Il y a actuellement 493 visiteurs
Jeudi 21 Novembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

CHEVAL DE TROIE TR/downloader.gen et TR/Horst.39424.c.1

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

CHEVAL DE TROIE TR/downloader.gen et TR/Horst.39424.c.1

Message le 21 Sep 2010 17:48

bonjour,
antivir m'ouvre toute les quarts d'heure une page d alerte de deux cheval de troie TR/downloader.gen a l'emplacement C:\users\colvis\AppData\Local\temp\~temp\mlp318\mdm.exe et TR/Horst.39424.c.1. a l emplacement C:\users\colvis\AppData\Local\temp\~temp\sndp04\services.exe
ce qui est tres ennuyeux .j'ai suivi la preparation de demande d'aide de désinfection je vous envoie otl .text et extras.text ci dessous merci d'avance pour votre aide:


Code: Tout sélectionner
OTL logfile created on: 21/09/2010 18:03:47 - Run 1
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Users\colvis\Downloads
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146,82 Gb Total Space | 27,64 Gb Free Space | 18,83% Space Free | Partition Type: NTFS
Drive D: | 2,00 Gb Total Space | 1,09 Gb Free Space | 54,45% Space Free | Partition Type: NTFS
Drive E: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-DE-COLVIS
Current User Name: colvis
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010/09/21 17:59:01 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\colvis\Downloads\OTL.exe
PRC - [2010/09/18 00:15:02 | 000,075,776 | ---- | M] () -- C:\Users\colvis\AppData\Roaming\logman.exe
PRC - [2010/09/09 19:21:36 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/02 15:04:27 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/01/02 15:04:27 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/12/18 02:30:48 | 000,039,424 | ---- | M] (Nullsoft) -- C:\Program Files\Winamp\winampa.exe
PRC - [2009/07/22 19:13:46 | 000,076,288 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
PRC - [2009/07/22 19:13:30 | 001,796,096 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe
PRC - [2009/07/17 12:12:14 | 000,288,080 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
PRC - [2009/07/16 13:13:34 | 001,245,472 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
PRC - [2009/07/16 13:10:22 | 000,382,752 | ---- | M] (Dell Inc.) -- c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
PRC - [2009/07/05 17:56:34 | 000,015,872 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
PRC - [2009/06/26 10:26:20 | 000,026,984 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
PRC - [2009/06/26 10:26:18 | 000,812,392 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
PRC - [2009/06/11 22:46:46 | 000,656,384 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
PRC - [2009/06/11 19:43:08 | 001,622,016 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2009/05/18 09:35:48 | 000,134,656 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
PRC - [2009/04/27 14:40:26 | 000,293,968 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
PRC - [2009/04/23 13:23:18 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/17 11:01:33 | 000,366,849 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\GUARDGUI.EXE
PRC - [2009/03/02 14:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/02/23 07:51:40 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\HidFind.exe
PRC - [2009/02/23 07:51:24 | 000,200,704 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2009/02/23 07:51:22 | 000,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2009/02/23 07:51:22 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apntex.exe
PRC - [2009/02/11 18:38:40 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009/02/11 18:38:38 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/02/04 22:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/01/14 18:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008/10/02 12:26:42 | 000,860,160 | ---- | M] (Intel(R) Corporation) -- c:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/10/02 11:56:44 | 000,466,944 | ---- | M] (Intel(R) Corporation) -- c:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008/06/03 16:16:30 | 000,382,232 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\Ambient Light Sensor\AlsSvc.exe
PRC - [2008/03/03 17:43:46 | 000,252,424 | ---- | M] (Avid Technology, Inc.) -- C:\Windows\System32\maFwTray.exe
PRC - [2008/01/21 04:23:59 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/04/19 06:56:36 | 000,133,968 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe
PRC - [2006/11/03 19:02:14 | 000,050,688 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010/09/21 17:59:01 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\colvis\Downloads\OTL.exe
MOD - [2008/01/21 04:25:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008/01/21 04:24:11 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2010/09/17 23:07:56 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/09/14 16:31:52 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/02 15:04:27 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/01/02 15:04:27 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/08/01 02:16:12 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_d2df6701\stacsv.exe -- (STacSV)
SRV - [2009/07/22 19:13:46 | 000,076,288 | ---- | M] (Smith Micro Software, Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe -- (SMManager)
SRV - [2009/07/16 13:10:22 | 000,382,752 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe -- (dcpsysmgrsvc)
SRV - [2009/06/26 10:26:20 | 000,026,984 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe -- (Credential Vault Host Storage)
SRV - [2009/06/26 10:26:18 | 000,812,392 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe -- (Credential Vault Host Control Service)
SRV - [2009/06/11 19:43:08 | 001,622,016 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2009/06/03 13:15:24 | 001,019,904 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2009/04/27 14:40:26 | 000,293,968 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe -- (buttonsvc32)
SRV - [2009/02/11 18:38:40 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2009/01/14 18:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008/11/12 14:25:48 | 001,273,856 | ---- | M] () [Auto | Stopped] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2008/10/02 12:26:42 | 000,860,160 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- c:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/10/02 11:56:44 | 000,466,944 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- c:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/06/03 16:16:30 | 000,382,232 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\Ambient Light Sensor\AlsSvc.exe -- (alssvc)
SRV - [2008/01/21 04:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/04/19 06:56:36 | 000,133,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\ASF Agent\ASFAgent.exe -- (ASFAgent)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NvtSp50.sys -- (NvtSp50)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010/02/19 20:13:44 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/01/02 15:04:29 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/01/02 15:04:29 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/08/01 02:16:12 | 000,409,088 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/06/26 19:28:04 | 000,033,832 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2009/06/26 10:23:40 | 000,012,840 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ccidflt.sys -- (CCIDFILTER)
DRV - [2009/06/24 00:49:58 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\heci.sys -- (HECI) Intel(R)
DRV - [2009/06/15 14:05:16 | 000,143,968 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV - [2009/06/12 16:51:02 | 000,205,624 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2009/05/28 11:48:20 | 000,134,144 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CtAudDrv.sys -- (CtAudDrv)
DRV - [2009/04/28 08:05:58 | 000,329,752 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2009/04/23 13:09:23 | 000,073,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2009/04/03 14:25:52 | 000,038,400 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2009/04/03 14:25:50 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/04/03 14:25:50 | 000,045,056 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2009/04/03 14:25:42 | 000,038,400 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\rixdpe86.sys -- (rixdpcie)
DRV - [2009/04/03 14:25:40 | 000,048,640 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\risdpe86.sys -- (risdpcie)
DRV - [2009/04/03 14:25:40 | 000,045,056 | ---- | M] (REDC) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\rimspe86.sys -- (rimspci)
DRV - [2009/03/30 11:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2009/03/30 10:28:44 | 000,133,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2009/03/30 10:28:42 | 000,280,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2009/02/23 08:59:20 | 000,224,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) Intel(R)
DRV - [2009/02/23 07:51:20 | 000,170,032 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2009/02/13 13:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/01/20 13:42:44 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2009/01/20 13:42:40 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2009/01/20 13:42:40 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2009/01/20 13:42:40 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2008/09/25 08:37:40 | 003,666,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/07/04 12:09:00 | 007,537,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/06/04 15:14:00 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2008/03/03 17:43:42 | 000,193,032 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mafw.sys -- (MAFW)
DRV - [2008/01/21 04:23:52 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbccid.sys -- (USBCCID)
DRV - [2008/01/21 04:23:51 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 04:23:51 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 04:23:51 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 04:23:51 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 04:23:51 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 04:23:50 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 04:23:50 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Pilote de la connexion réseau Intel(R)
DRV - [2008/01/21 04:23:50 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 04:23:50 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 04:23:49 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 04:23:49 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 04:23:49 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 04:23:48 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 04:23:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 04:23:48 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 04:23:47 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 04:23:47 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 04:23:47 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 04:23:46 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 04:23:45 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 04:23:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 04:23:45 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 04:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 04:23:26 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 04:23:26 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 04:23:26 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 09:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files\Recherche_France\tbRec1.dll (Conduit Ltd.)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USREL/7
IE - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
IE - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000\..\URLSearchHook: {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files\Recherche_France\tbRec1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/09 19:21:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/14 16:42:42 | 000,000,000 | ---D | M]
 
[2009/12/28 17:16:13 | 000,000,000 | ---D | M] -- C:\Users\colvis\AppData\Roaming\mozilla\Extensions
[2010/09/21 17:43:49 | 000,000,000 | ---D | M] -- C:\Users\colvis\AppData\Roaming\mozilla\Firefox\Profiles\5gsnqunf.default\extensions
[2009/12/28 17:16:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\colvis\AppData\Roaming\mozilla\Firefox\Profiles\5gsnqunf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/18 15:46:56 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\colvis\AppData\Roaming\mozilla\Firefox\Profiles\5gsnqunf.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/03/25 16:12:48 | 000,000,000 | ---D | M] -- C:\Users\colvis\AppData\Roaming\mozilla\Firefox\Profiles\5gsnqunf.default\extensions\DTToolbar@toolbarnet.com
[2010/03/25 16:12:41 | 000,002,055 | ---- | M] () -- C:\Users\colvis\AppData\Roaming\Mozilla\FireFox\Profiles\5gsnqunf.default\searchplugins\daemon-search.xml
[2010/09/17 15:59:12 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010/05/04 13:29:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/27 13:05:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/04/13 01:40:58 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/04/13 01:40:58 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/04/13 01:40:58 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/04/13 01:40:58 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/04/13 01:40:58 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
 
O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Recherche France Toolbar) - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files\Recherche_France\tbRec1.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Recherche France Toolbar) - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files\Recherche_France\tbRec1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000\..\Toolbar\WebBrowser: (Recherche France Toolbar) - {D5B75883-E809-4120-BFEB-8D707D5DFBE3} - C:\Program Files\Recherche_France\tbRec1.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellConnectionManager] C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe (Smith Micro Software, Inc.)
O4 - HKLM..\Run: [DellControlPoint] c:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe (Dell Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MAFWTaskbarApp] C:\Windows\System32\maFwTray.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\System32\maFwTray.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe (Broadcom Corporation)
O4 - HKLM..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000..\Run: [fsm]  File not found
O4 - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000..\Run: [Software Informer] C:\Program Files\Software Informer\softinfo.exe (Informer Technologies, Inc.)
O4 - HKLM..\RunOnce: []  File not found
O4 - Startup: C:\Users\colvis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
F3 - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000 WinNT: Load - (C:\Users\colvis\AppData\Roaming\logman.exe) - C:\Users\colvis\AppData\Roaming\logman.exe ()
O8 - Extra context menu item: Ajouter à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\colvis\Desktop\colvis\images\lonewolf.jpg
O24 - Desktop BackupWallPaper: C:\Users\colvis\Desktop\colvis\images\lonewolf.jpg
O30 - LSA: Authentication Packages - (wvauth) - C:\Windows\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/09/21 17:43:39 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/09/21 17:43:40 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2008/11/15 11:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008/10/11 19:03:48 | 000,000,054 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{14433e59-b420-11df-95ce-0024e8d4fdc5}\Shell - "" = AutoRun
O33 - MountPoints2\{14433e59-b420-11df-95ce-0024e8d4fdc5}\Shell\AutoRun\command - "" = I:\WD SmartWare.exe -- File not found
O33 - MountPoints2\{40222086-e960-11de-891f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{40222086-e960-11de-891f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2008/11/15 11:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.)
O33 - MountPoints2\{fe42258c-f3bf-11de-bcb8-0024e8d4fdc5}\Shell\AutoRun\command - "" = hc3hvi0.exe
O33 - MountPoints2\{fe42258c-f3bf-11de-bcb8-0024e8d4fdc5}\Shell\open\Command - "" = hc3hvi0.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/09/21 17:43:39 | 000,000,000 | RHSD | C] -- C:\Autorun.inf
[2010/09/21 17:40:05 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010/09/17 22:52:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010/09/17 22:32:03 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/09/17 21:56:09 | 000,000,000 | ---D | C] -- C:\Users\colvis\Documents\ElastikRenderCache
[2010/09/17 21:52:55 | 000,000,000 | ---D | C] -- C:\Program Files\Elastik
[2010/09/17 16:11:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010/09/17 16:11:02 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/09/17 15:15:50 | 000,000,000 | ---D | C] -- C:\Users\colvis\AppData\Roaming\Google
[2010/09/17 04:27:05 | 000,000,000 | ---D | C] -- C:\Users\colvis\Documents\Adobe
[2010/09/14 22:02:35 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010/09/14 18:16:02 | 000,000,000 | ---D | C] -- C:\Users\colvis\Desktop\chapiteau
[2010/09/14 17:03:52 | 000,000,000 | ---D | C] -- C:\MoTemp
[2010/09/14 16:49:08 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2010/09/14 16:43:17 | 000,022,872 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\System32\AdobePDFUI.dll
[2010/09/14 16:31:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2010/09/05 22:44:04 | 000,061,440 | ---- | C] (Native Instruments Software GmbH) -- C:\Windows\System32\ni_dfd.dll
[2010/09/01 18:21:13 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010/09/01 18:21:12 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010/09/01 15:28:39 | 000,000,000 | ---D | C] -- C:\Users\colvis\Documents\Rockstar Games
[2010/09/01 14:52:13 | 000,000,000 | ---D | C] -- C:\Users\colvis\AppData\Local\Rockstar Games
[2010/09/01 14:46:33 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010/09/01 14:46:32 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010/09/01 14:46:32 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010/09/01 14:46:32 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010/09/01 14:46:31 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010/09/01 14:46:31 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010/09/01 14:46:31 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010/09/01 14:46:30 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010/09/01 14:46:30 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010/09/01 14:46:30 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010/09/01 14:46:28 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010/09/01 14:46:28 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010/09/01 14:46:27 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010/09/01 14:46:27 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010/09/01 14:46:26 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010/09/01 14:46:26 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010/09/01 14:46:26 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010/09/01 14:46:25 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010/09/01 14:46:25 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010/09/01 14:46:25 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010/09/01 14:45:22 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010/09/01 14:45:21 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010/09/01 14:45:21 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010/09/01 14:45:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2010/09/01 14:45:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2010/09/01 13:59:54 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010/08/27 13:06:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/08/27 13:05:14 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/08/27 13:05:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/08/27 13:05:14 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/08/26 17:23:34 | 000,644,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscomct2.ocx
[2010/08/26 11:58:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/08/25 14:40:13 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010/08/25 14:40:09 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/08/25 14:40:05 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/08/25 14:40:05 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/08/25 14:40:05 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/08/25 14:40:05 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/08/25 14:40:04 | 000,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/08/25 14:40:04 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/08/25 14:40:04 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010/08/25 14:40:04 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/08/25 14:40:03 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/08/25 14:39:16 | 002,036,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/08/25 14:39:10 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/08/25 14:38:58 | 003,600,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/08/25 14:38:57 | 003,548,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/09/21 18:00:07 | 003,932,160 | -HS- | M] () -- C:\Users\colvis\ntuser.dat
[2010/09/21 17:44:54 | 001,512,450 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/09/21 17:44:54 | 000,683,790 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/09/21 17:44:54 | 000,600,088 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/09/21 17:44:54 | 000,130,498 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/09/21 17:44:54 | 000,107,220 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/09/21 17:43:44 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/21 17:43:44 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/21 17:40:04 | 000,080,230 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/09/21 17:40:04 | 000,080,206 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/09/21 13:43:58 | 000,000,000 | ---- | M] () -- C:\Users\colvis\AppData\Local\WavXMapDrive.bat
[2010/09/21 13:43:47 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/21 13:43:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/21 13:43:35 | 3745,415,168 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/21 05:05:03 | 000,524,288 | -HS- | M] () -- C:\Users\colvis\ntuser.dat{009016b0-0e77-11df-af0e-0024d657f380}.TMContainer00000000000000000001.regtrans-ms
[2010/09/21 05:05:03 | 000,065,536 | -HS- | M] () -- C:\Users\colvis\ntuser.dat{009016b0-0e77-11df-af0e-0024d657f380}.TM.blf
[2010/09/20 12:41:58 | 004,263,775 | -H-- | M] () -- C:\Users\colvis\AppData\Local\IconCache.db
[2010/09/20 01:28:44 | 000,033,280 | ---- | M] () -- C:\Users\colvis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/18 00:15:02 | 000,075,776 | ---- | M] () -- C:\Users\colvis\AppData\Roaming\logman.exe
[2010/09/17 16:11:12 | 000,001,904 | ---- | M] () -- C:\Users\Public\Desktop\Google SketchUp 7.lnk
[2010/09/17 15:13:09 | 000,003,120 | ---- | M] () -- C:\Windows\System32\ALLFSAF8a.ocx
[2010/09/14 19:05:07 | 002,189,216 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/09/14 17:32:48 | 000,000,990 | ---- | M] () -- C:\Users\colvis\Desktop\Photoshop - Raccourci.lnk
[2010/09/14 17:32:39 | 000,000,978 | ---- | M] () -- C:\Users\colvis\Desktop\InDesign - Raccourci.lnk
[2010/09/14 17:32:25 | 000,001,421 | ---- | M] () -- C:\Users\colvis\Desktop\Illustrator - Raccourci.lnk
[2010/09/14 17:32:04 | 000,000,938 | ---- | M] () -- C:\Users\colvis\Desktop\Flash - Raccourci.lnk
[2010/09/14 16:43:43 | 000,059,368 | ---- | M] () -- C:\Users\colvis\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/09/14 16:42:42 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk
[2010/09/05 22:44:04 | 000,000,612 | ---- | M] () -- C:\Users\colvis\Desktop\Kontakt.lnk
[2010/09/01 14:59:32 | 000,007,592 | ---- | M] () -- C:\Users\colvis\AppData\Local\d3d9caps.dat
[2010/09/01 13:59:54 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2010/08/26 17:23:34 | 000,644,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscomct2.ocx
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/09/18 00:15:02 | 000,075,776 | ---- | C] () -- C:\Users\colvis\AppData\Roaming\logman.exe
[2010/09/17 16:11:12 | 000,001,904 | ---- | C] () -- C:\Users\Public\Desktop\Google SketchUp 7.lnk
[2010/09/17 15:13:09 | 000,003,120 | ---- | C] () -- C:\Windows\System32\ALLFSAF8a.ocx
[2010/09/14 17:32:48 | 000,000,990 | ---- | C] () -- C:\Users\colvis\Desktop\Photoshop - Raccourci.lnk
[2010/09/14 17:32:39 | 000,000,978 | ---- | C] () -- C:\Users\colvis\Desktop\InDesign - Raccourci.lnk
[2010/09/14 17:32:25 | 000,001,421 | ---- | C] () -- C:\Users\colvis\Desktop\Illustrator - Raccourci.lnk
[2010/09/14 17:32:04 | 000,000,938 | ---- | C] () -- C:\Users\colvis\Desktop\Flash - Raccourci.lnk
[2010/09/14 17:03:52 | 000,000,157 | ---- | C] () -- C:\Users\colvis\.imagineer_log.txt
[2010/09/14 16:42:42 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 9 Pro.lnk
[2010/09/05 22:44:04 | 000,000,612 | ---- | C] () -- C:\Users\colvis\Desktop\Kontakt.lnk
[2010/09/01 13:59:54 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
[2010/05/01 16:05:30 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2010/05/01 16:05:30 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2010/05/01 16:05:30 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2010/05/01 16:05:30 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2010/05/01 16:05:30 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2010/04/05 20:10:04 | 000,007,592 | ---- | C] () -- C:\Users\colvis\AppData\Local\d3d9caps.dat
[2010/04/02 18:22:41 | 000,000,598 | ---- | C] () -- C:\Users\colvis\AppData\Roaming\QuickZip45.ini
[2010/02/19 20:13:44 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010/01/17 19:34:31 | 000,163,840 | ---- | C] () -- C:\Windows\System32\ArtFfct.dll
[2010/01/17 19:27:27 | 000,151,552 | ---- | C] () -- C:\Windows\System32\FDlg.dll
[2010/01/17 19:08:57 | 000,000,000 | ---- | C] () -- C:\Windows\keyboard.ini
[2010/01/14 18:35:30 | 000,446,464 | ---- | C] () -- C:\Windows\System32\DspfxCro.dll
[2010/01/14 18:35:30 | 000,196,608 | ---- | C] () -- C:\Windows\System32\DspfxDll.dll
[2010/01/14 18:35:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\DspfxCom.dll
[2010/01/14 18:35:30 | 000,015,040 | ---- | C] () -- C:\Windows\System32\Mxmidi16.dll
[2010/01/14 18:35:29 | 000,028,672 | ---- | C] () -- C:\Windows\System32\DspfxDw.dll
[2010/01/12 20:05:36 | 000,510,976 | ---- | C] () -- C:\Windows\System32\synsoacc.dll
[2010/01/07 00:07:19 | 000,033,280 | ---- | C] () -- C:\Users\colvis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/06 23:38:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/28 18:06:05 | 000,080,206 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/12/28 18:06:02 | 000,080,230 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/12/28 16:53:23 | 000,000,000 | ---- | C] () -- C:\Users\colvis\AppData\Local\WavXMapDrive.bat
[2009/12/15 11:29:27 | 000,279,888 | ---- | C] () -- C:\Windows\System32\brcmbsp.dll
[2009/12/15 11:26:21 | 000,080,368 | ---- | C] () -- C:\Windows\System32\pbadrvdll.dll
[2009/11/06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/07/22 19:03:06 | 000,143,360 | R--- | C] () -- C:\Windows\System32\preflib.dll
[2009/06/05 16:41:18 | 000,557,056 | ---- | C] () -- C:\Windows\System32\AmRes_fr.dll
[2009/06/05 16:41:18 | 000,528,384 | ---- | C] () -- C:\Windows\System32\AmRes_en.dll
[2009/06/05 16:41:16 | 000,552,960 | ---- | C] () -- C:\Windows\System32\AmRes_it.dll
[2009/06/05 16:41:16 | 000,552,960 | ---- | C] () -- C:\Windows\System32\AmRes_es.dll
[2009/06/05 16:41:16 | 000,536,576 | ---- | C] () -- C:\Windows\System32\AmRes_ja.dll
[2009/06/05 16:41:14 | 000,540,672 | ---- | C] () -- C:\Windows\System32\AmRes_pt-BR.dll
[2009/06/05 16:41:14 | 000,520,192 | ---- | C] () -- C:\Windows\System32\AmRes_ko.dll
[2009/06/05 16:41:12 | 000,581,632 | ---- | C] () -- C:\Windows\System32\AmRes_ru.dll
[2009/06/05 16:41:12 | 000,491,520 | ---- | C] () -- C:\Windows\System32\AmRes_zh-CHT.dll
[2009/06/05 16:41:12 | 000,491,520 | ---- | C] () -- C:\Windows\System32\AmRes_zh-CHS.dll
[2009/06/05 16:41:10 | 000,557,056 | ---- | C] () -- C:\Windows\System32\AmRes_nl.dll
[2009/06/05 16:41:10 | 000,540,672 | ---- | C] () -- C:\Windows\System32\AmRes_cs.dll
[2009/06/05 16:41:10 | 000,528,384 | ---- | C] () -- C:\Windows\System32\AmRes_da.dll
[2009/06/05 16:41:08 | 000,544,768 | ---- | C] () -- C:\Windows\System32\AmRes_pl.dll
[2009/06/05 16:41:08 | 000,532,480 | ---- | C] () -- C:\Windows\System32\AmRes_sv.dll
[2009/06/05 16:41:08 | 000,528,384 | ---- | C] () -- C:\Windows\System32\AmRes_no.dll
[2009/06/05 16:41:06 | 000,552,960 | ---- | C] () -- C:\Windows\System32\AmRes_el.dll
[2009/06/05 16:41:06 | 000,524,288 | ---- | C] () -- C:\Windows\System32\AmRes_ar.dll
[2009/06/05 16:41:04 | 000,548,864 | ---- | C] () -- C:\Windows\System32\AmRes_pt-PT.dll
[2009/06/05 16:41:04 | 000,544,768 | ---- | C] () -- C:\Windows\System32\AmRes_hu.dll
[2009/06/05 16:41:04 | 000,536,576 | ---- | C] () -- C:\Windows\System32\AmRes_fi.dll
[2009/06/05 16:41:04 | 000,516,096 | ---- | C] () -- C:\Windows\System32\AmRes_he.dll
[2009/06/05 16:41:02 | 000,548,864 | ---- | C] () -- C:\Windows\System32\AmRes_ro.dll
[2009/06/05 16:41:00 | 000,540,672 | ---- | C] () -- C:\Windows\System32\AmRes_tr.dll
[2009/06/05 16:31:18 | 000,561,152 | ---- | C] () -- C:\Windows\System32\AmRes_de.dll
[2009/06/03 14:08:48 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_tr.dll
[2009/06/03 14:08:46 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_ro.dll
[2009/06/03 14:08:46 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_pt-BR.dll
[2009/06/03 14:08:44 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_hu.dll
[2009/06/03 14:08:42 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_fi.dll
[2009/06/03 14:08:42 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Internationalization_he.dll
[2009/06/03 14:08:40 | 000,106,496 | ---- | C] () -- C:\Windows\System32\Internationalization_el.dll
[2009/06/03 14:08:38 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_cs.dll
[2009/06/03 14:08:36 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Internationalization_ar.dll
[2009/06/03 14:08:36 | 000,081,920 | ---- | C] () -- C:\Windows\System32\Internationalization_zh-CHT.dll
[2009/06/03 14:08:34 | 000,081,920 | ---- | C] () -- C:\Windows\System32\Internationalization_zh-CHS.dll
[2009/06/03 14:08:32 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_sv.dll
[2009/06/03 14:08:32 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_ru.dll
[2009/06/03 14:08:30 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_pt.dll
[2009/06/03 14:08:28 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_pl.dll
[2009/06/03 14:08:28 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Internationalization_no.dll
[2009/06/03 14:08:26 | 000,106,496 | ---- | C] () -- C:\Windows\System32\Internationalization_nl.dll
[2009/06/03 14:08:24 | 000,090,112 | ---- | C] () -- C:\Windows\System32\Internationalization_ko.dll
[2009/06/03 14:08:24 | 000,090,112 | ---- | C] () -- C:\Windows\System32\Internationalization_ja.dll
[2009/06/03 14:08:22 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_it.dll
[2009/06/03 14:08:20 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_fr.dll
[2009/06/03 14:08:20 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_es.dll
[2009/06/03 14:08:16 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_de.dll
[2009/06/03 14:08:16 | 000,102,400 | ---- | C] () -- C:\Windows\System32\Internationalization_da.dll
[2009/06/03 13:07:50 | 000,010,752 | ---- | C] () -- C:\Windows\System32\Wavx_ESC_Logging.dll
[2009/05/18 09:34:04 | 000,249,856 | ---- | C] () -- C:\Windows\System32\wxvault.dll
[2009/05/05 11:34:22 | 000,839,680 | ---- | C] () -- C:\Windows\System32\DemoLicense.dll
[2008/03/25 10:46:00 | 000,077,536 | ---- | C] () -- C:\Windows\System32\xltZlib.dll
[2007/04/19 06:52:16 | 000,080,720 | ---- | C] () -- C:\Windows\System32\AsfBios.dll
[2007/04/19 06:28:10 | 000,025,424 | ---- | C] () -- C:\Windows\System32\drivers\netamsg.dll
[2006/11/02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/06/30 13:58:44 | 000,176,128 | R--- | C] () -- C:\Windows\System32\bioapi_mds300.dll
[2006/06/30 13:58:44 | 000,126,976 | R--- | C] () -- C:\Windows\System32\bioapi100.dll
[2004/09/10 14:34:00 | 000,917,504 | ---- | C] () -- C:\Windows\System32\lmgr10.dll
[2004/09/10 14:34:00 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ADsSecurity.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/01/14 04:44:10 | 000,000,000 | ---D | M] -- C:\Users\colvis\AppData\Roaming\Ableton
[2010/04/26 14:39:44 | 000,000,000 | ---D | M] -- C:\Users\colvis\AppData\Roaming\Babylon
[2009/12/28 16:53:21 | 000,000,000 | ---D | M] -- C:\Users\colvis\AppData\Roaming\Broadcom
[2010/02/19 22:03:28 | 000,000,000 | ---D | M] -- C:\Users\colvis\AppData\Roaming\DAEMON Tools Lite
[2010/05/18 23:16:49 | 000,000,000 | ---D | M] -- C:\Users\colvis\AppData\Roaming\iZotope
[2010/04/18 14:47:27 | 000,000,000 | ---D | M] -- C:\Users\colvis\AppData\Roaming\OpenOffice.org
[2010/05/29 21:15:06 | 000,000,000 | ---D | M] -- C:\Users\colvis\AppData\Roaming\Propellerhead Software
[2010/05/01 16:05:00 | 000,000,000 | ---D | M] -- C:\Users\colvis\AppData\Roaming\Publish Providers
[2010/09/21 18:00:02 | 000,000,000 | ---D | M] -- C:\Users\colvis\AppData\Roaming\Software Informer
[2010/01/19 21:05:06 | 000,000,000 | ---D | M] -- C:\Users\colvis\AppData\Roaming\Sony
[2010/01/12 20:06:13 | 000,000,000 | ---D | M] -- C:\Users\colvis\AppData\Roaming\Steinberg
[2009/12/28 16:53:23 | 000,000,000 | ---D | M] -- C:\Users\colvis\AppData\Roaming\Wave Systems Corp
[2010/09/21 05:04:42 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2008/01/21 04:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 04:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 04:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/21 04:23:26 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009/04/23 13:08:37 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\drivers\atapi.sys
[2009/04/23 13:08:37 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2009/04/23 13:08:37 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009/04/11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/03/06 06:21:17 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2209DBCD72FD45199BAE483DDBCA5D75 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_bdffb04d\atapi.sys
[2008/03/06 06:21:17 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2209DBCD72FD45199BAE483DDBCA5D75 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22130_none_dda155213abfc239\atapi.sys
[2008/01/21 04:23:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:23:26 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2008/03/06 06:24:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=49996882C3272D944D027E03FCD89F6B -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_fbc3e716\atapi.sys
[2008/03/06 06:24:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=49996882C3272D944D027E03FCD89F6B -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20786_none_db8b089b3dbc5507\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009/04/23 13:08:37 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_853be412\atapi.sys
[2009/04/23 13:08:37 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2008/01/21 04:23:28 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008/01/21 04:23:28 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/21 04:23:28 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009/04/11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
 
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL  >[/color]
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
[color=#A23BEC]< MD5 for: DISK.SYS  >[/color]
[2009/04/11 08:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/21 04:23:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\drivers\disk.sys
[2008/01/21 04:23:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/21 04:23:45 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 11:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys
 
[color=#A23BEC]< MD5 for: IASTOR.SYS  >[/color]
[2009/02/11 18:26:18 | 000,407,576 | ---- | M] (Intel Corporation) MD5=1ADAA4F16073FD0C7270F451FD024E97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/04/28 08:05:58 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Drivers\storage\R213316\IaStor.sys
[2009/02/11 18:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009/04/28 08:05:58 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\drivers\iaStor.sys
[2009/04/28 08:05:58 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_ea118ff5\iaStor.sys
[2009/04/28 08:05:58 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_c491546e\iaStor.sys
 
[color=#A23BEC]< MD5 for: IASTORV.SYS  >[/color]
[2008/01/21 04:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 04:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 04:23:47 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2009/04/11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008/01/21 04:24:15 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[2008/02/08 06:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\System32\drivers\ndis.sys
[2008/02/08 06:25:28 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=C8560010A542B5DCA94C62468DC20784 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.22110_none_a845f8a63534c8d3\ndis.sys
[2008/02/08 06:22:00 | 000,503,352 | ---- | M] (Microsoft Corporation) MD5=E50187F20ED749F57C97836FEDE14BD6 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.20768_none_a631acb4382f8e4f\ndis.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2009/04/11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/21 04:24:31 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/21 04:24:31 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
[color=#A23BEC]< MD5 for: NVSTOR.SYS  >[/color]
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 04:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 04:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 04:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
[color=#A23BEC]< MD5 for: RASACD.SYS  >[/color]
[2008/01/21 04:24:45 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys
[2008/01/21 04:24:45 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys
 
[color=#A23BEC]< MD5 for: RDPWD.SYS  >[/color]
[2009/04/11 06:51:27 | 000,180,736 | ---- | M] (Microsoft Corporation) MD5=30BFBDFB7F95559EDE971F9DDB9A00BA -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6002.18005_none_4d610153d22453a6\rdpwd.sys
[2008/01/21 04:25:17 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\System32\drivers\rdpwd.sys
[2008/01/21 04:25:17 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=E1C18F4097A5ABCEC941DC4B2F99DB7E -- C:\Windows\winsxs\x86_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.0.6001.18000_none_4b758847d502885a\rdpwd.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2008/01/21 04:25:18 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008/01/21 04:25:18 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cde11068f5b77b180111333ef9781925\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
[color=#A23BEC]< MD5 for: SFLOPPY.SYS  >[/color]
[2006/11/02 10:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\drivers\sfloppy.sys
[2006/11/02 10:51:40 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=46ED8E91793B2E6F848015445A0AC188 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_7a4ca8e4\sfloppy.sys
[2008/01/21 04:23:44 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\System32\DriverStore\FileRepository\flpydisk.inf_36da1340\sfloppy.sys
[2008/01/21 04:23:44 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=C33BFBD6E9E41FCD9FFEF9729E9FAED6 -- C:\Windows\winsxs\x86_flpydisk.inf_31bf3856ad364e35_6.0.6001.18000_none_e70a102d7a7bbf43\sfloppy.sys
 
[color=#A23BEC]< MD5 for: TDPIPE.SYS  >[/color]
[2008/01/21 04:24:34 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\System32\drivers\tdpipe.sys
[2008/01/21 04:24:34 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=5DCF5E267BE67A1AE926F2DF77FBCC56 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdpipe.sys
 
[color=#A23BEC]< MD5 for: TDTCP.SYS  >[/color]
[2008/01/21 04:24:34 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\System32\drivers\tdtcp.sys
[2008/01/21 04:24:34 | 000,029,184 | ---- | M] (Microsoft Corporation) MD5=389C63E32B3CEFED425B61ED92D3F021 -- C:\Windows\winsxs\x86_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.0.6001.18000_none_dbac376c44b742d7\tdtcp.sys
 
[color=#A23BEC]< MD5 for: USBPRINT.SYS  >[/color]
[2006/11/02 11:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\drivers\usbprint.sys
[2006/11/02 11:14:58 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=B51E52ACF758BE00EF3A58EA452FE360 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_35521f61\usbprint.sys
[2008/01/21 04:23:47 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\System32\DriverStore\FileRepository\usbprint.inf_29f90369\usbprint.sys
[2008/01/21 04:23:47 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=E75C4B5269091D15A2E7DC0B6D35F2F5 -- C:\Windows\winsxs\x86_usbprint.inf_31bf3856ad364e35_6.0.6001.18000_none_32f9c26ac169fb1e\usbprint.sys
 
[color=#A23BEC]< MD5 for: USBSCAN.SYS  >[/color]
[2008/01/21 04:23:52 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_67b3f94c\usbscan.sys
[2008/01/21 04:23:52 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6001.18000_none_59ded168e0c6a0d3\usbscan.sys
[2008/01/21 04:23:52 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=A508C9BD8724980512136B039BBA65E9 -- C:\Windows\winsxs\x86_sti.inf_31bf3856ad364e35_6.0.6002.18005_none_5bca4a74dde86c1f\usbscan.sys
[2006/11/02 11:14:17 | 000,035,328 | ---- | M] (Microsoft Corporation) MD5=B1F95285C08DDFE00C0B955462637EC7 -- C:\Windows\System32\DriverStore\FileRepository\sti.inf_727905e0\usbscan.sys
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2008/01/21 04:25:06 | 000,242,744 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\rsaenh.dll
[2008/01/21 04:25:02 | 000,225,792 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\SLC.dll
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles  >[/color]
< End of report >
voici pour OTL


Code: Tout sélectionner
OTL Extras logfile created on: 21/09/2010 18:03:47 - Run 1
OTL by OldTimer - Version 3.2.14.1     Folder = C:\Users\colvis\Downloads
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146,82 Gb Total Space | 27,64 Gb Free Space | 18,83% Space Free | Partition Type: NTFS
Drive D: | 2,00 Gb Total Space | 1,09 Gb Free Space | 54,45% Space Free | Partition Type: NTFS
Drive E: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-DE-COLVIS
Current User Name: colvis
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1678083485-1132016931-1686102557-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{132630CD-E145-49AD-BFFC-5652E355CDD2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{474D328B-30B3-4771-8784-5D9673169D33}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{FA7CD172-5244-4B58-A5F6-6D6CE93C58F0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07128A92-B10D-46C6-9CB0-E368CD2348A2}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{1A4170AD-B7E3-4D64-8302-9CE1865BB405}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3DFE4425-237E-4D4B-BC94-914CE871935F}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{647FB704-3F29-40DA-B4AE-0954EAD4AE2D}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{7D6B0CBF-D0C2-42D7-A7EE-EB9C7008392E}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{7D8B6A36-4F67-4412-9521-69547FE6D5ED}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{8F767629-A78C-4082-B7AF-2D481EFC37E8}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{96B9DF9F-03C4-44DD-8414-43DC950C353E}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{C323D4EF-FF22-4B4F-A24B-39EB66AC37BC}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{D7B234B9-8CDC-46A0-BB05-407E69025585}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{EC4BC03B-F647-4324-98C2-BEA616FF4D36}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{F0B117A7-5796-4A62-958C-BBFE2C2FD906}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{F377EFF1-0643-4853-95A3-DEFD797620C9}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{FAFC6740-0B26-492A-8142-EF4EF4816518}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"TCP Query User{444D5F47-A30D-4652-9C8D-67F3FB080E23}C:\program files\free download manager\fdm.exe" = protocol=6 | dir=in | app=c:\program files\free download manager\fdm.exe |
"TCP Query User{5B20EAF8-ABBF-45BF-9FD0-E6FF3319D618}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{81DFF073-BECD-4FFF-8943-01A08B25319B}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{87605B18-C33F-4620-BFAA-29C5C93CE757}C:\program files\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files\left 4 dead 2\left4dead2.exe |
"TCP Query User{9A3A832A-A6F2-495F-80E0-86AA30EB8161}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{E30CEF7A-C6D0-49C9-8650-4DC1DA4376F4}F:\antoine\jeux\activision\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=f:\antoine\jeux\activision\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{28A01656-43D0-40CC-B81F-4E4D241FBD19}C:\program files\free download manager\fdm.exe" = protocol=17 | dir=in | app=c:\program files\free download manager\fdm.exe |
"UDP Query User{302D572C-2BE6-4AA8-8B2D-ECE125C48141}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{8658733D-795C-4BAC-A586-2775C0D2EA7A}C:\program files\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files\left 4 dead 2\left4dead2.exe |
"UDP Query User{B539F69B-6066-41BB-BF05-07D213D926BF}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{CCD94F37-38BB-4D62-9B78-991628825328}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{EDA6D469-85AE-469A-9231-DE21DBC40D8C}F:\antoine\jeux\activision\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=f:\antoine\jeux\activision\activision\call of duty 2\cod2mp_s.exe |
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}" = Adobe Flash Player 10 Plugin
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{086EDF55-3DA3-46C9-A6BF-5CE2E4618C32}" = ElastikVst
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE 10.3
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14237138-900C-4C0A-AF63-1888F2671F9D}" = SO32MMWrapper
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
"{2220CF3A-EBD6-4070-94D0-0C7337B537A7}" = All Day Battery Life Configuration
"{2223FC2F-B862-4F83-BC9E-DDF2DADF2859}" = Intel(R) Network Connections 13.0.42.0
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 21
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java(TM) 6 Update 18
"{294EAADF-E50F-4DD8-AD8D-19587EA10512}" = Modem Diagnostic Tool
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3872C2B2-1C00-4742-83F5-D0797278E9EF}" = Dell Control Point
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{48F9998C-3BA0-42D3-82E6-5882441EB8CE}" = Adobe Flash CS4 STI-fr
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4C4D25EB-6513-4702-8355-F4194DE2E1D9}" = Waves 4.0
"{4EE2EF4B-25D3-4D44-8384-A2B96F811F55}" = OpenOffice.org 3.2
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{5AD045DF-11AA-473D-B4AA-2A4F0E213047}" = Google SketchUp 7
"{5AF4F4C5-C71C-418F-B0B1-3903A345BD71}" = Ambient Light Sensor
"{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}" = Microsoft .NET Framework 3.5 Language Pack - fra
"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{62C0C0B7-0779-4A40-937A-14A930B6F4A6}" = Dell ControlPoint Connection Manager
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6EA8A52B-8EA1-4A59-85AB-48132299061A}" = Intel(R) PRO Alerting Agent
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{767572FD-4D01-4FA3-B0A6-4B09FB2CFC37}" = Sony Sound Forge 8.0
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{79B520D5-CE72-4661-A054-804BC3412516}" = Wave Infrastructure Installer
"{7B088773-4913-46E1-813E-CD1A0FA9CB03}" = DCP32MMWrapper
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{81860953-8A77-4ED5-B57C-F35D703D9489}" = Dell ControlVault Host Components Installer
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8CB7F4E6-73AE-4D8F-86A2-EAE39CE72FD1}" = Logiciel Intel(R) PROSet/Wireless WiFi
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9143F2FA-BF20-4311-8618-4CCF51B1B80C}" = Dell ControlPoint System Manager
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9954484F-6EE4-4040-94E3-4B380646F867}" = Guide de mise en route Dell
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AE41AF3-FAD1-4A34-8976-747FDC19FE08}" = Logiciel Intel(R) PROSet/Wireless WiFi
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework
"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BB93D30B-B395-44BB-A9ED-A0E057F07E53}" = NTRU TCG Software Stack
"{BC52E419-B185-488F-9973-049A88E5DCBE}" = Gemalto
"{BD423B54-8668-44B6-8610-D24514445E88}" = Adobe Flash CS4 Extension - Flash Lite STI fr
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D9CF5E60-42B1-489B-A0E2-9A6EE3DEB969}" = FireWire Family
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE 10.3
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F4487649-7368-4217-AEA3-1E04DB3E2C5C}" = Dell ControlPoint Security Manager
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F7D27C70-90F5-49B9-B188-0A133C0CE353}" = Windows Live Toolbar
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack
"9D57DE505B6D8C710EF3B74BE638DBB936EED8A3" = Package de pilotes Windows - Dell Inc. PBADRV System  (01/07/2008 1.0.1.5)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Antares Filter VST DX v1.0" = Antares Filter VST DX v1.0
"Arturia Arp2600 V v1.0" = Arturia Arp2600 V v1.0
"Arturia Minimoog V v1.0" = Arturia Minimoog V v1.0
"Arturia Moog Modular V v1.1" = Arturia Moog Modular V v1.1
"AudioRealism BassLine VSTi v1.51" = AudioRealism BassLine VSTi v1.51
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Creative OA001" = Integrated Webcam Driver (1.06.03.0309) 
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Dell Webcam Central" = Dell Webcam Central
"eMule" = eMule
"GMedia Music impOSCar VSTi v1.0.0.1" = GMedia Music impOSCar VSTi v1.0.0.1
"Golden Compressor | GCO-1_is1" = GCO-1 v1.00
"HALion v1.0 VSTi" = HALion v1.0 VSTi
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"iZotope Ozone 4_is1" = iZotope Ozone 4
"Kjaerhus Audio - Golden Compressor | GCO-1_is1" = GCO-1 v1.01
"Kjaerhus Audio - Golden Equaliser | GEQ-7_is1" = GEQ-7 v1.03
"Kjaerhus Audio - Golden Modulator | GMO-1_is1" = GMO-1 v1.05
"Kjaerhus Audio - Golden Peak-Pressor | GPP-1_is1" = GPP-1 v1.00
"Korg Legacy Collection VSTi v1.0.02" = Korg Legacy Collection VSTi v1.0.02
"LinPlug Albino VSTi RTAS v2.2.1" = LinPlug Albino VSTi RTAS v2.2.1
"Live 6.0.1" = Live 6.0.1
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - fra" = Module linguistique Microsoft .NET Framework 3.5 - fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.5.12)" = Mozilla Firefox (3.5.12)
"MrRay VST Electric Piano version 2.2" = MrRay VST Electric Piano version 2.2
"N.I Pro-53 v3.0-OxYGeN" = N.I Pro-53 v3.0-OxYGeN
"Native Instruments Absynth 2" = Native Instruments Absynth 2
"Native Instruments Absynth 3" = Native Instruments Absynth 3
"Native Instruments B4 Tone Wheels Bundle v1.11" = Native Instruments B4 Tone Wheels Bundle v1.11
"Native Instruments Battery v2.0" = Native Instruments Battery v2.0
"Native Instruments FM7" = Native Instruments FM7
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Guitar Rig v1.1" = Native Instruments Guitar Rig v1.1
"NI Kontakt v1.2 " = NI Kontakt v1.2
"NVIDIA Drivers" = NVIDIA Drivers
"Oddity v1.0-OxYGeN" = Oddity v1.0-OxYGeN
"OrangeVocoder v2.0-OxYGeN" = OrangeVocoder v2.0-OxYGeN
"ProInst" = Intel PROSet Wireless
"PROSetDX" = Intel(R) Network Connections 13.0.42.0
"PSP MixPack 1.8" = PSP MixPack 1.8
"Reason4_is1" = Reason 4.0
"Recherche_France Toolbar" = Recherche_France Toolbar
"reFX JunoX2 VST v1.3" = reFX JunoX2 VST v1.3
"Rob Papen BLUE Version 1.6.0_is1" = Rob Papen BLUE Version 1.6.0
"Software Informer_is1" = Software Informer 1.0 BETA
"Sound Forge 5.0" = Sound Forge 5.0
"Steinberg Cubase SX v2.2.0.33" = Steinberg Cubase SX v2.2.0.33
"URS Classic Console EQ Bundle VST Native1.0" = URS Classic Console EQ Bundle VST Native
"URS Everything EQ Bundle v4.0" = URS Everything EQ Bundle v4.0
"Usbfix" = Usbfix By C_XX & El Desaparecido
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 1.0.3
"Waldorf.PPG.Wave2.V-OxYGeN" = Waldorf.PPG.Wave2.V-OxYGeN
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = WinRAR archiver
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 14/07/2010 19:39:48 | Computer Name = PC-de-colvis | Source = WinMgmt | ID = 10
Description =
 
Error - 14/07/2010 19:39:58 | Computer Name = PC-de-colvis | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 14/07/2010 19:39:59 | Computer Name = PC-de-colvis | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 14/07/2010 19:40:01 | Computer Name = PC-de-colvis | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
 to TPM
 
Error - 14/07/2010 19:56:24 | Computer Name = PC-de-colvis | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 14/07/2010 20:44:12 | Computer Name = PC-de-colvis | Source = Application Error | ID = 1000
Description = Application défaillante Cubasesx.exe, version 2.2.0.33, horodatage
 0x407bc0d2, module défaillant Cubasesx.exe, version 2.2.0.33, horodatage 0x407bc0d2,
 code d’exception 0xc0000005, décalage d’erreur 0x00006f32,  ID du processus 0x98c,
 heure de début de l’application 0x01cb23af2e95abda.
 
Error - 14/07/2010 20:58:31 | Computer Name = PC-de-colvis | Source = WinMgmt | ID = 10
Description =
 
Error - 14/07/2010 20:58:49 | Computer Name = PC-de-colvis | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
 to TPM
 
Error - 15/07/2010 06:49:32 | Computer Name = PC-de-colvis | Source = WinMgmt | ID = 10
Description =
 
Error - 15/07/2010 06:49:50 | Computer Name = PC-de-colvis | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
 to TPM
 
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
voila pour extras
COLVIS
Visiteur
Visiteur
 
Messages: 6
Inscription: 21 Sep 2010 17:22
 


Re: CHEVAL DE TROIE TR/downloader.gen et TR/Horst.39424.c.1

Message le 21 Sep 2010 18:57

Bonjour

Ok fait ceci.


* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
PRC - [2010/09/18 00:15:02 | 000,075,776 | ---- | M] () -- C:\Users\colvis\AppData\Roaming\logman.exe
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NvtSp50.sys -- (NvtSp50)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
IE - HKLM\..\URLSearchHook: {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files\Recherche_France\tbRec1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000\..\URLSearchHook: {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files\Recherche_France\tbRec1.dll (Conduit Ltd.)
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.1.0014
[2010/03/25 16:12:48 | 000,000,000 | ---D | M] -- C:\Users\colvis\AppData\Roaming\mozilla\Firefox\Profiles\5gsnqunf.default\extensions\DTToolbar@toolbarnet.com
O2 - BHO: (Recherche France Toolbar) - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files\Recherche_France\tbRec1.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Recherche France Toolbar) - {d5b75883-e809-4120-bfeb-8d707d5dfbe3} - C:\Program Files\Recherche_France\tbRec1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000\..\Toolbar\WebBrowser: (Recherche France Toolbar) - {D5B75883-E809-4120-BFEB-8D707D5DFBE3} - C:\Program Files\Recherche_France\tbRec1.dll (Conduit Ltd.)
F3 - HKU\S-1-5-21-1678083485-1132016931-1686102557-1000 WinNT: Load - (C:\Users\colvis\AppData\Roaming\logman.exe) - C:\Users\colvis\AppData\Roaming\logman.exe ()
[2010/09/18 00:15:02 | 000,075,776 | ---- | M] () -- C:\Users\colvis\AppData\Roaming\logman.exe
:Files
C:\Users\colvis\AppData\Roaming\logman.exe
:Commands
[emptytemp]
[reboot]


* Cliques sur l'icône Correction (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés


Ensuite ceci.



Installe Malewarebytes' Antimalware,
Téléchargement



*** Met-le à jour puis choisi, Exécuter un examen complet

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

Poste le rapport final.
*** il est conseillé de désactivé Tea-Timer si tu as Spybot-S&D juste le temps du scan.
Voici comment faire: Lancez Spybot-S&D, passez en Mode avancé via le Menu Mode (en haut) → cliquez sur Oui--> choisissez Outils dans la barre de navigation sur la gauche -->Résident et là vous pouvez décocher les cases situées devant les deux outils.
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: CHEVAL DE TROIE TR/downloader.gen et TR/Horst.39424.c.1

Message le 21 Sep 2010 19:42

Quand tu parles de fermer toutes les applications je ferme l antivirus aussi .Car pour l'instant j ai lancer otl en administrateur j ai corrigé en cochant se que tu me demandes et il y a eu un ecran bleu et il a redemaré.
COLVIS
Visiteur
Visiteur
 
Messages: 6
Inscription: 21 Sep 2010 17:22
 

Re: CHEVAL DE TROIE TR/downloader.gen et TR/Horst.39424.c.1

Message le 21 Sep 2010 23:54

J ai réédité le processus qui me demande de rallumer l'ordi ?, un rapport sort mais pas otl je vous l' envoi
Code: Tout sélectionner
All processes killed
========== OTL ==========
No active process named logman.exe was found!
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File C:\Windows\System32\DRIVERS\nwlnkfwd.sys not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File C:\Windows\System32\DRIVERS\nwlnkflt.sys not found.
Service NvtSp50 stopped successfully!
Service NvtSp50 deleted successfully!
File C:\Windows\System32\Drivers\NvtSp50.sys not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File C:\Windows\System32\DRIVERS\ipinip.sys not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{d5b75883-e809-4120-bfeb-8d707d5dfbe3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d5b75883-e809-4120-bfeb-8d707d5dfbe3}\ deleted successfully.
C:\Program Files\Recherche_France\tbRec1.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1678083485-1132016931-1686102557-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{d5b75883-e809-4120-bfeb-8d707d5dfbe3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d5b75883-e809-4120-bfeb-8d707d5dfbe3}\ not found.
File C:\Program Files\Recherche_France\tbRec1.dll not found.
Prefs.js: DTToolbar@toolbarnet.com:1.1.1.0014 removed from extensions.enabledItems
C:\Users\colvis\AppData\Roaming\mozilla\Firefox\Profiles\5gsnqunf.default\extensions\DTToolbar@toolbarnet.com\components\Resources folder moved successfully.
C:\Users\colvis\AppData\Roaming\mozilla\Firefox\Profiles\5gsnqunf.default\extensions\DTToolbar@toolbarnet.com\components folder moved successfully.
C:\Users\colvis\AppData\Roaming\mozilla\Firefox\Profiles\5gsnqunf.default\extensions\DTToolbar@toolbarnet.com\chrome folder moved successfully.
C:\Users\colvis\AppData\Roaming\mozilla\Firefox\Profiles\5gsnqunf.default\extensions\DTToolbar@toolbarnet.com folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5b75883-e809-4120-bfeb-8d707d5dfbe3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d5b75883-e809-4120-bfeb-8d707d5dfbe3}\ not found.
File C:\Program Files\Recherche_France\tbRec1.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}\ deleted successfully.
C:\Program Files\Windows Live\Toolbar\wltcore.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ deleted successfully.
File C:\Program Files\Windows Live\Toolbar\wltcore.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{d5b75883-e809-4120-bfeb-8d707d5dfbe3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d5b75883-e809-4120-bfeb-8d707d5dfbe3}\ not found.
File C:\Program Files\Recherche_France\tbRec1.dll not found.
Registry value HKEY_USERS\S-1-5-21-1678083485-1132016931-1686102557-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
File C:\Program Files\Windows Live\Toolbar\wltcore.dll not found.
Registry value HKEY_USERS\S-1-5-21-1678083485-1132016931-1686102557-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1678083485-1132016931-1686102557-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D5B75883-E809-4120-BFEB-8D707D5DFBE3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5B75883-E809-4120-BFEB-8D707D5DFBE3}\ not found.
File C:\Program Files\Recherche_France\tbRec1.dll not found.
C:\Users\colvis\AppData\Roaming\logman.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-1678083485-1132016931-1686102557-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\colvis\AppData\Roaming\logman.exe deleted successfully.
File C:\Users\colvis\AppData\Roaming\logman.exe not found.
========== FILES ==========
File\Folder C:\Users\colvis\AppData\Roaming\logman.exe not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: colvis
->Temp folder emptied: 854936531 bytes
->Temporary Internet Files folder emptied: 17291937 bytes
->Java cache emptied: 27684644 bytes
->FireFox cache emptied: 43026795 bytes
->Flash cache emptied: 2829794 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 76694682 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 975,00 mb
 
 
OTL by OldTimer - Version 3.2.14.1 log created on 09212010_205447

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

et ensuite l antimalware trouve 3 Trojan:Trojan.agent ,Trojan.agent.ck,Trojan.downloader je les ai supprimé mais en ré-ouvrant malwarebytes je me suis aperçu qu 'il les a mis sous quarantaine .
J avoue je suis un peu perdu je sais pas si sa a fonctionné n ayant pas les codes otl ?
je vais laisser mon ordi un peu allumé pour voir si avira s énerve encore.Je vous tiens informé
merci pour votre aide
COLVIS
Visiteur
Visiteur
 
Messages: 6
Inscription: 21 Sep 2010 17:22
 

Re: CHEVAL DE TROIE TR/downloader.gen et TR/Horst.39424.c.1

Message le 22 Sep 2010 11:49

OK pour le rapport.

As tu des nouvelles pour ton antivirus?
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: CHEVAL DE TROIE TR/downloader.gen et TR/Horst.39424.c.1

Message le 22 Sep 2010 12:24

J ai scanné le disq C avec avira j ai laissé mon ordi allumé plus de trois heures sans message d'alerte ca a l'air ok .Alors apres si vous connaissez une autre facon efficace de verifier la désinfection je suis tout ouie.En vous remerciant mille fois.Si le message réaparé d'ici là je vous recontacte .
merci
COLVIS
Visiteur
Visiteur
 
Messages: 6
Inscription: 21 Sep 2010 17:22
 

Re: CHEVAL DE TROIE TR/downloader.gen et TR/Horst.39424.c.1

Message le 22 Sep 2010 18:56

ok fait ceci.

relance otl et valide "purge outil" puis ceci.


Bon maintenant on va mettre la restauration du système propre.
Pour cela:

1- Valides les touches Windows et Pause en même temps.

Puis Protection du système

Sur cette fenêtre décoches la case concernant le DD ou est installé ton système normalement C:

Valide et acceptes les demandes suivantes.

***Pour Windows 7** il faut valider l'onglet Configurer puis valider la désactivation de la restauration.

**Toujours sur cette même fenêtre : Il te faut donc maintenant recrée un nouveau point de restauration.

Coche cette même case et valides cela par l’onglet APPLIQUER puis onglet « CREER »

Nommes ce point PC- Clean: Valides.

Vous pouvez maintenant fermer toutes les fenêtres.


Ensuite tu peux faire une analyse en ligne pour se rassurer.

http://www.bitdefender.fr/scanner/online/free.html

ou la.

http://www.eset-nod32.fr/scanner.html
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: CHEVAL DE TROIE TR/downloader.gen et TR/Horst.39424.c.1

Message le 22 Sep 2010 19:26

Quand je clic sur purge outil il me demande d'eteindre mon ordinateur et a ce moment là c est indiqué que mon ordi ne demarre pas normalement il me propose soit de demarer normalement soit de reparer j ai fais les deux je ne comprends toujours pas la suite "1- Valides les touches Windows et Pause en même temps.etc...comment fait ton pour valider les touches?
merci et désolé je suis pas tres doué
COLVIS
Visiteur
Visiteur
 
Messages: 6
Inscription: 21 Sep 2010 17:22
 

Re: CHEVAL DE TROIE TR/downloader.gen et TR/Horst.39424.c.1

Message le 22 Sep 2010 20:28

si tu appui en même temps sur ces deux touches tu vas arriver aux indications pour purger ta restauration système.

tu peux faire autrement soit..

Panneau de configuration\Système et maintenance\Système
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: CHEVAL DE TROIE TR/downloader.gen et TR/Horst.39424.c.1

Message le 22 Sep 2010 22:35

bon j ai tout executé je voulais savoir j ai nommé le point de restauration PC- Clean: et je voulais savoir exactement a quoi ca sert ?sinon bittorent ne detecte pas de virus ca a l air résolu! merci encore pour l aide .
COLVIS
Visiteur
Visiteur
 
Messages: 6
Inscription: 21 Sep 2010 17:22
 

Re: CHEVAL DE TROIE TR/downloader.gen et TR/Horst.39424.c.1

Message le 23 Sep 2010 11:43

Une fois ton pc propre je t'ai fait supprimer les points de restaurations qui contiennent l'infection.

Maintenant que tu as créé un point de restauration "clean" en cas de soucis il te suffiras de revenir à lui pour être tranquille. :wink:

Bonne journée
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 



Sujets similaires

Message reconnaitre un cheval de troyes et solution
Bonjour, comment reconnait't'on si notre PC est atteint par un cheval de troyes ? ,
Réponses: 7

Message éliminer un cheval de Troie / virus
Bonjour, Je ne sais pas comment s'est apparu sur mon ordi vu que je n'ai rien téléchargé ces derniers jours mais à chaque fois que j'ouvre internet depuis 3 jours (que ce soit sur chrome ou explorer), ma page d'accueil (qui était google à la base) devient une page "amisites", dans le même ...
Réponses: 8

Message aide pour éliminer un cheval de troie
Bonjour,Je m'excuse d'avance si c'est un peu long mais je vais essayer d'être le plus précis possible.Il y a 10 jours environ, j'ai attrapé un virus en voulant télécharger quelque chose (quelle idée m'a pris !) sur firefox. Des dizaines de pubs s'ouvraient toutes seules sur mon ordi, même lorsque me ...
Réponses: 3

Message Virus Cheval de Troie téléchargeur
Bonjour,Dernièrement mon anti-virus "Microsoft Security Essentials" à détecté un cheval de Troie sur mon PC Portable. Malgré la suppression du virus par l'anti-virus mon PC est tjrs infecté et dès que je vais sur internet j'ai plein de pages indésirables qui s'ouvrent alors que je n'avais ...
Réponses: 8

Message Cheval de Troie "collected_c.BEIS"
Bonjour,Mon antivirus AVG reconnait depuis quelque temps le cheval de troie "collected_c.BEIS".Je n'arrive pas à supprimer le virus: à chaque fois, il est mis en quarantaine et ne peut être supprimé par AVG.J'ai cherché sur internet et ai téléchargé le spyware "Spybot". Après ana ...
Réponses: 1

Message Cheval de Troie Generic35.ADLJ
Bonjour à tous.Cela fait pas mal de temps que je vous lis pour obtenir des renseignements (je ne suis pas fort en informatique), mais c'est mon premier post.Suite à un téléchargement, j'ai eu une alerte "Cheval de Troie Generic35.ADLJ" ainsi qu'un "Luhe.sirefef.A"Les deux ont été ...
Réponses: 7

Message plugin realplayer downloader ne marche plus
bonsoirmon plugin realplayer downloader ne marche plusj'ai beau reinstaller le rp ca ne change rien pourtant il est active ds mon browser (mozilla)
Réponses: 2


Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 9 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.