Encore un écran bleu ... oups!!

[clarabelle85]

Bonjour à toutes et à tous!!

Voilà, j'ai un soucis avec mon PC portable : (il a 6 ou 7 mois)
Samsung R540
OS: windows 7
CPU: intel core i3 350M
ecran 15.6
VRAM: Ati HD545V (HD5145) gDDR3 512MB
Memoire: 4GB
HDD: 320GB
ODD: super multi dual layer (SATA)

Depuis quelques temps, j'ai un écran bleu qui s'affiche ( driver IRQL not equal ...) !!!!!
J'ai remarqué que cela se produit peu de temps après le démarrage de Bittorent (oui je sais c'est pas bien lol)

J'ai fais quelques recherches sur le net mais je n’aie rien trouvé de précis et avant de me lancer dans n'importe quelle bidouillerie, je préfère exposer mon problème !!

Donc voilà!!!!

Merci d'avance pour vos réponses!!!!!!!!

[jeanmimigab]

hello

Télécharger whocrashedSetup
http://www.filecluster.com/downloads/WhoCrashed.html

Installer le logiciel et une fois installé cliquez sur "Analyse"

Laisse Internet connecté . Si tu as une anomalie tu vas avoir ce rapport. Mets-le ici.

[clarabelle85]

Merci!!!!
J'essays de télécharger le logiciel mais au final ce n'est pas "who crashed" mais des trucs pour smileys !!!!!!!????????

[clarabelle85]

j'ai reussi voivi le rapport :

On Sun 10/23/2011 10:41:34 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\102311-18610-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x7CC40)
Bugcheck code: 0xD1 (0x28, 0x2, 0x0, 0xFFFFF88001811B2D)
Error: DRIVER_IRQL_NOT_LESS_OR_EQUAL
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that a kernel-mode driver attempted to access pageable memory at a process IRQL that was too high.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver which cannot be identified at this time.

[jeanmimigab]

hum, je me trompe peut être, mais ça pu l'infection rootkit tdss

ce n'est pas "who crashed" mais des trucs pour smileys !!!!!!!????????

en puis tu as des redirections web aprioris !


* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "rapport minimal " soit cochée.

* Coches les case situées devant "Tous les utilisateurs", " Recherche LOP" et "Recherche Purity".

* Copier et colle le contenue de cette citation dans la partie inférieure d'OTL "personnalisation"

%temp%\smtmp\1\*.* /s
%temp%\smtmp\2\*.* /s
%temp%\smtmp\4\*.* /s
nslookup http://www.google.fr /c
SAVEMBR:0
%systemroot%\system32\drivers\*.sys /lockedfiles
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
ntoskrnl.exe
userinit.exe
tcpip.sys
Sfloppy.sys
Changer.sys
cdrom.sys
disk.sys
ndis.sys
usbscan.sys
usbprint.sys
tdtcp.sys
tdpipe.sys
swmidi.sys
splitter.sys
rdpwd.sys
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
RASACD.SYS
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( réduit dans la barre des taches).
* Copie et colle les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

[clarabelle85]

Oki merci voilà les deux rapports:

extras:

OTL Extras logfile created on: 10/23/2011 2:09:02 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Nounours\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3.85 Gb Total Physical Memory | 2.08 Gb Available Physical Memory | 53.87% Memory free
7.71 Gb Paging File | 5.63 Gb Available in Paging File | 73.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 112.00 Gb Total Space | 25.27 Gb Free Space | 22.56% Space Free | Partition Type: NTFS
Drive D: | 165.99 Gb Total Space | 31.07 Gb Free Space | 18.72% Space Free | Partition Type: NTFS
Drive G: | 149.05 Gb Total Space | 16.53 Gb Free Space | 11.09% Space Free | Partition Type: NTFS

Computer Name: NOUNOURS-PC | User Name: Nounours | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61CF2C86-8E46-4210-A115-E4D6C65AF369}" = HP Photosmart B109a-m All-In-One Driver Software 13.0 Rel .6
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E01819BD-709F-43A1-9600-6F5E4C584C37}" = Windows Live Family Safety
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F82D3110-2996-B896-9ADC-394C18071095}" = ccc-utility64
"{F8FEEFC0-D7D6-9A40-28E9-1E7A6716E803}" = ATI Catalyst Install Manager
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"Elantech" = ETDWare PS/2-x64 7.0.7.0_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WhoCrashed_is1" = WhoCrashed 3.02

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{05653DE1-6567-40C6-B930-39D399B64369}" = OpenOffice.org 3.3
"{058E7BC0-15C3-D5F6-FD8D-34E4B44E4F82}" = CCC Help Thai
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{085C9E07-E122-DECF-350D-5CB3594EC54D}" = Catalyst Control Center Graphics Previews Common
"{08B67A13-8501-48CB-B747-9D413BDC4594}" = BatteryLifeExtender
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F796312-289C-40CA-856C-9FBCF5E83342}" = REALTEK Wireless LAN Software
"{11A5DA06-82B8-B47C-B6A9-6BFA8008108C}" = CCC Help Dutch
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{283EFC5E-041A-4AC7-8824-2F33695EBC11}" = CCC Help Korean
"{2D4E3A20-01D9-713F-2CD5-15FBD9312F28}" = CCC Help Chinese Traditional
"{2DDC70C1-C77A-4D08-89D2-9AB648504533}" = Easy Content Share
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{31CABF76-F113-30F6-1BF1-19CA660C72B4}" = CCC Help Finnish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{43609114-F9B7-48AA-BAAC-F320BB5E88DD}" = CCC Help Spanish
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A331D24-A9E8-484F-835E-1BA7B139689C}" = EasyBatteryManager
"{4A87034C-621A-DAC1-D7C3-FB9102A453D4}" = CCC Help Japanese
"{4FBB6BFD-774C-E86B-84E6-23C08FD76C0C}" = Catalyst Control Center Graphics Light
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{656FDFA4-C7C6-40D9-99F7-F6F331412AEF}" = WarrantyExtension
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6BCE77FA-82A3-E502-0956-AA9AE0E169D0}" = CCC Help English
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76810709-A7D3-468D-9167-A1780C1E766C}" = Windows Live FolderShare
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78FDD286-2C51-17B5-22BC-DA769D237E1A}" = CCC Help Swedish
"{79B0F7B2-31BD-D377-CCA2-F647601283C0}" = CCC Help Polish
"{80059A57-F141-5556-7FA2-CD97EB8A05F9}" = CCC Help Danish
"{80FE5490-E9DD-4AE9-8537-3EB5EFB606FC}" = PS_AIO_06_B109a-m_SW_Min
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}" = Insaniquarium Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{983D01A7-FD14-5F70-9A46-3DBE1C0A3FFF}" = Catalyst Control Center InstallProxy
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C51C947-7E8D-3EEB-6087-276446E4914C}" = CCC Help Hungarian
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-1036-7B44-A94000000001}" = Adobe Reader 9.4.6 - Français
"{AF20390E-5ADD-4CB0-BF9D-EDF6E7891AD9}" = B109a-m
"{B1FA9E3F-86F3-136A-84DA-809A40458243}" = CCC Help Russian
"{B6D8DC8C-F077-4631-A221-4D5E1D8E87E7}" = Catalyst Control Center - Branding
"{B7FB9C80-A61F-6BFE-7F93-C493AC3F9E91}" = CCC Help Turkish
"{B91B9BD2-C3D1-2632-26C9-170EB39CADAC}" = CCC Help Greek
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BD8D4FE1-8E1D-2D41-ED33-3E2B64ED3AF3}" = CCC Help Chinese Standard
"{C28CE716-3F07-528A-6CC8-FDF2865BCAAF}" = ccc-core-static
"{C4582EED-A3FB-4358-8F3F-8C994460DF28}" = EasyFileShare
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{C9F9C082-A19F-9672-4F78-CC93F363A07D}" = CCC Help Norwegian
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CDC7F188-3A08-45C3-8C3C-99BE32911949}" = Photo Transport
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEF185AA-392D-82EF-339B-F36547C0D9F8}" = Catalyst Control Center Core Implementation
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D1886477-86CD-8365-CE96-42AD6F950ED0}" = CCC Help Italian
"{D1FAD629-67C3-B9D5-FD06-73A4EF76528A}" = CCC Help Portuguese
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D53D7F78-94AC-CE27-199E-5F509437C7E6}" = Catalyst Control Center Graphics Previews Vista
"{D55BE2BD-14D6-E8AA-A1C0-519C50E28EB2}" = Catalyst Control Center Graphics Full Existing
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E91CD838-0ED0-0BCD-ECAF-1A089F1A27E5}" = CCC Help Czech
"{EF1E3D76-6F52-3F63-6848-346ACD86096D}" = CCC Help German
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B13553-B3CA-76A9-182A-9E352F4EB749}" = Catalyst Control Center Graphics Full New
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F6340C10-589F-7D1E-1819-2F8CF6247505}" = CCC Help French
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center
"{F771F1D4-EDD4-4D68-82DC-811583C099CD}" = Easy Network Manager
"{FFE45CD9-4070-78E3-5794-8575B389336E}" = Catalyst Control Center Localization All
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BitTorrent" = BitTorrent
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Marvell Miniport Driver" = Marvell Miniport Driver
"Mozilla Firefox 7.0.1 (x86 fr)" = Mozilla Firefox 7.0.1 (x86 fr)
"MSC" = McAfee SecurityCenter
"PokerStars.fr" = PokerStars.fr
"Virtual Painter 5 LE for CASIO (ENU)" = Virtual Painter 5 LE for CASIO (ENU)
"VLC media player" = VLC media player 1.1.7
"WinLiveSuite" = Windows Live
"WinRAR archiver" = WinRAR 4.00 (32 bits)
"YTdetect" = Yahoo! Detect

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.5.1

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/14/2011 2:11:42 PM | Computer Name = Nounours-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 10/14/2011 2:11:42 PM | Computer Name = Nounours-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 10/14/2011 2:11:43 PM | Computer Name = Nounours-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 10/14/2011 2:11:43 PM | Computer Name = Nounours-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 10/14/2011 2:11:43 PM | Computer Name = Nounours-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 10/14/2011 2:11:44 PM | Computer Name = Nounours-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 10/14/2011 2:11:44 PM | Computer Name = Nounours-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 10/14/2011 2:11:45 PM | Computer Name = Nounours-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 10/14/2011 2:11:46 PM | Computer Name = Nounours-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

Error - 10/14/2011 2:11:46 PM | Computer Name = Nounours-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Échec de l’extraction de la liste racine tierce depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon
la vérification par rapport à l’horloge système en cours ou le tampon daté dans
le fichier signé. .

[ Media Center Events ]
Error - 4/3/2011 1:31:36 PM | Computer Name = Nounours-PC | Source = MCUpdate | ID = 0
Description = 19:31:36 - Erreur de connexion à Internet. 19:31:36 - Impossible
de contacter le service..

Error - 4/3/2011 2:31:41 PM | Computer Name = Nounours-PC | Source = MCUpdate | ID = 0
Description = 20:31:41 - Erreur de connexion à Internet. 20:31:41 - Impossible
de contacter le service..

Error - 4/3/2011 4:49:35 PM | Computer Name = Nounours-PC | Source = MCUpdate | ID = 0
Description = 22:49:35 - Erreur de connexion à Internet. 22:49:35 - Impossible
de contacter le service..

Error - 4/8/2011 2:35:50 AM | Computer Name = Nounours-PC | Source = MCUpdate | ID = 0
Description = 08:35:47 - Erreur de connexion à Internet. 08:35:47 - Impossible
de contacter le service..

[ System Events ]
Error - 10/16/2011 6:04:15 AM | Computer Name = Nounours-PC | Source = Service Control Manager | ID = 7011
Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de
l’attente de la réponse transactionnelle du service McProxy.

Error - 10/22/2011 6:52:09 AM | Computer Name = Nounours-PC | Source = EventLog | ID = 6008
Description = L’arrêt système précédant à 12:50:48 le ?22/?10/?2011 n’était pas
prévu.

Error - 10/22/2011 6:52:17 AM | Computer Name = NOUNOURS-PC | Source = BugCheck | ID = 1001
Description =

Error - 10/22/2011 8:31:04 AM | Computer Name = Nounours-PC | Source = Service Control Manager | ID = 7031
Description = Le service Apple Mobile Device s’est terminé de manière inattendue.
Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans
60000 millisecondes : Redémarrer le service.

Error - 10/22/2011 10:28:02 AM | Computer Name = Nounours-PC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR3.

Error - 10/22/2011 10:28:03 AM | Computer Name = Nounours-PC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR3.

Error - 10/22/2011 10:28:04 AM | Computer Name = Nounours-PC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR3.

Error - 10/22/2011 10:28:04 AM | Computer Name = Nounours-PC | Source = Disk | ID = 262155
Description = Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk1\DR3.

Error - 10/23/2011 6:42:19 AM | Computer Name = Nounours-PC | Source = EventLog | ID = 6008
Description = L’arrêt système précédant à 12:41:03 le ?23/?10/?2011 n’était pas
prévu.

Error - 10/23/2011 6:42:24 AM | Computer Name = Nounours-PC | Source = BugCheck | ID = 1001
Description =


< End of report >


OTL:

OTL logfile created on: 10/23/2011 2:09:02 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Nounours\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3.85 Gb Total Physical Memory | 2.08 Gb Available Physical Memory | 53.87% Memory free
7.71 Gb Paging File | 5.63 Gb Available in Paging File | 73.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 112.00 Gb Total Space | 25.27 Gb Free Space | 22.56% Space Free | Partition Type: NTFS
Drive D: | 165.99 Gb Total Space | 31.07 Gb Free Space | 18.72% Space Free | Partition Type: NTFS
Drive G: | 149.05 Gb Total Space | 16.53 Gb Free Space | 11.09% Space Free | Partition Type: NTFS

Computer Name: NOUNOURS-PC | User Name: Nounours | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Nounours\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics)
PRC - C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC)
PRC - C:\Windows\SysWOW64\Rezip.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Users\Nounours\AppData\Roaming\Mozilla\Firefox\Profiles\ymnob2o7.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko7.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Rezip) -- C:\Windows\SysWOW64\Rezip.exe ()


========== Driver Services (SafeList) ==========

DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (ss_bmdm) -- C:\Windows\SysNative\drivers\ss_bmdm.sys (MCCI Corporation)
DRV:64bit: - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\SysNative\drivers\ss_bbus.sys (MCCI)
DRV:64bit: - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\SysNative\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (SABI) -- C:\Windows\SysNative\drivers\SABI.sys (SAMSUNG ELECTRONICS)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (rtport) -- C:\Windows\SysWOW64\drivers\rtport.sys (Windows (R) 2003 DDK 3790 provider)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3457901039-3679683318-3372754741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=smsn
IE - HKU\S-1-5-21-3457901039-3679683318-3372754741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={9A915B5A-F756-4D7B-A3F5-72CDFB8DBBBE}&mid=d3281981fd5f47d1b05b31b718e7b1f8-a4f24ccae65d89e8d6eb06e6d029643cc176aa3e&lang=en&ds=tg026&pr=sa&d=2011-08-20 17:53:19&v=8.0.0.33&sap=hp
IE - HKU\S-1-5-21-3457901039-3679683318-3372754741-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3457901039-3679683318-3372754741-1000\..\URLSearchHook: {ef79f67a-6ad7-4715-a0f8-932fca442023} - No CLSID value found
IE - HKU\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Recherche sécurisée"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/firefox?client=firefox-a&rls=org.mozilla:fr:official"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://fr.search.yahoo.com/search?fr=mcafee&p="
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/09/26 19:51:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2011/10/13 16:12:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/22 14:29:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/10/22 14:29:09 | 000,000,000 | ---D | M]

[2011/01/29 13:32:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nounours\AppData\Roaming\mozilla\Extensions
[2011/09/30 22:14:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nounours\AppData\Roaming\mozilla\Firefox\Profiles\ymnob2o7.default\extensions
[2011/09/28 10:50:05 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\Nounours\AppData\Roaming\mozilla\Firefox\Profiles\ymnob2o7.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/09/23 20:28:26 | 000,000,000 | ---D | M] (BittorrentBar_FR Community Toolbar) -- C:\Users\Nounours\AppData\Roaming\mozilla\Firefox\Profiles\ymnob2o7.default\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023}
[2011/09/30 22:14:50 | 000,000,000 | ---D | M] (Download Youtube Videos +) -- C:\Users\Nounours\AppData\Roaming\mozilla\Firefox\Profiles\ymnob2o7.default\extensions\video.downloader.plugin@ffpimp.com
[2011/07/19 11:07:58 | 000,002,243 | ---- | M] () -- C:\Users\Nounours\AppData\Roaming\Mozilla\Firefox\Profiles\ymnob2o7.default\searchplugins\s-amazon-fr.xml
[2011/10/19 19:32:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/02/02 17:36:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/02/25 10:45:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/08/17 16:30:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/10/19 19:32:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/10/13 16:12:34 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES (X86)\COMMON FILES\MCAFEE\SYSTEMCORE
[2011/09/26 19:51:11 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2011/10/03 22:00:36 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/03 22:00:33 | 000,001,516 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-france.xml
[2011/10/03 22:00:33 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/10/03 22:00:33 | 000,001,822 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/10/03 22:00:33 | 000,001,154 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-france.xml
[2011/09/25 19:10:48 | 000,002,035 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011/10/03 22:00:33 | 000,001,426 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/10/03 22:00:33 | 000,000,956 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-france.xml

========== Chrome ==========


O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111012135458.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (My Personal Homepage) - {0538CF1C-8419-4800-ADBB-0C00C799FDA2} - C:\Users\Nounours\AppData\Roaming\Genieo\Application\IEPlugins\bin\IEWrapper.dll File not found
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~2\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111012135458.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3457901039-3679683318-3372754741-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-3457901039-3679683318-3372754741-1000\..\Toolbar\WebBrowser: (no name) - {EF79F67A-6AD7-4715-A0F8-932FCA442023} - No CLSID value found.
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NortonOnlineBackup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3457901039-3679683318-3372754741-1000..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-3457901039-3679683318-3372754741-1000..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Nounours\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O9 - Extra Button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C60DE602-45B1-48F4-A158-C236BA4AC340}: DhcpNameServer = 212.27.40.241 212.27.40.240
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1d43d118-cb07-11e0-93e1-e0fe5e03580b}\Shell - "" = AutoRun
O33 - MountPoints2\{1d43d118-cb07-11e0-93e1-e0fe5e03580b}\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin


SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootMin:64bit: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: McMPFSvc - Service
SafeBootNet:64bit: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet:64bit: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: mfefire - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SafeBootNet:64bit: mfefirek - C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet:64bit: mfefirek.sys - C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet:64bit: mfehidk - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet:64bit: mfehidk.sys - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet:64bit: mfevtp - C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: McMPFSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)


========== Files/Folders - Created Within 30 Days ==========

[2011/10/23 13:44:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
[2011/10/23 13:44:22 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed
[2011/10/23 12:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/10/22 14:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/10/22 14:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/10/22 14:33:31 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/10/22 14:33:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011/10/22 14:30:05 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/10/22 14:30:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011/10/22 14:29:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/10/22 14:28:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/10/22 14:25:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011/10/22 12:50:44 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{86541198-7D9B-41AB-BB52-53C02B99C809}
[2011/10/22 12:50:33 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{A375351F-8667-4C65-BA1C-BD6DB699695E}
[2011/10/21 18:58:27 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{A111527B-1A62-44AB-AE9A-1852185E4150}
[2011/10/21 18:56:32 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{11E2C21E-CBB8-49B1-B83F-4271A82FA28C}
[2011/10/20 16:38:28 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{27E97523-5D37-4A1B-AD1D-B7EF55D3B4FD}
[2011/10/20 16:38:04 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{B90723AC-E569-4A4F-9E68-60D227404048}
[2011/10/19 19:32:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/10/19 19:32:27 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/10/19 19:32:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/10/19 19:32:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/10/19 17:46:39 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{7BFFA804-B9D4-4888-B9DA-6C84544CFF12}
[2011/10/19 05:46:35 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{721B5995-4B41-43D4-91C4-B26AAB45472F}
[2011/10/18 16:09:43 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{ECACDB20-3590-4E3D-826A-B0814D49B8A5}
[2011/10/18 16:09:32 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{53CD1699-2481-4A8A-BF63-351A280985CB}
[2011/10/17 16:16:47 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{C9A5CEFA-5242-4888-8DD1-FA45AF89C7B8}
[2011/10/17 16:16:32 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{C046363E-B888-4700-9CDC-B7AA91D877B2}
[2011/10/16 12:09:48 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{66024041-6AF2-44E6-8F19-94415DC2ED37}
[2011/10/16 12:07:40 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{50B1EC59-854F-4E80-A682-67135D0FAD3E}
[2011/10/15 12:31:05 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{4496F3A4-3890-4479-9CEA-97ADC04495D3}
[2011/10/15 12:30:54 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{DD86F378-3A67-470F-B9B4-D6B4678F899A}
[2011/10/14 19:24:49 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{AADE7330-1D51-4C01-ADA8-9E66B0275D33}
[2011/10/14 19:24:31 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{594773A3-00BF-4A52-8DB0-B93D407E4B79}
[2011/10/13 16:31:11 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/10/13 16:31:09 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/10/13 16:31:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/10/13 16:31:05 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/10/13 16:31:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/10/13 16:30:58 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/10/13 16:30:57 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/10/13 16:30:36 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011/10/13 16:30:35 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011/10/13 16:30:33 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011/10/13 16:30:31 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011/10/13 16:29:07 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011/10/13 16:29:05 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/10/13 16:14:14 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{ABA3AF38-561F-4854-882C-E03C418FD6B7}
[2011/10/13 16:13:59 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{A46D2576-93F0-4B0F-A4F4-D201B8798537}
[2011/10/12 14:03:37 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{36DA30F4-9809-4220-A19C-D82B9183AA2D}
[2011/10/12 14:03:26 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{F4DA073D-6A63-4520-818D-5F9E9DC71E8E}
[2011/10/11 13:54:42 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{288CE3A0-17AF-4192-B437-8C4F1C394860}
[2011/10/11 13:54:20 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{9FFBDAA2-E47D-462B-837F-A014430A49E6}
[2011/10/10 18:56:49 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{2A6FDBA5-D5E9-458D-8860-3DEEC8F93732}
[2011/10/10 18:54:03 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{EB941E78-F2AD-410A-8E44-D95E7111D2B5}
[2011/10/08 20:54:27 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{2FCD5D65-A530-4EDE-9F71-B4F309CC628A}
[2011/10/08 20:54:16 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{A23BE19A-878D-4638-A908-E2956A7E4656}
[2011/10/08 17:31:46 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{EEF6B266-6C5C-44D0-B118-2F8220EAD86C}
[2011/10/07 15:10:28 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{F5A0F97F-8836-4293-BAB3-531FCE35F064}
[2011/10/07 15:08:09 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{7AC13110-5DC1-494E-85E8-CB5FA97F1EC6}
[2011/10/06 19:02:29 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{01C2B689-EC5C-410B-8F90-BFC88CC3D1EB}
[2011/10/06 19:02:16 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{E16958C0-1B4A-4B0E-85FC-8B01396456FC}
[2011/10/05 13:45:53 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{B84A4C20-521A-4259-A12F-38C5D9B39367}
[2011/10/05 13:45:40 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{1729D736-620E-4B75-BDA8-1BCAB7AABF46}
[2011/10/04 22:14:17 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{D8FAC760-43F4-42EE-97FB-6616B4080E33}
[2011/10/04 22:12:33 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{94C9C65F-2E2C-421E-90A1-8DAC8171F9D1}
[2011/10/04 10:12:04 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{6B27C240-F308-4151-8C35-3BDEAAF37179}
[2011/10/04 10:11:53 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{A42EF139-DCC3-48D3-937E-625F9167D618}
[2011/10/03 22:11:25 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{BF194BAF-6FE4-467D-A4E9-2C0D2D44545D}
[2011/10/03 22:10:33 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{9DF865FB-C347-4DA8-AA38-185C3C9D0B57}
[2011/10/03 10:10:04 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{1285F930-A53B-4C07-87BD-0FA55516A1DB}
[2011/10/03 10:09:53 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{60E38F86-78B6-44BE-89E0-633115DBE088}
[2011/10/02 15:22:46 | 000,000,000 | ---D | C] -- C:\Users\Nounours\Desktop\Nouveau dossier (3)
[2011/10/02 14:11:17 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{C00C1E70-8D9D-45D6-A27F-EE6939B754EC}
[2011/10/02 14:11:02 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{BD248302-80B7-4CAE-9F7F-80ADC1FF8956}
[2011/10/02 11:20:10 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[2011/10/01 11:17:05 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{9BB09365-FA3C-4560-9FEA-CA8415BE5529}
[2011/10/01 11:16:42 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{50348F6E-6032-4AA4-AA9D-F0046082C80F}
[2011/09/30 19:50:47 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{1206D265-5B24-488C-A6AA-046B71CD3C1D}
[2011/09/30 19:50:36 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{6720CF59-E0F3-47D5-BE36-4B14D6050492}
[2011/09/29 17:24:39 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{0DF71EEE-681A-4247-86F3-C22A864D6943}
[2011/09/29 17:24:26 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{3A57AC60-37BD-408C-8CAD-A824E2884D75}
[2011/09/29 09:30:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011/09/29 09:28:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011/09/28 23:05:00 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{B77B7ED6-67E7-4466-9A72-775EECE98C39}
[2011/09/28 23:03:30 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{2353BEA7-6688-48C6-9591-031D99871751}
[2011/09/28 11:03:04 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{6D8C8DCE-A8AD-4BB7-BD2F-B27A4F5F3D58}
[2011/09/28 11:01:26 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{3A700E05-FA3B-426F-95CB-10EEF413EF40}
[2011/09/27 18:18:01 | 000,000,000 | ---D | C] -- C:\Users\Nounours\Desktop\animation
[2011/09/27 15:01:54 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{A687B639-A876-4CFA-AF8D-9E8989FCE58F}
[2011/09/27 15:01:43 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{85C7E453-F938-46FD-ABE3-5CF4BA4BBD0D}
[2011/09/26 21:33:55 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{CB19BDDF-7EA8-4EF1-B304-1215596F3A10}
[2011/09/26 21:33:43 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{71FA1CE3-0740-46A0-A324-E3B33BC811C2}
[2011/09/24 14:55:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualPainter5LEforCASIO_E
[2011/09/24 14:53:03 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CASIO
[2011/09/24 14:53:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CASIO
[2011/09/23 21:12:19 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{B732587B-38F8-4CA2-BE98-A766A3E24444}
[2011/09/23 21:12:08 | 000,000,000 | ---D | C] -- C:\Users\Nounours\AppData\Local\{8BE6DB71-A5F1-4B3A-94D6-6BA4CBFCE45A}
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/23 14:10:28 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011/10/23 13:44:40 | 000,027,243 | ---- | M] () -- C:\Users\Nounours\AppData\Local\Temp19.html
[2011/10/23 13:44:32 | 000,002,645 | ---- | M] () -- C:\Users\Nounours\AppData\Local\Temp4.html
[2011/10/23 13:44:27 | 000,001,892 | ---- | M] () -- C:\Users\Nounours\AppData\Local\Temp1.html
[2011/10/23 13:39:57 | 000,001,212 | ---- | M] () -- C:\Users\Nounours\Desktop\Continue SweetIM Installation.lnk
[2011/10/23 12:50:12 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/23 12:50:12 | 000,014,144 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/23 12:42:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/23 12:42:12 | 4137,803,776 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/22 16:29:34 | 001,549,700 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/22 16:29:34 | 000,704,480 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2011/10/22 16:29:34 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/22 16:29:34 | 000,130,754 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2011/10/22 16:29:34 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/22 14:34:40 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/10/19 19:43:20 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/10/14 19:12:27 | 000,293,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/10/03 22:00:57 | 000,002,056 | -H-- | M] () -- C:\Users\Nounours\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/03 05:06:16 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/10/03 05:06:15 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/10/03 05:06:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/10/03 05:06:03 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/10/01 19:13:19 | 000,140,345 | ---- | M] () -- C:\Users\Nounours\Desktop\modele-de-contrat-de-travail.pdf
[2011/09/29 09:42:32 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2011/09/29 09:42:32 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2011/09/24 14:53:04 | 000,001,161 | ---- | M] () -- C:\Users\Nounours\Desktop\Photo Transport.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/23 14:10:28 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011/10/23 13:44:40 | 000,027,243 | ---- | C] () -- C:\Users\Nounours\AppData\Local\Temp19.html
[2011/10/23 13:44:32 | 000,002,645 | ---- | C] () -- C:\Users\Nounours\AppData\Local\Temp4.html
[2011/10/23 13:44:27 | 000,001,892 | ---- | C] () -- C:\Users\Nounours\AppData\Local\Temp1.html
[2011/10/23 13:39:57 | 000,001,212 | ---- | C] () -- C:\Users\Nounours\Desktop\Continue SweetIM Installation.lnk
[2011/10/22 14:34:40 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/10/01 19:13:19 | 000,140,345 | ---- | C] () -- C:\Users\Nounours\Desktop\modele-de-contrat-de-travail.pdf
[2011/09/24 14:55:40 | 000,001,116 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Painter 5 LE for CASIO.lnk
[2011/09/24 14:53:04 | 000,001,161 | ---- | C] () -- C:\Users\Nounours\Desktop\Photo Transport.lnk
[2011/03/26 23:10:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/02/19 15:40:50 | 000,002,528 | ---- | C] () -- C:\Users\Nounours\AppData\Roaming\$_hpcst$.hpc
[2011/02/08 21:16:46 | 000,179,867 | ---- | C] () -- C:\Windows\hpoins38.dat
[2011/01/29 12:33:44 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010/06/01 19:03:25 | 000,002,110 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/06/01 18:56:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/06/01 03:58:24 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe
[2010/06/01 03:12:53 | 000,001,612 | ---- | C] () -- C:\Windows\HotFixList.ini
[2010/06/01 03:04:55 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\Rezip.exe
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/07/13 23:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/13 23:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 23:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/06/04 19:59:42 | 000,000,622 | ---- | C] () -- C:\Windows\hpomdl38.dat
[2007/10/25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys

========== LOP Check ==========

[2011/10/23 12:41:30 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\BitTorrent
[2011/08/20 18:16:48 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\DAEMON Tools Lite
[2011/09/18 19:53:44 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\FileZilla
[2011/08/20 17:53:23 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\Genieo
[2011/08/20 17:52:46 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\OpenCandy
[2011/02/02 17:38:34 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\OpenOffice.org
[2011/05/29 15:17:05 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\PCStitch Pro
[2011/02/19 15:57:21 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\Samsung
[2011/08/07 22:59:41 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %temp%\smtmp\1\*.* /s >

< %temp%\smtmp\2\*.* /s >

< %temp%\smtmp\4\*.* /s >

< nslookup www.google.fr /c >
Serveur : dns2.proxad.net
Address: 212.27.40.241
DNS request timed out.
timeout was 2 seconds.
Nom : www.l.google.com
Addresses: 74.125.39.104
74.125.39.105
74.125.39.99
74.125.39.106
74.125.39.147
74.125.39.103
Aliases: WWW.GOOGLE.FR
www.google.com

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011/01/30 18:14:39 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\Adobe
[2011/05/25 17:39:12 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\Apple Computer
[2011/01/29 12:49:53 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\ATI
[2011/10/23 12:41:30 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\BitTorrent
[2011/08/20 18:16:48 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\DAEMON Tools Lite
[2011/09/04 13:33:55 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\dvdcss
[2011/09/18 19:53:44 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\FileZilla
[2011/08/20 17:53:23 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\Genieo
[2011/01/29 13:28:46 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\Google
[2011/01/29 12:49:05 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\Identities
[2011/01/29 13:29:28 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\Macromedia
[2010/06/01 19:15:45 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\Media Center Programs
[2011/08/20 18:28:10 | 000,000,000 | --SD | M] -- C:\Users\Nounours\AppData\Roaming\Microsoft
[2011/01/29 13:32:29 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\Mozilla
[2011/08/20 17:52:46 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\OpenCandy
[2011/02/02 17:38:34 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\OpenOffice.org
[2011/05/29 15:17:05 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\PCStitch Pro
[2011/02/19 15:57:21 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\Samsung
[2011/03/26 23:12:14 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\Skype
[2011/03/26 23:10:41 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\skypePM
[2011/10/09 18:29:15 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\vlc
[2011/03/29 13:48:10 | 000,000,000 | ---D | M] -- C:\Users\Nounours\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2011/09/24 14:53:03 | 000,049,152 | R--- | M] (Acresso Software Inc.) -- C:\Users\Nounours\AppData\Roaming\Microsoft\Installer\{CDC7F188-3A08-45C3-8C3C-99BE32911949}\ARPPRODUCTICON.exe
[2011/08/20 18:28:10 | 000,010,134 | R--- | M] () -- C:\Users\Nounours\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011/08/20 17:52:50 | 004,236,640 | ---- | M] () -- C:\Users\Nounours\AppData\Roaming\OpenCandy\OpenCandy_623A894BDBFA4464BAC029D3A77952A8\AVGToolbarGE_p1v2.exe
[2011/08/11 18:56:50 | 007,212,360 | ---- | M] () -- C:\Users\Nounours\AppData\Roaming\OpenCandy\OpenCandy_623A894BDBFA4464BAC029D3A77952A8\AVGToolbarInstaller-gt026.exe
[2011/08/20 17:52:46 | 000,416,160 | ---- | M] () -- C:\Users\Nounours\AppData\Roaming\OpenCandy\OpenCandy_623A894BDBFA4464BAC029D3A77952A8\LatestDLMgr.exe

< %SYSTEMDRIVE%\*.exe >

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: DISK.SYS >
[2009/07/14 03:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\drivers\disk.sys
[2009/07/14 03:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009/07/14 03:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

< MD5 for: IASTOR.SYS >
[2010/04/27 09:57:04 | 000,540,696 | ---- | M] (Intel Corporation) MD5=A5F72BB0D024E7E463344105BE613AE4 -- C:\Windows\SysNative\drivers\iaStor.sys
[2010/04/27 09:57:04 | 000,540,696 | ---- | M] (Intel Corporation) MD5=A5F72BB0D024E7E463344105BE613AE4 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_c62e28b241ae90ea\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NDIS.SYS >
[2010/11/20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\SysNative\drivers\ndis.sys
[2010/11/20 15:33:45 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NTOSKRNL.EXE >
[2011/04/09 08:21:32 | 003,911,552 | ---- | M] (Microsoft Corporation) MD5=0F4A148499CC6FA5D84A0F1587869051 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20941_none_6cb79c952e776446\ntoskrnl.exe
[2011/06/23 07:31:31 | 005,474,688 | ---- | M] (Microsoft Corporation) MD5=12EC6D619756240886680523392EEF9C -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20994_none_c8a3295ae6faad36\ntoskrnl.exe
[2010/11/20 14:30:06 | 003,911,040 | ---- | M] (Microsoft Corporation) MD5=2088D9994332583EDB3C561DE31EA5AD -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_6e37cb8c12652b73\ntoskrnl.exe
[2011/04/09 08:54:07 | 005,475,712 | ---- | M] (Microsoft Corporation) MD5=240D89BBE5BCD168D748D6C12B6FE884 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20941_none_c8d63818e6d4d57c\ntoskrnl.exe
[2010/06/19 09:05:01 | 005,507,968 | ---- | M] (Microsoft Corporation) MD5=28C4FE45FC1B176FA74A48FB15DE7C9A -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16617_none_c8730901cd997f9b\ntoskrnl.exe
[2010/02/27 13:46:28 | 003,899,784 | ---- | M] (Microsoft Corporation) MD5=466FD46F58768E56F7B841681014EFF1 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20655_none_6cb0c81f2e7bee1e\ntoskrnl.exe
[2010/06/19 09:05:25 | 005,474,184 | ---- | M] (Microsoft Corporation) MD5=5223C216E348E397C5EACCBEFB57FFF2 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20738_none_c8e8063ee6c6709e\ntoskrnl.exe
[2011/06/23 07:43:12 | 005,561,216 | ---- | M] (Microsoft Corporation) MD5=577841951E8BAD6EA8288106693CD39F -- C:\Windows\SysNative\ntoskrnl.exe
[2011/06/23 07:43:12 | 005,561,216 | ---- | M] (Microsoft Corporation) MD5=577841951E8BAD6EA8288106693CD39F -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_ca31f809cade8847\ntoskrnl.exe
[2011/04/09 08:02:25 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=5D21C487F79F8245E799071589E035BF -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_6ddf4b9812a7d84d\ntoskrnl.exe
[2011/06/23 06:32:02 | 003,911,552 | ---- | M] (Microsoft Corporation) MD5=638A384E9968036D42BDBDE499A1C8B8 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20994_none_6c848dd72e9d3c00\ntoskrnl.exe
[2010/10/27 06:43:38 | 003,901,824 | ---- | M] (Microsoft Corporation) MD5=776201760B5692F10DDA3BE85B54F213 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16695_none_6bfbed8a157ebb3f\ntoskrnl.exe
[2010/02/27 17:28:56 | 005,485,448 | ---- | M] (Microsoft Corporation) MD5=7B7253D90EF53BAFCDC96C888B1DB4F3 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20655_none_c8cf63a2e6d95f54\ntoskrnl.exe
[2010/06/19 08:33:29 | 003,899,784 | ---- | M] (Microsoft Corporation) MD5=8218E74A67942120BF8EE30661EDF83F -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16617_none_6c546d7e153c0e65\ntoskrnl.exe
[2011/06/23 07:55:25 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=90EFDB506F6140EEA9DEE398D9449D86 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_6e972ad72ba2517f\ntoskrnl.exe
[2011/04/09 08:50:20 | 005,562,240 | ---- | M] (Microsoft Corporation) MD5=99C2715F138E7ED2F489AB796DD3B53C -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_cae7d4cee3dad1a4\ntoskrnl.exe
[2009/07/14 03:48:28 | 005,511,248 | ---- | M] (Microsoft Corporation) MD5=9E722B768E33D26AD8FA7D642E707443 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16385_none_c8255347cdd4190f\ntoskrnl.exe
[2009/07/14 03:20:44 | 003,899,472 | ---- | M] (Microsoft Corporation) MD5=B9D673F7707219DFD264891A26C21ECB -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16385_none_6c06b7c41576a7d9\ntoskrnl.exe
[2010/10/27 06:33:37 | 003,911,552 | ---- | M] (Microsoft Corporation) MD5=C6169F5FDC8399E0C6C0729AB6EF2EF8 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20826_none_6cd23bf92e62adf0\ntoskrnl.exe
[2010/11/20 15:33:46 | 005,563,776 | ---- | M] (Microsoft Corporation) MD5=C6CEC3E6CC9842B73501C70AA64C00FE -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_ca56670fcac29ca9\ntoskrnl.exe
[2011/06/23 07:22:01 | 005,561,728 | ---- | M] (Microsoft Corporation) MD5=CE6AF5EC2DB1567B6297ADCB56B39B5D -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_cab5c65ae3ffc2b5\ntoskrnl.exe
[2011/04/09 08:01:20 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=D385343510B75545EC5DB3A64C2D2492 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_6ec9394b2b7d606e\ntoskrnl.exe
[2010/06/19 08:37:01 | 003,909,512 | ---- | M] (Microsoft Corporation) MD5=D5662CD1F9B85936561A07ADC400ACF4 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20738_none_6cc96abb2e68ff68\ntoskrnl.exe
[2011/04/09 09:02:55 | 005,562,240 | ---- | M] (Microsoft Corporation) MD5=D60D9BCEAE5870A67E6C167F4681877B -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_c9fde71bcb054983\ntoskrnl.exe
[2011/04/09 08:13:06 | 003,901,824 | ---- | M] (Microsoft Corporation) MD5=D9FD1D6337F15AAF2012C69909615DB5 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16792_none_6bf8ee9215816c61\ntoskrnl.exe
[2010/02/27 14:07:48 | 003,899,280 | ---- | M] (Microsoft Corporation) MD5=DD2ED3246F5F4E4B07F385A9520C3C7C -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16539_none_6c40cc54154a7bce\ntoskrnl.exe
[2011/06/23 06:38:04 | 003,902,336 | ---- | M] (Microsoft Corporation) MD5=DFB0E9F902FDAB7CD2E180E4072D45DD -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16841_none_6c2dffca1559c47c\ntoskrnl.exe
[2011/04/09 08:45:48 | 005,509,504 | ---- | M] (Microsoft Corporation) MD5=E03A9AC0273182895DCB3693A36785C9 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16792_none_c8178a15cddedd97\ntoskrnl.exe
[2010/10/27 07:18:36 | 005,510,528 | ---- | M] (Microsoft Corporation) MD5=E2EA143288BFF3D6B3AEB88C3BC02DAF -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16695_none_c81a890dcddc2c75\ntoskrnl.exe
[2010/10/27 07:23:11 | 005,477,248 | ---- | M] (Microsoft Corporation) MD5=E6FC5686F6BB6F0CEB1107E6D064A944 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.20826_none_c8f0d77ce6c01f26\ntoskrnl.exe
[2011/06/23 07:29:39 | 005,507,968 | ---- | M] (Microsoft Corporation) MD5=EBECACD545E280FE7A0A2CBFC0AC29BD -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16841_none_c84c9b4dcdb735b2\ntoskrnl.exe
[2011/06/23 06:33:57 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=FB58ABD5E1F75A2CF713C9DFF0EC0804 -- C:\Windows\SysWOW64\ntoskrnl.exe
[2011/06/23 06:33:57 | 003,912,576 | ---- | M] (Microsoft Corporation) MD5=FB58ABD5E1F75A2CF713C9DFF0EC0804 -- C:\Windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_6e135c8612811711\ntoskrnl.exe
[2010/02/27 17:17:00 | 005,509,008 | ---- | M] (Microsoft Corporation) MD5=FD787551F58F9686CEC6353F693EF571 -- C:\Windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7600.16539_none_c85f67d7cda7ed04\ntoskrnl.exe

< MD5 for: NVSTOR.SYS >
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: RASACD.SYS >
[2009/07/14 02:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\SysNative\drivers\rasacd.sys
[2009/07/14 02:10:09 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=5A0DA8AD5762FA2D91678A8A01311704 -- C:\Windows\winsxs\amd64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_6bcef05d7f04260a\rasacd.sys

< MD5 for: RDPWD.SYS >
[2010/11/20 13:04:37 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=15B66C206B5CB095BAB980553F38ED23 -- C:\Windows\SysNative\drivers\rdpwd.sys
[2010/11/20 13:04:37 | 000,210,944 | ---- | M] (Microsoft Corporation) MD5=15B66C206B5CB095BAB980553F38ED23 -- C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7601.17514_none_a99b8db6eba2129b\rdpwd.sys
[2009/07/14 02:16:48 | 000,204,800 | ---- | M] (Microsoft Corporation) MD5=8A3E6BEA1C53EA6177FE2B6EBA2C80D7 -- C:\Windows\winsxs\amd64_microsoft-windows-t..dp-winstationdriver_31bf3856ad364e35_6.1.7600.16385_none_a76a79eeeeb38f01\rdpwd.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SFLOPPY.SYS >
[2009/07/14 02:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\drivers\sfloppy.sys
[2009/07/14 02:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\SysNative\DriverStore\FileRepository\flpydisk.inf_amd64_neutral_f54222cc59267e1e\sfloppy.sys
[2009/07/14 02:01:02 | 000,016,896 | ---- | M] (Microsoft Corporation) MD5=A9D601643A1647211A1EE2EC4E433FF4 -- C:\Windows\winsxs\amd64_flpydisk.inf_31bf3856ad364e35_6.1.7600.16385_none_42ff01d4942cc5ea\sfloppy.sys

< MD5 for: TCPIP.SYS >
[2011/04/25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2010/11/20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/06/21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010/06/14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2011/04/25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2010/06/14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011/04/25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011/06/21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2011/06/21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\SysNative\drivers\tcpip.sys
[2011/06/21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys

< MD5 for: TDPIPE.SYS >
[2009/07/14 02:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\SysNative\drivers\tdpipe.sys
[2009/07/14 02:16:32 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=3371D21011695B16333A3934340C4E7C -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdpipe.sys

< MD5 for: TDTCP.SYS >
[2009/07/14 02:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\SysNative\drivers\tdtcp.sys
[2009/07/14 02:16:32 | 000,023,552 | ---- | M] (Microsoft Corporation) MD5=E4245BDA3190A582D55ED09E137401A9 -- C:\Windows\winsxs\amd64_microsoft-windows-t..es-transportdrivers_31bf3856ad364e35_6.1.7600.16385_none_37a129135e68497e\tdtcp.sys

< MD5 for: USBPRINT.SYS >
[2009/07/14 02:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\drivers\usbprint.sys
[2009/07/14 02:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\SysNative\DriverStore\FileRepository\usbprint.inf_amd64_neutral_54948be2bc4bcdd1\usbprint.sys
[2009/07/14 02:38:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=73188F58FB384E75C4063D29413CEE3D -- C:\Windows\winsxs\amd64_usbprint.inf_31bf3856ad364e35_6.1.7600.16385_none_8eeeb411db1b01c5\usbprint.sys

< MD5 for: USBSCAN.SYS >
[2009/07/14 02:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\SysNative\drivers\usbscan.sys
[2009/07/14 02:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\SysNative\DriverStore\FileRepository\sti.inf_amd64_neutral_9d9a7113099a28a2\usbscan.sys
[2009/07/14 02:35:32 | 000,041,984 | ---- | M] (Microsoft Corporation) MD5=AAA2513C8AED8B54B189FD0C6B1634C0 -- C:\Windows\winsxs\amd64_sti.inf_31bf3856ad364e35_6.1.7600.16385_none_b5d3c30ffa77a77a\usbscan.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:9E22BBE8

< End of report >

[jeanmimigab]

hello,

Bon, aprioris pas de rootkit !

* Fais un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL
IE - HKU\S-1-5-21-3457901039-3679683318-3372754741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={9A915B5A-F756-4D7B-A3F5-72CDFB8DBBBE}&mid=d3281981fd5f47d1b05b31b718e7b1f8-a4f24ccae65d89e8d6eb06e6d029643cc176aa3e
IE - HKU\S-1-5-21-3457901039-3679683318-3372754741-1000\..\URLSearchHook: {ef79f67a-6ad7-4715-a0f8-932fca442023} - No CLSID value found
FF - prefs.js..browser.search.defaultenginename: "Recherche sécurisée"
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
[2011/09/28 10:50:05 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\Nounours\AppData\Roaming\mozilla\Firefox\Profiles\ymnob2o7.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/09/23 20:28:26 | 000,000,000 | ---D | M] (BittorrentBar_FR Community Toolbar) -- C:\Users\Nounours\AppData\Roaming\mozilla\Firefox\Profiles\ymnob2o7.default\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023}
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL File not found
O2 - BHO: (My Personal Homepage) - {0538CF1C-8419-4800-ADBB-0C00C799FDA2} - C:\Users\Nounours\AppData\Roaming\Genieo\Application\IEPlugins\bin\IEWrapper.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3457901039-3679683318-3372754741-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-3457901039-3679683318-3372754741-1000\..\Toolbar\WebBrowser: (no name) - {EF79F67A-6AD7-4715-A0F8-932FCA442023} - No CLSID value found.
O4 - HKLM\..\Run: [NPSStartup] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\wlpg - No CLSID value found
O33 - MountPoints2\{1d43d118-cb07-11e0-93e1-e0fe5e03580b}\Shell - "" = AutoRun
O33 - MountPoints2\{1d43d118-cb07-11e0-93e1-e0fe5e03580b}\Shell\AutoRun\command - "" = F:\Autorun.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:9E22BBE8
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

:files
C:\Users\Nounours\AppData\Roaming\OpenCandy
C:\Users\Nounours\AppData\Local\Temp19.html
C:\Users\Nounours\AppData\Local\Temp4.html
C:\Users\Nounours\AppData\Local\Temp1.html
C:\Users\Nounours\Desktop\Continue SweetIM Installation.lnk
C:\Users\Nounours\AppData\Roaming\Microsoft\Installer\{CDC7F188-3A08-45C3-8C3C-99BE32911949}
C:\Users\Nounours\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
C:\Users\Nounours\AppData\Roaming\OpenCandy\OpenCandy_623A894BDBFA4464BAC029D3A77952A8

:Commands
[emptytemp]
[EMPTYFLASH]
[RESETHOSTS]

* Cliques cette fois-ci sur l'icône "Correction" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport va s'ouvrir
* Copie et colle le rapports dans ta réponse stp...(en utilisant les balises "code" )


ensuite...

• télécharge Malwarebytes >>ici
• Installe le...
• Choisie "exécuter un examen rapide" et à la fin du scan , coche tous les éléments trouvés,et clique sur supprimer la sélection.
• Poste moi le rapport stp.

[clarabelle85]

Voilà le rapport, après le redémarrage du pc qu'il m'a demandé.

Code: Tout sélectionner

All processes killed
========== OTL ==========
HKU\S-1-5-21-3457901039-3679683318-3372754741-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{ef79f67a-6ad7-4715-a0f8-932fca442023} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ef79f67a-6ad7-4715-a0f8-932fca442023}\ not found.
Prefs.js: "Recherche sécurisée" removed from browser.search.defaultenginename
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ not found.
Folder C:\Users\Nounours\AppData\Roaming\mozilla\Firefox\Profiles\ymnob2o7.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ not found.
Folder C:\Users\Nounours\AppData\Roaming\mozilla\Firefox\Profiles\ymnob2o7.default\extensions\{ef79f67a-6ad7-4715-a0f8-932fca442023}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0538CF1C-8419-4800-ADBB-0C00C799FDA2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0538CF1C-8419-4800-ADBB-0C00C799FDA2}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-3457901039-3679683318-3372754741-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF79F67A-6AD7-4715-A0F8-932FCA442023} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF79F67A-6AD7-4715-A0F8-932FCA442023}\ not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ not found.
File Protocol\Handler\livecall - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ not found.
File Protocol\Handler\msnim - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ not found.
File Protocol\Handler\skype4com - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ not found.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ not found.
File Protocol\Handler\wlpg - No CLSID value found not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d43d118-cb07-11e0-93e1-e0fe5e03580b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d43d118-cb07-11e0-93e1-e0fe5e03580b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d43d118-cb07-11e0-93e1-e0fe5e03580b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d43d118-cb07-11e0-93e1-e0fe5e03580b}\ not found.
File F:\Autorun.exe not found.
File/Folder C:\Windows\SysWow64\*.tmp not found.
Unable to delete ADS C:\ProgramData\Temp:9E22BBE8 .
File/Folder C:\Windows\system32\*.tmp not found.
========== FILES ==========
C:\Users\Nounours\AppData\Roaming\OpenCandy\OpenCandy_623A894BDBFA4464BAC029D3A77952A8 folder moved successfully.
C:\Users\Nounours\AppData\Roaming\OpenCandy folder moved successfully.
C:\Users\Nounours\AppData\Local\Temp19.html moved successfully.
C:\Users\Nounours\AppData\Local\Temp4.html moved successfully.
C:\Users\Nounours\AppData\Local\Temp1.html moved successfully.
File\Folder C:\Users\Nounours\Desktop\Continue SweetIM Installation.lnk not found.
C:\Users\Nounours\AppData\Roaming\Microsoft\Installer\{CDC7F188-3A08-45C3-8C3C-99BE32911949} folder moved successfully.
C:\Users\Nounours\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13} folder moved successfully.
File\Folder C:\Users\Nounours\AppData\Roaming\OpenCandy\OpenCandy_623A894BDBFA4464BAC029D3A77952A8 not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Nounours
->Temp folder emptied: 1225795519 bytes
->Temporary Internet Files folder emptied: 66501720 bytes
->Java cache emptied: 13062 bytes
->FireFox cache emptied: 48687873 bytes
->Flash cache emptied: 12812448 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 115704787 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 54512 bytes
RecycleBin emptied: 1212 bytes
 
Total Files Cleaned = 1,401.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Nounours
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0.00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 10232011_164803

Files\Folders moved on Reboot...
C:\Users\Nounours\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...


[clarabelle85]

et voici le deuxième rapport

Code: Tout sélectionner

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Version de la base de données: 8005

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

23/10/2011 17:00:01
mbam-log-2011-10-23 (17-00-01).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 171455
Temps écoulé: 3 minute(s), 49 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)


[jeanmimigab]

Bon, c'est pas mal tout ça..

toujours des plantages ?

[clarabelle85]

aucun plantages depuis le dernier de ce matin, mais si je relance bittorent ... est ce que cela risque de recommencer?!

[jeanmimigab]

hello,

Peut être que cela plantera, et si c'est le cas c'est que tu as une incompatibilité avec ton OS 64 bits

Mais je ne vois pas le rapport entre le crash de ntoskrnl.exe et Bit torrent !

crash dump file: C:\Windows\Minidump\102311-18610-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x7CC40)

En général ce genre de crashs sont plutôt créer par un service/driver et de ce côté c'est plutôt pas mal

Essais et vois ce que ça donne.

[clarabelle85]

okiii !! merci beaucoup en tout cas !! je vais voir ce que ça donne !!

[clarabelle85]

Bon, et bien malheureusement, nouveau plantage suite à Bittorent !!!! snifff
10 minutes environ après l'avoir lancé !!!!
Ce qui est bizarre c'est que cette histoire de plantage est récente, par rapport a mon utilisation de bittorent.
Au début, ça se passait bien !!!!!

[jeanmimigab]

re,

Possible que ta version de BitTorrent soit abimé ou incompatible.
Désinstalle-le et prend celle ci
http://www.bittorrent.com/downloads/complete?os=win

si tu as des barres d'outils proposées, ne les installes surtout pas.

Si après ça cela plante toujours, je ne vois pas d'où ça vient

Relance OTL et cliques sur "purge outils' , laisse redémarrer le pc afin qu'OTL se désinstalle.

@++