000,505,720 | ---- | M] () [Kernel | System] -- D:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus64_43926.sys -- (RapportCerberus_43926)
DRV - [2012/07/29 19:52:40 | 000,055,096 | ---- | M] (Trusteer Ltd.) [Kernel | System] -- D:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2012/07/29 19:52:38 | 000,297,240 | ---- | M] (Trusteer Ltd.) [Kernel | System] -- D:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0






IE - HKU\Toshiba_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?cobrand=toshiba.msn.com&ocid=TSHDHP&pc=MATB
IE - HKU\Toshiba_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\Toshiba_ON_D\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKU\Toshiba_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKU\Toshiba_ON_D\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\Toshiba_ON_D\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/toolbar/ie8/sidebar.html
IE - HKU\Toshiba_ON_D\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - Reg Error: Key error. File not found
IE - HKU\Toshiba_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Toshiba_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: D:\Windows\System32\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: D:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10: D:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/SAFFPlugin: D:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll (McAfee, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@rim.com/npappworld: D:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: D:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: D:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/02/05 11:41:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013/02/05 11:41:22 | 000,000,000 | ---D | M]

[2012/04/17 16:33:56 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\extensions
[2012/04/17 16:33:57 | 000,000,000 | ---D | M] (uTorrentBar_FR Community Toolbar) -- D:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2:[b]64bit:[/b] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:[b]64bit:[/b] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - D:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - D:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Savevid Toolbar) - {23cd218f-af09-443f-bbb1-adb89fd5986d} - D:\Program Files (x86)\Savevid Toolbar\Datamngr\ToolBar\savevidX.dll ()
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (SaveAs Class) - {48464E76-6C00-5A6A-0548-F72305D17E87} - D:\ProgramData\SaveAs\5077985ed28c1.ocx ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - D:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - D:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - !{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Savevid Toolbar) - {23cd218f-af09-443f-bbb1-adb89fd5986d} - D:\Program Files (x86)\Savevid Toolbar\Datamngr\ToolBar\savevidX.dll ()
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [00TCrdMain] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [cAudioFilterAgent] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [HSON] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [SmartAudio] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [SmartFaceVWatcher] D:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [SmoothView] D:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [SynTPEnh] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [Teco] D:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [Toshiba Registration] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [Toshiba TEMPRO] D:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:[b]64bit:[/b] - HKLM..\Run: [TosNC] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [TosReelTimeMonitor] File not found
O4:[b]64bit:[/b] - HKLM..\Run: [TosSENotify] D:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TosVolRegulator] D:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TosWaitSrv] D:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [TPwrMain] File not found
O4 - HKLM..\Run: [APSDaemon] D:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [mcui_exe] D:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NBAgent] D:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] D:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [StartCCC] D:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToshibaServiceStation] D:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] D:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] D:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\Toshiba_ON_D..\Run: [BitTorrent] D:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKU\Toshiba_ON_D..\Run: [MyTomTomSA.exe] D:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe (TomTom)
O4 - HKU\Toshiba_ON_D..\Run: [SkyDrive] D:\Users\Toshiba\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - HKU\Toshiba_ON_D..\Run: [syshost32] D:\Users\Toshiba\AppData\Local\{CC9F631C-738D-9F01-A6B5-13C385C95776}\syshost.exe ()
O4 - HKU\Toshiba_ON_D..\Run: [TOSHIBA Online Product Information] D:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin] File not found
O4 - Startup: D:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = File not found
O4 - Startup: D:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:[b]64bit:[/b] - Extra context menu item: Free YouTube Download - D:\Users\Toshiba\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:[b]64bit:[/b] - Extra context menu item: Save video on Savevid.com - D:\Program Files (x86)\SavevidPlug-in\redirect.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - D:\Users\Toshiba\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Save video on Savevid.com - D:\Program Files (x86)\SavevidPlug-in\redirect.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - D:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - D:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:[b]64bit:[/b] - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:[b]64bit:[/b] - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - D:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\Toshiba_ON_D Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Toshiba_ON_D Winlogon: Shell - (C:\Users\Toshiba\AppData\Roaming\skype.dat) - D:\Users\Toshiba\AppData\Roaming\skype.dat ()
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1e946da6-5d54-11e2-a6c8-00266c83eb3c}\Shell - "" = AutoRun
O33 - MountPoints2\{1e946da6-5d54-11e2-a6c8-00266c83eb3c}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\{21d95104-7762-11e1-a704-e839dfc0592e}\Shell - "" = AutoRun
O33 - MountPoints2\{21d95104-7762-11e1-a704-e839dfc0592e}\Shell\AutoRun\command - "" = IomegaEncryptionSetup v1.3.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
[b]64bit:[/b] O35 - HKLM\..comfile [open] -- "%1" %* File not found
[b]64bit:[/b] O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*



SafeBootMin:[b]64bit:[/b] AppMgmt - Service
SafeBootMin:[b]64bit:[/b] Base - Driver Group
SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
SafeBootMin:[b]64bit:[/b] File system - Driver Group
SafeBootMin:[b]64bit:[/b] Filter - Driver Group
SafeBootMin:[b]64bit:[/b] HelpSvc - Service
SafeBootMin:[b]64bit:[/b] mcmscsvc - D:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootMin:[b]64bit:[/b] MCODS - D:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
SafeBootMin:[b]64bit:[/b] sacsvr - Service
SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootMin:[b]64bit:[/b] vmms - Service
SafeBootMin:[b]64bit:[/b] WinDefend - Service
SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:[b]64bit:[/b] AppMgmt - Service
SafeBootNet:[b]64bit:[/b] Base - Driver Group
SafeBootNet:[b]64bit:[/b] BFE - Service
SafeBootNet:[b]64bit:[/b] Boot Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] Boot file system - Driver Group
SafeBootNet:[b]64bit:[/b] File system - Driver Group
SafeBootNet:[b]64bit:[/b] Filter - Driver Group
SafeBootNet:[b]64bit:[/b] HelpSvc - Service
SafeBootNet:[b]64bit:[/b] McMPFSvc - D:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet:[b]64bit:[/b] mcmscsvc - D:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet:[b]64bit:[/b] MCODS - D:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet:[b]64bit:[/b] Messenger - Service
SafeBootNet:[b]64bit:[/b] mfefire - D:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SafeBootNet:[b]64bit:[/b] mfefirek - D:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet:[b]64bit:[/b] mfefirek.sys - D:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet:[b]64bit:[/b] mfehidk - D:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet:[b]64bit:[/b] mfehidk.sys - D:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet:[b]64bit:[/b] mfevtp - D:\Windows\System32\mfevtps.exe (McAfee, Inc.)
SafeBootNet:[b]64bit:[/b] MPSSvc - Service
SafeBootNet:[b]64bit:[/b] NDIS Wrapper - Driver Group
SafeBootNet:[b]64bit:[/b] NetBIOSGroup - Driver Group
SafeBootNet:[b]64bit:[/b] NetDDEGroup - Driver Group
SafeBootNet:[b]64bit:[/b] Network - Driver Group
SafeBootNet:[b]64bit:[/b] NetworkProvider - Driver Group
SafeBootNet:[b]64bit:[/b] PCI Configuration - Driver Group
SafeBootNet:[b]64bit:[/b] PNP Filter - Driver Group
SafeBootNet:[b]64bit:[/b] PNP_TDI - Driver Group
SafeBootNet:[b]64bit:[/b] Primary disk - Driver Group
SafeBootNet:[b]64bit:[/b] rdsessmgr - Service
SafeBootNet:[b]64bit:[/b] sacsvr - Service
SafeBootNet:[b]64bit:[/b] SCSI Class - Driver Group
SafeBootNet:[b]64bit:[/b] Streams Drivers - Driver Group
SafeBootNet:[b]64bit:[/b] System Bus Extender - Driver Group
SafeBootNet:[b]64bit:[/b] TDI - Driver Group
SafeBootNet:[b]64bit:[/b] vmms - Service
SafeBootNet:[b]64bit:[/b] WinDefend - Service
SafeBootNet:[b]64bit:[/b] WudfUsbccidDriver - Driver
SafeBootNet:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:[b]64bit:[/b] {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:[b]64bit:[/b] {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:[b]64bit:[/b] {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:[b]64bit:[/b] {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:[b]64bit:[/b] {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: BFE - Service
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:[b]64bit:[/b] {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:[b]64bit:[/b] {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:[b]64bit:[/b] {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:[b]64bit:[/b] {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:[b]64bit:[/b] {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:[b]64bit:[/b] {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:[b]64bit:[/b] {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:[b]64bit:[/b] {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:[b]64bit:[/b] {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:[b]64bit:[/b] {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:[b]64bit:[/b] {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:[b]64bit:[/b] >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:[b]64bit:[/b] >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -

Drivers32:[b]64bit:[/b] aux - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] aux1 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midi - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midi1 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] midimapper - D:\Windows\System32\midimap.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] mixer - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] mixer1 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] msacm.imaadpcm - D:\Windows\System32\imaadp32.acm (Microsoft Corporation)
Drivers32:[b]64bit:[/b] msacm.l3acm - D:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:[b]64bit:[/b] msacm.msadpcm - D:\Windows\System32\msadp32.acm (Microsoft Corporation)
Drivers32:[b]64bit:[/b] msacm.msg711 - D:\Windows\System32\msg711.acm (Microsoft Corporation)
Drivers32:[b]64bit:[/b] msacm.msgsm610 - D:\Windows\System32\msgsm32.acm (Microsoft Corporation)
Drivers32:[b]64bit:[/b] MSVideo8 - D:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] vidc.i420 - D:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] VIDC.IYUV - D:\Windows\System32\iyuv_32.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] vidc.mrle - D:\Windows\System32\msrle32.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] vidc.msvc - D:\Windows\System32\msvidc32.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] VIDC.UYVY - D:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] VIDC.YUY2 - D:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] VIDC.YVU9 - D:\Windows\System32\tsbyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] VIDC.YVYU - D:\Windows\System32\msyuv.dll (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wave - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wave1 - D:\Windows\System32\wdmaud.drv (Microsoft Corporation)
Drivers32:[b]64bit:[/b] wavemapper - D:\Windows\System32\msacm32.drv (Microsoft Corporation)
Drivers32: msacm.l3acm - D:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - D:\Windows\SysWow64\vfwwdm32.dll (Microsoft Corporation)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013/03/08 19:05:20 | 000,000,000 | ---D | C] -- D:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Progressive Protection
[2013/03/08 19:03:21 | 000,000,000 | ---D | C] -- D:\ProgramData\EA446366597433EF0000EA43792A3B4A
[2013/03/08 19:02:48 | 000,000,000 | ---D | C] -- D:\Users\Toshiba\AppData\Local\{CC9F631C-738D-9F01-A6B5-13C385C95776}
[2013/03/06 21:10:30 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/06 21:10:30 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Skype
[2013/02/15 22:07:29 | 000,000,000 | ---D | C] -- D:\Users\Toshiba\AppData\Local\TomTom
[2013/02/15 22:07:26 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
[2013/02/15 22:07:24 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\TomTom International B.V
[2013/02/15 22:07:04 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\MyTomTom 3
[2013/02/13 21:08:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2013/02/13 21:08:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2013/02/13 21:08:37 | 000,248,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2013/02/13 21:08:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2013/02/13 21:08:37 | 000,173,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe
[2013/02/13 21:08:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieUnatt.exe
[2013/02/13 21:08:36 | 001,494,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl
[2013/02/13 21:08:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inetcpl.cpl
[2013/02/13 21:08:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2013/02/13 21:08:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2013/02/13 21:08:35 | 002,312,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript9.dll
[2013/02/13 21:08:35 | 000,729,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2013/02/13 21:08:35 | 000,607,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2013/02/13 21:08:34 | 001,800,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript9.dll
[2013/02/13 21:08:34 | 000,816,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript.dll
[2013/02/13 21:08:34 | 000,717,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript.dll
[2013/02/13 21:08:34 | 000,599,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll
[2013/02/13 18:45:04 | 005,553,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntoskrnl.exe
[2013/02/13 18:45:02 | 003,967,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntkrnlpa.exe
[2013/02/13 18:45:02 | 003,913,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntoskrnl.exe
[2013/02/13 18:39:51 | 000,215,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\winsrv.dll
[2013/02/13 18:39:49 | 000,025,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\setup16.exe
[2013/02/13 18:39:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntvdm64.dll
[2013/02/13 18:39:47 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\instnm.exe
[2013/02/13 18:39:47 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wow32.dll
[2013/02/13 18:39:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\user.exe
[2013/02/13 18:38:46 | 000,288,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\FWPKCLNT.SYS
[2013/02/09 08:33:04 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft SkyDrive
[2013/02/09 08:32:27 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft SkyDrive
[1 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013/03/08 21:57:39 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2013/03/08 21:57:09 | 3112,587,264 | -HS- | M] () -- D:\hiberfil.sys
[2013/03/08 19:51:00 | 000,000,004 | ---- | M] () -- D:\Users\Toshiba\AppData\Roaming\skype.ini
[2013/03/08 19:45:56 | 000,000,416 | -H-- | M] () -- D:\Windows\tasks\OptimizerPro1UpdaterTask{146E0F09-07CC-4258-9005-B00D91CABE69}.job
[2013/03/08 19:20:05 | 000,016,304 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/08 19:20:05 | 000,016,304 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/08 19:16:05 | 000,001,833 | ---- | M] () -- D:\Users\Public\Desktop\McAfee Total Protection.lnk
[2013/03/08 19:16:05 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/03/08 19:05:20 | 000,001,887 | ---- | M] () -- D:\Users\Toshiba\Desktop\System Progressive Protection.lnk
[2013/03/08 18:34:00 | 000,001,002 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/08 04:38:19 | 000,002,441 | ---- | M] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2013/03/06 21:10:33 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/04 09:08:45 | 000,704,714 | ---- | M] () -- D:\Windows\System32\perfh00C.dat
[2013/03/04 09:08:45 | 000,616,242 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2013/03/04 09:08:45 | 000,130,988 | ---- | M] () -- D:\Windows\System32\perfc00C.dat
[2013/03/04 09:08:45 | 000,106,622 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2013/03/04 07:34:26 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/04 07:34:26 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/02/22 06:56:04 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/02/22 06:48:24 | 000,000,000 | R--D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2013/02/19 13:59:06 | 000,070,112 | ---- | M] (McAfee, Inc.) -- D:\Windows\System32\drivers\cfwids.sys
[2013/02/19 13:56:26 | 000,340,216 | ---- | M] (McAfee, Inc.) -- D:\Windows\System32\drivers\mfewfpk.sys
[2013/02/19 13:56:14 | 000,182,752 | ---- | M] (McAfee, Inc.) -- D:\Windows\System32\mfevtps.exe
[2013/02/19 13:55:26 | 000,010,728 | ---- | M] (McAfee, Inc.) -- D:\Windows\System32\drivers\mfeclnk.sys
[2013/02/19 13:55:14 | 000,106,552 | ---- | M] (McAfee, Inc.) -- D:\Windows\System32\drivers\mferkdet.sys
[2013/02/19 13:54:32 | 000,771,536 | ---- | M] (McAfee, Inc.) -- D:\Windows\System32\drivers\mfehidk.sys
[2013/02/19 13:53:42 | 000,515,968 | ---- | M] (McAfee, Inc.) -- D:\Windows\System32\drivers\mfefirek.sys
[2013/02/19 13:53:02 | 000,309,840 | ---- | M] (McAfee, Inc.) -- D:\Windows\System32\drivers\mfeavfk.sys
[2013/02/19 13:52:44 | 000,179,280 | ---- | M] (McAfee, Inc.) -- D:\Windows\System32\drivers\mfeapfk.sys
[2013/02/15 22:07:26 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
[2013/02/14 17:48:13 | 000,499,440 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2013/02/11 12:26:10 | 000,001,070 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/11 12:26:10 | 000,001,066 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[1 D:\Windows\*.tmp files -> D:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013/03/08 19:08:15 | 000,000,004 | ---- | C] () -- D:\Users\Toshiba\AppData\Roaming\skype.ini
[2013/03/08 19:05:20 | 000,001,887 | ---- | C] () -- D:\Users\Toshiba\Desktop\System Progressive Protection.lnk
[2013/02/09 08:33:03 | 000,002,214 | ---- | C] () -- D:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
[2013/02/05 10:26:34 | 095,023,320 | ---- | C] () -- D:\ProgramData\lhyXh2j.pad
[2012/11/27 11:25:59 | 000,006,656 | ---- | C] () -- D:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/03 18:59:44 | 000,000,954 | ---- | C] () -- D:\Users\Toshiba\AppData\Roaming\wklnhst.dat
[2012/04/01 07:54:57 | 000,000,056 | -H-- | C] () -- D:\ProgramData\ezsidmv.dat
[2012/03/26 18:01:58 | 000,061,952 | -HS- | C] () -- D:\Users\Toshiba\AppData\Roaming\skype.dat
[2012/03/22 12:21:54 | 000,000,000 | ---- | C] () -- D:\Windows\NDSTray.INI
[2012/03/22 12:11:33 | 000,451,072 | ---- | C] () -- D:\Windows\SysWow64\ISSRemoveSP.exe
[2012/03/22 12:03:57 | 000,000,000 | ---- | C] () -- D:\Windows\ativpsrm.bin
[2012/03/22 12:01:34 | 000,001,105 | ---- | C] () -- D:\Windows\SysWow64\atipblag.dat
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- D:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- D:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\SysWow64\mlang.dat
[2007/04/27 10:43:58 | 000,120,200 | ---- | C] () -- D:\Windows\SysWow64\DLLDEV32i.dll

[color=#E56717]========== LOP Check ==========[/color]

[2012/12/31 08:08:01 | 000,000,000 | ---D | M] -- D:\ProgramData\albumphoto
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2012/03/22 12:27:03 | 000,000,000 | -HSD | M] -- D:\ProgramData\Bureau
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2013/03/08 19:05:13 | 000,000,000 | ---D | M] -- D:\ProgramData\EA446366597433EF0000EA43792A3B4A
[2012/12/08 20:50:45 | 000,000,000 | ---D | M] -- D:\ProgramData\Electronic Arts
[2012/03/22 12:27:03 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoris
[2009/07/14 06:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2012/10/13 06:15:18 | 000,000,000 | ---D | M] -- D:\ProgramData\InstallMate
[2012/04/15 07:49:46 | 000,000,000 | ---D | M] -- D:\ProgramData\IsolatedStorage
[2013/01/19 21:57:41 | 000,000,000 | ---D | M] -- D:\ProgramData\MAGIX
[2012/03/22 12:27:03 | 000,000,000 | -HSD | M] -- D:\ProgramData\Menu Démarrer
[2012/03/22 12:27:03 | 000,000,000 | -HSD | M] -- D:\ProgramData\Modè
0
Réponse 10 / 13
thaclem Messages postés 11 Date d'inscription vendredi 8 mars 2013 Statut Membre Dernière intervention 9 mars 2013
9 mars 2013 à 00:46
quest ce que je dois faire maintemant !!
0
Réponse 11 / 13
Utilisateur anonyme
9 mars 2013 à 00:54
Re

On fait avec ce rapport incomplet

* Double-clique sur l'icone OTLPE
* quand demandé "Do you wish to load the remote registry", selectionne "Yes"
* quand demandé "Do you wish to load remote user profile(s) for scanning", selectionne "Yes"
* verifier que "Automatically Load All Remaining Users" est sélectionné et presse OK


http://imagesup.org/image

* sous Custom Scan box copie_colle le tout ci dessous et clic RUNFIX

:OTL
O4 - HKU\Toshiba_ON_D..\Run: [syshost32] D:\Users\Toshiba\AppData\Local\{CC9F631C-738D-9F01-A6B5-13C385C95776}\syshost.exe ()
O20 - HKU\Toshiba_ON_D Winlogon: Shell - (C:\Users\Toshiba\AppData\Roaming\skype.dat) - D:\Users\Toshiba\AppData\Roaming\skype.dat ()
[2013/03/08 19:51:00 | 000,000,004 | ---- | M] () -- D:\Users\Toshiba\AppData\Roaming\skype.ini
[2013/03/08 19:45:56 | 000,000,416 | -H-- | M] () -- D:\Windows\tasks\OptimizerPro1UpdaterTask{146E0F09-07CC-4258-9005-B00D91CABE69}.job
[2013/02/05 10:26:34 | 095,023,320 | ---- | C] () -- D:\ProgramData\lhyXh2j.pad
[2012/03/26 18:01:58 | 000,061,952 | -HS- | C] () -- D:\Users\Toshiba\AppData\Roaming\skype.dat


tu conserves le rapport qui s'affiche ; et tu le copies et colles dans ta prochaine réponse



@+
0
Réponse 12 / 13
thaclem Messages postés 11 Date d'inscription vendredi 8 mars 2013 Statut Membre Dernière intervention 9 mars 2013
9 mars 2013 à 01:07
voici l nouveau rapport dois je fermer otl

========== OTL ==========
Registry key HKEY_USERS\Toshiba_ON_D\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run not found.
File D:\Users\Toshiba\AppData\Local\{CC9F631C-738D-9F01-A6B5-13C385C95776}\syshost.exe not found.
Registry value HKEY_USERS\Toshiba_ON_D\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Toshiba\AppData\Roaming\skype.dat deleted successfully.
File D:\Users\Toshiba\AppData\Roaming\skype.dat not found.
File D:\Users\Toshiba\AppData\Roaming\skype.ini not found.
File D:\Windows\tasks\OptimizerPro1UpdaterTask{146E0F09-07CC-4258-9005-B00D91CABE69}.job not found.
File D:\ProgramData\lhyXh2j.pad not found.
File D:\Users\Toshiba\AppData\Roaming\skype.dat not found.

OTLPE by OldTimer - Version 3.1.48.0 log created on 03092013_010452
0
Réponse 13 / 13
Utilisateur anonyme
9 mars 2013 à 07:05
Bonjour

Essaie de démarrer ton PC normalement
Tiens moi au courant

Ce n'est pas fini

@+
0