bonjour tout le monde!
je sais qu'il y a déjà eu une discussion sur ce sujet et j'ai essayé de suivre les instructions mais la je suis paumée!
depuis une semaine j'ai avast qui me disait que le fichier "C:\WINDOWS\system32\drivers\atapi.sys" est infecté par le virus ALUREON EU . en + je sais pas si tout a un rapport mais je ne peux plus accéder a google.fr(il y a bien l'adresse google.fr d'affichée mais je suis sur google.com et quand je fais une recherche il ne reconnait pas les caractères français comme le ç et le é par exemple!)en + souvent j'ai des pages qui s'ouvrent sans que j'ai rien demandé et je suis souvent redirigé vers des sites pornographiques!!!)
en suivant le topic j'ai fait la première étape avec load_tdskiller et le rapport était vierge.
ensuite j'ai télechargé OTL et voici les rapports:
OTL extras:
OTL Extras logfile created on: 24/01/2010 12:21:09 - Run 1
OTL by OldTimer - Version 3.1.26.0 Folder = C:\Documents and Settings\Clarisse\Mes documents\Téléchargements
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1 022,00 Mb Total Physical Memory | 623,00 Mb Available Physical Memory | 61,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 42,49 Gb Free Space | 28,51% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: CLARISSE-ORDI
Current User Name: Clarisse
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = MozillaHTML] -- C:\PROGRA~1\MOZILLA.ORG\SEAMON~1\SEAMON~1.EXE File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- C:\PROGRA~1\MOZILLA.ORG\SEAMON~1\SEAMON~1.EXE -osint -url "%1" File not found
https [open] -- C:\PROGRA~1\MOZILLA.ORG\SEAMON~1\SEAMON~1.EXE -osint -url "%1" File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"48113:TCP" = 48113:TCP:LocalSubNet:Enabled:maconfig_tcp
"48113:UDP" = 48113:UDP:LocalSubNet:Enabled:maconfig_udp
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ma-config.com\maconfservice.exe" = C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice -- (CybelSoft)
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Program Files\SFR\Media Center\httpd\httpd.exe" = C:\Program Files\SFR\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.0/255.255.255.0:Enabled:Serveur de partage Media Center (Player SFR) -- (Apache Software Foundation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Disabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone) -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{109D28C7-FB38-483A-9C91-001CB59E2699}" = EPSON CardMonitor
"{1943A043-5C85-4A16-A0D0-D687B2C1A40F}" = VirtualCom driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23B59ED4-C360-11D7-875B-0090CC005647}" = EPSON PRINT Image Framer Tool2.1
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print
"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
"{494952B3-AA5A-486C-8495-6BF830962747}" = Ma-Config.com
"{53480330-E1D1-41CA-B8F8-7F78644F7F50}" = O&O Defrag Professional Edition
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65F5B7AF-3363-11D7-BB6B-00018021113F}" = EPSON PhotoQuicker3.5
"{66C8BE35-8BBB-472B-96C7-C7C9A499F988}" = PhotoImpression 5
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6860B340-530D-46B3-91F8-1AE1F70F7C33}" = OpenOffice.org 3.0
"{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel
"{7184F382-8A6C-4B85-A3AC-B63734B1E241}" = SAMSUNG Mobile USB Driver
"{72EEB695-388B-4835-8EA6-0C04545B06B9}" = Logiciel Intel(R) PROSet/Wireless WiFi
"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
"{7BD0A2D8-4EA0-43C6-BDF8-DDA87B8031C6}" = PIF DESIGNER2.1
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{9011040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1036-7B44-A92000000001}" = Adobe Reader 9.2 - Français
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{C48817E7-AA05-4151-A99D-1E1E550CE801}" = EPSON PhotoStarter3.1
"{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"AcerOrbiCamDrv" = Programme de gestion Camera de Acer
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast!" = avast! Antivirus
"CCleaner" = CCleaner (remove only)
"E24870CB6AA1C3511635FF9020A3E9471287FBE7" = Package de pilotes Windows - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"EPSON Stylus CX7300_CX8300_DX7400_DX8400 Guide d'utilisation" = EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 3.2
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"ie8" = Windows Internet Explorer 8
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.5.3
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Download Driver" = SAMSUNG Mobile USB Download Driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Samsung Mobile USB Modem Device" = Samsung Mobile USB Modem Device Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"SeaMonkey (1.1.14)" = SeaMonkey (1.1.14)
"SeaMonkey (2.0.2)" = SeaMonkey (2.0.2)
"SFR_Media Center" = SFR - Media Center
"SuperCopier2" = SuperCopier2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.0
"VLC media player" = VLC media player 0.9.8a
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Lecteur Windows Media 10
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
========== Last 10 Event Log Errors ========== [ Antivirus Events ]
Error - 05/11/2009 14:14:52 | Computer Name = CLARISSE-ORDI | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://widget-e8.slide.com/fsnapshot/13 ... /image.jpg failed, 0000A413.
Error - 07/11/2009 16:01:52 | Computer Name = CLARISSE-ORDI | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://clients1.google.fr/complete/sear ... &q=no&cp=2 failed, 0000A413.
[ Application Events ]
Error - 16/12/2009 11:55:12 | Computer Name = CLARISSE-ORDI | Source = Application Error | ID = 1000
Description = Application défaillante vlc.exe, version 0.9.8.1, module défaillant
libvlccore.dll, version 0.9.8.1, adresse de défaillance 0x00073fc7.
Error - 31/12/2009 19:42:59 | Computer Name = CLARISSE-ORDI | Source = Application Hang | ID = 1002
Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 01/01/2010 01:21:26 | Computer Name = CLARISSE-ORDI | Source = Application Hang | ID = 1002
Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 02/01/2010 16:07:00 | Computer Name = CLARISSE-ORDI | Source = Application Hang | ID = 1002
Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 02/01/2010 16:09:19 | Computer Name = CLARISSE-ORDI | Source = Application Hang | ID = 1002
Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 08/01/2010 14:59:09 | Computer Name = CLARISSE-ORDI | Source = Application Hang | ID = 1002
Description = Application bloquée firefox.exe, version 1.9.0.3623, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 11/01/2010 06:27:36 | Computer Name = CLARISSE-ORDI | Source = Application Hang | ID = 1002
Description = Application bloquée wmplayer.exe, version 10.0.0.3802, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 14/01/2010 13:37:51 | Computer Name = CLARISSE-ORDI | Source = Application Hang | ID = 1002
Description = Application bloquée rundll32.exe, version 5.1.2600.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 14/01/2010 13:37:52 | Computer Name = CLARISSE-ORDI | Source = Application Hang | ID = 1002
Description = Application bloquée rundll32.exe, version 5.1.2600.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.
Error - 14/01/2010 14:31:49 | Computer Name = CLARISSE-ORDI | Source = crypt32 | ID = 131083
Description = Échec de l'extraction de la liste racine tierce partie depuis le fichier
CAB de mise à jour automatique à : <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
avec l'erreur : Une erreur interne de chaînage des certificats s'est produite.
[ System Events ]
Error - 23/01/2010 13:59:23 | Computer Name = CLARISSE-ORDI | Source = Ftdisk | ID = 262193
Description = Échec de la configuration du fichier d'échange pour le vidage sur
incident. Assurez-vous qu'un fichier d'échange est présent sur la partition d'amorçage
et
qu'il est suffisamment grand pour contenir toute la mémoire physique.
Error - 23/01/2010 13:59:29 | Computer Name = CLARISSE-ORDI | Source = Service Control Manager | ID = 7000
Description = Le service Service Google Update (gupdate) n'a pas pu démarrer en
raison de l'erreur : %%3
Error - 23/01/2010 14:16:49 | Computer Name = CLARISSE-ORDI | Source = Ftdisk | ID = 262189
Description = Le système n'a pas pu charger le pilote du fichier de vidage sur incident.
Error - 23/01/2010 14:16:49 | Computer Name = CLARISSE-ORDI | Source = Ftdisk | ID = 262193
Description = Échec de la configuration du fichier d'échange pour le vidage sur
incident. Assurez-vous qu'un fichier d'échange est présent sur la partition d'amorçage
et
qu'il est suffisamment grand pour contenir toute la mémoire physique.
Error - 23/01/2010 14:16:57 | Computer Name = CLARISSE-ORDI | Source = Service Control Manager | ID = 7000
Description = Le service Service Google Update (gupdate) n'a pas pu démarrer en
raison de l'erreur : %%3
Error - 24/01/2010 07:06:27 | Computer Name = CLARISSE-ORDI | Source = Ftdisk | ID = 262189
Description = Le système n'a pas pu charger le pilote du fichier de vidage sur incident.
Error - 24/01/2010 07:06:27 | Computer Name = CLARISSE-ORDI | Source = Ftdisk | ID = 262193
Description = Échec de la configuration du fichier d'échange pour le vidage sur
incident. Assurez-vous qu'un fichier d'échange est présent sur la partition d'amorçage
et
qu'il est suffisamment grand pour contenir toute la mémoire physique.
Error - 24/01/2010 07:06:36 | Computer Name = CLARISSE-ORDI | Source = Service Control Manager | ID = 7000
Description = Le service Service Google Update (gupdate) n'a pas pu démarrer en
raison de l'erreur : %%3
Error - 24/01/2010 07:14:11 | Computer Name = CLARISSE-ORDI | Source = sr | ID = 1
Description = Le filtre de restauration du système à rencontré l'erreur inattendue
'0xC0000001' pendant le traitement du fichier '' sur le volume 'HarddiskVolume1'.
Ceci a entraîné l'arrêt de la surveillance du volume.
Error - 24/01/2010 07:14:25 | Computer Name = CLARISSE-ORDI | Source = Service Control Manager | ID = 7000
Description = Le service Service Google Update (gupdate) n'a pas pu démarrer en
raison de l'erreur : %%3
< End of report >
et OTL:
OTL logfile created on: 24/01/2010 12:21:09 - Run 1
OTL by OldTimer - Version 3.1.26.0 Folder = C:\Documents and Settings\Clarisse\Mes documents\Téléchargements
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
1 022,00 Mb Total Physical Memory | 623,00 Mb Available Physical Memory | 61,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 42,49 Gb Free Space | 28,51% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: CLARISSE-ORDI
Current User Name: Clarisse
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Clarisse\Mes documents\Téléchargements\OTL(2).exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation)
PRC - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATI9CE.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Clarisse\Mes documents\Téléchargements\OTL(2).exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\framedyn.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV - (gupdate) Service Google Update (gupdate) -- File not found
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
SRV - (EvtEng) Intel(R) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (S24EventMonitor) Intel(R) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation)
SRV - (RegSrvc) Intel(R) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (O&O Defrag) -- C:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
SRV - (LVSrvLauncher) -- C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (NVSvc) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation)
SRV - (ose) -- C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (NETw5x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)
DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ss_bmdm) -- C:\WINDOWS\system32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\WINDOWS\system32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (LVMVDrv) -- C:\WINDOWS\system32\drivers\LVMVdrv.sys (Logitech Inc.)
DRV - (lv321av) Logitech USB PC Camera (VC0321) -- C:\WINDOWS\system32\drivers\lv321av.sys (Logitech Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (StarOpen) -- C:\WINDOWS\system32\drivers\StarOpen.sys ()
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (ESMCR) -- C:\WINDOWS\system32\drivers\ESM7SK.sys (ENE Technology Inc.)
DRV - (ESDCR) -- C:\WINDOWS\system32\drivers\ESD7SK.sys (ENE Technology Inc.)
DRV - (EMSCR) -- C:\WINDOWS\system32\drivers\EMS7SK.sys (ENE Technology Inc.)
DRV - (w39n51) Intel(R) -- C:\WINDOWS\system32\drivers\w39n51.sys (Intel® Corporation)
DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (PCANDIS5) -- C:\WINDOWS\system32\pcandis5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (PCASp50) -- C:\WINDOWS\system32\drivers\PCASp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (bcm4sbxp) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (PCAMPR5) -- C:\WINDOWS\system32\pcampr5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://home.microsoft.com/access/allinone.aspIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://suggestqueries.google.com/IE - HKCU\..\URLSearchHook: {08C06D61-F1F3-4799-86F8-BE1A89362C85} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://m.fr.yahoo.com/"
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/23 11:41:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/23 11:41:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\SeaMonkey 1.1.14\Extensions\\Components: C:\Program Files\mozilla.org\SeaMonkey\Components
FF - HKLM\software\mozilla\SeaMonkey 1.1.14\Extensions\\Plugins: C:\Program Files\mozilla.org\SeaMonkey\Plugins
FF - HKLM\software\mozilla\SeaMonkey 2.0.2\extensions\\Components: C:\Program Files\SeaMonkey\components [2010/01/23 11:05:13 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\SeaMonkey 2.0.2\extensions\\Plugins: C:\Program Files\SeaMonkey\plugins [2010/01/23 11:04:52 | 00,000,000 | ---D | M]
[2010/01/23 11:41:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Clarisse\Application Data\Mozilla\Extensions
[2010/01/23 11:41:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Clarisse\Application Data\Mozilla\Firefox\Profiles\7gvz0uho.default\extensions
[2010/01/23 11:41:39 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/16 02:10:07 | 00,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/01/16 02:10:07 | 00,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/01/16 02:10:07 | 00,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/01/16 02:10:07 | 00,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/01/16 02:10:07 | 00,000,652 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
O1 HOSTS File: ([2010/01/23 12:05:30 | 00,373,670 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 89.149.210.142
http://www.google.noO1 - Hosts: 89.149.210.142
http://www.google.nlO1 - Hosts: 89.149.210.142
http://www.google.comO1 - Hosts: 89.149.210.142
http://www.google.seO1 - Hosts: 89.149.210.142 uk.search.yahoo.com
O1 - Hosts: 89.149.210.142
http://www.google.ptO1 - Hosts: 89.149.210.142
http://www.google.esO1 - Hosts: 89.149.210.142
http://www.google.caO1 - Hosts: 89.149.210.142
http://www.google.beO1 - Hosts: 89.149.210.142
http://www.google.fiO1 - Hosts: 89.149.210.142
http://www.google.com.brO1 - Hosts: 89.149.210.142
http://www.google.co.ukO1 - Hosts: 89.149.210.142
http://www.google.dkO1 - Hosts: 89.149.210.142
http://www.google.co.jpO1 - Hosts: 89.149.210.142
http://www.google.frO1 - Hosts: 89.149.210.142
http://www.google.co.zaO1 - Hosts: 89.149.210.142
http://www.google.deO1 - Hosts: 89.149.210.142
http://www.google.chO1 - Hosts: 89.149.210.142
http://www.google.atO1 - Hosts: 89.149.210.142
http://www.google.itO1 - Hosts: 89.149.210.142 search.yahoo.com
O1 - Hosts: 89.149.210.142
http://www.google.ieO1 - Hosts: 89.149.210.142 us.search.yahoo.com
O1 - Hosts: 89.149.210.142
http://www.google.grO1 - Hosts: 89.149.210.142
http://www.google.com.mxO1 - Hosts: 12902 more lines...
O2 - BHO: (no name) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE (SEIKO EPSON CORPORATION)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKLM\..Trusted Domains: 58 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: 57 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Plugin Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: DirectAnimation Java Classes
file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java
file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Clarisse\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Clarisse\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/09/10 23:38:54 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8f20e6d7-0804-11df-9070-0016d4688a18}\Shell\AutoRun\command - "" = D:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2010/01/24 12:10:22 | 00,000,000 | ---D | C] -- C:\tdsskiller
[2010/01/23 18:35:54 | 00,000,000 | ---D | C] -- C:\Program Files\Prg Chris
[2010/01/23 18:04:04 | 00,000,000 | ---D | C] -- C:\UsbFix
[2010/01/23 11:44:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/01/23 11:44:07 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/01/23 11:41:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Clarisse\Application Data\Mozilla
[2010/01/23 11:41:37 | 00,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/01/23 11:34:23 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Clarisse\Recent
[2010/01/23 11:23:20 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Clarisse\IECompatCache
[2010/01/23 11:22:50 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Clarisse\PrivacIE
[2010/01/23 11:19:23 | 10,776,568 | ---- | C] (Mozilla Foundation) -- C:\Program Files\xul.dll
[2010/01/23 11:19:23 | 00,428,024 | ---- | C] (sqlite.org) -- C:\Program Files\sqlite3.dll
[2010/01/23 11:19:23 | 00,244,728 | ---- | C] (Mozilla Foundation) -- C:\Program Files\updater.exe
[2010/01/23 11:19:23 | 00,155,648 | ---- | C] (Mozilla Foundation) -- C:\Program Files\softokn3.dll
[2010/01/23 11:19:23 | 00,136,696 | ---- | C] (Mozilla Foundation) -- C:\Program Files\ssl3.dll
[2010/01/23 11:19:23 | 00,103,928 | ---- | C] (Mozilla Foundation) -- C:\Program Files\smime3.dll
[2010/01/23 11:19:23 | 00,020,472 | ---- | C] (Mozilla Foundation) -- C:\Program Files\plc4.dll
[2010/01/23 11:19:23 | 00,017,912 | ---- | C] (Mozilla Foundation) -- C:\Program Files\xpcom.dll
[2010/01/23 11:19:23 | 00,017,400 | ---- | C] (Mozilla Foundation) -- C:\Program Files\plds4.dll
[2010/01/23 11:19:22 | 00,918,520 | ---- | C] (Netscape Communications Corporation) -- C:\Program Files\js3250.dll
[2010/01/23 11:19:22 | 00,722,424 | ---- | C] (Mozilla Foundation) -- C:\Program Files\mozcrt19.dll
[2010/01/23 11:19:22 | 00,632,312 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nss3.dll
[2010/01/23 11:19:22 | 00,316,920 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nssckbi.dll
[2010/01/23 11:19:22 | 00,249,856 | ---- | C] (Mozilla Foundation) -- C:\Program Files\freebl3.dll
[2010/01/23 11:19:22 | 00,169,464 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nspr4.dll
[2010/01/23 11:19:22 | 00,120,312 | ---- | C] (Mozilla Foundation) -- C:\Program Files\crashreporter.exe
[2010/01/23 11:19:22 | 00,103,928 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nssdbm3.dll
[2010/01/23 11:19:22 | 00,087,544 | ---- | C] (Mozilla Foundation) -- C:\Program Files\nssutil3.dll
[2010/01/23 11:19:22 | 00,017,912 | ---- | C] (Mozilla Foundation) -- C:\Program Files\AccessibleMarshal.dll
[2010/01/23 11:19:22 | 00,000,000 | ---D | C] -- C:\Program Files\uninstall
[2010/01/23 11:19:22 | 00,000,000 | ---D | C] -- C:\Program Files\searchplugins
[2010/01/23 11:19:21 | 00,000,000 | ---D | C] -- C:\Program Files\res
[2010/01/23 11:19:21 | 00,000,000 | ---D | C] -- C:\Program Files\plugins
[2010/01/23 11:19:20 | 00,000,000 | ---D | C] -- C:\Program Files\modules
[2010/01/23 11:19:20 | 00,000,000 | ---D | C] -- C:\Program Files\greprefs
[2010/01/23 11:19:20 | 00,000,000 | ---D | C] -- C:\Program Files\extensions
[2010/01/23 11:19:20 | 00,000,000 | ---D | C] -- C:\Program Files\dictionaries
[2010/01/23 11:19:20 | 00,000,000 | ---D | C] -- C:\Program Files\defaults
[2010/01/23 11:19:19 | 00,000,000 | ---D | C] -- C:\Program Files\components
[2010/01/23 11:19:19 | 00,000,000 | ---D | C] -- C:\Program Files\chrome
[2010/01/23 11:04:50 | 00,000,000 | ---D | C] -- C:\Program Files\SeaMonkey
[2010/01/23 11:00:04 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\Clarisse\IETldCache
[2010/01/23 10:56:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010/01/23 10:54:36 | 00,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/01/23 10:12:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/01/22 23:51:54 | 00,048,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/01/22 23:51:54 | 00,023,120 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/01/22 23:51:53 | 00,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/01/22 23:51:52 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr
[2010/01/22 23:51:51 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/01/22 23:51:51 | 00,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/01/22 23:51:51 | 00,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/01/22 23:51:51 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/01/22 23:51:28 | 01,280,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/01/22 23:22:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Clarisse\Mes documents\Downloads
[2010/01/22 23:13:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/01/22 23:08:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Clarisse\Local Settings\Application Data\Temp
[2010/01/22 23:08:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/01/22 23:08:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Clarisse\Local Settings\Application Data\Google
[2010/01/22 23:07:27 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/01/22 19:03:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2010/01/16 23:15:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2010/01/16 22:45:39 | 00,056,816 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/01/14 19:04:07 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Clarisse\Mes documents\Téléchargements
[2010/01/11 11:39:49 | 00,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/01/11 11:36:36 | 00,000,000 | ---D | C] -- C:\Program Files\InterActual
[2009/12/28 23:20:51 | 00,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\DivX Shared
[2009/12/28 23:20:51 | 00,000,000 | ---D | C] -- C:\Program Files\DivX
[2009/09/11 20:39:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2009/09/11 20:38:59 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/09/11 10:55:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Intel
[2009/09/11 10:55:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Intel
[2009/09/10 23:44:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/09/10 23:38:30 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2010/01/24 12:18:29 | 00,357,306 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/01/24 12:18:29 | 00,312,580 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/01/24 12:18:29 | 00,040,776 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/01/24 12:18:29 | 00,001,036 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/01/24 12:18:29 | 00,000,588 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/01/24 12:18:00 | 00,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/24 12:14:13 | 00,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/24 12:14:12 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/24 12:14:02 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/24 12:13:56 | 00,381,823 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2010/01/24 12:13:16 | 08,388,608 | ---- | M] () -- C:\Documents and Settings\Clarisse\ntuser.dat
[2010/01/24 12:13:16 | 00,000,284 | -HS- | M] () -- C:\Documents and Settings\Clarisse\ntuser.ini
[2010/01/24 12:09:07 | 00,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B5AD4FD8-C834-4DF6-9DAE-5742EB3E7625}.job
[2010/01/23 18:56:13 | 00,247,808 | ---- | M] () -- C:\Documents and Settings\Clarisse\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/23 12:05:30 | 00,373,670 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/01/23 11:44:15 | 00,000,933 | ---- | M] () -- C:\Documents and Settings\Clarisse\Bureau\Spybot - Search & Destroy.lnk
[2010/01/23 11:41:43 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/01/23 10:58:33 | 00,000,335 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010/01/23 10:58:20 | 00,118,784 | ---- | M] () -- C:\WINDOWS\SeaMonkeyUninstall.exe
[2010/01/23 10:58:20 | 00,008,680 | ---- | M] () -- C:\WINDOWS\mozver.dat
[2010/01/23 10:58:16 | 00,000,583 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/01/23 10:58:06 | 00,118,784 | ---- | M] () -- C:\WINDOWS\GREUninstall.exe
[2010/01/23 10:13:24 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/01/23 10:13:24 | 00,000,212 | RHS- | M] () -- C:\boot.ini
[2010/01/23 10:11:35 | 00,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/01/22 23:51:51 | 00,003,121 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/01/22 19:12:46 | 00,181,760 | ---- | M] () -- C:\Documents and Settings\Clarisse\Bureau\virus ordi.doc
[2010/01/21 20:29:01 | 00,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2010/01/21 19:30:39 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/20 20:33:05 | 00,051,712 | ---- | M] () -- C:\Documents and Settings\Clarisse\Bureau\cv du 12 janvier 2010.doc
[2010/01/18 17:46:57 | 00,029,696 | ---- | M] () -- C:\Documents and Settings\Clarisse\Bureau\adresse internet.doc
[2010/01/16 22:53:14 | 00,056,816 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010/01/14 18:15:12 | 00,000,791 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100123-120530.backup
[2010/01/11 11:40:29 | 00,000,000 | ---- | M] () -- C:\WINDOWS\iPlayer.INI
[2009/12/27 18:02:38 | 00,019,968 | ---- | M] () -- C:\Documents and Settings\Clarisse\Mes documents\14371AF836AF6DFB04708F9DE9.doc
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/01/23 11:44:15 | 00,000,933 | ---- | C] () -- C:\Documents and Settings\Clarisse\Bureau\Spybot - Search & Destroy.lnk
[2010/01/23 11:41:43 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2010/01/23 11:23:15 | 00,000,438 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{B5AD4FD8-C834-4DF6-9DAE-5742EB3E7625}.job
[2010/01/23 11:19:23 | 00,000,721 | ---- | C] () -- C:\Program Files\updater.ini
[2010/01/23 11:19:23 | 00,000,478 | ---- | C] () -- C:\Program Files\softokn3.chk
[2010/01/23 11:19:23 | 00,000,243 | ---- | C] () -- C:\Program Files\README.txt
[2010/01/23 11:19:23 | 00,000,141 | ---- | C] () -- C:\Program Files\platform.ini
[2010/01/23 11:19:23 | 00,000,106 | ---- | C] () -- C:\Program Files\old-homepage-default.properties
[2010/01/23 11:19:23 | 00,000,003 | ---- | C] () -- C:\Program Files\update.locale
[2010/01/23 11:19:22 | 00,046,884 | ---- | C] () -- C:\Program Files\install.log
[2010/01/23 11:19:22 | 00,031,393 | ---- | C] () -- C:\Program Files\LICENSE
[2010/01/23 11:19:22 | 00,004,430 | ---- | C] () -- C:\Program Files\crashreporter.ini
[2010/01/23 11:19:22 | 00,002,126 | ---- | C] () -- C:\Program Files\application.ini
[2010/01/23 11:19:22 | 00,002,067 | ---- | C] () -- C:\Program Files\blocklist.xml
[2010/01/23 11:19:22 | 00,000,716 | ---- | C] () -- C:\Program Files\crashreporter-override.ini
[2010/01/23 11:19:22 | 00,000,478 | ---- | C] () -- C:\Program Files\freebl3.chk
[2010/01/23 11:19:22 | 00,000,220 | ---- | C] () -- C:\Program Files\browserconfig.properties
[2010/01/23 10:58:20 | 00,118,784 | ---- | C] () -- C:\WINDOWS\SeaMonkeyUninstall.exe
[2010/01/23 10:58:06 | 00,118,784 | ---- | C] () -- C:\WINDOWS\GREUninstall.exe
[2010/01/23 10:58:03 | 00,008,680 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2010/01/22 23:51:28 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx
[2010/01/22 23:08:07 | 00,001,058 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/22 23:08:07 | 00,001,054 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/22 19:12:45 | 00,181,760 | ---- | C] () -- C:\Documents and Settings\Clarisse\Bureau\virus ordi.doc
[2010/01/18 17:46:56 | 00,029,696 | ---- | C] () -- C:\Documents and Settings\Clarisse\Bureau\adresse internet.doc
[2010/01/11 21:28:34 | 08,388,608 | ---- | C] () -- C:\Documents and Settings\Clarisse\ntuser.dat
[2010/01/11 18:06:00 | 00,051,712 | ---- | C] () -- C:\Documents and Settings\Clarisse\Bureau\cv du 12 janvier 2010.doc
[2010/01/11 11:40:29 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2009/12/27 18:02:38 | 00,019,968 | ---- | C] () -- C:\Documents and Settings\Clarisse\Mes documents\14371AF836AF6DFB04708F9DE9.doc
[2009/12/04 18:43:23 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/12/04 18:43:23 | 00,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/12/04 18:43:08 | 00,002,528 | ---- | C] () -- C:\Documents and Settings\Clarisse\Application Data\$_hpcst$.hpc
[2009/12/04 18:29:55 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2009/12/04 18:27:24 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009/10/19 19:29:36 | 00,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2009/10/17 20:56:03 | 00,352,809 | ---- | C] () -- C:\Documents and Settings\Clarisse\Local Settings\Application Data\sxkpu_nav.dat
[2009/10/17 20:55:32 | 00,003,377 | ---- | C] () -- C:\Documents and Settings\Clarisse\Local Settings\Application Data\sxkpu.dat
[2009/10/17 20:55:32 | 00,001,479 | ---- | C] () -- C:\Documents and Settings\Clarisse\Local Settings\Application Data\sxkpu_navps.dat
[2009/10/17 17:01:14 | 00,000,034 | ---- | C] () -- C:\Documents and Settings\Clarisse\Application Data\pcouffin.log
[2009/09/27 10:04:51 | 00,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2009/09/27 10:04:51 | 00,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2009/09/27 09:56:43 | 00,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2009/09/26 10:32:09 | 00,000,025 | ---- | C] () -- C:\WINDOWS\CDE RX420FG.ini
[2009/09/21 18:05:56 | 00,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/09/21 18:02:28 | 00,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX7400DEFGIPS.ini
[2009/09/11 20:41:47 | 00,247,808 | ---- | C] () -- C:\Documents and Settings\Clarisse\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/11 20:32:08 | 00,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/09/11 10:47:40 | 00,000,000 | ---- | C] () -- C:\WINDOWS\OODCNT.INI
[2009/09/11 00:44:20 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/09/11 00:44:17 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/09/11 00:44:17 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/09/11 00:44:16 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/09/11 00:44:15 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/09/11 00:44:15 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009/09/11 00:39:45 | 00,356,352 | ---- | C] () -- C:\WINDOWS\EMCRI.dll
[2009/09/11 00:38:52 | 00,042,594 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009/09/10 23:58:11 | 00,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/09/10 23:52:33 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/09/10 23:52:33 | 01,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2009/09/10 23:52:33 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/09/10 23:52:33 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/09/10 23:52:32 | 00,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2008/05/04 17:39:34 | 00,002,560 | ---- | C] () -- C:\WINDOWS\System32\ViaClassCoInstaller.dll
[2003/04/01 10:58:02 | 00,005,260 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== Custom Scans ========== < %SYSTEMDRIVE%\cdrom.sys /s /md5 >[2002/08/29 00:27:56 | 00,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
[2008/04/13 10:40:48 | 00,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008/04/13 10:40:48 | 00,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
< %SYSTEMDRIVE%\atapi.sys /s /md5 >[2002/08/29 00:27:50 | 00,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008/04/13 10:40:32 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2010/01/21 20:29:01 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2010/01/24 12:13:41 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008/04/13 10:40:32 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys
< %SYSTEMDRIVE%\ACPI.sys /s /md5 >[2002/08/29 10:23:10 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=FFDEF54A7A4519CF7117536D43DEEFAB -- C:\WINDOWS\$NtServicePackUninstall$\acpi.sys
[2008/04/13 17:52:44 | 00,188,672 | ---- | M] (Microsoft Corporation) MD5=E5E6DBFC41EA8AAD005CB9A57A96B43B -- C:\WINDOWS\ServicePackFiles\i386\acpi.sys
[2008/04/13 17:52:44 | 00,188,672 | ---- | M] (Microsoft Corporation) MD5=E5E6DBFC41EA8AAD005CB9A57A96B43B -- C:\WINDOWS\system32\drivers\acpi.sys
< %SYSTEMDRIVE%\*.exe > < %SYSTEMDRIVE%\iaStor.sys /s /md5 > < %SYSTEMDRIVE%\nvstor.sys /s /md5 > < %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 > < %SYSTEMDRIVE%\viasraid.sys /s /md5 > < %SYSTEMDRIVE%\AGP440.sys /s /md5 >[2008/04/13 10:36:40 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 10:36:40 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 > < %SYSTEMDRIVE%\nvatabus.sys /s /md5 >< End of report >