[Régé] Pb de connexion internet + publicité intempestive

EinsteinZero · le 22 Jan 2012 12:56

Bonjour,

J'ai été infecté il y a environ une semaine par Windows Scan 2012 ou quelque chose dans le genre (faux antivirus qui apparaît tout à coup) et je suis allé cherché quelques solutions pour régler ce problème. Ce programme semble être parti aux premiers abords.

Mais depuis, j'ai de façon assez fréquente dans la journée des publicités intempestives qui s'ouvrent toutes seules, même lorsque la fenêtre de mon navigateur internet est réduite (le navigateur arrive au premier plan, lorsque je suis dans une autre application).

Et ce matin, en allumant mon pc, j'ai constaté que je n'étais plus connecté à internet : le wifi est bien connecté mais j'ai le triangle jaune de signalisation qui me dit que l'internet ne marche pas. Après résolution de problème, il est indiqué qu'il s'agit des paramètres proxy par défaut.

Je sollicite donc avec beaucoup d'espoir votre aide!

J'ai fait les procédures initiales de demande de désinfection.
Cependant, je n'utilise Windows qu'à des fins très limitées (uniquement pour jouer), car mon ordinateur est un Mac et seule ma partition Bootcamp de Windows est touchée. Je n'ai aucun fichier important dessus, donc je n'ai fait aucune sauvegarde particulière.

Autre détail : j'ai l'impression que ma connexion internet est un peu lente parfois, je ne pense pas que ce soit un problème de l'ordinateur, mais on ne sait jamais.

Voici mes rapports :

http://j6m3uo.dl4free.com/

http://2v7ktc.dl4free.com/

Merci d'avance

jeanmimigab · le 22 Jan 2012 13:24

hello,

Ensuite essais cela stp...

télécharge Malwarebytes >>ici
Pour t'aider un super tuto de Danakil à lire avant le scan.
Choisie "exécuter un examen rapide" et à la fin du scan , coche tous les éléments trouvés,et clique sur supprimer la sélection.
Poste moi le rapport stp.

ensuite refais un scan OTL comme tu l'as fais la première fois et poste le rapport OTL.txt

note: Cette fois ci tu n'auras pas de rapport extra.txt

EDIT: je suppose que tu as postés un rapport OTL.txt et Extra.txt, les lien ne fonctionnent pas chez moi (c'est peut être momentané ) , donc met les rapport directement dans ton message entre les balises [code] comme cela

Garfind · le 22 Jan 2012 14:43

Voici les deux premiers rapports que tu n'as pas pu lire :

Code: Tout sélectionner: OTL logfile created on: 22/01/2012 11:22:57 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Guillaume\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,74 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 69,45% Memory free 5,48 Gb Paging File | 4,59 Gb Available in Paging File | 83,78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 31,56 Gb Total Space | 3,44 Gb Free Space | 10,90% Space Free | Partition Type: NTFS Drive E: | 201,00 Gb Total Space | 55,98 Gb Free Space | 27,85% Space Free | Partition Type: HFS Drive G: | 1011,22 Mb Total Space | 264,78 Mb Free Space | 26,18% Space Free | Partition Type: FAT Computer Name: NUAGE | User Name: Guillaume | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/01/22 12:01:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Guillaume\Desktop\OTL.exe PRC - [2011/12/24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/10/24 16:51:19 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe PRC - [2011/10/24 09:22:00 | 000,409,600 | ---- | M] () -- C:\Program Files\LOLReplay\LOLRecorder.exe PRC - [2011/10/19 16:56:50 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2011/10/19 16:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011/10/19 16:56:24 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2011/10/19 16:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011/08/15 17:34:40 | 000,526,208 | ---- | M] (Apple Inc.) -- C:\Program Files\Boot Camp\Bootcamp.exe PRC - [2011/08/15 17:34:40 | 000,194,432 | ---- | M] () -- C:\Windows\System32\AppleOSSMgr.exe PRC - [2011/08/02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2011/06/24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/03/22 22:53:32 | 000,099,640 | ---- | M] (Apple Inc.) -- C:\Windows\System32\AppleTimeSrv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/10/29 19:41:52 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll MOD - [2011/10/29 19:41:35 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll MOD - [2011/10/29 19:41:24 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll MOD - [2011/10/29 19:41:21 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll MOD - [2011/10/29 19:41:17 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll MOD - [2011/10/29 19:41:12 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll MOD - [2011/10/29 19:41:02 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll MOD - [2011/10/24 09:22:00 | 000,409,600 | ---- | M] () -- C:\Program Files\LOLReplay\LOLRecorder.exe MOD - [2011/10/24 09:21:56 | 000,136,192 | ---- | M] () -- C:\Program Files\LOLReplay\LOLUtils.dll MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010/11/05 02:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\rarext.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/10/19 16:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/10/19 16:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/08/15 17:34:40 | 000,194,432 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AppleOSSMgr.exe -- (AppleOSSMgr) SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/02/24 21:41:52 | 001,343,400 | ---- | M] () [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010/03/22 22:53:32 | 000,099,640 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Windows\System32\AppleTimeSrv.exe -- (AppleTimeSrv) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/12/09 03:56:44 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011/10/19 16:56:50 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011/10/19 16:56:50 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011/08/15 17:34:40 | 000,058,200 | ---- | M] (Apple Inc.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AppleHFS.sys -- (AppleHFS) DRV - [2011/08/15 17:34:40 | 000,015,320 | ---- | M] (Apple Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AppleMNT.sys -- (AppleMNT) DRV - [2011/08/15 17:34:40 | 000,015,064 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KeyAgent.sys -- (KeyAgent) DRV - [2011/08/09 13:10:12 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011/06/28 00:28:37 | 000,018,944 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AppleBtBc.sys -- (AppleBtBc) DRV - [2011/06/02 19:36:46 | 000,026,624 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KeyMagic.sys -- (KeyMagic) DRV - [2011/01/31 13:43:51 | 000,029,824 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\applemtp.sys -- (applemtp) DRV - [2011/01/31 13:43:51 | 000,010,880 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\applemtm.sys -- (applemtm) DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2010/10/14 21:58:17 | 000,014,336 | ---- | M] (Cirrus Logic) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CS420x86.sys -- (CirrusFilter) DRV - [2010/06/17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/05/12 12:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB) DRV - [2010/04/23 14:51:04 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2010/04/23 14:51:02 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2010/04/23 14:51:02 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2010/03/23 06:46:14 | 000,018,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu) DRV - [2010/03/23 06:46:12 | 000,068,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2010/03/22 22:43:50 | 000,012,928 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MacHALDriver.sys -- (MacHALDriver) DRV - [2010/03/09 21:03:15 | 011,585,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009/10/15 22:39:30 | 000,016,512 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IRFilter.sys -- (IRRemoteFlt) DRV - [2009/09/29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009/09/29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009/09/29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009/07/14 00:45:20 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\acpials.sys -- (acpials) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local> [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/21 02:36:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/21 02:37:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Guillaume\AppData\Roaming\mozilla\Extensions [2012/01/21 02:36:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2011/12/21 08:49:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/12/21 06:44:31 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2011/12/21 06:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/12/21 06:44:31 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2011/12/21 06:44:31 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2011/12/21 06:44:31 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2011/12/21 06:44:31 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [Apple_KbdMgr] C:\Program Files\Boot Camp\Bootcamp.exe (Apple Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Partage de CD ou DVD] C:\Program Files\Partage de CD ou DVD\ODSAgent.exe () O4 - HKLM..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software) O4 - HKLM..\Run: [TweakDUN] C:\Program Files\TweakDUN\tweakdun.exe (Patterson Design Systems) O4 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000..\Run: [Spotify] C:\Users\Guillaume\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O13 - gopher Prefix: missing O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A220066-ADBA-42B0-B3E2-F92AC50D99A5}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D91831D1-0430-47BE-BFD3-8458753844EC}: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\kremtel: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - Unable to obtain root file information for disk G:\ O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - State: "bootini" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AFD - Service SafeBootNet: Base - Driver Group SafeBootNet: BFE - Service SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: MPSSvc - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/01/22 11:33:01 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\Diagnostics [2012/01/22 11:22:16 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Guillaume\Desktop\OTL.exe [2012/01/21 02:37:33 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Roaming\Mozilla [2012/01/21 02:37:33 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\Mozilla [2012/01/21 02:36:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012/01/12 18:20:59 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\Spotify [2012/01/12 18:20:22 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Roaming\Spotify [2012/01/12 18:18:14 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\Documents\RK_Quarantine [2012/01/12 18:07:13 | 000,000,000 | ---D | C] -- C:\Kill'em [2012/01/12 17:50:50 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012/01/12 17:43:48 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\SanctionedMedia [2012/01/11 17:35:44 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2012/01/11 17:35:35 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2012/01/11 17:35:35 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2012/01/10 12:21:05 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\Desktop\LoL [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/01/22 12:01:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Guillaume\Desktop\OTL.exe [2012/01/22 11:25:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2012/01/22 11:20:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/01/22 11:20:22 | 2207,195,136 | -HS- | M] () -- C:\hiberfil.sys [2012/01/22 11:10:09 | 000,743,426 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2012/01/22 11:10:09 | 000,652,148 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/01/22 11:10:09 | 000,148,312 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2012/01/22 11:10:09 | 000,121,080 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/01/22 11:05:53 | 000,000,406 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2012/01/21 17:53:40 | 000,014,192 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/01/21 17:53:40 | 000,014,192 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/01/21 02:36:52 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/01/17 01:14:43 | 000,266,262 | ---- | M] () -- C:\Users\Guillaume\AppData\Local\census.cache [2012/01/17 01:13:53 | 000,108,474 | ---- | M] () -- C:\Users\Guillaume\AppData\Local\ars.cache [2012/01/17 01:02:07 | 000,000,036 | ---- | M] () -- C:\Users\Guillaume\AppData\Local\housecall.guid.cache [2012/01/16 21:58:26 | 000,046,363 | ---- | M] () -- C:\Users\Guillaume\Desktop\tumblr_lxtatuonHd1r93w8ko1_500.jpg [2012/01/12 18:21:18 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/01/12 18:20:57 | 000,001,830 | ---- | M] () -- C:\Users\Guillaume\Desktop\Spotify.lnk [2012/01/12 18:18:52 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys [2012/01/12 18:13:51 | 000,000,970 | ---- | M] () -- C:\Users\Guillaume\Desktop\Internet Explorer.lnk [2012/01/12 17:54:25 | 000,002,330 | -HS- | M] () -- C:\Users\Guillaume\AppData\Local\775r1r7n5385 [2012/01/12 17:54:25 | 000,002,330 | -HS- | M] () -- C:\ProgramData\775r1r7n5385 [2012/01/11 00:42:26 | 028,608,382 | ---- | M] () -- C:\Users\Guillaume\Desktop\Thorgal - 29 - Le Sacrifice.pdf [2012/01/10 12:27:37 | 000,000,795 | ---- | M] () -- C:\Users\Guillaume\Desktop\lol.launcher - Raccourci.lnk [2012/01/10 12:17:15 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/01/22 11:25:02 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2012/01/21 02:36:51 | 000,001,120 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012/01/21 02:36:51 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/01/17 01:14:43 | 000,266,262 | ---- | C] () -- C:\Users\Guillaume\AppData\Local\census.cache [2012/01/17 01:13:53 | 000,108,474 | ---- | C] () -- C:\Users\Guillaume\AppData\Local\ars.cache [2012/01/17 01:02:07 | 000,000,036 | ---- | C] () -- C:\Users\Guillaume\AppData\Local\housecall.guid.cache [2012/01/16 21:58:26 | 000,046,363 | ---- | C] () -- C:\Users\Guillaume\Desktop\tumblr_lxtatuonHd1r93w8ko1_500.jpg [2012/01/12 18:21:18 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/01/12 18:20:57 | 000,001,830 | ---- | C] () -- C:\Users\Guillaume\Desktop\Spotify.lnk [2012/01/12 18:20:57 | 000,001,816 | ---- | C] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [2012/01/12 18:13:51 | 000,000,970 | ---- | C] () -- C:\Users\Guillaume\Desktop\Internet Explorer.lnk [2012/01/12 18:00:51 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys [2012/01/12 17:43:51 | 000,002,330 | -HS- | C] () -- C:\Users\Guillaume\AppData\Local\775r1r7n5385 [2012/01/12 17:43:51 | 000,002,330 | -HS- | C] () -- C:\ProgramData\775r1r7n5385 [2012/01/11 00:41:20 | 028,608,382 | ---- | C] () -- C:\Users\Guillaume\Desktop\Thorgal - 29 - Le Sacrifice.pdf [2012/01/10 12:27:37 | 000,000,795 | ---- | C] () -- C:\Users\Guillaume\Desktop\lol.launcher - Raccourci.lnk [2011/11/27 12:42:24 | 000,000,406 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011/08/15 17:34:40 | 000,194,432 | ---- | C] () -- C:\Windows\System32\AppleOSSMgr.exe [2011/07/09 21:14:30 | 000,064,907 | ---- | C] () -- C:\Windows\War3Unin.dat [2011/06/24 22:10:19 | 000,088,280 | ---- | C] () -- C:\Windows\System32\mlfcache.dat [2011/02/27 22:34:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll [2011/02/27 22:34:04 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini [2011/02/25 01:09:40 | 000,743,426 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2011/02/25 01:09:40 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2011/02/25 01:09:40 | 000,148,312 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2011/02/25 01:09:40 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2011/02/25 00:40:32 | 000,000,056 | ---- | C] () -- C:\Windows\System32\ezsidmv.dat [2011/02/24 23:40:58 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011/02/24 23:39:22 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2010/02/26 15:26:18 | 000,095,994 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin [2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 05:33:53 | 000,266,928 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009/07/14 03:05:48 | 000,652,148 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009/07/14 03:05:48 | 000,121,080 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2011/07/05 00:21:55 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\avidemux [2011/07/12 00:17:17 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\DAEMON Tools Lite [2011/02/27 23:04:17 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\LG Electronics [2011/02/25 00:46:09 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\LolClient [2011/02/24 21:56:17 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\Opera [2012/01/22 11:21:51 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\Spotify [2011/07/09 00:52:17 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\Ubisoft [2011/02/27 22:57:39 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\{D94BA408-F110-488B-A65E-3AE7945F79E6} [2012/01/22 11:20:34 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs >[/color] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\prevhost.exe: 8000 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\RomStation.exe: 8888 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\sllauncher.exe: 8000 [color=#A23BEC]< HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >[/color] [color=#A23BEC]< HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >[/color] [color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color] HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/04/26 12:43:38 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\internet explorer\iexplore.exe" [2011/04/26 12:43:38 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) [color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color] HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/04/26 12:43:38 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\internet explorer\iexplore.exe" [2011/04/26 12:43:38 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) [color=#A23BEC]< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s >[/color] "timer" = timer.drv -- [2009/07/13 22:41:39 | 000,004,048 | ---- | M] (Microsoft Corporation) [color=#A23BEC]< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s >[/color] "C:\Windows\System32\l3codeca.acm" = Fraunhofer IIS MPEG Layer-3 Codec "wdmaud.drv" = Microsoft 1.1 UAA Function Driver for High Definition Audio "vfwwdm32.dll" = WDM Video For Windows Capture Driver (Win32) "sirenacm.dll" = Messenger Audio Codec [color=#A23BEC]< %temp%\smtmp\1\*.* /s >[/color] [color=#A23BEC]< %temp%\smtmp\2\*.* /s >[/color] [color=#A23BEC]< %temp%\smtmp\4\*.* /s >[/color] [color=#A23BEC]< nslookup http://www.google.fr /c >[/color] Serveur : UnKnown Address: 192.168.1.254 [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< %APPDATA%\*.exe /s >[/color] [2011/02/28 01:03:00 | 000,032,768 | ---- | M] ((주)테크노니아) -- C:\Users\Guillaume\AppData\Roaming\LG Electronics\LG PC Suite III\UpdateHelper.exe [2008/12/02 07:40:14 | 000,028,672 | R--- | M] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Templates\F\UninstallMSI.exe [2008/12/01 12:29:00 | 000,014,336 | R--- | M] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Templates\F\UninstallMSI32.exe [2008/12/01 12:29:00 | 000,016,896 | R--- | M] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Templates\F\UninstallMSI64.exe [2009/03/20 06:09:32 | 001,360,008 | R--- | M] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Templates\F\USBAutoRun.exe [2012/01/20 19:49:04 | 004,027,056 | ---- | M] (Spotify Ltd) -- C:\Users\Guillaume\AppData\Roaming\Spotify\spotify.exe [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys [2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys [2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [color=#A23BEC]< MD5 for: CTFMON.EXE >[/color] [2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\System32\ctfmon.exe [2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys [color=#A23BEC]< MD5 for: DWM.EXE >[/color] [2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=505BF4D1CADEB8D4F8BCD08D944DE25D -- C:\Windows\System32\dwm.exe [2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=505BF4D1CADEB8D4F8BCD08D944DE25D -- C:\Windows\winsxs\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_8faafe001b741442\dwm.exe [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys [2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys [2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys [2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys [2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys [2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2010/11/20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys [2010/11/20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll [2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys [2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys [2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys [2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys [2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys [2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\System32\drivers\rasacd.sys [2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_0fb054d9c6a6b4d4\rasacd.sys [color=#A23BEC]< MD5 for: RDPCLIP.EXE >[/color] [2010/11/20 13:17:31 | 000,173,568 | ---- | M] (Microsoft Corporation) MD5=5505592313B74F2E2C8727837750F66D -- C:\Windows\System32\rdpclip.exe [2010/11/20 13:17:31 | 000,173,568 | ---- | M] (Microsoft Corporation) MD5=5505592313B74F2E2C8727837750F66D -- C:\Windows\winsxs\x86_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7601.17514_none_03dd7a8e696443c0\rdpclip.exe [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2010/11/20 11:22:29 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=288B06960D78428FF89E811632684E20 -- C:\Windows\System32\drivers\rdpwd.sys [2010/11/20 11:22:29 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=288B06960D78428FF89E811632684E20 -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_4d7cf2333344a165\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll [2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\drivers\sfloppy.sys [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_x86_neutral_2102f5344367a352\sfloppy.sys [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_e6e06650dbcf54b4\sfloppy.sys [color=#A23BEC]< MD5 for: TASKENG.EXE >[/color] [2010/11/20 13:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\System32\taskeng.exe [2010/11/20 13:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe [color=#A23BEC]< MD5 for: TASKHOST.EXE >[/color] [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=7FA8BA5A780E4757964AC9D4238302B9 -- C:\Windows\System32\taskhost.exe [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=7FA8BA5A780E4757964AC9D4238302B9 -- C:\Windows\winsxs\x86_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_2a461244b897f204\taskhost.exe [color=#A23BEC]< MD5 for: TCPIP.SYS >[/color] [2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys [2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys [2010/11/20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys [2011/09/29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys [2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys [2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys [2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys [2011/06/21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2010/11/20 11:21:10 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=1CB91B2BD8F6DD367DFC2EF26FD751B2 -- C:\Windows\System32\drivers\tdpipe.sys [2010/11/20 11:21:10 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=1CB91B2BD8F6DD367DFC2EF26FD751B2 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2010/11/20 11:21:10 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=2C10395BAA4847F83042813C515CC289 -- C:\Windows\System32\drivers\tdtcp.sys [2010/11/20 11:21:10 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=2C10395BAA4847F83042813C515CC289 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\drivers\usbprint.sys [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_x86_neutral_203e16627752a160\usbprint.sys [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_32d0188e22bd908f\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\System32\drivers\usbscan.sys [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_x86_neutral_6a74c91c1f723826\usbscan.sys [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_59b5278c421a3644\usbscan.sys [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color] [2010/11/20 13:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\drivers\volsnap.sys [2010/11/20 13:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys [2010/11/20 13:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color] [C:\Windows\$NtUninstallKB48757$] -> Error: Cannot create file handle -> Unknown point type < End of report >

Code: Tout sélectionner: OTL Extras logfile created on: 22/01/2012 11:22:57 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Guillaume\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,74 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 69,45% Memory free 5,48 Gb Paging File | 4,59 Gb Available in Paging File | 83,78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 31,56 Gb Total Space | 3,44 Gb Free Space | 10,90% Space Free | Partition Type: NTFS Drive E: | 201,00 Gb Total Space | 55,98 Gb Free Space | 27,85% Space Free | Partition Type: HFS Drive G: | 1011,22 Mb Total Space | 264,78 Mb Free Space | 26,18% Space Free | Partition Type: FAT Computer Name: NUAGE | User Name: Guillaume | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- C:\Windows\explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Windows\system32\config\systemprofile\AppData\Roaming\Java.exe" = C:\Windows\system32\config\systemprofile\AppData\Roaming\Java.exe:*:Enabled:Windows Messanger "C:\Windows\TEMP\ismobb\setup.exe" = C:\Windows\TEMP\ismobb\setup.exe:*:Enabled:Windows Messanger [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{043F86B7-EE12-3399-B2CA-D0B603D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{21040472-F8DF-48A9-A093-2986C1495670}" = Lineage® II: The Chaotic Throne - Freya "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26 "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8 "{5C85747A-91B6-4233-AAF8-063506D0FF4F}" = LG United Mobile Drivers "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger "{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver "{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Français "{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B56ACF7B-D7B5-442B-8E1D-6B41347D88B2}" = Services Boot Camp "{B7D46629-9925-4361-B57F-0D3F6FF63818}" = Partage de CD ou DVD "{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1" = Désinst. LG PC Suite III "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "065B919FD23D12E588F6E2BFB21F7836E2F0E704" = Windows Driver Package - Intel (e1yexpress) Net (07/16/2008 9.52.10.0) "07170A155D5587C8782EABA10E94E4127A86F6E4" = Package de pilotes Windows - Apple Inc. (AppleUSBEthernet) Net (02/01/2008 3.8.3.10) "0A8E69CB2299FB82BA54D1D4C0F3B1810146DBAB" = Package de pilotes Windows - Apple Inc. Apple Broadcom Bluetooth (04/27/2011 4.0.0.1) "111E266FDD1556398EFC13BE47678F96E8497682" = Windows Driver Package - Apple Inc. Apple Trackpad Enabler (07/13/2009 3.0.0.1) "16E9B4B4A3817C38179BF7D6E12774E0432FD558" = Windows Driver Package - Cirrus Logic, Inc. (CirrusFilter) MEDIA (04/28/2010 6.6001.1.25) "1D68F7A8B8397256B162B831457A6775BD17F3F4" = Windows Driver Package - Marvell (yukonwlh) Net (03/23/2007 10.12.7.3) "1E934494E1FDB938ED1D9B958D5D5D465A07F06A" = Windows Driver Package - Intel (e1qexpress) Net (08/05/2008 10.3.49.0) "20CF1F4786CB13A83CD2EC358929609A9B7A205C" = Package de pilotes Windows - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) "22BCABA490923565F42CF777F73DF7E58696F3C7" = Windows Driver Package - Cirrus Logic, Inc. (CirrusFilter) MEDIA (03/12/2010 6.6001.1.23) "2AC97D2605162B73D046D68013D1030CB7CFB87E" = Windows Driver Package - Intel (E1G60) Net (01/08/2008 8.3.9.0) "2E2B6DCC02509BB8D2629A009DE8B5C3055B6779" = Package de pilotes Windows - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) "31BC243044B2C02B454ECDA8F5B44427F3754DD0" = Windows Driver Package - Apple Inc. Bluetooth (03/01/2010 3.0.0.5) "44E2556E81BCB991055DD976642491906DD3B8A0" = Package de pilotes Windows - Apple Inc. Apple Multitouch (05/05/2011 4.0.0.1) "4B114013DDC5858DB929CE55F363AB88CDE1F78C" = Package de pilotes Windows - Apple Inc. Apple Keyboard (05/05/2011 4.0.0.1) "4D00971668041EDAD7097C5827D1739F03B9E5D7" = Windows Driver Package - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) "5A9DF61C17938C73DCC75C9B4B3A4DE3C74D38ED" = Windows Driver Package - Apple Inc. Apple Multitouch Mouse (02/11/2010 3.1.0.0) "5D1F13EEF9A42CC17001EAFFC701D57AF8D13E9D" = Windows Driver Package - Apple Inc. Apple Broadcom Bluetooth (03/01/2010 3.1.0.3) "5F8BE32FAE3D6BC77B512F7B0624D7B6C8A26EFB" = Windows Driver Package - Apple Inc. Apple Bluetooth Enabler (06/27/2007 2.0.0.1) "60B5F87397EB801AB1BAB3E940CE0E077830B153" = Windows Driver Package - Apple Inc. Apple Multitouch (02/11/2010 3.1.0.0) "627745F8E8BB901B043047C3E308B4A76C1194FE" = Windows Driver Package - Intel Net (11/07/2007 8.10.1.0) "675AAC36E980D647C94EAFFB2F929F247E711708" = Windows Driver Package - Intel Net (07/22/2008 10.3.45.0) "680D5EED614F3F01A9AD4547E9D81CFE9B0E4902" = Package de pilotes Windows - Cirrus Logic, Inc. (CirrusFilter) MEDIA (08/16/2010 6.6001.1.26) "78C67451B87511098A9A0EC86E75B99B12298F5C" = Windows Driver Package - Intel Net (02/06/2008 9.12.18.0) "7BD968405DE73C7E0F8E489DB5A5853A6CCB8D1D" = Windows Driver Package - Intel Net (08/05/2008 10.3.49.0) "82BE89CA9B7493FA05D2D4D32B415CF07EA08B47" = Windows Driver Package - Intel System (07/20/2007 1.2.76.0) "84865EBF11DAD18A6FD975327C8DBD66D7090BAD" = Windows Driver Package - Apple Inc. Apple Keyboard (01/12/2010 3.1.0.2) "9324ED54E32F5399037F87E076CA01C6CEB92830" = Windows Driver Package - Apple Inc. Apple Built-in iSight (10/25/2007 2.0.1.0) "950F5FEDF7BEABD19AAE5CEA69570873BE2A99DA" = Windows Driver Package - Atheros Communications Inc. (athr) Net (11/18/2009 8.0.0.258) "9747248FCA6A074E791AABC17F527823A8225756" = Windows Driver Package - Intel (e1kexpress) Net (07/22/2008 10.3.45.0) "9AA5295F27284963423D072C7FC59D57CDE15ACA" = Windows Driver Package - Broadcom (b57nd60x) Net (05/28/2009 12.2.0.3) "A06888013552B918232820F81FDBA706F5CAAD39" = Windows Driver Package - Intel Net (06/13/2008 9.52.9.0) "A0DAD483951AB3046050D68A2A1D8CEB4A7C61EE" = Windows Driver Package - Apple Inc. Apple Trackpad (07/13/2009 3.0.0.1) "A7A7D84907D2DCB34930D77C6BA911E3834C1E34" = Package de pilotes Windows - Apple Inc. Apple Multitouch Mouse (10/05/2010 3.2.0.1) "Action Replay Code Manager_is1" = Action Replay Code Manager "AD3493E108434977125BBF78F47699626F8AF64B" = Windows Driver Package - Apple Inc. (AppleUSBEthernet) Net (01/11/2008 3.4.3.18) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "AEB482706002E9220FBFB86D4A1D24257F71A3D4" = Package de pilotes Windows - Apple Inc. Apple Multitouch (10/05/2010 3.2.0.1) "Avidemux 2.5" = Avidemux 2.5 (32-bit) "Avira AntiVir Desktop" = Avira Free Antivirus "B345101E6CC8B2FD9765620B9C7BCD3D7002BE6D" = Windows Driver Package - Intel (e1express) Net (02/06/2008 9.12.17.0) "B4AC4F962DDC0DD6B71FCF20B8F2F694214FAE69" = Windows Driver Package - Apple Inc. Apple ODD (01/17/2008 2.0.2.2) "B9491C5C199D7236FCDCB76367922461FADC80C7" = Package de pilotes Windows - Apple Inc. Apple Multitouch Mouse (05/05/2011 4.0.0.1) "C5CE3BA75A23622D2140C5D5D0998C07DDC4CF1C" = Windows Driver Package - Apple Inc. Apple Display (01/23/2009 3.0.0.0) "CCleaner" = CCleaner "CFC3D985EA69596C8BE0A30313010FCC8CE2C70F" = Package de pilotes Windows - Apple Inc. Apple Wireless Trackpad (08/24/2010 3.1.0.7) "DAEMON Tools Lite" = DAEMON Tools Lite "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "DE32692B1421420518B0CA8EEDD6DF2A494F279F" = Windows Driver Package - Apple Inc. Apple Wireless Mouse (11/30/2009 3.0.0.6) "E9575EA5D430B59D0CFF29323C74D0FBA1898F3B" = Windows Driver Package - Broadcom (BCM43XX) Net (08/21/2009 5.60.18.8) "F24CB85E5983448F6319803791DEACED91E6565B" = Windows Driver Package - Apple Inc. System (08/22/2008 2.1.1.1) "F46F6C2CF86ECDFF2CE25B508923B04E2F23F1CE" = Package de pilotes Windows - Apple Inc. Apple System Device (04/05/2011 3.2.0.8) "Game Booster_is1" = Game Booster "Garena" = Garena 2010 "L'Aube du Temps" = L'Aube du Temps "LOLReplay" = LOLReplay "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800 "Messenger Plus!" = Messenger Plus! 5 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA "Mozilla Firefox 9.0.1 (x86 fr)" = Mozilla Firefox 9.0.1 (x86 fr) "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "Opera 11.60.1185" = Opera 11.60 "RomStation" = RomStation "TweakDUN" = TweakDUN v3.0 "VirtualCloneDrive" = VirtualCloneDrive "VLC media player" = VLC media player 1.1.7 "Warcraft III" = Warcraft III "WinLiveSuite" = Windows Live "WinRAR archiver" = Logiciel d'archivage WinRAR "World of Warcraft" = World of Warcraft "Wow Cartographe" = Wow Cartographe 1.10 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "5ca7a701f4767ab9" = LoL-Starter "bfbc2fd85b525931" = Sienna Launcher "Smad" = SanctionedMedia "Spotify" = Spotify "Warcraft III" = Warcraft III: All Products [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 18/01/2012 18:53:06 | Computer Name = Nuage | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 18/01/2012 18:53:06 | Computer Name = Nuage | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 2658896 Error - 18/01/2012 18:53:06 | Computer Name = Nuage | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 2658896 Error - 19/01/2012 09:27:22 | Computer Name = Nuage | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante setup.exe_unknown, version : 0.0.0.0, horodatage : 0x4f17d1a5 Nom du module défaillant : setup.exe, version : 0.0.0.0, horodatage : 0x4f17d1a5 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00001299 ID du processus défaillant : 0x12f8 Heure de début de l’application défaillante : 0x01ccd68f35c053f0 Chemin d’accès de l’application défaillante : C:\Windows\TEMP\slnlko\setup.exe Chemin d’accès du module défaillant: C:\Windows\TEMP\slnlko\setup.exe ID de rapport : 514882e0-42a1-11e1-99bf-c8bcc8accffa Error - 21/01/2012 13:49:46 | Computer Name = Nuage | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Ancillary Function Driver for Winsock. System Error: The system cannot find the file specified. . Error - 21/01/2012 20:50:32 | Computer Name = Nuage | Source = Schedule | ID = 0 Description = Error - 22/01/2012 05:57:13 | Computer Name = Nuage | Source = Schedule | ID = 0 Description = Error - 22/01/2012 06:05:49 | Computer Name = Nuage | Source = Schedule | ID = 0 Description = Error - 22/01/2012 06:09:26 | Computer Name = Nuage | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante ntvdm.exe, version : 6.1.7600.16385, horodatage : 0x4a5bc158 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000046 ID du processus défaillant : 0xe64 Heure de début de l’application défaillante : 0x01ccd8ede7054200 Chemin d’accès de l’application défaillante : C:\Windows\system32\ntvdm.exe Chemin d’accès du module défaillant: unknown ID de rapport : 29f2b5c0-44e1-11e1-b6da-c8bcc8accffa Error - 22/01/2012 06:20:34 | Computer Name = Nuage | Source = Schedule | ID = 0 Description = [ Media Center Events ] Error - 27/03/2011 06:32:48 | Computer Name = Nuage | Source = MCUpdate | ID = 0 Description = 12:32:48 - Failed to retrieve Directory (Error: Unable to connect to the remote server) Error - 27/03/2011 06:34:24 | Computer Name = Nuage | Source = MCUpdate | ID = 0 Description = 12:33:56 - Error connecting to the internet. 12:33:56 - Unable to contact server.. Error - 27/03/2011 07:36:27 | Computer Name = Nuage | Source = MCUpdate | ID = 0 Description = 13:36:26 - Failed to retrieve MCEClientUX (Error: Unable to connect to the remote server) Error - 27/03/2011 07:38:07 | Computer Name = Nuage | Source = MCUpdate | ID = 0 Description = 13:38:07 - Failed to retrieve Broadband (Error: The operation has timed out) Error - 27/03/2011 08:39:03 | Computer Name = Nuage | Source = MCUpdate | ID = 0 Description = 14:39:00 - Error connecting to the internet. 14:39:00 - Unable to contact server.. [ System Events ] Error - 22/01/2012 06:35:49 | Computer Name = Nuage | Source = Service Control Manager | ID = 7003 Description = Le service DHCP Client dépend du service suivant : Afd. Ce dernier n’est peut-être pas installé. Error - 22/01/2012 06:35:49 | Computer Name = Nuage | Source = Service Control Manager | ID = 7001 Description = Le service WinHTTP Web Proxy Auto-Discovery Service dépend du service DHCP Client qui n’a pas pu démarrer en raison de l’erreur : %%1075 Error - 22/01/2012 06:36:21 | Computer Name = Nuage | Source = Service Control Manager | ID = 7003 Description = Le service DHCP Client dépend du service suivant : Afd. Ce dernier n’est peut-être pas installé. Error - 22/01/2012 06:36:21 | Computer Name = Nuage | Source = Service Control Manager | ID = 7001 Description = Le service WinHTTP Web Proxy Auto-Discovery Service dépend du service DHCP Client qui n’a pas pu démarrer en raison de l’erreur : %%1075 Error - 22/01/2012 06:36:52 | Computer Name = Nuage | Source = Service Control Manager | ID = 7003 Description = Le service DHCP Client dépend du service suivant : Afd. Ce dernier n’est peut-être pas installé. Error - 22/01/2012 06:36:52 | Computer Name = Nuage | Source = Service Control Manager | ID = 7001 Description = Le service WinHTTP Web Proxy Auto-Discovery Service dépend du service DHCP Client qui n’a pas pu démarrer en raison de l’erreur : %%1075 Error - 22/01/2012 06:37:24 | Computer Name = Nuage | Source = Service Control Manager | ID = 7003 Description = Le service DHCP Client dépend du service suivant : Afd. Ce dernier n’est peut-être pas installé. Error - 22/01/2012 06:37:24 | Computer Name = Nuage | Source = Service Control Manager | ID = 7001 Description = Le service WinHTTP Web Proxy Auto-Discovery Service dépend du service DHCP Client qui n’a pas pu démarrer en raison de l’erreur : %%1075 Error - 22/01/2012 06:37:54 | Computer Name = Nuage | Source = Service Control Manager | ID = 7003 Description = Le service DHCP Client dépend du service suivant : Afd. Ce dernier n’est peut-être pas installé. Error - 22/01/2012 06:37:54 | Computer Name = Nuage | Source = Service Control Manager | ID = 7001 Description = Le service WinHTTP Web Proxy Auto-Discovery Service dépend du service DHCP Client qui n’a pas pu démarrer en raison de l’erreur : %%1075 < End of report >

Mon scan Malwarebytes n'a rien donné, mais il faut dire que je l'ai déjà fait il y a quelques jours.
(je ne retrouve plus où sont enregistrés les anciens rapports de scans par contre, étant repassé sur Mac, je poste le reste des procédures et je retourne chercher cela)

Code: Tout sélectionner: Malwarebytes Anti-Malware (Essai) 1.60.0.1800 www.malwarebytes.org Version de la base de données: v2012.01.21.01 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 Guillaume :: NUAGE [administrateur] Protection: Activé 22/01/2012 12:44:49 mbam-log-2012-01-22 (12-44-49).txt Type d'examen: Examen rapide Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 167577 Temps écoulé: 5 minute(s), 21 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 0 (Aucun élément nuisible détecté) (fin)

Et pour finir, voilà mon rapport OTL :

Code: Tout sélectionner: OTL logfile created on: 22/01/2012 13:17:18 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Guillaume\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,74 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 66,02% Memory free 5,25 Gb Paging File | 4,23 Gb Available in Paging File | 80,63% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 31,56 Gb Total Space | 3,66 Gb Free Space | 11,60% Space Free | Partition Type: NTFS Drive E: | 201,00 Gb Total Space | 55,97 Gb Free Space | 27,85% Space Free | Partition Type: HFS Drive G: | 1011,22 Mb Total Space | 254,33 Mb Free Space | 25,15% Space Free | Partition Type: FAT Computer Name: NUAGE | User Name: Guillaume | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/01/22 12:01:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Guillaume\Desktop\OTL.exe PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011/12/24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/10/24 16:51:19 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe PRC - [2011/10/24 09:22:00 | 000,409,600 | ---- | M] () -- C:\Program Files\LOLReplay\LOLRecorder.exe PRC - [2011/10/19 16:56:50 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2011/10/19 16:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011/10/19 16:56:24 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2011/10/19 16:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011/08/15 17:34:40 | 000,526,208 | ---- | M] (Apple Inc.) -- C:\Program Files\Boot Camp\Bootcamp.exe PRC - [2011/08/15 17:34:40 | 000,194,432 | ---- | M] () -- C:\Windows\System32\AppleOSSMgr.exe PRC - [2011/08/02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2011/06/24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/03/22 22:53:32 | 000,099,640 | ---- | M] (Apple Inc.) -- C:\Windows\System32\AppleTimeSrv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/10/29 19:41:52 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll MOD - [2011/10/29 19:41:35 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll MOD - [2011/10/29 19:41:24 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll MOD - [2011/10/29 19:41:21 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll MOD - [2011/10/29 19:41:17 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll MOD - [2011/10/29 19:41:12 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll MOD - [2011/10/29 19:41:02 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll MOD - [2011/10/24 09:22:00 | 000,409,600 | ---- | M] () -- C:\Program Files\LOLReplay\LOLRecorder.exe MOD - [2011/10/24 09:21:56 | 000,136,192 | ---- | M] () -- C:\Program Files\LOLReplay\LOLUtils.dll MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010/11/05 02:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/10/19 16:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/10/19 16:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/08/15 17:34:40 | 000,194,432 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AppleOSSMgr.exe -- (AppleOSSMgr) SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/02/24 21:41:52 | 001,343,400 | ---- | M] () [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010/03/22 22:53:32 | 000,099,640 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Windows\System32\AppleTimeSrv.exe -- (AppleTimeSrv) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/12/09 03:56:44 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011/10/19 16:56:50 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011/10/19 16:56:50 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011/08/15 17:34:40 | 000,058,200 | ---- | M] (Apple Inc.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AppleHFS.sys -- (AppleHFS) DRV - [2011/08/15 17:34:40 | 000,015,320 | ---- | M] (Apple Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AppleMNT.sys -- (AppleMNT) DRV - [2011/08/15 17:34:40 | 000,015,064 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KeyAgent.sys -- (KeyAgent) DRV - [2011/08/09 13:10:12 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011/06/28 00:28:37 | 000,018,944 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AppleBtBc.sys -- (AppleBtBc) DRV - [2011/06/02 19:36:46 | 000,026,624 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KeyMagic.sys -- (KeyMagic) DRV - [2011/01/31 13:43:51 | 000,029,824 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\applemtp.sys -- (applemtp) DRV - [2011/01/31 13:43:51 | 000,010,880 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\applemtm.sys -- (applemtm) DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2010/10/14 21:58:17 | 000,014,336 | ---- | M] (Cirrus Logic) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CS420x86.sys -- (CirrusFilter) DRV - [2010/06/17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/05/12 12:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB) DRV - [2010/04/23 14:51:04 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2010/04/23 14:51:02 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2010/04/23 14:51:02 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2010/03/23 06:46:14 | 000,018,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu) DRV - [2010/03/23 06:46:12 | 000,068,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2010/03/22 22:43:50 | 000,012,928 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MacHALDriver.sys -- (MacHALDriver) DRV - [2010/03/09 21:03:15 | 011,585,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009/10/15 22:39:30 | 000,016,512 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IRFilter.sys -- (IRRemoteFlt) DRV - [2009/09/29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009/09/29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009/09/29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009/07/14 00:45:20 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\acpials.sys -- (acpials) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local> [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/21 02:36:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/21 02:37:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Guillaume\AppData\Roaming\mozilla\Extensions [2012/01/21 02:36:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2011/12/21 08:49:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/12/21 06:44:31 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2011/12/21 06:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/12/21 06:44:31 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2011/12/21 06:44:31 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2011/12/21 06:44:31 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2011/12/21 06:44:31 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [Apple_KbdMgr] C:\Program Files\Boot Camp\Bootcamp.exe (Apple Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Partage de CD ou DVD] C:\Program Files\Partage de CD ou DVD\ODSAgent.exe () O4 - HKLM..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software) O4 - HKLM..\Run: [TweakDUN] C:\Program Files\TweakDUN\tweakdun.exe (Patterson Design Systems) O4 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000..\Run: [Spotify] C:\Users\Guillaume\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O13 - gopher Prefix: missing O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A220066-ADBA-42B0-B3E2-F92AC50D99A5}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D91831D1-0430-47BE-BFD3-8458753844EC}: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\kremtel: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - Unable to obtain root file information for disk G:\ O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/01/22 11:33:01 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\Diagnostics [2012/01/22 11:22:16 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Guillaume\Desktop\OTL.exe [2012/01/21 02:37:33 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Roaming\Mozilla [2012/01/21 02:37:33 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\Mozilla [2012/01/21 02:36:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012/01/12 18:20:59 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\Spotify [2012/01/12 18:20:22 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Roaming\Spotify [2012/01/12 18:18:14 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\Documents\RK_Quarantine [2012/01/12 18:07:13 | 000,000,000 | ---D | C] -- C:\Kill'em [2012/01/12 17:50:50 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012/01/12 17:43:48 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\SanctionedMedia [2012/01/11 17:35:44 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2012/01/11 17:35:35 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2012/01/11 17:35:35 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2012/01/10 12:21:05 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\Desktop\LoL [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/01/22 13:03:07 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2012/01/22 12:49:53 | 000,743,426 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2012/01/22 12:49:53 | 000,652,148 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/01/22 12:49:53 | 000,148,312 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2012/01/22 12:49:53 | 000,121,080 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/01/22 12:42:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/01/22 12:42:19 | 2207,195,136 | -HS- | M] () -- C:\hiberfil.sys [2012/01/22 12:01:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Guillaume\Desktop\OTL.exe [2012/01/22 11:05:53 | 000,000,406 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2012/01/21 17:53:40 | 000,014,192 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/01/21 17:53:40 | 000,014,192 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/01/21 02:36:52 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/01/17 01:14:43 | 000,266,262 | ---- | M] () -- C:\Users\Guillaume\AppData\Local\census.cache [2012/01/17 01:13:53 | 000,108,474 | ---- | M] () -- C:\Users\Guillaume\AppData\Local\ars.cache [2012/01/17 01:02:07 | 000,000,036 | ---- | M] () -- C:\Users\Guillaume\AppData\Local\housecall.guid.cache [2012/01/16 21:58:26 | 000,046,363 | ---- | M] () -- C:\Users\Guillaume\Desktop\tumblr_lxtatuonHd1r93w8ko1_500.jpg [2012/01/12 18:21:18 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/01/12 18:20:57 | 000,001,830 | ---- | M] () -- C:\Users\Guillaume\Desktop\Spotify.lnk [2012/01/12 18:18:52 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys [2012/01/12 18:13:51 | 000,000,970 | ---- | M] () -- C:\Users\Guillaume\Desktop\Internet Explorer.lnk [2012/01/12 17:54:25 | 000,002,330 | -HS- | M] () -- C:\Users\Guillaume\AppData\Local\775r1r7n5385 [2012/01/12 17:54:25 | 000,002,330 | -HS- | M] () -- C:\ProgramData\775r1r7n5385 [2012/01/11 00:42:26 | 028,608,382 | ---- | M] () -- C:\Users\Guillaume\Desktop\Thorgal - 29 - Le Sacrifice.pdf [2012/01/10 12:27:37 | 000,000,795 | ---- | M] () -- C:\Users\Guillaume\Desktop\lol.launcher - Raccourci.lnk [2012/01/10 12:17:15 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/01/22 11:25:02 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2012/01/21 02:36:51 | 000,001,120 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012/01/21 02:36:51 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/01/17 01:14:43 | 000,266,262 | ---- | C] () -- C:\Users\Guillaume\AppData\Local\census.cache [2012/01/17 01:13:53 | 000,108,474 | ---- | C] () -- C:\Users\Guillaume\AppData\Local\ars.cache [2012/01/17 01:02:07 | 000,000,036 | ---- | C] () -- C:\Users\Guillaume\AppData\Local\housecall.guid.cache [2012/01/16 21:58:26 | 000,046,363 | ---- | C] () -- C:\Users\Guillaume\Desktop\tumblr_lxtatuonHd1r93w8ko1_500.jpg [2012/01/12 18:21:18 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/01/12 18:20:57 | 000,001,830 | ---- | C] () -- C:\Users\Guillaume\Desktop\Spotify.lnk [2012/01/12 18:20:57 | 000,001,816 | ---- | C] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [2012/01/12 18:13:51 | 000,000,970 | ---- | C] () -- C:\Users\Guillaume\Desktop\Internet Explorer.lnk [2012/01/12 18:00:51 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys [2012/01/12 17:43:51 | 000,002,330 | -HS- | C] () -- C:\Users\Guillaume\AppData\Local\775r1r7n5385 [2012/01/12 17:43:51 | 000,002,330 | -HS- | C] () -- C:\ProgramData\775r1r7n5385 [2012/01/11 00:41:20 | 028,608,382 | ---- | C] () -- C:\Users\Guillaume\Desktop\Thorgal - 29 - Le Sacrifice.pdf [2012/01/10 12:27:37 | 000,000,795 | ---- | C] () -- C:\Users\Guillaume\Desktop\lol.launcher - Raccourci.lnk [2011/11/27 12:42:24 | 000,000,406 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011/08/15 17:34:40 | 000,194,432 | ---- | C] () -- C:\Windows\System32\AppleOSSMgr.exe [2011/07/09 21:14:30 | 000,064,907 | ---- | C] () -- C:\Windows\War3Unin.dat [2011/06/24 22:10:19 | 000,088,280 | ---- | C] () -- C:\Windows\System32\mlfcache.dat [2011/02/27 22:34:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll [2011/02/27 22:34:04 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini [2011/02/25 01:09:40 | 000,743,426 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2011/02/25 01:09:40 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2011/02/25 01:09:40 | 000,148,312 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2011/02/25 01:09:40 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2011/02/25 00:40:32 | 000,000,056 | ---- | C] () -- C:\Windows\System32\ezsidmv.dat [2011/02/24 23:40:58 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011/02/24 23:39:22 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2010/02/26 15:26:18 | 000,095,994 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin [2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 05:33:53 | 000,266,928 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009/07/14 03:05:48 | 000,652,148 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009/07/14 03:05:48 | 000,121,080 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2011/07/05 00:21:55 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\avidemux [2011/07/12 00:17:17 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\DAEMON Tools Lite [2011/02/27 23:04:17 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\LG Electronics [2011/02/25 00:46:09 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\LolClient [2011/02/24 21:56:17 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\Opera [2012/01/22 12:45:07 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\Spotify [2011/07/09 00:52:17 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\Ubisoft [2011/02/27 22:57:39 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\{D94BA408-F110-488B-A65E-3AE7945F79E6} [2012/01/22 12:42:35 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs >[/color] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\prevhost.exe: 8000 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\RomStation.exe: 8888 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\sllauncher.exe: 8000 [color=#A23BEC]< HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >[/color] [color=#A23BEC]< HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >[/color] [color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color] HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/04/26 12:43:38 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\internet explorer\iexplore.exe" [2011/04/26 12:43:38 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) [color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color] HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/04/26 12:43:38 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\internet explorer\iexplore.exe" [2011/04/26 12:43:38 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) [color=#A23BEC]< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s >[/color] "timer" = timer.drv -- [2009/07/13 22:41:39 | 000,004,048 | ---- | M] (Microsoft Corporation) [color=#A23BEC]< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s >[/color] "C:\Windows\System32\l3codeca.acm" = Fraunhofer IIS MPEG Layer-3 Codec "wdmaud.drv" = Microsoft 1.1 UAA Function Driver for High Definition Audio "vfwwdm32.dll" = WDM Video For Windows Capture Driver (Win32) "sirenacm.dll" = Messenger Audio Codec [color=#A23BEC]< %temp%\smtmp\1\*.* /s >[/color] [color=#A23BEC]< %temp%\smtmp\2\*.* /s >[/color] [color=#A23BEC]< %temp%\smtmp\4\*.* /s >[/color] [color=#A23BEC]< nslookup http://www.google.fr /c >[/color] Serveur : UnKnown Address: 192.168.1.254 [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< %APPDATA%\*.exe /s >[/color] [2011/02/28 01:03:00 | 000,032,768 | ---- | M] ((주)테크노니아) -- C:\Users\Guillaume\AppData\Roaming\LG Electronics\LG PC Suite III\UpdateHelper.exe [2008/12/02 07:40:14 | 000,028,672 | R--- | M] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Templates\F\UninstallMSI.exe [2008/12/01 12:29:00 | 000,014,336 | R--- | M] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Templates\F\UninstallMSI32.exe [2008/12/01 12:29:00 | 000,016,896 | R--- | M] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Templates\F\UninstallMSI64.exe [2009/03/20 06:09:32 | 001,360,008 | R--- | M] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Templates\F\USBAutoRun.exe [2012/01/20 19:49:04 | 004,027,056 | ---- | M] (Spotify Ltd) -- C:\Users\Guillaume\AppData\Roaming\Spotify\spotify.exe [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys [2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys [2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [color=#A23BEC]< MD5 for: CTFMON.EXE >[/color] [2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\System32\ctfmon.exe [2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys [color=#A23BEC]< MD5 for: DWM.EXE >[/color] [2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=505BF4D1CADEB8D4F8BCD08D944DE25D -- C:\Windows\System32\dwm.exe [2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=505BF4D1CADEB8D4F8BCD08D944DE25D -- C:\Windows\winsxs\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_8faafe001b741442\dwm.exe [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys [2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys [2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys [2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys [2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys [2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2010/11/20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys [2010/11/20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll [2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys [2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys [2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys [2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys [2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys [2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\System32\drivers\rasacd.sys [2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_0fb054d9c6a6b4d4\rasacd.sys [color=#A23BEC]< MD5 for: RDPCLIP.EXE >[/color] [2010/11/20 13:17:31 | 000,173,568 | ---- | M] (Microsoft Corporation) MD5=5505592313B74F2E2C8727837750F66D -- C:\Windows\System32\rdpclip.exe [2010/11/20 13:17:31 | 000,173,568 | ---- | M] (Microsoft Corporation) MD5=5505592313B74F2E2C8727837750F66D -- C:\Windows\winsxs\x86_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7601.17514_none_03dd7a8e696443c0\rdpclip.exe [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2010/11/20 11:22:29 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=288B06960D78428FF89E811632684E20 -- C:\Windows\System32\drivers\rdpwd.sys [2010/11/20 11:22:29 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=288B06960D78428FF89E811632684E20 -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_4d7cf2333344a165\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll [2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\drivers\sfloppy.sys [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_x86_neutral_2102f5344367a352\sfloppy.sys [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_e6e06650dbcf54b4\sfloppy.sys [color=#A23BEC]< MD5 for: TASKENG.EXE >[/color] [2010/11/20 13:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\System32\taskeng.exe [2010/11/20 13:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe [color=#A23BEC]< MD5 for: TASKHOST.EXE >[/color] [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=7FA8BA5A780E4757964AC9D4238302B9 -- C:\Windows\System32\taskhost.exe [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=7FA8BA5A780E4757964AC9D4238302B9 -- C:\Windows\winsxs\x86_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_2a461244b897f204\taskhost.exe [color=#A23BEC]< MD5 for: TCPIP.SYS >[/color] [2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys [2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys [2010/11/20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys [2011/09/29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys [2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys [2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys [2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys [2011/06/21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2010/11/20 11:21:10 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=1CB91B2BD8F6DD367DFC2EF26FD751B2 -- C:\Windows\System32\drivers\tdpipe.sys [2010/11/20 11:21:10 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=1CB91B2BD8F6DD367DFC2EF26FD751B2 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2010/11/20 11:21:10 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=2C10395BAA4847F83042813C515CC289 -- C:\Windows\System32\drivers\tdtcp.sys [2010/11/20 11:21:10 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=2C10395BAA4847F83042813C515CC289 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\drivers\usbprint.sys [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_x86_neutral_203e16627752a160\usbprint.sys [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_32d0188e22bd908f\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\System32\drivers\usbscan.sys [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_x86_neutral_6a74c91c1f723826\usbscan.sys [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_59b5278c421a3644\usbscan.sys [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color] [2010/11/20 13:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\drivers\volsnap.sys [2010/11/20 13:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys [2010/11/20 13:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color] [C:\Windows\$NtUninstallKB48757$] -> Error: Cannot create file handle -> Unknown point type < End of report >

Merci

EDIT : Désolé pour le double post, mais j'arrive pas à le supprimer :s

Garfind · le 22 Jan 2012 14:43

Voici les deux premiers rapports que tu n'as pas pu lire :

Code: Tout sélectionner: OTL logfile created on: 22/01/2012 11:22:57 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Guillaume\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,74 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 69,45% Memory free 5,48 Gb Paging File | 4,59 Gb Available in Paging File | 83,78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 31,56 Gb Total Space | 3,44 Gb Free Space | 10,90% Space Free | Partition Type: NTFS Drive E: | 201,00 Gb Total Space | 55,98 Gb Free Space | 27,85% Space Free | Partition Type: HFS Drive G: | 1011,22 Mb Total Space | 264,78 Mb Free Space | 26,18% Space Free | Partition Type: FAT Computer Name: NUAGE | User Name: Guillaume | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/01/22 12:01:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Guillaume\Desktop\OTL.exe PRC - [2011/12/24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/10/24 16:51:19 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe PRC - [2011/10/24 09:22:00 | 000,409,600 | ---- | M] () -- C:\Program Files\LOLReplay\LOLRecorder.exe PRC - [2011/10/19 16:56:50 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2011/10/19 16:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011/10/19 16:56:24 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2011/10/19 16:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011/08/15 17:34:40 | 000,526,208 | ---- | M] (Apple Inc.) -- C:\Program Files\Boot Camp\Bootcamp.exe PRC - [2011/08/15 17:34:40 | 000,194,432 | ---- | M] () -- C:\Windows\System32\AppleOSSMgr.exe PRC - [2011/08/02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2011/06/24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/03/22 22:53:32 | 000,099,640 | ---- | M] (Apple Inc.) -- C:\Windows\System32\AppleTimeSrv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/10/29 19:41:52 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll MOD - [2011/10/29 19:41:35 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll MOD - [2011/10/29 19:41:24 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll MOD - [2011/10/29 19:41:21 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll MOD - [2011/10/29 19:41:17 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll MOD - [2011/10/29 19:41:12 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll MOD - [2011/10/29 19:41:02 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll MOD - [2011/10/24 09:22:00 | 000,409,600 | ---- | M] () -- C:\Program Files\LOLReplay\LOLRecorder.exe MOD - [2011/10/24 09:21:56 | 000,136,192 | ---- | M] () -- C:\Program Files\LOLReplay\LOLUtils.dll MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010/11/05 02:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2010/03/15 11:28:22 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\rarext.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/10/19 16:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/10/19 16:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/08/15 17:34:40 | 000,194,432 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AppleOSSMgr.exe -- (AppleOSSMgr) SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/02/24 21:41:52 | 001,343,400 | ---- | M] () [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010/03/22 22:53:32 | 000,099,640 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Windows\System32\AppleTimeSrv.exe -- (AppleTimeSrv) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/12/09 03:56:44 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011/10/19 16:56:50 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011/10/19 16:56:50 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011/08/15 17:34:40 | 000,058,200 | ---- | M] (Apple Inc.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AppleHFS.sys -- (AppleHFS) DRV - [2011/08/15 17:34:40 | 000,015,320 | ---- | M] (Apple Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AppleMNT.sys -- (AppleMNT) DRV - [2011/08/15 17:34:40 | 000,015,064 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KeyAgent.sys -- (KeyAgent) DRV - [2011/08/09 13:10:12 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011/06/28 00:28:37 | 000,018,944 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AppleBtBc.sys -- (AppleBtBc) DRV - [2011/06/02 19:36:46 | 000,026,624 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KeyMagic.sys -- (KeyMagic) DRV - [2011/01/31 13:43:51 | 000,029,824 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\applemtp.sys -- (applemtp) DRV - [2011/01/31 13:43:51 | 000,010,880 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\applemtm.sys -- (applemtm) DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2010/10/14 21:58:17 | 000,014,336 | ---- | M] (Cirrus Logic) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CS420x86.sys -- (CirrusFilter) DRV - [2010/06/17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/05/12 12:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB) DRV - [2010/04/23 14:51:04 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2010/04/23 14:51:02 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2010/04/23 14:51:02 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2010/03/23 06:46:14 | 000,018,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu) DRV - [2010/03/23 06:46:12 | 000,068,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2010/03/22 22:43:50 | 000,012,928 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MacHALDriver.sys -- (MacHALDriver) DRV - [2010/03/09 21:03:15 | 011,585,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009/10/15 22:39:30 | 000,016,512 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IRFilter.sys -- (IRRemoteFlt) DRV - [2009/09/29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009/09/29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009/09/29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009/07/14 00:45:20 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\acpials.sys -- (acpials) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local> [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/21 02:36:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/21 02:37:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Guillaume\AppData\Roaming\mozilla\Extensions [2012/01/21 02:36:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2011/12/21 08:49:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/12/21 06:44:31 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2011/12/21 06:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/12/21 06:44:31 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2011/12/21 06:44:31 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2011/12/21 06:44:31 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2011/12/21 06:44:31 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [Apple_KbdMgr] C:\Program Files\Boot Camp\Bootcamp.exe (Apple Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Partage de CD ou DVD] C:\Program Files\Partage de CD ou DVD\ODSAgent.exe () O4 - HKLM..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software) O4 - HKLM..\Run: [TweakDUN] C:\Program Files\TweakDUN\tweakdun.exe (Patterson Design Systems) O4 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000..\Run: [Spotify] C:\Users\Guillaume\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O13 - gopher Prefix: missing O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A220066-ADBA-42B0-B3E2-F92AC50D99A5}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D91831D1-0430-47BE-BFD3-8458753844EC}: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\kremtel: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - Unable to obtain root file information for disk G:\ O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - State: "bootini" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AFD - Service SafeBootNet: Base - Driver Group SafeBootNet: BFE - Service SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: MPSSvc - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/01/22 11:33:01 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\Diagnostics [2012/01/22 11:22:16 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Guillaume\Desktop\OTL.exe [2012/01/21 02:37:33 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Roaming\Mozilla [2012/01/21 02:37:33 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\Mozilla [2012/01/21 02:36:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012/01/12 18:20:59 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\Spotify [2012/01/12 18:20:22 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Roaming\Spotify [2012/01/12 18:18:14 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\Documents\RK_Quarantine [2012/01/12 18:07:13 | 000,000,000 | ---D | C] -- C:\Kill'em [2012/01/12 17:50:50 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012/01/12 17:43:48 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\SanctionedMedia [2012/01/11 17:35:44 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2012/01/11 17:35:35 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2012/01/11 17:35:35 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2012/01/10 12:21:05 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\Desktop\LoL [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/01/22 12:01:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Guillaume\Desktop\OTL.exe [2012/01/22 11:25:02 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2012/01/22 11:20:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/01/22 11:20:22 | 2207,195,136 | -HS- | M] () -- C:\hiberfil.sys [2012/01/22 11:10:09 | 000,743,426 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2012/01/22 11:10:09 | 000,652,148 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/01/22 11:10:09 | 000,148,312 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2012/01/22 11:10:09 | 000,121,080 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/01/22 11:05:53 | 000,000,406 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2012/01/21 17:53:40 | 000,014,192 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/01/21 17:53:40 | 000,014,192 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/01/21 02:36:52 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/01/17 01:14:43 | 000,266,262 | ---- | M] () -- C:\Users\Guillaume\AppData\Local\census.cache [2012/01/17 01:13:53 | 000,108,474 | ---- | M] () -- C:\Users\Guillaume\AppData\Local\ars.cache [2012/01/17 01:02:07 | 000,000,036 | ---- | M] () -- C:\Users\Guillaume\AppData\Local\housecall.guid.cache [2012/01/16 21:58:26 | 000,046,363 | ---- | M] () -- C:\Users\Guillaume\Desktop\tumblr_lxtatuonHd1r93w8ko1_500.jpg [2012/01/12 18:21:18 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/01/12 18:20:57 | 000,001,830 | ---- | M] () -- C:\Users\Guillaume\Desktop\Spotify.lnk [2012/01/12 18:18:52 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys [2012/01/12 18:13:51 | 000,000,970 | ---- | M] () -- C:\Users\Guillaume\Desktop\Internet Explorer.lnk [2012/01/12 17:54:25 | 000,002,330 | -HS- | M] () -- C:\Users\Guillaume\AppData\Local\775r1r7n5385 [2012/01/12 17:54:25 | 000,002,330 | -HS- | M] () -- C:\ProgramData\775r1r7n5385 [2012/01/11 00:42:26 | 028,608,382 | ---- | M] () -- C:\Users\Guillaume\Desktop\Thorgal - 29 - Le Sacrifice.pdf [2012/01/10 12:27:37 | 000,000,795 | ---- | M] () -- C:\Users\Guillaume\Desktop\lol.launcher - Raccourci.lnk [2012/01/10 12:17:15 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/01/22 11:25:02 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2012/01/21 02:36:51 | 000,001,120 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012/01/21 02:36:51 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/01/17 01:14:43 | 000,266,262 | ---- | C] () -- C:\Users\Guillaume\AppData\Local\census.cache [2012/01/17 01:13:53 | 000,108,474 | ---- | C] () -- C:\Users\Guillaume\AppData\Local\ars.cache [2012/01/17 01:02:07 | 000,000,036 | ---- | C] () -- C:\Users\Guillaume\AppData\Local\housecall.guid.cache [2012/01/16 21:58:26 | 000,046,363 | ---- | C] () -- C:\Users\Guillaume\Desktop\tumblr_lxtatuonHd1r93w8ko1_500.jpg [2012/01/12 18:21:18 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/01/12 18:20:57 | 000,001,830 | ---- | C] () -- C:\Users\Guillaume\Desktop\Spotify.lnk [2012/01/12 18:20:57 | 000,001,816 | ---- | C] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [2012/01/12 18:13:51 | 000,000,970 | ---- | C] () -- C:\Users\Guillaume\Desktop\Internet Explorer.lnk [2012/01/12 18:00:51 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys [2012/01/12 17:43:51 | 000,002,330 | -HS- | C] () -- C:\Users\Guillaume\AppData\Local\775r1r7n5385 [2012/01/12 17:43:51 | 000,002,330 | -HS- | C] () -- C:\ProgramData\775r1r7n5385 [2012/01/11 00:41:20 | 028,608,382 | ---- | C] () -- C:\Users\Guillaume\Desktop\Thorgal - 29 - Le Sacrifice.pdf [2012/01/10 12:27:37 | 000,000,795 | ---- | C] () -- C:\Users\Guillaume\Desktop\lol.launcher - Raccourci.lnk [2011/11/27 12:42:24 | 000,000,406 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011/08/15 17:34:40 | 000,194,432 | ---- | C] () -- C:\Windows\System32\AppleOSSMgr.exe [2011/07/09 21:14:30 | 000,064,907 | ---- | C] () -- C:\Windows\War3Unin.dat [2011/06/24 22:10:19 | 000,088,280 | ---- | C] () -- C:\Windows\System32\mlfcache.dat [2011/02/27 22:34:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll [2011/02/27 22:34:04 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini [2011/02/25 01:09:40 | 000,743,426 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2011/02/25 01:09:40 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2011/02/25 01:09:40 | 000,148,312 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2011/02/25 01:09:40 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2011/02/25 00:40:32 | 000,000,056 | ---- | C] () -- C:\Windows\System32\ezsidmv.dat [2011/02/24 23:40:58 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011/02/24 23:39:22 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2010/02/26 15:26:18 | 000,095,994 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin [2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 05:33:53 | 000,266,928 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009/07/14 03:05:48 | 000,652,148 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009/07/14 03:05:48 | 000,121,080 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2011/07/05 00:21:55 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\avidemux [2011/07/12 00:17:17 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\DAEMON Tools Lite [2011/02/27 23:04:17 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\LG Electronics [2011/02/25 00:46:09 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\LolClient [2011/02/24 21:56:17 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\Opera [2012/01/22 11:21:51 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\Spotify [2011/07/09 00:52:17 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\Ubisoft [2011/02/27 22:57:39 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\{D94BA408-F110-488B-A65E-3AE7945F79E6} [2012/01/22 11:20:34 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs >[/color] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\prevhost.exe: 8000 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\RomStation.exe: 8888 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\sllauncher.exe: 8000 [color=#A23BEC]< HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >[/color] [color=#A23BEC]< HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >[/color] [color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color] HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/04/26 12:43:38 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\internet explorer\iexplore.exe" [2011/04/26 12:43:38 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) [color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color] HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/04/26 12:43:38 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\internet explorer\iexplore.exe" [2011/04/26 12:43:38 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) [color=#A23BEC]< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s >[/color] "timer" = timer.drv -- [2009/07/13 22:41:39 | 000,004,048 | ---- | M] (Microsoft Corporation) [color=#A23BEC]< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s >[/color] "C:\Windows\System32\l3codeca.acm" = Fraunhofer IIS MPEG Layer-3 Codec "wdmaud.drv" = Microsoft 1.1 UAA Function Driver for High Definition Audio "vfwwdm32.dll" = WDM Video For Windows Capture Driver (Win32) "sirenacm.dll" = Messenger Audio Codec [color=#A23BEC]< %temp%\smtmp\1\*.* /s >[/color] [color=#A23BEC]< %temp%\smtmp\2\*.* /s >[/color] [color=#A23BEC]< %temp%\smtmp\4\*.* /s >[/color] [color=#A23BEC]< nslookup http://www.google.fr /c >[/color] Serveur : UnKnown Address: 192.168.1.254 [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< %APPDATA%\*.exe /s >[/color] [2011/02/28 01:03:00 | 000,032,768 | ---- | M] ((주)테크노니아) -- C:\Users\Guillaume\AppData\Roaming\LG Electronics\LG PC Suite III\UpdateHelper.exe [2008/12/02 07:40:14 | 000,028,672 | R--- | M] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Templates\F\UninstallMSI.exe [2008/12/01 12:29:00 | 000,014,336 | R--- | M] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Templates\F\UninstallMSI32.exe [2008/12/01 12:29:00 | 000,016,896 | R--- | M] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Templates\F\UninstallMSI64.exe [2009/03/20 06:09:32 | 001,360,008 | R--- | M] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Templates\F\USBAutoRun.exe [2012/01/20 19:49:04 | 004,027,056 | ---- | M] (Spotify Ltd) -- C:\Users\Guillaume\AppData\Roaming\Spotify\spotify.exe [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys [2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys [2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [color=#A23BEC]< MD5 for: CTFMON.EXE >[/color] [2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\System32\ctfmon.exe [2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys [color=#A23BEC]< MD5 for: DWM.EXE >[/color] [2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=505BF4D1CADEB8D4F8BCD08D944DE25D -- C:\Windows\System32\dwm.exe [2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=505BF4D1CADEB8D4F8BCD08D944DE25D -- C:\Windows\winsxs\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_8faafe001b741442\dwm.exe [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys [2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys [2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys [2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys [2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys [2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2010/11/20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys [2010/11/20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll [2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys [2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys [2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys [2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys [2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys [2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\System32\drivers\rasacd.sys [2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_0fb054d9c6a6b4d4\rasacd.sys [color=#A23BEC]< MD5 for: RDPCLIP.EXE >[/color] [2010/11/20 13:17:31 | 000,173,568 | ---- | M] (Microsoft Corporation) MD5=5505592313B74F2E2C8727837750F66D -- C:\Windows\System32\rdpclip.exe [2010/11/20 13:17:31 | 000,173,568 | ---- | M] (Microsoft Corporation) MD5=5505592313B74F2E2C8727837750F66D -- C:\Windows\winsxs\x86_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7601.17514_none_03dd7a8e696443c0\rdpclip.exe [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2010/11/20 11:22:29 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=288B06960D78428FF89E811632684E20 -- C:\Windows\System32\drivers\rdpwd.sys [2010/11/20 11:22:29 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=288B06960D78428FF89E811632684E20 -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_4d7cf2333344a165\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll [2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\drivers\sfloppy.sys [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_x86_neutral_2102f5344367a352\sfloppy.sys [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_e6e06650dbcf54b4\sfloppy.sys [color=#A23BEC]< MD5 for: TASKENG.EXE >[/color] [2010/11/20 13:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\System32\taskeng.exe [2010/11/20 13:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe [color=#A23BEC]< MD5 for: TASKHOST.EXE >[/color] [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=7FA8BA5A780E4757964AC9D4238302B9 -- C:\Windows\System32\taskhost.exe [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=7FA8BA5A780E4757964AC9D4238302B9 -- C:\Windows\winsxs\x86_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_2a461244b897f204\taskhost.exe [color=#A23BEC]< MD5 for: TCPIP.SYS >[/color] [2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys [2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys [2010/11/20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys [2011/09/29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys [2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys [2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys [2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys [2011/06/21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2010/11/20 11:21:10 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=1CB91B2BD8F6DD367DFC2EF26FD751B2 -- C:\Windows\System32\drivers\tdpipe.sys [2010/11/20 11:21:10 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=1CB91B2BD8F6DD367DFC2EF26FD751B2 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2010/11/20 11:21:10 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=2C10395BAA4847F83042813C515CC289 -- C:\Windows\System32\drivers\tdtcp.sys [2010/11/20 11:21:10 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=2C10395BAA4847F83042813C515CC289 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\drivers\usbprint.sys [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_x86_neutral_203e16627752a160\usbprint.sys [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_32d0188e22bd908f\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\System32\drivers\usbscan.sys [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_x86_neutral_6a74c91c1f723826\usbscan.sys [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_59b5278c421a3644\usbscan.sys [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color] [2010/11/20 13:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\drivers\volsnap.sys [2010/11/20 13:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys [2010/11/20 13:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color] [C:\Windows\$NtUninstallKB48757$] -> Error: Cannot create file handle -> Unknown point type < End of report >

Code: Tout sélectionner: OTL Extras logfile created on: 22/01/2012 11:22:57 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Guillaume\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,74 Gb Total Physical Memory | 1,90 Gb Available Physical Memory | 69,45% Memory free 5,48 Gb Paging File | 4,59 Gb Available in Paging File | 83,78% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 31,56 Gb Total Space | 3,44 Gb Free Space | 10,90% Space Free | Partition Type: NTFS Drive E: | 201,00 Gb Total Space | 55,98 Gb Free Space | 27,85% Space Free | Partition Type: HFS Drive G: | 1011,22 Mb Total Space | 264,78 Mb Free Space | 26,18% Space Free | Partition Type: FAT Computer Name: NUAGE | User Name: Guillaume | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software) [HKEY_USERS\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Classes\<extension>] .exe [@ = exefile] -- Reg Error: Key error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- C:\Windows\explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Windows\system32\config\systemprofile\AppData\Roaming\Java.exe" = C:\Windows\system32\config\systemprofile\AppData\Roaming\Java.exe:*:Enabled:Windows Messanger "C:\Windows\TEMP\ismobb\setup.exe" = C:\Windows\TEMP\ismobb\setup.exe:*:Enabled:Windows Messanger [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{043F86B7-EE12-3399-B2CA-D0B603D87963}" = Microsoft .NET Framework 4 Extended FRA Language Pack "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{21040472-F8DF-48A9-A093-2986C1495670}" = Lineage® II: The Chaotic Throne - Freya "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26 "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8 "{5C85747A-91B6-4233-AAF8-063506D0FF4F}" = LG United Mobile Drivers "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}" = Complément Messenger "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger "{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver "{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Français "{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B56ACF7B-D7B5-442B-8E1D-6B41347D88B2}" = Services Boot Camp "{B7D46629-9925-4361-B57F-0D3F6FF63818}" = Partage de CD ou DVD "{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1" = Désinst. LG PC Suite III "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "065B919FD23D12E588F6E2BFB21F7836E2F0E704" = Windows Driver Package - Intel (e1yexpress) Net (07/16/2008 9.52.10.0) "07170A155D5587C8782EABA10E94E4127A86F6E4" = Package de pilotes Windows - Apple Inc. (AppleUSBEthernet) Net (02/01/2008 3.8.3.10) "0A8E69CB2299FB82BA54D1D4C0F3B1810146DBAB" = Package de pilotes Windows - Apple Inc. Apple Broadcom Bluetooth (04/27/2011 4.0.0.1) "111E266FDD1556398EFC13BE47678F96E8497682" = Windows Driver Package - Apple Inc. Apple Trackpad Enabler (07/13/2009 3.0.0.1) "16E9B4B4A3817C38179BF7D6E12774E0432FD558" = Windows Driver Package - Cirrus Logic, Inc. (CirrusFilter) MEDIA (04/28/2010 6.6001.1.25) "1D68F7A8B8397256B162B831457A6775BD17F3F4" = Windows Driver Package - Marvell (yukonwlh) Net (03/23/2007 10.12.7.3) "1E934494E1FDB938ED1D9B958D5D5D465A07F06A" = Windows Driver Package - Intel (e1qexpress) Net (08/05/2008 10.3.49.0) "20CF1F4786CB13A83CD2EC358929609A9B7A205C" = Package de pilotes Windows - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) "22BCABA490923565F42CF777F73DF7E58696F3C7" = Windows Driver Package - Cirrus Logic, Inc. (CirrusFilter) MEDIA (03/12/2010 6.6001.1.23) "2AC97D2605162B73D046D68013D1030CB7CFB87E" = Windows Driver Package - Intel (E1G60) Net (01/08/2008 8.3.9.0) "2E2B6DCC02509BB8D2629A009DE8B5C3055B6779" = Package de pilotes Windows - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) "31BC243044B2C02B454ECDA8F5B44427F3754DD0" = Windows Driver Package - Apple Inc. Bluetooth (03/01/2010 3.0.0.5) "44E2556E81BCB991055DD976642491906DD3B8A0" = Package de pilotes Windows - Apple Inc. Apple Multitouch (05/05/2011 4.0.0.1) "4B114013DDC5858DB929CE55F363AB88CDE1F78C" = Package de pilotes Windows - Apple Inc. Apple Keyboard (05/05/2011 4.0.0.1) "4D00971668041EDAD7097C5827D1739F03B9E5D7" = Windows Driver Package - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) "5A9DF61C17938C73DCC75C9B4B3A4DE3C74D38ED" = Windows Driver Package - Apple Inc. Apple Multitouch Mouse (02/11/2010 3.1.0.0) "5D1F13EEF9A42CC17001EAFFC701D57AF8D13E9D" = Windows Driver Package - Apple Inc. Apple Broadcom Bluetooth (03/01/2010 3.1.0.3) "5F8BE32FAE3D6BC77B512F7B0624D7B6C8A26EFB" = Windows Driver Package - Apple Inc. Apple Bluetooth Enabler (06/27/2007 2.0.0.1) "60B5F87397EB801AB1BAB3E940CE0E077830B153" = Windows Driver Package - Apple Inc. Apple Multitouch (02/11/2010 3.1.0.0) "627745F8E8BB901B043047C3E308B4A76C1194FE" = Windows Driver Package - Intel Net (11/07/2007 8.10.1.0) "675AAC36E980D647C94EAFFB2F929F247E711708" = Windows Driver Package - Intel Net (07/22/2008 10.3.45.0) "680D5EED614F3F01A9AD4547E9D81CFE9B0E4902" = Package de pilotes Windows - Cirrus Logic, Inc. (CirrusFilter) MEDIA (08/16/2010 6.6001.1.26) "78C67451B87511098A9A0EC86E75B99B12298F5C" = Windows Driver Package - Intel Net (02/06/2008 9.12.18.0) "7BD968405DE73C7E0F8E489DB5A5853A6CCB8D1D" = Windows Driver Package - Intel Net (08/05/2008 10.3.49.0) "82BE89CA9B7493FA05D2D4D32B415CF07EA08B47" = Windows Driver Package - Intel System (07/20/2007 1.2.76.0) "84865EBF11DAD18A6FD975327C8DBD66D7090BAD" = Windows Driver Package - Apple Inc. Apple Keyboard (01/12/2010 3.1.0.2) "9324ED54E32F5399037F87E076CA01C6CEB92830" = Windows Driver Package - Apple Inc. Apple Built-in iSight (10/25/2007 2.0.1.0) "950F5FEDF7BEABD19AAE5CEA69570873BE2A99DA" = Windows Driver Package - Atheros Communications Inc. (athr) Net (11/18/2009 8.0.0.258) "9747248FCA6A074E791AABC17F527823A8225756" = Windows Driver Package - Intel (e1kexpress) Net (07/22/2008 10.3.45.0) "9AA5295F27284963423D072C7FC59D57CDE15ACA" = Windows Driver Package - Broadcom (b57nd60x) Net (05/28/2009 12.2.0.3) "A06888013552B918232820F81FDBA706F5CAAD39" = Windows Driver Package - Intel Net (06/13/2008 9.52.9.0) "A0DAD483951AB3046050D68A2A1D8CEB4A7C61EE" = Windows Driver Package - Apple Inc. Apple Trackpad (07/13/2009 3.0.0.1) "A7A7D84907D2DCB34930D77C6BA911E3834C1E34" = Package de pilotes Windows - Apple Inc. Apple Multitouch Mouse (10/05/2010 3.2.0.1) "Action Replay Code Manager_is1" = Action Replay Code Manager "AD3493E108434977125BBF78F47699626F8AF64B" = Windows Driver Package - Apple Inc. (AppleUSBEthernet) Net (01/11/2008 3.4.3.18) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "AEB482706002E9220FBFB86D4A1D24257F71A3D4" = Package de pilotes Windows - Apple Inc. Apple Multitouch (10/05/2010 3.2.0.1) "Avidemux 2.5" = Avidemux 2.5 (32-bit) "Avira AntiVir Desktop" = Avira Free Antivirus "B345101E6CC8B2FD9765620B9C7BCD3D7002BE6D" = Windows Driver Package - Intel (e1express) Net (02/06/2008 9.12.17.0) "B4AC4F962DDC0DD6B71FCF20B8F2F694214FAE69" = Windows Driver Package - Apple Inc. Apple ODD (01/17/2008 2.0.2.2) "B9491C5C199D7236FCDCB76367922461FADC80C7" = Package de pilotes Windows - Apple Inc. Apple Multitouch Mouse (05/05/2011 4.0.0.1) "C5CE3BA75A23622D2140C5D5D0998C07DDC4CF1C" = Windows Driver Package - Apple Inc. Apple Display (01/23/2009 3.0.0.0) "CCleaner" = CCleaner "CFC3D985EA69596C8BE0A30313010FCC8CE2C70F" = Package de pilotes Windows - Apple Inc. Apple Wireless Trackpad (08/24/2010 3.1.0.7) "DAEMON Tools Lite" = DAEMON Tools Lite "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "DE32692B1421420518B0CA8EEDD6DF2A494F279F" = Windows Driver Package - Apple Inc. Apple Wireless Mouse (11/30/2009 3.0.0.6) "E9575EA5D430B59D0CFF29323C74D0FBA1898F3B" = Windows Driver Package - Broadcom (BCM43XX) Net (08/21/2009 5.60.18.8) "F24CB85E5983448F6319803791DEACED91E6565B" = Windows Driver Package - Apple Inc. System (08/22/2008 2.1.1.1) "F46F6C2CF86ECDFF2CE25B508923B04E2F23F1CE" = Package de pilotes Windows - Apple Inc. Apple System Device (04/05/2011 3.2.0.8) "Game Booster_is1" = Game Booster "Garena" = Garena 2010 "L'Aube du Temps" = L'Aube du Temps "LOLReplay" = LOLReplay "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800 "Messenger Plus!" = Messenger Plus! 5 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Extended FRA "Mozilla Firefox 9.0.1 (x86 fr)" = Mozilla Firefox 9.0.1 (x86 fr) "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "Opera 11.60.1185" = Opera 11.60 "RomStation" = RomStation "TweakDUN" = TweakDUN v3.0 "VirtualCloneDrive" = VirtualCloneDrive "VLC media player" = VLC media player 1.1.7 "Warcraft III" = Warcraft III "WinLiveSuite" = Windows Live "WinRAR archiver" = Logiciel d'archivage WinRAR "World of Warcraft" = World of Warcraft "Wow Cartographe" = Wow Cartographe 1.10 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "5ca7a701f4767ab9" = LoL-Starter "bfbc2fd85b525931" = Sienna Launcher "Smad" = SanctionedMedia "Spotify" = Spotify "Warcraft III" = Warcraft III: All Products [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 18/01/2012 18:53:06 | Computer Name = Nuage | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 18/01/2012 18:53:06 | Computer Name = Nuage | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 2658896 Error - 18/01/2012 18:53:06 | Computer Name = Nuage | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 2658896 Error - 19/01/2012 09:27:22 | Computer Name = Nuage | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante setup.exe_unknown, version : 0.0.0.0, horodatage : 0x4f17d1a5 Nom du module défaillant : setup.exe, version : 0.0.0.0, horodatage : 0x4f17d1a5 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00001299 ID du processus défaillant : 0x12f8 Heure de début de l’application défaillante : 0x01ccd68f35c053f0 Chemin d’accès de l’application défaillante : C:\Windows\TEMP\slnlko\setup.exe Chemin d’accès du module défaillant: C:\Windows\TEMP\slnlko\setup.exe ID de rapport : 514882e0-42a1-11e1-99bf-c8bcc8accffa Error - 21/01/2012 13:49:46 | Computer Name = Nuage | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Ancillary Function Driver for Winsock. System Error: The system cannot find the file specified. . Error - 21/01/2012 20:50:32 | Computer Name = Nuage | Source = Schedule | ID = 0 Description = Error - 22/01/2012 05:57:13 | Computer Name = Nuage | Source = Schedule | ID = 0 Description = Error - 22/01/2012 06:05:49 | Computer Name = Nuage | Source = Schedule | ID = 0 Description = Error - 22/01/2012 06:09:26 | Computer Name = Nuage | Source = Application Error | ID = 1000 Description = Nom de l’application défaillante ntvdm.exe, version : 6.1.7600.16385, horodatage : 0x4a5bc158 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000046 ID du processus défaillant : 0xe64 Heure de début de l’application défaillante : 0x01ccd8ede7054200 Chemin d’accès de l’application défaillante : C:\Windows\system32\ntvdm.exe Chemin d’accès du module défaillant: unknown ID de rapport : 29f2b5c0-44e1-11e1-b6da-c8bcc8accffa Error - 22/01/2012 06:20:34 | Computer Name = Nuage | Source = Schedule | ID = 0 Description = [ Media Center Events ] Error - 27/03/2011 06:32:48 | Computer Name = Nuage | Source = MCUpdate | ID = 0 Description = 12:32:48 - Failed to retrieve Directory (Error: Unable to connect to the remote server) Error - 27/03/2011 06:34:24 | Computer Name = Nuage | Source = MCUpdate | ID = 0 Description = 12:33:56 - Error connecting to the internet. 12:33:56 - Unable to contact server.. Error - 27/03/2011 07:36:27 | Computer Name = Nuage | Source = MCUpdate | ID = 0 Description = 13:36:26 - Failed to retrieve MCEClientUX (Error: Unable to connect to the remote server) Error - 27/03/2011 07:38:07 | Computer Name = Nuage | Source = MCUpdate | ID = 0 Description = 13:38:07 - Failed to retrieve Broadband (Error: The operation has timed out) Error - 27/03/2011 08:39:03 | Computer Name = Nuage | Source = MCUpdate | ID = 0 Description = 14:39:00 - Error connecting to the internet. 14:39:00 - Unable to contact server.. [ System Events ] Error - 22/01/2012 06:35:49 | Computer Name = Nuage | Source = Service Control Manager | ID = 7003 Description = Le service DHCP Client dépend du service suivant : Afd. Ce dernier n’est peut-être pas installé. Error - 22/01/2012 06:35:49 | Computer Name = Nuage | Source = Service Control Manager | ID = 7001 Description = Le service WinHTTP Web Proxy Auto-Discovery Service dépend du service DHCP Client qui n’a pas pu démarrer en raison de l’erreur : %%1075 Error - 22/01/2012 06:36:21 | Computer Name = Nuage | Source = Service Control Manager | ID = 7003 Description = Le service DHCP Client dépend du service suivant : Afd. Ce dernier n’est peut-être pas installé. Error - 22/01/2012 06:36:21 | Computer Name = Nuage | Source = Service Control Manager | ID = 7001 Description = Le service WinHTTP Web Proxy Auto-Discovery Service dépend du service DHCP Client qui n’a pas pu démarrer en raison de l’erreur : %%1075 Error - 22/01/2012 06:36:52 | Computer Name = Nuage | Source = Service Control Manager | ID = 7003 Description = Le service DHCP Client dépend du service suivant : Afd. Ce dernier n’est peut-être pas installé. Error - 22/01/2012 06:36:52 | Computer Name = Nuage | Source = Service Control Manager | ID = 7001 Description = Le service WinHTTP Web Proxy Auto-Discovery Service dépend du service DHCP Client qui n’a pas pu démarrer en raison de l’erreur : %%1075 Error - 22/01/2012 06:37:24 | Computer Name = Nuage | Source = Service Control Manager | ID = 7003 Description = Le service DHCP Client dépend du service suivant : Afd. Ce dernier n’est peut-être pas installé. Error - 22/01/2012 06:37:24 | Computer Name = Nuage | Source = Service Control Manager | ID = 7001 Description = Le service WinHTTP Web Proxy Auto-Discovery Service dépend du service DHCP Client qui n’a pas pu démarrer en raison de l’erreur : %%1075 Error - 22/01/2012 06:37:54 | Computer Name = Nuage | Source = Service Control Manager | ID = 7003 Description = Le service DHCP Client dépend du service suivant : Afd. Ce dernier n’est peut-être pas installé. Error - 22/01/2012 06:37:54 | Computer Name = Nuage | Source = Service Control Manager | ID = 7001 Description = Le service WinHTTP Web Proxy Auto-Discovery Service dépend du service DHCP Client qui n’a pas pu démarrer en raison de l’erreur : %%1075 < End of report >

Mon scan Malwarebytes n'a rien donné, mais il faut dire que je l'ai déjà fait il y a quelques jours.
(je ne retrouve plus où sont enregistrés les rapports de scans par contre, étant repassé sur Mac, je poste le reste des procédures et je retourne chercher cela)

Et pour finir, voilà mon rapport OTL :

Code: Tout sélectionner: OTL logfile created on: 22/01/2012 13:17:18 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Guillaume\Desktop Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy 2,74 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 66,02% Memory free 5,25 Gb Paging File | 4,23 Gb Available in Paging File | 80,63% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 31,56 Gb Total Space | 3,66 Gb Free Space | 11,60% Space Free | Partition Type: NTFS Drive E: | 201,00 Gb Total Space | 55,97 Gb Free Space | 27,85% Space Free | Partition Type: HFS Drive G: | 1011,22 Mb Total Space | 254,33 Mb Free Space | 25,15% Space Free | Partition Type: FAT Computer Name: NUAGE | User Name: Guillaume | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/01/22 12:01:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Guillaume\Desktop\OTL.exe PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011/12/24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/10/24 16:51:19 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe PRC - [2011/10/24 09:22:00 | 000,409,600 | ---- | M] () -- C:\Program Files\LOLReplay\LOLRecorder.exe PRC - [2011/10/19 16:56:50 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe PRC - [2011/10/19 16:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe PRC - [2011/10/19 16:56:24 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe PRC - [2011/10/19 16:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe PRC - [2011/08/15 17:34:40 | 000,526,208 | ---- | M] (Apple Inc.) -- C:\Program Files\Boot Camp\Bootcamp.exe PRC - [2011/08/15 17:34:40 | 000,194,432 | ---- | M] () -- C:\Windows\System32\AppleOSSMgr.exe PRC - [2011/08/02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe PRC - [2011/06/24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/03/22 22:53:32 | 000,099,640 | ---- | M] (Apple Inc.) -- C:\Windows\System32\AppleTimeSrv.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/10/29 19:41:52 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll MOD - [2011/10/29 19:41:35 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll MOD - [2011/10/29 19:41:24 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll MOD - [2011/10/29 19:41:21 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll MOD - [2011/10/29 19:41:17 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll MOD - [2011/10/29 19:41:12 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll MOD - [2011/10/29 19:41:02 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll MOD - [2011/10/24 09:22:00 | 000,409,600 | ---- | M] () -- C:\Program Files\LOLReplay\LOLRecorder.exe MOD - [2011/10/24 09:21:56 | 000,136,192 | ---- | M] () -- C:\Program Files\LOLReplay\LOLUtils.dll MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010/11/05 02:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/10/19 16:56:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/10/19 16:56:24 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/08/15 17:34:40 | 000,194,432 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AppleOSSMgr.exe -- (AppleOSSMgr) SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/02/24 21:41:52 | 001,343,400 | ---- | M] () [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc) SRV - [2010/03/22 22:53:32 | 000,099,640 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Windows\System32\AppleTimeSrv.exe -- (AppleTimeSrv) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/12/09 03:56:44 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011/10/19 16:56:50 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011/10/19 16:56:50 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011/08/15 17:34:40 | 000,058,200 | ---- | M] (Apple Inc.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AppleHFS.sys -- (AppleHFS) DRV - [2011/08/15 17:34:40 | 000,015,320 | ---- | M] (Apple Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AppleMNT.sys -- (AppleMNT) DRV - [2011/08/15 17:34:40 | 000,015,064 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KeyAgent.sys -- (KeyAgent) DRV - [2011/08/09 13:10:12 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2011/06/28 00:28:37 | 000,018,944 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AppleBtBc.sys -- (AppleBtBc) DRV - [2011/06/02 19:36:46 | 000,026,624 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KeyMagic.sys -- (KeyMagic) DRV - [2011/01/31 13:43:51 | 000,029,824 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\applemtp.sys -- (applemtp) DRV - [2011/01/31 13:43:51 | 000,010,880 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\applemtm.sys -- (applemtm) DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus) DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt) DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc) DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/11/20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap) DRV - [2010/10/14 21:58:17 | 000,014,336 | ---- | M] (Cirrus Logic) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CS420x86.sys -- (CirrusFilter) DRV - [2010/06/17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010/05/12 12:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB) DRV - [2010/04/23 14:51:04 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2010/04/23 14:51:02 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2010/04/23 14:51:02 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2010/03/23 06:46:14 | 000,018,944 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu) DRV - [2010/03/23 06:46:12 | 000,068,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2010/03/22 22:43:50 | 000,012,928 | ---- | M] (Apple Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\MacHALDriver.sys -- (MacHALDriver) DRV - [2010/03/09 21:03:15 | 011,585,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009/10/15 22:39:30 | 000,016,512 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IRFilter.sys -- (IRRemoteFlt) DRV - [2009/09/29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009/09/29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009/09/29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009/07/14 00:45:20 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\acpials.sys -- (acpials) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://fr.msn.com/?ocid=iehp IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local> [color=#E56717]========== FireFox ==========[/color] FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/21 02:36:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/21 02:37:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Guillaume\AppData\Roaming\mozilla\Extensions [2012/01/21 02:36:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2011/12/21 08:49:52 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011/12/21 06:44:31 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml [2011/12/21 06:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/12/21 06:44:31 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml [2011/12/21 06:44:31 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml [2011/12/21 06:44:31 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml [2011/12/21 06:44:31 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [Apple_KbdMgr] C:\Program Files\Boot Camp\Bootcamp.exe (Apple Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Partage de CD ou DVD] C:\Program Files\Partage de CD ou DVD\ODSAgent.exe () O4 - HKLM..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software) O4 - HKLM..\Run: [TweakDUN] C:\Program Files\TweakDUN\tweakdun.exe (Patterson Design Systems) O4 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000..\Run: [Spotify] C:\Users\Guillaume\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1 O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Bonjour\mdnsNSP.dll File not found O13 - gopher Prefix: missing O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A220066-ADBA-42B0-B3E2-F92AC50D99A5}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D91831D1-0430-47BE-BFD3-8458753844EC}: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\kremtel: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - Unable to obtain root file information for disk G:\ O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKU\S-1-5-21-3556121016-3787262404-2462169972-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/01/22 11:33:01 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\Diagnostics [2012/01/22 11:22:16 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Guillaume\Desktop\OTL.exe [2012/01/21 02:37:33 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Roaming\Mozilla [2012/01/21 02:37:33 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\Mozilla [2012/01/21 02:36:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012/01/12 18:20:59 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\Spotify [2012/01/12 18:20:22 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Roaming\Spotify [2012/01/12 18:18:14 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\Documents\RK_Quarantine [2012/01/12 18:07:13 | 000,000,000 | ---D | C] -- C:\Kill'em [2012/01/12 17:50:50 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012/01/12 17:43:48 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\AppData\Local\SanctionedMedia [2012/01/11 17:35:44 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2012/01/11 17:35:35 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2012/01/11 17:35:35 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2012/01/10 12:21:05 | 000,000,000 | ---D | C] -- C:\Users\Guillaume\Desktop\LoL [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/01/22 13:03:07 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin [2012/01/22 12:49:53 | 000,743,426 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2012/01/22 12:49:53 | 000,652,148 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/01/22 12:49:53 | 000,148,312 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2012/01/22 12:49:53 | 000,121,080 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/01/22 12:42:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/01/22 12:42:19 | 2207,195,136 | -HS- | M] () -- C:\hiberfil.sys [2012/01/22 12:01:08 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Guillaume\Desktop\OTL.exe [2012/01/22 11:05:53 | 000,000,406 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2012/01/21 17:53:40 | 000,014,192 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/01/21 17:53:40 | 000,014,192 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/01/21 02:36:52 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/01/17 01:14:43 | 000,266,262 | ---- | M] () -- C:\Users\Guillaume\AppData\Local\census.cache [2012/01/17 01:13:53 | 000,108,474 | ---- | M] () -- C:\Users\Guillaume\AppData\Local\ars.cache [2012/01/17 01:02:07 | 000,000,036 | ---- | M] () -- C:\Users\Guillaume\AppData\Local\housecall.guid.cache [2012/01/16 21:58:26 | 000,046,363 | ---- | M] () -- C:\Users\Guillaume\Desktop\tumblr_lxtatuonHd1r93w8ko1_500.jpg [2012/01/12 18:21:18 | 000,001,079 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/01/12 18:20:57 | 000,001,830 | ---- | M] () -- C:\Users\Guillaume\Desktop\Spotify.lnk [2012/01/12 18:18:52 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys [2012/01/12 18:13:51 | 000,000,970 | ---- | M] () -- C:\Users\Guillaume\Desktop\Internet Explorer.lnk [2012/01/12 17:54:25 | 000,002,330 | -HS- | M] () -- C:\Users\Guillaume\AppData\Local\775r1r7n5385 [2012/01/12 17:54:25 | 000,002,330 | -HS- | M] () -- C:\ProgramData\775r1r7n5385 [2012/01/11 00:42:26 | 028,608,382 | ---- | M] () -- C:\Users\Guillaume\Desktop\Thorgal - 29 - Le Sacrifice.pdf [2012/01/10 12:27:37 | 000,000,795 | ---- | M] () -- C:\Users\Guillaume\Desktop\lol.launcher - Raccourci.lnk [2012/01/10 12:17:15 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/01/22 11:25:02 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin [2012/01/21 02:36:51 | 000,001,120 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012/01/21 02:36:51 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/01/17 01:14:43 | 000,266,262 | ---- | C] () -- C:\Users\Guillaume\AppData\Local\census.cache [2012/01/17 01:13:53 | 000,108,474 | ---- | C] () -- C:\Users\Guillaume\AppData\Local\ars.cache [2012/01/17 01:02:07 | 000,000,036 | ---- | C] () -- C:\Users\Guillaume\AppData\Local\housecall.guid.cache [2012/01/16 21:58:26 | 000,046,363 | ---- | C] () -- C:\Users\Guillaume\Desktop\tumblr_lxtatuonHd1r93w8ko1_500.jpg [2012/01/12 18:21:18 | 000,001,079 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/01/12 18:20:57 | 000,001,830 | ---- | C] () -- C:\Users\Guillaume\Desktop\Spotify.lnk [2012/01/12 18:20:57 | 000,001,816 | ---- | C] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [2012/01/12 18:13:51 | 000,000,970 | ---- | C] () -- C:\Users\Guillaume\Desktop\Internet Explorer.lnk [2012/01/12 18:00:51 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys [2012/01/12 17:43:51 | 000,002,330 | -HS- | C] () -- C:\Users\Guillaume\AppData\Local\775r1r7n5385 [2012/01/12 17:43:51 | 000,002,330 | -HS- | C] () -- C:\ProgramData\775r1r7n5385 [2012/01/11 00:41:20 | 028,608,382 | ---- | C] () -- C:\Users\Guillaume\Desktop\Thorgal - 29 - Le Sacrifice.pdf [2012/01/10 12:27:37 | 000,000,795 | ---- | C] () -- C:\Users\Guillaume\Desktop\lol.launcher - Raccourci.lnk [2011/11/27 12:42:24 | 000,000,406 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011/08/15 17:34:40 | 000,194,432 | ---- | C] () -- C:\Windows\System32\AppleOSSMgr.exe [2011/07/09 21:14:30 | 000,064,907 | ---- | C] () -- C:\Windows\War3Unin.dat [2011/06/24 22:10:19 | 000,088,280 | ---- | C] () -- C:\Windows\System32\mlfcache.dat [2011/02/27 22:34:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll [2011/02/27 22:34:04 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini [2011/02/25 01:09:40 | 000,743,426 | ---- | C] () -- C:\Windows\System32\perfh00C.dat [2011/02/25 01:09:40 | 000,344,522 | ---- | C] () -- C:\Windows\System32\perfi00C.dat [2011/02/25 01:09:40 | 000,148,312 | ---- | C] () -- C:\Windows\System32\perfc00C.dat [2011/02/25 01:09:40 | 000,038,160 | ---- | C] () -- C:\Windows\System32\perfd00C.dat [2011/02/25 00:40:32 | 000,000,056 | ---- | C] () -- C:\Windows\System32\ezsidmv.dat [2011/02/24 23:40:58 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011/02/24 23:39:22 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2010/02/26 15:26:18 | 000,095,994 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin [2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/14 05:33:53 | 000,266,928 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009/07/14 03:05:48 | 000,652,148 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009/07/14 03:05:48 | 000,121,080 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [color=#E56717]========== LOP Check ==========[/color] [2011/07/05 00:21:55 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\avidemux [2011/07/12 00:17:17 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\DAEMON Tools Lite [2011/02/27 23:04:17 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\LG Electronics [2011/02/25 00:46:09 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\LolClient [2011/02/24 21:56:17 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\Opera [2012/01/22 12:45:07 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\Spotify [2011/07/09 00:52:17 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\Ubisoft [2011/02/27 22:57:39 | 000,000,000 | ---D | M] -- C:\Users\Guillaume\AppData\Roaming\{D94BA408-F110-488B-A65E-3AE7945F79E6} [2012/01/22 12:42:35 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl|FEATURE_BROWSER_EMULATION /rs >[/color] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\prevhost.exe: 8000 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\RomStation.exe: 8888 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\\sllauncher.exe: 8000 [color=#A23BEC]< HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >[/color] [color=#A23BEC]< HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl|feature_enable_ie_compression /rs >[/color] [color=#A23BEC]< hklm\software\clients\startmenuinternet|command /rs >[/color] HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/04/26 12:43:38 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\internet explorer\iexplore.exe" [2011/04/26 12:43:38 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) [color=#A23BEC]< hklm\software\clients\startmenuinternet|command /64 /rs >[/color] HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/12/21 08:49:54 | 000,717,344 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/12/21 08:49:52 | 000,924,632 | ---- | M] (Mozilla Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/26 12:43:38 | 000,074,240 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/04/26 12:43:38 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\internet explorer\iexplore.exe" [2011/04/26 12:43:38 | 000,748,336 | ---- | M] (Microsoft Corporation) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2011/12/09 13:15:15 | 000,949,104 | ---- | M] (Opera Software) [color=#A23BEC]< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers /s >[/color] "timer" = timer.drv -- [2009/07/13 22:41:39 | 000,004,048 | ---- | M] (Microsoft Corporation) [color=#A23BEC]< HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc /s >[/color] "C:\Windows\System32\l3codeca.acm" = Fraunhofer IIS MPEG Layer-3 Codec "wdmaud.drv" = Microsoft 1.1 UAA Function Driver for High Definition Audio "vfwwdm32.dll" = WDM Video For Windows Capture Driver (Win32) "sirenacm.dll" = Messenger Audio Codec [color=#A23BEC]< %temp%\smtmp\1\*.* /s >[/color] [color=#A23BEC]< %temp%\smtmp\2\*.* /s >[/color] [color=#A23BEC]< %temp%\smtmp\4\*.* /s >[/color] [color=#A23BEC]< nslookup http://www.google.fr /c >[/color] Serveur : UnKnown Address: 192.168.1.254 [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color] [color=#A23BEC]< %APPDATA%\*.exe /s >[/color] [2011/02/28 01:03:00 | 000,032,768 | ---- | M] ((주)테크노니아) -- C:\Users\Guillaume\AppData\Roaming\LG Electronics\LG PC Suite III\UpdateHelper.exe [2008/12/02 07:40:14 | 000,028,672 | R--- | M] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Templates\F\UninstallMSI.exe [2008/12/01 12:29:00 | 000,014,336 | R--- | M] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Templates\F\UninstallMSI32.exe [2008/12/01 12:29:00 | 000,016,896 | R--- | M] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Templates\F\UninstallMSI64.exe [2009/03/20 06:09:32 | 001,360,008 | R--- | M] () -- C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Templates\F\USBAutoRun.exe [2012/01/20 19:49:04 | 004,027,056 | ---- | M] (Spotify Ltd) -- C:\Users\Guillaume\AppData\Roaming\Spotify\spotify.exe [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color] [color=#A23BEC]< MD5 for: AGP440.SYS >[/color] [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color] [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys [color=#A23BEC]< MD5 for: CDROM.SYS >[/color] [2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys [2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys [2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys [color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color] [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [color=#A23BEC]< MD5 for: CTFMON.EXE >[/color] [2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\System32\ctfmon.exe [2009/07/14 02:14:16 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=4A3CDCEF8ED41B221F3DBEF5792FB52D -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe [color=#A23BEC]< MD5 for: DISK.SYS >[/color] [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys [2009/07/14 02:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys [color=#A23BEC]< MD5 for: DWM.EXE >[/color] [2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=505BF4D1CADEB8D4F8BCD08D944DE25D -- C:\Windows\System32\dwm.exe [2009/07/14 02:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) MD5=505BF4D1CADEB8D4F8BCD08D944DE25D -- C:\Windows\winsxs\x86_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_8faafe001b741442\dwm.exe [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color] [2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [color=#A23BEC]< MD5 for: IASTORV.SYS >[/color] [2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys [2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys [2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys [2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys [2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys [2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys [color=#A23BEC]< MD5 for: NDIS.SYS >[/color] [2010/11/20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys [2010/11/20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color] [2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll [2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color] [2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys [2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys [2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys [2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys [2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys [2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [color=#A23BEC]< MD5 for: RASACD.SYS >[/color] [2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\System32\drivers\rasacd.sys [2009/07/14 00:54:40 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=30A81B53C766D0133BB86D234E5556AB -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_0fb054d9c6a6b4d4\rasacd.sys [color=#A23BEC]< MD5 for: RDPCLIP.EXE >[/color] [2010/11/20 13:17:31 | 000,173,568 | ---- | M] (Microsoft Corporation) MD5=5505592313B74F2E2C8727837750F66D -- C:\Windows\System32\rdpclip.exe [2010/11/20 13:17:31 | 000,173,568 | ---- | M] (Microsoft Corporation) MD5=5505592313B74F2E2C8727837750F66D -- C:\Windows\winsxs\x86_microsoft-windows-t..lipboardredirection_31bf3856ad364e35_6.1.7601.17514_none_03dd7a8e696443c0\rdpclip.exe [color=#A23BEC]< MD5 for: RDPWD.SYS >[/color] [2010/11/20 11:22:29 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=288B06960D78428FF89E811632684E20 -- C:\Windows\System32\drivers\rdpwd.sys [2010/11/20 11:22:29 | 000,183,808 | ---- | M] (Microsoft Corporation) MD5=288B06960D78428FF89E811632684E20 -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_4d7cf2333344a165\rdpwd.sys [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color] [2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll [2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll [color=#A23BEC]< MD5 for: SFLOPPY.SYS >[/color] [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\drivers\sfloppy.sys [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_x86_neutral_2102f5344367a352\sfloppy.sys [2009/07/14 00:45:52 | 000,013,824 | ---- | M] (Microsoft Corporation) MD5=DB96666CC8312EBC45032F30B007A547 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_e6e06650dbcf54b4\sfloppy.sys [color=#A23BEC]< MD5 for: TASKENG.EXE >[/color] [2010/11/20 13:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\System32\taskeng.exe [2010/11/20 13:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) MD5=4F2659160AFCCA990305816946F69407 -- C:\Windows\winsxs\x86_microsoft-windows-taskscheduler-engine_31bf3856ad364e35_6.1.7601.17514_none_e7b3b71a1d1c8662\taskeng.exe [color=#A23BEC]< MD5 for: TASKHOST.EXE >[/color] [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=7FA8BA5A780E4757964AC9D4238302B9 -- C:\Windows\System32\taskhost.exe [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=7FA8BA5A780E4757964AC9D4238302B9 -- C:\Windows\winsxs\x86_microsoft-windows-taskhost_31bf3856ad364e35_6.1.7601.17514_none_2a461244b897f204\taskhost.exe [color=#A23BEC]< MD5 for: TCPIP.SYS >[/color] [2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys [2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys [2010/11/20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys [2011/09/29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys [2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys [2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys [2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys [2011/06/21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys [color=#A23BEC]< MD5 for: TDPIPE.SYS >[/color] [2010/11/20 11:21:10 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=1CB91B2BD8F6DD367DFC2EF26FD751B2 -- C:\Windows\System32\drivers\tdpipe.sys [2010/11/20 11:21:10 | 000,018,432 | ---- | M] (Microsoft Corporation) MD5=1CB91B2BD8F6DD367DFC2EF26FD751B2 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdpipe.sys [color=#A23BEC]< MD5 for: TDTCP.SYS >[/color] [2010/11/20 11:21:10 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=2C10395BAA4847F83042813C515CC289 -- C:\Windows\System32\drivers\tdtcp.sys [2010/11/20 11:21:10 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=2C10395BAA4847F83042813C515CC289 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7601.17514_none_ddb3a157a2f95be2\tdtcp.sys [color=#A23BEC]< MD5 for: USBPRINT.SYS >[/color] [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\drivers\usbprint.sys [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_x86_neutral_203e16627752a160\usbprint.sys [2009/07/14 01:17:06 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=797D862FE0875E75C7CC4C1AD7B30252 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_32d0188e22bd908f\usbprint.sys [color=#A23BEC]< MD5 for: USBSCAN.SYS >[/color] [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\System32\drivers\usbscan.sys [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_x86_neutral_6a74c91c1f723826\usbscan.sys [2009/07/14 01:14:44 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=576096CCBC07E7C4EA4F5E6686D6888F -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_59b5278c421a3644\usbscan.sys [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color] [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [color=#A23BEC]< MD5 for: VOLSNAP.SYS >[/color] [2010/11/20 13:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\drivers\volsnap.sys [2010/11/20 13:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys [2010/11/20 13:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys [color=#A23BEC]< MD5 for: WININIT.EXE >[/color] [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe [2009/07/14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color] [2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe [2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [color=#A23BEC]< %systemroot%\*. /mp /s >[/color] [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color] [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color] [color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color] [C:\Windows\$NtUninstallKB48757$] -> Error: Cannot create file handle -> Unknown point type < End of report >

Merci

jeanmimigab · le 22 Jan 2012 15:59

Bizarre que malwarebytes ne voit rien car l'infection saute aux yeux

Fais cela stp...

* Fais un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

:Files
C:\Users\Guillaume\AppData\Local\775r1r7n5385
C:\ProgramData\775r1r7n5385
C:\Users\Guillaume\AppData\Local\SanctionedMedia
C:\Users\Guillaume\AppData\Local\775r1r7n5385
C:\ProgramData\775r1r7n5385
C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
C:\Windows\TEMP\ismobb

:Reg
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Windows\TEMP\ismobb\setup.exe"=-

:Commands
[emptytemp]
[EMPTYFLASH]

* Cliques sur l'icône "Correction" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport va s'ouvrir
* Copie et colle le rapports dans ta réponse stp...

ensuite...

Télécharge TDSSKiller (Kapersky Lab) sur ton bureau en allant sur cette page web
http://support.kaspersky.com/fr/faq/?qid=208280685
Dezzipe le et fais un double-clic dessus pour l'exécuter et si une détection apparait après le scanne,suis les instructions et autorise le redémarrage du pc
/!\ ne change pas l'action proposé par TDSSKiller en fin de scanne (skip, quarantine, cure ) /!\
Poste le rapport "C:\TDSSKiller_Quarantine\DATE _HEURE"

@++

Garfind · le 22 Jan 2012 17:18

Voilà, j'ai fait ce que tu as dit.
Par contre, après la Correction d'OTL, il m'a été demandé de redémarrer l'ordinateur.
Voici le rapport :

Code: Tout sélectionner: All processes killed ========== OTL ========== C:\Windows\msdownld.tmp folder deleted successfully. ========== FILES ========== C:\Users\Guillaume\AppData\Local\775r1r7n5385 moved successfully. C:\ProgramData\775r1r7n5385 moved successfully. C:\Users\Guillaume\AppData\Local\SanctionedMedia\Smad folder moved successfully. C:\Users\Guillaume\AppData\Local\SanctionedMedia folder moved successfully. File\Folder C:\Users\Guillaume\AppData\Local\775r1r7n5385 not found. File\Folder C:\ProgramData\775r1r7n5385 not found. C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe moved successfully. File\Folder C:\Windows\TEMP\ismobb not found. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Windows\TEMP\ismobb\setup.exe deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Guillaume ->Temp folder emptied: 43750 bytes ->Temporary Internet Files folder emptied: 1393038 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 38277668 bytes ->Opera cache emptied: 0 bytes ->Flash cache emptied: 881 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 3422 bytes RecycleBin emptied: 4096 bytes Total Files Cleaned = 38,00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: Guillaume ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.31.0 log created on 01222012_155901 Files\Folders moved on Reboot... Registry entries deleted on Reboot...

Pour ce qui est de l'autre logiciel, il n'a rien détecté après le scan.
Voici quand même le rapport :

Code: Tout sélectionner: 16:10:49.0238 3056 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04 16:10:49.0269 3056 ============================================================ 16:10:49.0269 3056 Current date / time: 2012/01/22 16:10:49.0269 16:10:49.0269 3056 SystemInfo: 16:10:49.0269 3056 16:10:49.0269 3056 OS Version: 6.1.7601 ServicePack: 1.0 16:10:49.0269 3056 Product type: Workstation 16:10:49.0269 3056 ComputerName: NUAGE 16:10:49.0269 3056 UserName: Guillaume 16:10:49.0269 3056 Windows directory: C:\Windows 16:10:49.0269 3056 System windows directory: C:\Windows 16:10:49.0269 3056 Processor architecture: Intel x86 16:10:49.0269 3056 Number of processors: 2 16:10:49.0269 3056 Page size: 0x1000 16:10:49.0269 3056 Boot type: Normal boot 16:10:49.0269 3056 ============================================================ 16:10:52.0857 3056 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 16:10:52.0857 3056 Drive \Device\Harddisk1\DR1 - Size: 0x3F380000 (0.99 Gb), SectorSize: 0x200, Cylinders: 0x80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 16:10:52.0857 3056 Initialize success 16:10:56.0024 3816 ============================================================ 16:10:56.0024 3816 Scan started 16:10:56.0024 3816 Mode: Manual; 16:10:56.0024 3816 ============================================================ 16:10:57.0132 3816 1394ohci - ok 16:10:57.0132 3816 ACPI - ok 16:10:57.0147 3816 acpials - ok 16:10:57.0147 3816 AcpiPmi - ok 16:10:57.0194 3816 adp94xx - ok 16:10:57.0210 3816 adpahci - ok 16:10:57.0210 3816 adpu320 - ok 16:10:57.0225 3816 agp440 - ok 16:10:57.0241 3816 aic78xx - ok 16:10:57.0257 3816 aliide - ok 16:10:57.0257 3816 amdagp - ok 16:10:57.0257 3816 amdide - ok 16:10:57.0272 3816 AmdK8 - ok 16:10:57.0272 3816 AmdPPM - ok 16:10:57.0288 3816 amdsata - ok 16:10:57.0288 3816 amdsbs - ok 16:10:57.0303 3816 amdxata - ok 16:10:57.0350 3816 AppID - ok 16:10:57.0413 3816 AppleBtBc - ok 16:10:57.0413 3816 AppleHFS - ok 16:10:57.0428 3816 AppleMNT - ok 16:10:57.0444 3816 applemtm - ok 16:10:57.0459 3816 applemtp - ok 16:10:57.0491 3816 arc - ok 16:10:57.0491 3816 arcsas - ok 16:10:57.0522 3816 AsyncMac - ok 16:10:57.0522 3816 atapi - ok 16:10:57.0600 3816 avgntflt - ok 16:10:57.0631 3816 avipbb - ok 16:10:57.0662 3816 avkmgr - ok 16:10:57.0678 3816 b06bdrv - ok 16:10:57.0693 3816 b57nd60x - ok 16:10:57.0693 3816 BCM43XX - ok 16:10:57.0709 3816 Beep - ok 16:10:57.0709 3816 blbdrive - ok 16:10:57.0787 3816 bowser - ok 16:10:57.0803 3816 BrFiltLo - ok 16:10:57.0803 3816 BrFiltUp - ok 16:10:57.0803 3816 Brserid - ok 16:10:57.0818 3816 BrSerWdm - ok 16:10:57.0818 3816 BrUsbMdm - ok 16:10:57.0834 3816 BrUsbSer - ok 16:10:57.0849 3816 BthEnum - ok 16:10:57.0849 3816 BTHMODEM - ok 16:10:57.0865 3816 BthPan - ok 16:10:57.0881 3816 BTHPORT - ok 16:10:57.0896 3816 BTHUSB - ok 16:10:57.0896 3816 cdfs - ok 16:10:57.0912 3816 cdrom - ok 16:10:57.0943 3816 circlass - ok 16:10:57.0943 3816 CirrusFilter - ok 16:10:57.0974 3816 CLFS - ok 16:10:58.0005 3816 CmBatt - ok 16:10:58.0021 3816 cmdide - ok 16:10:58.0021 3816 CNG - ok 16:10:58.0037 3816 Compbatt - ok 16:10:58.0052 3816 CompositeBus - ok 16:10:58.0052 3816 crcdisk - ok 16:10:58.0068 3816 CSC - ok 16:10:58.0099 3816 DfsC - ok 16:10:58.0099 3816 discache - ok 16:10:58.0115 3816 Disk - ok 16:10:58.0130 3816 drmkaud - ok 16:10:58.0146 3816 dtsoftbus01 - ok 16:10:58.0161 3816 DXGKrnl - ok 16:10:58.0161 3816 ebdrv - ok 16:10:58.0193 3816 ElbyCDIO - ok 16:10:58.0193 3816 elxstor - ok 16:10:58.0208 3816 ErrDev - ok 16:10:58.0224 3816 exfat - ok 16:10:58.0224 3816 fastfat - ok 16:10:58.0239 3816 fdc - ok 16:10:58.0239 3816 FileInfo - ok 16:10:58.0255 3816 Filetrace - ok 16:10:58.0255 3816 FlashUSB - ok 16:10:58.0271 3816 flpydisk - ok 16:10:58.0271 3816 FltMgr - ok 16:10:58.0286 3816 FsDepends - ok 16:10:58.0286 3816 Fs_Rec - ok 16:10:58.0302 3816 fvevol - ok 16:10:58.0317 3816 gagp30kx - ok 16:10:58.0349 3816 GEARAspiWDM - ok 16:10:58.0364 3816 GGSAFERDriver - ok 16:10:58.0380 3816 hcw85cir - ok 16:10:58.0395 3816 HdAudAddService - ok 16:10:58.0411 3816 HDAudBus - ok 16:10:58.0411 3816 HidBatt - ok 16:10:58.0411 3816 HidBth - ok 16:10:58.0442 3816 HidIr - ok 16:10:58.0473 3816 HidUsb - ok 16:10:58.0505 3816 HpSAMD - ok 16:10:58.0520 3816 HTTP - ok 16:10:58.0520 3816 hwpolicy - ok 16:10:58.0536 3816 i8042prt - ok 16:10:58.0536 3816 iaStorV - ok 16:10:58.0551 3816 iirsp - ok 16:10:58.0567 3816 intelide - ok 16:10:58.0583 3816 intelppm - ok 16:10:58.0583 3816 IpFilterDriver - ok 16:10:58.0598 3816 IPMIDRV - ok 16:10:58.0598 3816 IPNAT - ok 16:10:58.0661 3816 IRENUM - ok 16:10:58.0676 3816 IRRemoteFlt - ok 16:10:58.0692 3816 isapnp - ok 16:10:58.0692 3816 iScsiPrt - ok 16:10:58.0707 3816 kbdclass - ok 16:10:58.0723 3816 kbdhid - ok 16:10:58.0754 3816 KeyAgent - ok 16:10:58.0770 3816 KeyMagic - ok 16:10:58.0770 3816 KSecDD - ok 16:10:58.0770 3816 KSecPkg - ok 16:10:58.0785 3816 LgBttPort - ok 16:10:58.0801 3816 lgbusenum - ok 16:10:58.0801 3816 LGVMODEM - ok 16:10:58.0832 3816 lltdio - ok 16:10:58.0848 3816 LSI_FC - ok 16:10:58.0863 3816 LSI_SAS - ok 16:10:58.0863 3816 LSI_SAS2 - ok 16:10:58.0863 3816 LSI_SCSI - ok 16:10:58.0863 3816 luafv - ok 16:10:58.0879 3816 MacHALDriver - ok 16:10:58.0910 3816 MBAMProtector - ok 16:10:58.0910 3816 megasas - ok 16:10:58.0910 3816 MegaSR - ok 16:10:58.0926 3816 Modem - ok 16:10:58.0926 3816 monitor - ok 16:10:58.0941 3816 mouclass - ok 16:10:58.0957 3816 mouhid - ok 16:10:58.0973 3816 mountmgr - ok 16:10:58.0988 3816 mpio - ok 16:10:58.0988 3816 mpsdrv - ok 16:10:58.0988 3816 MRxDAV - ok 16:10:58.0988 3816 mrxsmb - ok 16:10:59.0004 3816 mrxsmb10 - ok 16:10:59.0004 3816 mrxsmb20 - ok 16:10:59.0004 3816 msahci - ok 16:10:59.0004 3816 msdsm - ok 16:10:59.0019 3816 Msfs - ok 16:10:59.0035 3816 mshidkmdf - ok 16:10:59.0035 3816 msisadrv - ok 16:10:59.0051 3816 MSKSSRV - ok 16:10:59.0051 3816 MSPCLOCK - ok 16:10:59.0051 3816 MSPQM - ok 16:10:59.0066 3816 MsRPC - ok 16:10:59.0066 3816 mssmbios - ok 16:10:59.0066 3816 MSTEE - ok 16:10:59.0066 3816 MTConfig - ok 16:10:59.0082 3816 Mup - ok 16:10:59.0082 3816 NativeWifiP - ok 16:10:59.0097 3816 NDIS - ok 16:10:59.0097 3816 NdisCap - ok 16:10:59.0113 3816 NdisTapi - ok 16:10:59.0113 3816 Ndisuio - ok 16:10:59.0113 3816 NdisWan - ok 16:10:59.0129 3816 NDProxy - ok 16:10:59.0129 3816 NetBIOS - ok 16:10:59.0129 3816 NetBT - ok 16:10:59.0175 3816 nfrd960 - ok 16:10:59.0191 3816 Npfs - ok 16:10:59.0191 3816 nsiproxy - ok 16:10:59.0207 3816 Ntfs - ok 16:10:59.0207 3816 Null - ok 16:10:59.0222 3816 NVHDA - ok 16:10:59.0238 3816 nvlddmkm - ok 16:10:59.0253 3816 nvraid - ok 16:10:59.0253 3816 nvsmu - ok 16:10:59.0253 3816 nvstor - ok 16:10:59.0269 3816 nv_agp - ok 16:10:59.0285 3816 ohci1394 - ok 16:10:59.0285 3816 Parport - ok 16:10:59.0300 3816 partmgr - ok 16:10:59.0300 3816 Parvdm - ok 16:10:59.0300 3816 pci - ok 16:10:59.0300 3816 pciide - ok 16:10:59.0316 3816 pcmcia - ok 16:10:59.0316 3816 pcw - ok 16:10:59.0316 3816 PEAUTH - ok 16:10:59.0363 3816 PptpMiniport - ok 16:10:59.0363 3816 Processor - ok 16:10:59.0378 3816 Psched - ok 16:10:59.0378 3816 ql2300 - ok 16:10:59.0378 3816 ql40xx - ok 16:10:59.0394 3816 QWAVEdrv - ok 16:10:59.0394 3816 RasAcd - ok 16:10:59.0394 3816 RasAgileVpn - ok 16:10:59.0409 3816 Rasl2tp - ok 16:10:59.0409 3816 RasPppoe - ok 16:10:59.0425 3816 RasSstp - ok 16:10:59.0425 3816 rdbss - ok 16:10:59.0425 3816 rdpbus - ok 16:10:59.0425 3816 RDPCDD - ok 16:10:59.0441 3816 RDPDR - ok 16:10:59.0441 3816 RDPENCDD - ok 16:10:59.0441 3816 RDPREFMP - ok 16:10:59.0456 3816 RdpVideoMiniport - ok 16:10:59.0472 3816 RDPWD - ok 16:10:59.0472 3816 rdyboost - ok 16:10:59.0487 3816 RFCOMM - ok 16:10:59.0503 3816 rspndr - ok 16:10:59.0503 3816 s3cap - ok 16:10:59.0519 3816 sbp2port - ok 16:10:59.0519 3816 scfilter - ok 16:10:59.0534 3816 secdrv - ok 16:10:59.0550 3816 Serenum - ok 16:10:59.0550 3816 Serial - ok 16:10:59.0565 3816 sermouse - ok 16:10:59.0581 3816 sffdisk - ok 16:10:59.0581 3816 sffp_mmc - ok 16:10:59.0581 3816 sffp_sd - ok 16:10:59.0581 3816 sfloppy - ok 16:10:59.0597 3816 sisagp - ok 16:10:59.0612 3816 SiSRaid2 - ok 16:10:59.0612 3816 SiSRaid4 - ok 16:10:59.0628 3816 Smb - ok 16:10:59.0643 3816 spldr - ok 16:10:59.0659 3816 srv - ok 16:10:59.0659 3816 srv2 - ok 16:10:59.0659 3816 srvnet - ok 16:10:59.0690 3816 ssmdrv - ok 16:10:59.0690 3816 stexstor - ok 16:10:59.0706 3816 storflt - ok 16:10:59.0706 3816 storvsc - ok 16:10:59.0706 3816 swenum - ok 16:10:59.0721 3816 Synth3dVsc - ok 16:10:59.0721 3816 Tcpip - ok 16:10:59.0737 3816 TCPIP6 - ok 16:10:59.0737 3816 tcpipreg - ok 16:10:59.0737 3816 TDPIPE - ok 16:10:59.0753 3816 TDTCP - ok 16:10:59.0753 3816 tdx - ok 16:10:59.0753 3816 TermDD - ok 16:10:59.0784 3816 TrueSight - ok 16:10:59.0784 3816 tssecsrv - ok 16:10:59.0799 3816 TsUsbFlt - ok 16:10:59.0799 3816 tsusbhub - ok 16:10:59.0815 3816 tunnel - ok 16:10:59.0831 3816 uagp35 - ok 16:10:59.0831 3816 udfs - ok 16:10:59.0846 3816 uliagpkx - ok 16:10:59.0846 3816 umbus - ok 16:10:59.0846 3816 UmPass - ok 16:10:59.0862 3816 usbbus - ok 16:10:59.0862 3816 usbccgp - ok 16:10:59.0862 3816 usbcir - ok 16:10:59.0877 3816 UsbDiag - ok 16:10:59.0877 3816 usbehci - ok 16:10:59.0877 3816 usbhub - ok 16:10:59.0877 3816 USBModem - ok 16:10:59.0893 3816 usbohci - ok 16:10:59.0893 3816 usbprint - ok 16:10:59.0909 3816 usbscan - ok 16:10:59.0909 3816 USBSTOR - ok 16:10:59.0909 3816 usbuhci - ok 16:10:59.0924 3816 usbvideo - ok 16:10:59.0940 3816 VClone - ok 16:10:59.0955 3816 vdrvroot - ok 16:10:59.0955 3816 vga - ok 16:10:59.0971 3816 VgaSave - ok 16:10:59.0971 3816 VGPU - ok 16:10:59.0971 3816 vhdmp - ok 16:10:59.0987 3816 viaagp - ok 16:10:59.0987 3816 ViaC7 - ok 16:11:00.0002 3816 viaide - ok 16:11:00.0002 3816 vmbus - ok 16:11:00.0002 3816 VMBusHID - ok 16:11:00.0018 3816 volmgr - ok 16:11:00.0018 3816 volmgrx - ok 16:11:00.0018 3816 volsnap - ok 16:11:00.0018 3816 vsmraid - ok 16:11:00.0033 3816 vwifibus - ok 16:11:00.0033 3816 vwififlt - ok 16:11:00.0049 3816 vwifimp - ok 16:11:00.0065 3816 WacomPen - ok 16:11:00.0065 3816 WANARP - ok 16:11:00.0065 3816 Wanarpv6 - ok 16:11:00.0080 3816 Wd - ok 16:11:00.0096 3816 Wdf01000 - ok 16:11:00.0111 3816 WfpLwf - ok 16:11:00.0111 3816 WIMMount - ok 16:11:00.0143 3816 WinUsb - ok 16:11:00.0189 3816 WmiAcpi - ok 16:11:00.0205 3816 ws2ifsl - ok 16:11:00.0221 3816 WudfPf - ok 16:11:00.0236 3816 WUDFRd - ok 16:11:00.0283 3816 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 16:11:00.0330 3816 \Device\Harddisk0\DR0 - ok 16:11:00.0330 3816 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1 16:11:02.0467 3816 \Device\Harddisk1\DR1 - ok 16:11:02.0498 3816 Boot (0x1200) (59addb9a89071a39fead5f0e32d0950e) \Device\Harddisk0\DR0\Partition0 16:11:02.0498 3816 \Device\Harddisk0\DR0\Partition0 - ok 16:11:02.0498 3816 Boot (0x1200) (386386bff202fc4867d66a0a6fc655bd) \Device\Harddisk0\DR0\Partition1 16:11:02.0498 3816 \Device\Harddisk0\DR0\Partition1 - ok 16:11:02.0529 3816 Boot (0x1200) (3594621e32f2e135170f1908fa5285be) \Device\Harddisk0\DR0\Partition2 16:11:02.0529 3816 \Device\Harddisk0\DR0\Partition2 - ok 16:11:02.0529 3816 Boot (0x1200) (78567413cc21d4384f96afc71d8f13ca) \Device\Harddisk1\DR1\Partition0 16:11:02.0529 3816 \Device\Harddisk1\DR1\Partition0 - ok 16:11:02.0529 3816 ============================================================ 16:11:02.0529 3816 Scan finished 16:11:02.0529 3816 ============================================================ 16:11:02.0545 3828 Detected object count: 0 16:11:02.0545 3828 Actual detected object count: 0 16:11:19.0689 4036 ============================================================ 16:11:19.0689 4036 Scan started 16:11:19.0689 4036 Mode: Manual; 16:11:19.0689 4036 ============================================================ 16:11:19.0752 4036 1394ohci - ok 16:11:19.0767 4036 ACPI - ok 16:11:19.0767 4036 acpials - ok 16:11:19.0783 4036 AcpiPmi - ok 16:11:19.0783 4036 adp94xx - ok 16:11:19.0799 4036 adpahci - ok 16:11:19.0799 4036 adpu320 - ok 16:11:19.0814 4036 agp440 - ok 16:11:19.0814 4036 aic78xx - ok 16:11:19.0830 4036 aliide - ok 16:11:19.0830 4036 amdagp - ok 16:11:19.0845 4036 amdide - ok 16:11:19.0845 4036 AmdK8 - ok 16:11:19.0861 4036 AmdPPM - ok 16:11:19.0861 4036 amdsata - ok 16:11:19.0861 4036 amdsbs - ok 16:11:19.0877 4036 amdxata - ok 16:11:19.0892 4036 AppID - ok 16:11:19.0908 4036 AppleBtBc - ok 16:11:19.0908 4036 AppleHFS - ok 16:11:19.0908 4036 AppleMNT - ok 16:11:19.0923 4036 applemtm - ok 16:11:19.0923 4036 applemtp - ok 16:11:19.0939 4036 arc - ok 16:11:19.0939 4036 arcsas - ok 16:11:19.0955 4036 AsyncMac - ok 16:11:19.0970 4036 atapi - ok 16:11:19.0986 4036 avgntflt - ok 16:11:19.0986 4036 avipbb - ok 16:11:19.0986 4036 avkmgr - ok 16:11:20.0001 4036 b06bdrv - ok 16:11:20.0001 4036 b57nd60x - ok 16:11:20.0017 4036 BCM43XX - ok 16:11:20.0033 4036 Beep - ok 16:11:20.0033 4036 blbdrive - ok 16:11:20.0048 4036 bowser - ok 16:11:20.0048 4036 BrFiltLo - ok 16:11:20.0064 4036 BrFiltUp - ok 16:11:20.0064 4036 Brserid - ok 16:11:20.0064 4036 BrSerWdm - ok 16:11:20.0079 4036 BrUsbMdm - ok 16:11:20.0079 4036 BrUsbSer - ok 16:11:20.0095 4036 BthEnum - ok 16:11:20.0095 4036 BTHMODEM - ok 16:11:20.0095 4036 BthPan - ok 16:11:20.0111 4036 BTHPORT - ok 16:11:20.0111 4036 BTHUSB - ok 16:11:20.0126 4036 cdfs - ok 16:11:20.0126 4036 cdrom - ok 16:11:20.0142 4036 circlass - ok 16:11:20.0142 4036 CirrusFilter - ok 16:11:20.0157 4036 CLFS - ok 16:11:20.0157 4036 CmBatt - ok 16:11:20.0173 4036 cmdide - ok 16:11:20.0173 4036 CNG - ok 16:11:20.0189 4036 Compbatt - ok 16:11:20.0189 4036 CompositeBus - ok 16:11:20.0204 4036 crcdisk - ok 16:11:20.0204 4036 CSC - ok 16:11:20.0220 4036 DfsC - ok 16:11:20.0235 4036 discache - ok 16:11:20.0235 4036 Disk - ok 16:11:20.0251 4036 drmkaud - ok 16:11:20.0267 4036 dtsoftbus01 - ok 16:11:20.0267 4036 DXGKrnl - ok 16:11:20.0282 4036 ebdrv - ok 16:11:20.0298 4036 ElbyCDIO - ok 16:11:20.0298 4036 elxstor - ok 16:11:20.0298 4036 ErrDev - ok 16:11:20.0313 4036 exfat - ok 16:11:20.0329 4036 fastfat - ok 16:11:20.0329 4036 fdc - ok 16:11:20.0345 4036 FileInfo - ok 16:11:20.0360 4036 Filetrace - ok 16:11:20.0360 4036 FlashUSB - ok 16:11:20.0360 4036 flpydisk - ok 16:11:20.0376 4036 FltMgr - ok 16:11:20.0391 4036 FsDepends - ok 16:11:20.0391 4036 Fs_Rec - ok 16:11:20.0391 4036 fvevol - ok 16:11:20.0407 4036 gagp30kx - ok 16:11:20.0407 4036 GEARAspiWDM - ok 16:11:20.0423 4036 GGSAFERDriver - ok 16:11:20.0438 4036 hcw85cir - ok 16:11:20.0438 4036 HdAudAddService - ok 16:11:20.0438 4036 HDAudBus - ok 16:11:20.0454 4036 HidBatt - ok 16:11:20.0454 4036 HidBth - ok 16:11:20.0469 4036 HidIr - ok 16:11:20.0469 4036 HidUsb - ok 16:11:20.0485 4036 HpSAMD - ok 16:11:20.0485 4036 HTTP - ok 16:11:20.0485 4036 hwpolicy - ok 16:11:20.0485 4036 i8042prt - ok 16:11:20.0501 4036 iaStorV - ok 16:11:20.0501 4036 iirsp - ok 16:11:20.0501 4036 intelide - ok 16:11:20.0516 4036 intelppm - ok 16:11:20.0516 4036 IpFilterDriver - ok 16:11:20.0516 4036 IPMIDRV - ok 16:11:20.0532 4036 IPNAT - ok 16:11:20.0532 4036 IRENUM - ok 16:11:20.0547 4036 IRRemoteFlt - ok 16:11:20.0547 4036 isapnp - ok 16:11:20.0547 4036 iScsiPrt - ok 16:11:20.0547 4036 kbdclass - ok 16:11:20.0563 4036 kbdhid - ok 16:11:20.0563 4036 KeyAgent - ok 16:11:20.0563 4036 KeyMagic - ok 16:11:20.0579 4036 KSecDD - ok 16:11:20.0579 4036 KSecPkg - ok 16:11:20.0594 4036 LgBttPort - ok 16:11:20.0594 4036 lgbusenum - ok 16:11:20.0594 4036 LGVMODEM - ok 16:11:20.0594 4036 lltdio - ok 16:11:20.0610 4036 LSI_FC - ok 16:11:20.0610 4036 LSI_SAS - ok 16:11:20.0625 4036 LSI_SAS2 - ok 16:11:20.0625 4036 LSI_SCSI - ok 16:11:20.0625 4036 luafv - ok 16:11:20.0625 4036 MacHALDriver - ok 16:11:20.0641 4036 MBAMProtector - ok 16:11:20.0641 4036 megasas - ok 16:11:20.0641 4036 MegaSR - ok 16:11:20.0657 4036 Modem - ok 16:11:20.0657 4036 monitor - ok 16:11:20.0657 4036 mouclass - ok 16:11:20.0672 4036 mouhid - ok 16:11:20.0672 4036 mountmgr - ok 16:11:20.0672 4036 mpio - ok 16:11:20.0672 4036 mpsdrv - ok 16:11:20.0688 4036 MRxDAV - ok 16:11:20.0688 4036 mrxsmb - ok 16:11:20.0688 4036 mrxsmb10 - ok 16:11:20.0688 4036 mrxsmb20 - ok 16:11:20.0703 4036 msahci - ok 16:11:20.0703 4036 msdsm - ok 16:11:20.0719 4036 Msfs - ok 16:11:20.0719 4036 mshidkmdf - ok 16:11:20.0719 4036 msisadrv - ok 16:11:20.0735 4036 MSKSSRV - ok 16:11:20.0735 4036 MSPCLOCK - ok 16:11:20.0735 4036 MSPQM - ok 16:11:20.0735 4036 MsRPC - ok 16:11:20.0750 4036 mssmbios - ok 16:11:20.0750 4036 MSTEE - ok 16:11:20.0750 4036 MTConfig - ok 16:11:20.0766 4036 Mup - ok 16:11:20.0766 4036 NativeWifiP - ok 16:11:20.0781 4036 NDIS - ok 16:11:20.0781 4036 NdisCap - ok 16:11:20.0781 4036 NdisTapi - ok 16:11:20.0781 4036 Ndisuio - ok 16:11:20.0797 4036 NdisWan - ok 16:11:20.0797 4036 NDProxy - ok 16:11:20.0797 4036 NetBIOS - ok 16:11:20.0797 4036 NetBT - ok 16:11:20.0828 4036 nfrd960 - ok 16:11:20.0828 4036 Npfs - ok 16:11:20.0828 4036 nsiproxy - ok 16:11:20.0844 4036 Ntfs - ok 16:11:20.0844 4036 Null - ok 16:11:20.0844 4036 NVHDA - ok 16:11:20.0859 4036 nvlddmkm - ok 16:11:20.0859 4036 nvraid - ok 16:11:20.0859 4036 nvsmu - ok 16:11:20.0859 4036 nvstor - ok 16:11:20.0875 4036 nv_agp - ok 16:11:20.0875 4036 ohci1394 - ok 16:11:20.0891 4036 Parport - ok 16:11:20.0891 4036 partmgr - ok 16:11:20.0891 4036 Parvdm - ok 16:11:20.0891 4036 pci - ok 16:11:20.0906 4036 pciide - ok 16:11:20.0906 4036 pcmcia - ok 16:11:20.0906 4036 pcw - ok 16:11:20.0906 4036 PEAUTH - ok 16:11:20.0937 4036 PptpMiniport - ok 16:11:20.0937 4036 Processor - ok 16:11:20.0953 4036 Psched - ok 16:11:20.0953 4036 ql2300 - ok 16:11:20.0953 4036 ql40xx - ok 16:11:20.0969 4036 QWAVEdrv - ok 16:11:20.0969 4036 RasAcd - ok 16:11:20.0969 4036 RasAgileVpn - ok 16:11:20.0984 4036 Rasl2tp - ok 16:11:20.0984 4036 RasPppoe - ok 16:11:20.0984 4036 RasSstp - ok 16:11:21.0000 4036 rdbss - ok 16:11:21.0000 4036 rdpbus - ok 16:11:21.0000 4036 RDPCDD - ok 16:11:21.0015 4036 RDPDR - ok 16:11:21.0015 4036 RDPENCDD - ok 16:11:21.0015 4036 RDPREFMP - ok 16:11:21.0031 4036 RdpVideoMiniport - ok 16:11:21.0031 4036 RDPWD - ok 16:11:21.0031 4036 rdyboost - ok 16:11:21.0047 4036 RFCOMM - ok 16:11:21.0047 4036 rspndr - ok 16:11:21.0047 4036 s3cap - ok 16:11:21.0062 4036 sbp2port - ok 16:11:21.0062 4036 scfilter - ok 16:11:21.0078 4036 secdrv - ok 16:11:21.0093 4036 Serenum - ok 16:11:21.0093 4036 Serial - ok 16:11:21.0093 4036 sermouse - ok 16:11:21.0109 4036 sffdisk - ok 16:11:21.0109 4036 sffp_mmc - ok 16:11:21.0109 4036 sffp_sd - ok 16:11:21.0125 4036 sfloppy - ok 16:11:21.0125 4036 sisagp - ok 16:11:21.0125 4036 SiSRaid2 - ok 16:11:21.0125 4036 SiSRaid4 - ok 16:11:21.0140 4036 Smb - ok 16:11:21.0140 4036 spldr - ok 16:11:21.0156 4036 srv - ok 16:11:21.0156 4036 srv2 - ok 16:11:21.0171 4036 srvnet - ok 16:11:21.0171 4036 ssmdrv - ok 16:11:21.0171 4036 stexstor - ok 16:11:21.0187 4036 storflt - ok 16:11:21.0187 4036 storvsc - ok 16:11:21.0187 4036 swenum - ok 16:11:21.0203 4036 Synth3dVsc - ok 16:11:21.0203 4036 Tcpip - ok 16:11:21.0218 4036 TCPIP6 - ok 16:11:21.0218 4036 tcpipreg - ok 16:11:21.0218 4036 TDPIPE - ok 16:11:21.0234 4036 TDTCP - ok 16:11:21.0234 4036 tdx - ok 16:11:21.0234 4036 TermDD - ok 16:11:21.0249 4036 TrueSight - ok 16:11:21.0249 4036 tssecsrv - ok 16:11:21.0265 4036 TsUsbFlt - ok 16:11:21.0265 4036 tsusbhub - ok 16:11:21.0265 4036 tunnel - ok 16:11:21.0265 4036 uagp35 - ok 16:11:21.0281 4036 udfs - ok 16:11:21.0281 4036 uliagpkx - ok 16:11:21.0296 4036 umbus - ok 16:11:21.0296 4036 UmPass - ok 16:11:21.0312 4036 usbbus - ok 16:11:21.0312 4036 usbccgp - ok 16:11:21.0312 4036 usbcir - ok 16:11:21.0312 4036 UsbDiag - ok 16:11:21.0327 4036 usbehci - ok 16:11:21.0327 4036 usbhub - ok 16:11:21.0327 4036 USBModem - ok 16:11:21.0327 4036 usbohci - ok 16:11:21.0343 4036 usbprint - ok 16:11:21.0343 4036 usbscan - ok 16:11:21.0343 4036 USBSTOR - ok 16:11:21.0343 4036 usbuhci - ok 16:11:21.0359 4036 usbvideo - ok 16:11:21.0359 4036 VClone - ok 16:11:21.0374 4036 vdrvroot - ok 16:11:21.0374 4036 vga - ok 16:11:21.0374 4036 VgaSave - ok 16:11:21.0374 4036 VGPU - ok 16:11:21.0390 4036 vhdmp - ok 16:11:21.0390 4036 viaagp - ok 16:11:21.0390 4036 ViaC7 - ok 16:11:21.0390 4036 viaide - ok 16:11:21.0405 4036 vmbus - ok 16:11:21.0405 4036 VMBusHID - ok 16:11:21.0405 4036 volmgr - ok 16:11:21.0405 4036 volmgrx - ok 16:11:21.0421 4036 volsnap - ok 16:11:21.0421 4036 vsmraid - ok 16:11:21.0421 4036 vwifibus - ok 16:11:21.0437 4036 vwififlt - ok 16:11:21.0437 4036 vwifimp - ok 16:11:21.0437 4036 WacomPen - ok 16:11:21.0452 4036 WANARP - ok 16:11:21.0452 4036 Wanarpv6 - ok 16:11:21.0468 4036 Wd - ok 16:11:21.0468 4036 Wdf01000 - ok 16:11:21.0499 4036 WfpLwf - ok 16:11:21.0499 4036 WIMMount - ok 16:11:21.0515 4036 WinUsb - ok 16:11:21.0530 4036 WmiAcpi - ok 16:11:21.0546 4036 ws2ifsl - ok 16:11:21.0546 4036 WudfPf - ok 16:11:21.0561 4036 WUDFRd - ok 16:11:21.0624 4036 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 16:11:21.0671 4036 \Device\Harddisk0\DR0 - ok 16:11:21.0686 4036 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk1\DR1 16:11:23.0808 4036 \Device\Harddisk1\DR1 - ok 16:11:23.0870 4036 Boot (0x1200) (59addb9a89071a39fead5f0e32d0950e) \Device\Harddisk0\DR0\Partition0 16:11:23.0901 4036 \Device\Harddisk0\DR0\Partition0 - ok 16:11:23.0948 4036 Boot (0x1200) (386386bff202fc4867d66a0a6fc655bd) \Device\Harddisk0\DR0\Partition1 16:11:23.0948 4036 \Device\Harddisk0\DR0\Partition1 - ok 16:11:23.0995 4036 Boot (0x1200) (3594621e32f2e135170f1908fa5285be) \Device\Harddisk0\DR0\Partition2 16:11:24.0011 4036 \Device\Harddisk0\DR0\Partition2 - ok 16:11:24.0011 4036 Boot (0x1200) (78567413cc21d4384f96afc71d8f13ca) \Device\Harddisk1\DR1\Partition0 16:11:24.0011 4036 \Device\Harddisk1\DR1\Partition0 - ok 16:11:24.0011 4036 ============================================================ 16:11:24.0011 4036 Scan finished 16:11:24.0011 4036 ============================================================ 16:11:24.0026 4044 Detected object count: 0 16:11:24.0026 4044 Actual detected object count: 0 16:12:48.0929 1728 Deinitialize success

Par contre, mon internet n'est toujours pas connecté. Est-ce normal à ce stade?

Merci

jeanmimigab · le 22 Jan 2012 17:56

pour ça...

le wifi est bien connecté mais j'ai le triangle jaune de signalisation qui me dit que l'internet ne marche pas

essais cela stp...

Vérifie deux choses stp...

o Dans Firefox Menu "outils" > "options".
o Cliques sur en haut à droite sur "Avancé" > "onglet "réseau" > à la rubrique "connexions",cliques sur paramètres.
o Vérifie que "pas de proxy" soit bien cochée.
o Fermes les fenêtre en cliquant sur "OK".

ensuite...

o Ouvres Internet Explorer,cliques sur le menu "Outils" > "Options Internet".
o A l'onglet "Connexions" > cliques en bas à droite sur "paramètres réseaux".
o Vérifie que la case "Détecter automatiquement les paramètres de connexion" soit coché, si elle ne l'est pas, coches-la...
o Si la case "utiliser un serveur proxi pour votre réseau local" est cochée,décoches-la...
o Quittes les fenêtre par "OK" et "Appliquer".

Ensuite fais un clic-droit sur l'icône triangle jaune de ta connexion internet et choisis "Résoudre les problèmes"

ensuite dis moi si tu as toujours des soucis de connexion :wink:

Garfind · le 22 Jan 2012 18:10

J'ai fait ce qui a été dit, pour IE c'était déjà ok mais pour Mozilla, j'ai du changer comme tu l'avais demandé.
Par contre, j'utilise aussi Opéra.
Au final, rien n'a changé, toujours le même soucis de connexion.

jeanmimigab · le 22 Jan 2012 18:36

ouvre firefox et tape dans la barre d’adresse

http://192.168.1.1/

et dit moi si tu accède à la page d’interface de ta box

Garfind · le 22 Jan 2012 18:56

Marche pas, que ce soit cette adresse ou celle que j'utilise normalement pour accéder à ma box, même lorsque le réseau a un problème.
J'ai essayé de me connecter à un autre réseau Wi-fi mais problème identique.

jeanmimigab · le 22 Jan 2012 19:02

hum, on va tenter qq chose...

Cliques sur "menu démarrer" >> et fais un clic-droit sur "Ordinateur" pour choisir "Gérer"

Dans la fenêtre qui s'ouvre clique à gauche sur "gestionnaire de périphériques"

Dans la partie droite de la fenêtre développe ">carte réseaux" et dis moi si tu as un petit triangle/point d'interrogation jaune au niveau de la carte réseaux sans fil .

Garfind · le 22 Jan 2012 19:08

Non, rien à signaler ici.

jeanmimigab · le 22 Jan 2012 19:49

Dans le gestionnaire des taches, fais un cli-droit sur ta carte réseau sans fil et choisis "désinstaller".

Redémarre ton pc et laisse windows réinstaller ta carte( message nouveaux matériel détecté etc....)...

ensuite tente de te connecter à ta box (tu devras ressaisir ta clef WAP/WEP ) et dis moi si c'est reparti :wink:

Garfind · le 22 Jan 2012 20:05

C'est fait, mais toujours rien, le même problème subsiste.

jeanmimigab · le 22 Jan 2012 20:33

tu doit avoir un soucis d'IP...

1) Cliques sur "Démarrer", puis "Panneau de configuration", cliquez ensuite sur "Réseau et Internet"

2) Cliquez sur "Afficher l'état et la gestion du réseau", puis sur "Modifier les paramètres de la carte"

3) Fais un clic-droit sur ta connexion sans fil, puis sur choisis "Propriétés".

4) Une autre fenêtre s'ouvre, là cliquez une seule fois sur Protocole Internet version 4 (TCP/IPv4), puis sur "Propriétés."

5) Une autre fenêtre s'ouvre, là vérifie que les cases "obtenir une adresse IP automatiquement" et "obtenir automatiquement les adresses des serveurs DNS automatiquement" soient bien cochées. Si ce n'est pas le cas, coches-les et "appliquer"> "OK"

redémarre le PC et tente de te reconnecter au réseaux sans fil et dis moi ce que ça donne :wink:

[Régé] Pb de connexion internet + publicité intempestive

[Régé] Pb de connexion internet + publicité intempestive

Re: Problème de connexion internet + publicité intempestive

Re: Problème de connexion internet + publicité intempestive

Re: Problème de connexion internet + publicité intempestive

Re: Problème de connexion internet + publicité intempestive

Re: Problème de connexion internet + publicité intempestive

Re: Problème de connexion internet + publicité intempestive

Re: Problème de connexion internet + publicité intempestive

Re: Problème de connexion internet + publicité intempestive

Re: Problème de connexion internet + publicité intempestive

Re: Problème de connexion internet + publicité intempestive

Re: Problème de connexion internet + publicité intempestive

Re: Problème de connexion internet + publicité intempestive

Re: Problème de connexion internet + publicité intempestive

Re: Problème de connexion internet + publicité intempestive

Sujets similaires

Qui est en ligne