Il y a actuellement 516 visiteurs
Jeudi 21 Novembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

[Résolu]Ecran noir et menace avast

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

[Résolu]Ecran noir et menace avast

Message le 30 Mai 2011 11:23

Bonjour,

Je ne suis pas devant mon pc, j'essayerai le" mode sans echec ...reseau" si je peux, pour me connecter avec.

Alors tout d'abord, j'ai un pc ortable avec l'ecran cassé, donc un ecran externe raccordé.
Hier je suis partie sans éteindre l'ordo, juste l'ecran. A mon retour, je rallume l'ecran, im met mets un message "mode veille", je redemarre le pc, tout fonctionne jusqu'au boot, et là l'ecran devient noir, et se remet en mode veille, avast balance "une menace a été detectée".
Aujourd'hui je laisse l'ordo en mode sans echec, l'ecran fonctionne pas de soucis, je lance avast, il est perimé alors que ce n'etait pas le cas avant! j'arrive quand meme a lancé une verif rapide, il met 30 minutes pour analyser 30go, et detecte 6 anomalies, essentiellement sur click patato, je ne les mets pas en quarantaine, je les supprime, et supprime clickpatato des programmes. Spybot lui detecte 5 problemes "zumbo" ou un nom comme ca, puis fais la vaccination à 100%. Ccleaner ensuite n'a rien detecté. Donc je tente un redemarrage en mode normal, mais toujours le meme probleme avec l'ecran.
La je viens de télécharger malwarebyt, que je transporte en usb jusqu'a mon pc.

Je n'ai pas tenté le mode sans echec avec acces reseau, mais j'essayerai de me connecter de chez moi.
Je n'ai pas de cd d'installation, mais rien de vital a conserver au cas ou il faille tout réinstaller(...?)

Suis je sur la bonne voie? Merci
tendzen
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 30 Mai 2011 10:59
 


Re: Ecran noir et menace avast

Message le 30 Mai 2011 11:42

bonjour

Cela me semble déjà une bonne démarche que tu fait la.

tu peux faire ceci en plus si tu n'arrives pas à résoudre ton soucis.

Graver et Démarrer OTLPE depuis un CD

► Télécharge OTLPEnet :: http://oldtimer.geekstogo.com/OTLPENet.exe sur ton Bureau ou http://www.itxassociates.com/OT-Tools/OTLPENet.exe

* Quand le téléchargement sera fini, Double Clic sur OTLPENet.exe(clic droit executer en tant qu'administrateur sous vista|seven) et assures-toi d'avoir insérer un CDR vierge dans ton graveur CD/DVD. Une fenêtre va s'ouvrir pour te demander si tu souhaites graver Le CD, clique sur le bouton Oui.
* Patiente le temps de la décompression et de la gravure du CD.
* demarrer sur le cdrom crée de Reatogo , voir exemple: booter-sur-dvd-t9447.html


Image


Image



Image


Image

* Ton système doit montrer un bureau REATOGO-X-PE
* En fonction de votre type de connexion Internet, tu dois être en mesure d'accèder au Net, si bien que tu peux accéder à ce sujet plus facilement.
* Double-click sur l'icone OTLPE

» à ceci valider par ok:


Image

» à ceci selectionner sa session:


Image

** si le systeme d'exploitation est Vista ou Seven tu peux avoir ce message : "RunScanner Error - Target is not windows 2000 or later", il faut donc aller et sélectionner jusqu'au dossier c:\windows dans l'arborescence en dessous de local disk (c:)



Image




* verifier que "Automatically Load All Remaining Users" est sélectionné et press OK

» OTLPE se lançe alors


Image

o sous Custom Scan box copie_colle le contenu du cadre ci dessous:

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
userinit.exe
winlogon.exe
wininit.exe
csrss.exe
smss.exe
svchost.exe
services.exe
spoolsv.exe
alg.exe
ctfmon.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
i8042prt.sys
cdrom.sys
disk.sys
ndis.sys
tcpip.sys
imapi.sys
RDPCDD.sys
mountmgr.sys
aec.sys
rasacd.sys
redbook.sys
intelide.sys
mrxsmb10.sys
mrxsmb20.sys
termdd.sys
mrxsmb.sys
win32k.sys
storport.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT


* clic Run Scan pour demarrer le scan.
* une fois terminé , le fichier se trouve là C:\OTL.txt
* copie_colle le contenu dans ta prochaine reponse

Si ton rapport est trop long, utilise le site http://www.ci-joint.fr pour envoyer ton rapport, et mets le lien dans ta prochaine réponse.


Copier et Démarrer OTLPE depuis une clef USB

Si vous n'avez pas de lecteur CD-Rom
Il est possible de booter depuis une clef USB :
http://forum.malekal.com/petousb-eeepc- ... ml#p204981



Relance donc le cd que tu viens de graver puis relance OTLPE et dans cette fenêtre.

Image
Sous [color="#0000FF"]Custom Scan box[/color] copie_colle le contenu du cadre ci dessous:

:OTL

:Files

:Commands
[emptytemp]

* Cliques sur l'icône RUNFIX (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport s'ouvrir "OTL.log"
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Mets le rapport ici car il prend bien de la place.
http://www.cijoint.fr/index.php
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: Ecran noir et menace avast

Message le 30 Mai 2011 13:49

re,
merci pour votre réponse! et réponse rapide! :)
J'ai lancé une analyse malwarebyt, 98 problemes trouvés quand meme! donc bien plus efficace que avaste et spybot! cool!
donc j'ai acces au web depuis mon pc, sous dos reseau.
J'ai lancé la gravure otlpe...
tendzen
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 30 Mai 2011 10:59
 

Re: Ecran noir et menace avast

Message le 30 Mai 2011 14:17

réatogo est sur le cd, par contre je ne vois pas comment le lancer...?
je suis toujours sous dos, toujours pas accès au mode normal...
donc j'ai cliqué sur ordinateur, lecteur cd:reatogoPE, la fenetre qui s'ouvre affiche :
3 fichiers :
I386
PROGRAMS
SFX
et des icones :
AUTORUN.INF
reatogoMenu.exe
reatogoMenu.ini
WIN51IP
WIN51IP.XP2
...je fais quoi? merci!
tendzen
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 30 Mai 2011 10:59
 

Re: Ecran noir et menace avast

Message le 30 Mai 2011 14:21

en fait j'ai accès aux logos mais dans les sous fichiers, pas sur un "bureau" reatogo..... donc je suis bien tentée de cliquer sur le OTLPE du menu PROGRAMS.....?
tendzen
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 30 Mai 2011 10:59
 

Message le 30 Mai 2011 14:39

voici le rapport :

Code: Tout sélectionner
OTL logfile created on: 30/05/2011 15:45:58 - Run
OTLPE by OldTimer - Version 3.1.46.0     Folder = E:\PROGRAMS\OTLPE
Windows Vista (TM) Home Premium Service Pack 1 (Version = 6.0.6001) - Type = System
Internet Explorer (Version = 8.0.6001.19019)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 72,00% Memory free
6,00 Gb Paging File | 6,00 Gb Available in Paging File | 90,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,17 Gb Total Space | 235,79 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
Drive D: | 10,59 Gb Total Space | 1,78 Gb Free Space | 16,78% Space Free | Partition Type: NTFS
Drive E: | 436,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: ORDO | User Name: smith
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Auto] --  -- (Norton Internet Security)
SRV - [2011/05/18 08:16:09 | 003,275,864 | ---- | M] () [Auto] -- C:\program files\common files\akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011/01/13 10:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/10/12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/06/03 21:43:18 | 000,217,170 | ---- | M] (IDT, Inc.) [Auto] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\stacsv.exe -- (STacSV)
SRV - [2009/03/02 19:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\AEstSrv.exe -- (AESTFilters)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/12/17 17:11:40 | 000,365,952 | ---- | M] () [Auto] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/11/26 17:13:08 | 000,296,320 | ---- | M] () [Auto] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS)
SRV - [2008/11/26 17:13:08 | 000,116,096 | ---- | M] () [Auto] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS)
SRV - [2008/04/29 15:36:20 | 000,020,480 | ---- | M] (TechCity Solutions France) [Auto] -- C:\Program Files\BboxUpdate\eSRunService.exe -- (eStantLaunchService)
SRV - [2008/02/03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto] -- C:\Windows\System32\ezsvc7.dll -- (ezSharedSvc)
SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | System] --  -- (SRTSPX)
DRV - File not found [File_System | System] --  -- (SRTSP)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (NAVEX15)
DRV - File not found [Kernel | On_Demand] --  -- (NAVENG)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - [2011/01/13 10:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 10:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 10:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 10:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/01/13 10:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/09/01 10:10:20 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009/09/01 10:10:08 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009/09/01 10:09:50 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009/06/24 15:12:28 | 000,020,736 | ---- | M] (ZDC., Inc. (ZDC)) [Kernel | On_Demand] -- C:\Windows\System32\ZDCndis5.sys -- (ZDCNDIS5)
DRV - [2009/06/03 21:43:18 | 000,407,040 | ---- | M] (IDT, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008/12/31 16:00:52 | 004,172,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/11/17 16:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/10/23 11:42:10 | 000,107,360 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008/09/04 19:47:00 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2008/08/06 18:26:08 | 000,124,928 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/03/27 12:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2008/03/27 12:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008/01/21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.durable.com/recherche
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.durable.com/recherche
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-4245941210-965044527-4046636747-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=91&bd=Pavilion&pf=cnnb
IE - HKU\S-1-5-21-4245941210-965044527-4046636747-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.durable.com/recherche
IE - HKU\S-1-5-21-4245941210-965044527-4046636747-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.durable.com/recherche
IE - HKU\S-1-5-21-4245941210-965044527-4046636747-1000\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Durable.com
IE - HKU\S-1-5-21-4245941210-965044527-4046636747-1000\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.durable.com/result?cx=partner-pub-7902900401080901%3Azbljezwsgul&cof=FORID%3A10&ie=UTF-8&q={searchTerms}
IE - HKU\S-1-5-21-4245941210-965044527-4046636747-1000\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.durable.com/recherche
IE - HKU\S-1-5-21-4245941210-965044527-4046636747-1000\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-4245941210-965044527-4046636747-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4245941210-965044527-4046636747-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.2.1
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.22.5
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.2
FF - prefs.js..extensions.enabledItems: {4daac69c-cba7-45e2-9bc8-1044483d3352}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {34EFA911-B536-4C08-BECE-CD5E55C875B0}:1.0
FF - prefs.js..extensions.enabledItems: ClickPotatoLite@ClickPotatoLite.com:10.0.630.0
FF - prefs.js..keyword.URL: "http://www.scanquery.com/?tmp=nemo_results_removelink&prt=ScnqryPB&keywords="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 4
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/03/21 05:54:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/10/19 23:00:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/07 02:55:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/07 02:55:49 | 000,000,000 | ---D | M]
 
[2009/09/02 15:56:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\smith\AppData\Roaming\mozilla\Extensions
[2011/05/07 12:22:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\smith\AppData\Roaming\mozilla\Firefox\Profiles\fkhtg8ws.default\extensions
[2010/11/29 18:37:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\smith\AppData\Roaming\mozilla\Firefox\Profiles\fkhtg8ws.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/07 02:57:27 | 000,000,000 | ---D | M] (Softonic_France Community Toolbar) -- C:\Users\smith\AppData\Roaming\mozilla\Firefox\Profiles\fkhtg8ws.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}
[2011/05/07 02:57:34 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\smith\AppData\Roaming\mozilla\Firefox\Profiles\fkhtg8ws.default\extensions\engine@conduit.com
[2011/05/07 12:22:16 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\smith\AppData\Roaming\mozilla\Firefox\Profiles\fkhtg8ws.default\extensions\foxyproxy@eric.h.jung
[2011/05/30 15:11:43 | 000,000,000 | ---D | M] ("Ask Toolbar") -- C:\Users\smith\AppData\Roaming\mozilla\Firefox\Profiles\fkhtg8ws.default\extensions\toolbar@ask.com
[2011/05/30 14:27:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
File not found (No name found) --
[2011/05/07 02:55:35 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[1999/12/31 17:00:00 | 000,166,680 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2010/12/09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011/05/07 02:55:41 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/05/07 02:55:41 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/07 02:55:41 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/05/07 02:55:41 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/05/07 02:55:41 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/05/07 02:55:41 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml
 
O1 HOSTS File: ([2011/02/14 00:56:23 | 000,425,952 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1   www.007guard.com
O1 - Hosts: 127.0.0.1   007guard.com
O1 - Hosts: 127.0.0.1   008i.com
O1 - Hosts: 127.0.0.1   www.008k.com
O1 - Hosts: 127.0.0.1   008k.com
O1 - Hosts: 127.0.0.1   www.00hq.com
O1 - Hosts: 127.0.0.1   00hq.com
O1 - Hosts: 127.0.0.1   010402.com
O1 - Hosts: 127.0.0.1   www.032439.com
O1 - Hosts: 127.0.0.1   032439.com
O1 - Hosts: 127.0.0.1   www.0scan.com
O1 - Hosts: 127.0.0.1   0scan.com
O1 - Hosts: 127.0.0.1   1000gratisproben.com
O1 - Hosts: 127.0.0.1   www.1000gratisproben.com
O1 - Hosts: 127.0.0.1   1001namen.com
O1 - Hosts: 127.0.0.1   www.1001namen.com
O1 - Hosts: 127.0.0.1   100888290cs.com
O1 - Hosts: 127.0.0.1   www.100888290cs.com
O1 - Hosts: 127.0.0.1   www.100sexlinks.com
O1 - Hosts: 127.0.0.1   100sexlinks.com
O1 - Hosts: 127.0.0.1   10sek.com
O1 - Hosts: 127.0.0.1   www.10sek.com
O1 - Hosts: 127.0.0.1   www.1-2005-search.com
O1 - Hosts: 14675 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: () - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: () - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-4245941210-965044527-4046636747-1000\..\Toolbar\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - No CLSID value found.
O3 - HKU\S-1-5-21-4245941210-965044527-4046636747-1000\..\Toolbar\WebBrowser: () - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BboxUpdate] C:\Program Files\BboxUpdate\eStantAutoRunV.exe (TechCity Solutions France)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TVAgent] C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4245941210-965044527-4046636747-1000..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4245941210-965044527-4046636747-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\smith\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\smith\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 13:06:41 | 000,000,053 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{0eac6d44-e1b6-11de-8032-00238be6dec5}\Shell\AutoRun\command - "" = wd_windows_tools\WDSetup.exe
O33 - MountPoints2\{483edbc0-a6c0-11de-8bf7-00238be6dec5}\Shell\AutoRun\command - "" = F:\wdsync.exe
O33 - MountPoints2\{5870805c-dc11-11de-b851-00238be6dec5}\Shell\AutoRun\command - "" = C:\Windows\explorer.exe -- [2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{5870805c-dc11-11de-b851-00238be6dec5}\Shell\explore\Command - "" = C:\Windows\explorer.exe -- [2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{5870805c-dc11-11de-b851-00238be6dec5}\Shell\open\Command - "" = C:\Windows\explorer.exe -- [2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{abedcb47-e2b4-11de-a198-00238be6dec5}\Shell\AutoRun\command - "" = wd_windows_tools\setup.exe
O33 - MountPoints2\{bd8d6839-7108-11e0-89b8-00238be6dec5}\Shell - "" = AutoRun
O33 - MountPoints2\{bd8d6839-7108-11e0-89b8-00238be6dec5}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O33 - MountPoints2\{c1b72f3d-8815-11de-90c7-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c1b72f3d-8815-11de-90c7-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Installation.exe
O33 - MountPoints2\{ea36a8bc-b98c-11de-a7d2-00238be6dec5}\Shell\Auto\command - "" = F:\AdobeR.exe e
O33 - MountPoints2\{ea36a8bc-b98c-11de-a7d2-00238be6dec5}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\AdobeR.exe e
O33 - MountPoints2\{ec4aa1a7-dbbd-11df-8c55-00238be6dec5}\Shell - "" = AutoRun
O33 - MountPoints2\{ec4aa1a7-dbbd-11df-8c55-00238be6dec5}\Shell\AutoRun\command - "" = F:\Install.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Install.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (aswBoot.exe /M:e38c89902) - C:\Windows\System32\aswBoot.exe (AVAST Software)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
NetSvcs: ezSharedSvc - C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/05/30 14:21:30 | 000,000,000 | ---D | C] -- C:\Users\smith\AppData\Roaming\Malwarebytes
[2011/05/30 14:21:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/30 14:21:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/30 14:21:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/30 14:21:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/30 14:21:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/30 14:20:37 | 007,622,112 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\smith\Desktop\malwarebytes-anti-malware_malwarebytes_anti-malware_1.50_francais_215092.exe
[2011/05/30 02:09:00 | 000,000,000 | -HSD | C] -- C:\found.000
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/05/31 11:00:14 | 007,622,112 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\smith\Desktop\malwarebytes-anti-malware_malwarebytes_anti-malware_1.50_francais_215092.exe
[2011/05/30 15:09:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/30 15:08:32 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/30 15:08:32 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/30 14:28:49 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/30 14:21:26 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/30 14:21:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/30 14:20:48 | 000,678,056 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011/05/30 14:20:48 | 000,595,386 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/30 14:20:48 | 000,126,042 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011/05/30 14:20:48 | 000,103,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/30 10:18:46 | 000,054,724 | ---- | M] () -- C:\Users\smith\Documents\cc_20110530_101826.reg
[2011/05/30 00:15:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/29 23:56:03 | 000,002,772 | ---- | M] () -- C:\Users\Public\Documents\DME-SETTINGS.xml
[2011/05/29 23:56:03 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\DMEPeriodicTask.job
[2011/05/19 15:14:03 | 000,010,130 | ---- | M] () -- C:\Users\smith\Documents\EEd_russie_juin_2008.pdf
[2011/05/19 15:13:09 | 000,010,130 | ---- | M] () -- C:\Users\smith\Documents\reperes_daeu.pdf
[2011/05/19 15:00:04 | 000,010,130 | ---- | M] () -- C:\Users\smith\Documents\paragraphe_structure_fondamentale.pdf
[2011/05/19 14:54:24 | 000,010,130 | ---- | M] () -- C:\Users\smith\Documents\sujet_2007.pdf
[2011/05/19 05:16:59 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/05/10 00:44:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/05/07 11:31:34 | 000,134,656 | ---- | M] () -- C:\Users\smith\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/07 02:56:04 | 000,000,858 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/05/30 14:21:26 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/30 10:18:30 | 000,054,724 | ---- | C] () -- C:\Users\smith\Documents\cc_20110530_101826.reg
[2011/05/19 15:13:59 | 000,010,130 | ---- | C] () -- C:\Users\smith\Documents\EEd_russie_juin_2008.pdf
[2011/05/19 15:13:04 | 000,010,130 | ---- | C] () -- C:\Users\smith\Documents\reperes_daeu.pdf
[2011/05/19 15:00:00 | 000,010,130 | ---- | C] () -- C:\Users\smith\Documents\paragraphe_structure_fondamentale.pdf
[2011/05/19 14:54:14 | 000,010,130 | ---- | C] () -- C:\Users\smith\Documents\sujet_2007.pdf
[2011/05/07 02:56:04 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2010/12/19 01:48:28 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/12/19 01:48:28 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/12/04 12:57:34 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/11/29 01:42:00 | 000,107,024 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010/11/13 17:22:16 | 000,000,104 | ---- | C] () -- C:\Users\smith\AppData\Roaming\wklnhst.dat
[2010/10/19 22:37:16 | 000,179,909 | ---- | C] () -- C:\Windows\hpoins38.dat
[2009/09/02 17:05:34 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
[2009/09/02 15:55:42 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/08/13 19:07:13 | 000,134,656 | ---- | C] () -- C:\Users\smith\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/04 19:59:42 | 000,000,622 | ---- | C] () -- C:\Windows\hpomdl38.dat
[2009/05/30 04:53:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/01/21 07:22:08 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/01/21 07:22:08 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/21 07:18:34 | 000,678,056 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2009/01/21 07:18:34 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2009/01/21 07:18:34 | 000,126,042 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2009/01/21 07:18:34 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2009/01/21 00:31:19 | 000,000,428 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2008/12/31 14:36:16 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/12/31 13:55:34 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/10/30 11:45:42 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/10/21 14:40:00 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2008/10/21 14:40:00 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2006/11/02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:47:37 | 003,680,288 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 12:33:01 | 000,595,386 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 12:33:01 | 000,103,460 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009/09/09 02:38:42 | 000,000,000 | ---D | M] -- C:\Users\smith\AppData\Roaming\Ableton
[2009/09/02 18:04:56 | 000,000,000 | ---D | M] -- C:\Users\smith\AppData\Roaming\BleachBit
[2010/11/29 01:38:07 | 000,000,000 | ---D | M] -- C:\Users\smith\AppData\Roaming\Deckadance
[2009/09/02 17:45:07 | 000,000,000 | ---D | M] -- C:\Users\smith\AppData\Roaming\FrmMain
[2010/05/05 23:57:50 | 000,000,000 | ---D | M] -- C:\Users\smith\AppData\Roaming\Gaijin Ent
[2010/12/03 17:14:16 | 000,000,000 | ---D | M] -- C:\Users\smith\AppData\Roaming\GetRightToGo
[2010/12/07 02:18:03 | 000,000,000 | ---D | M] -- C:\Users\smith\AppData\Roaming\gtk-2.0
[2010/11/26 17:43:25 | 000,000,000 | ---D | M] -- C:\Users\smith\AppData\Roaming\OfferBox
[2010/11/26 22:47:18 | 000,000,000 | ---D | M] -- C:\Users\smith\AppData\Roaming\OpenCandy
[2009/09/02 16:52:21 | 000,000,000 | ---D | M] -- C:\Users\smith\AppData\Roaming\OpenOffice.org
[2010/12/04 17:56:08 | 000,000,000 | ---D | M] -- C:\Users\smith\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/11/28 19:57:02 | 000,000,000 | ---D | M] -- C:\Users\smith\AppData\Roaming\Systweak
[2010/11/13 17:22:18 | 000,000,000 | ---D | M] -- C:\Users\smith\AppData\Roaming\Template
[2010/11/26 23:14:05 | 000,000,000 | ---D | M] -- C:\Users\smith\AppData\Roaming\Uniblue
[2010/11/26 17:55:25 | 000,000,000 | ---D | M] -- C:\ProgramData\Alwil Software
[2006/11/02 15:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2009/08/13 18:36:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Bureau
[2006/11/02 15:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 15:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2010/11/28 16:26:14 | 000,000,000 | ---D | M] -- C:\ProgramData\eMule
[2009/08/13 18:36:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoris
[2006/11/02 15:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2009/09/03 22:06:02 | 000,000,000 | ---D | M] -- C:\ProgramData\LightScribe
[2009/08/13 18:36:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Menu Démarrer
[2009/08/13 18:36:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Modèles
[2010/12/06 15:19:34 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1986-12.com.adobe
[2006/11/02 15:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2009/05/30 05:06:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2006/11/02 15:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2010/12/25 19:04:28 | 000,000,000 | ---D | M] -- C:\ProgramData\WildTangent
[2010/11/17 19:14:10 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/10 00:49:22 | 000,000,000 | ---D | M] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/02 15:05:10 | 000,000,000 | ---D | M] -- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/05/29 23:56:03 | 000,000,300 | ---- | M] () -- C:\Windows\Tasks\DMEPeriodicTask.job
[2011/05/30 00:44:59 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.
 
Invalid Environment Variable: %ALLUSERSPROFILE%\Application Data\*.exe
 
Invalid Environment Variable: %APPDATA%\*.
 
Invalid Environment Variable: %APPDATA%\*.exe
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
[color=#A23BEC]< MD5 for: ALG.EXE  >[/color]
[2008/01/21 04:24:14 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=A1545B731579895D8CC44FC0481C1192 -- C:\Windows\System32\alg.exe
[2008/01/21 04:24:14 | 000,059,392 | ---- | M] (Microsoft Corporation) MD5=A1545B731579895D8CC44FC0481C1192 -- C:\Windows\winsxs\x86_microsoft-windows-alg_31bf3856ad364e35_6.0.6001.18000_none_a8e952205b1e893c\alg.exe
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009/01/21 07:37:49 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\drivers\atapi.sys
[2009/01/21 07:37:49 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\atapi.sys
[2009/01/21 07:37:49 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\atapi.sys
[2009/01/21 07:37:49 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\atapi.sys
[2009/01/21 07:37:49 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\atapi.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008/01/21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2006/11/02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys
 
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL  >[/color]
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
[color=#A23BEC]< MD5 for: CSRSS.EXE  >[/color]
[2008/01/21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe
[2008/01/21 04:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe
 
[color=#A23BEC]< MD5 for: CTFMON.EXE  >[/color]
[2006/11/02 11:45:00 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=22BFD03DF51065A9ED8D17F8FB72296B -- C:\Windows\System32\ctfmon.exe
[2006/11/02 11:45:00 | 000,008,704 | ---- | M] (Microsoft Corporation) MD5=22BFD03DF51065A9ED8D17F8FB72296B -- C:\Windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
 
[color=#A23BEC]< MD5 for: DISK.SYS  >[/color]
[2008/01/21 04:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\drivers\disk.sys
[2008/01/21 04:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/21 04:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 11:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys
 
[color=#A23BEC]< MD5 for: EVENTLOG.DLL  >[/color]
[2007/05/17 22:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008/10/28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
[color=#A23BEC]< MD5 for: I8042PRT.SYS  >[/color]
[2006/11/02 10:51:13 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1060F1377F395A242E27719440ECE602 -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_93b1c41f\i8042prt.sys
[2006/11/02 10:51:13 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1060F1377F395A242E27719440ECE602 -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_3dfa3917\i8042prt.sys
[2008/01/21 04:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1C9EE072BAA3ABB460B91D7EE9152660 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.16609_none_957131ccdbca3f9c\i8042prt.sys
[2008/01/21 04:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=1C9EE072BAA3ABB460B91D7EE9152660 -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.16609_none_4c56cf70d52c8670\i8042prt.sys
[2008/01/21 04:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\drivers\i8042prt.sys
[2008/01/21 04:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_da7e599e\i8042prt.sys
[2008/01/21 04:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_8b7c4328\i8042prt.sys
[2008/01/21 04:23:23 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6001.18000_none_974e6dd8d8f8ec7e\i8042prt.sys
[2008/01/21 04:23:20 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=22D56C8184586B7A1F6FA60BE5F5A2BD -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6001.18000_none_4e340b7cd25b3352\i8042prt.sys
[2008/01/21 04:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=BEA9838CD25D36BEBA3F94386A761D60 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.0.6000.20734_none_95d55d61f504b486\i8042prt.sys
[2008/01/21 04:09:47 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=BEA9838CD25D36BEBA3F94386A761D60 -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.0.6000.20734_none_4cbafb05ee66fb5a\i8042prt.sys
 
[color=#A23BEC]< MD5 for: IASTORV.SYS  >[/color]
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
[color=#A23BEC]< MD5 for: INTELIDE.SYS  >[/color]
[2008/01/21 04:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=83AA759F3189E6370C30DE5DC5590718 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\intelide.sys
[2008/01/21 04:23:00 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=83AA759F3189E6370C30DE5DC5590718 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\intelide.sys
[2006/11/02 11:49:24 | 000,014,952 | ---- | M] (Microsoft Corporation) MD5=97469037714070E45194ED318D636401 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\intelide.sys
[2009/01/21 07:37:49 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=DD512A049BD7B4BCE8A83554C5EFF2C1 -- C:\Windows\System32\drivers\intelide.sys
[2009/01/21 07:37:49 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=DD512A049BD7B4BCE8A83554C5EFF2C1 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\intelide.sys
[2009/01/21 07:37:49 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=DD512A049BD7B4BCE8A83554C5EFF2C1 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\intelide.sys
[2009/01/21 07:37:49 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=F8E9F542139BDFFF29EF38A41E894F21 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\intelide.sys
[2009/01/21 07:37:49 | 000,017,976 | ---- | M] (Microsoft Corporation) MD5=F8E9F542139BDFFF29EF38A41E894F21 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\intelide.sys
 
[color=#A23BEC]< MD5 for: MOUNTMGR.SYS  >[/color]
[2008/01/21 04:23:43 | 000,057,400 | ---- | M] (Microsoft Corporation) MD5=BDAFC88AA6B92F7842416EA6A48E1600 -- C:\Windows\System32\drivers\mountmgr.sys
[2008/01/21 04:23:43 | 000,057,400 | ---- | M] (Microsoft Corporation) MD5=BDAFC88AA6B92F7842416EA6A48E1600 -- C:\Windows\winsxs\x86_microsoft-windows-mountpointmanager_31bf3856ad364e35_6.0.6001.18000_none_f29824c60705c394\mountmgr.sys
 
[color=#A23BEC]< MD5 for: MRXSMB.SYS  >[/color]
[2010/02/23 13:16:50 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=1F0DAA8676E0B3D00C2EC1F82B140A1C -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.22346_none_81dc4772677c5da2\mrxsmb.sys
[2010/02/23 13:10:13 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=454341E652BDF5E01B0F2140232B073E -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6002.18213_none_8170198d4e491e00\mrxsmb.sys
[2010/02/23 13:32:31 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=7AFC42E60432FD1014F5342F2B1B1F74 -- C:\Windows\System32\drivers\mrxsmb.sys
[2010/02/23 13:32:31 | 000,105,984 | ---- | M] (Microsoft Corporation) MD5=7AFC42E60432FD1014F5342F2B1B1F74 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.18431_none_7f7205535134d0e9\mrxsmb.sys
[2010/02/23 15:14:41 | 000,102,400 | ---- | M] (Microsoft Corporation) MD5=8AF705CE1BB907932157FAB821170F27 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.17025_none_7d9a6dfd5402bf7e\mrxsmb.sys
[2010/02/23 13:30:49 | 000,102,912 | ---- | M] (Microsoft Corporation) MD5=BBB0D31B477CFF3B4F737ED0367F635F -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6000.21230_none_7e143b506d2cf9ad\mrxsmb.sys
[2008/01/21 04:24:11 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C4AD205530888404E2B5FC8D9319B119 -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.18000_none_7f916d35511d6f23\mrxsmb.sys
[2010/02/23 13:30:23 | 000,106,496 | ---- | M] (Microsoft Corporation) MD5=D92DB980E8F791286750127C8E371A7D -- C:\Windows\winsxs\x86_microsoft-windows-smbminirdr_31bf3856ad364e35_6.0.6001.22641_none_7ff0d4186a5a89cb\mrxsmb.sys
 
[color=#A23BEC]< MD5 for: MRXSMB10.SYS  >[/color]
[2009/01/21 07:47:11 | 000,212,480 | ---- | M] (Microsoft Corporation) MD5=0883E1ADA541F4201ECAF63C29F2DCAC -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.22252_none_88fa1b3264b308d9\mrxsmb10.sys
[2009/01/21 07:47:11 | 000,212,480 | ---- | M] (Microsoft Corporation) MD5=0A986B34F1678A2697574D7B1664E2DD -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18130_none_88841dab4b86fe7f\mrxsmb10.sys
[2010/02/23 13:10:19 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=2A4901AFF069944FA945ED5BBF4DCDE3 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.18213_none_8a8337e1489a5c62\mrxsmb10.sys
[2009/01/21 07:47:11 | 000,211,456 | ---- | M] (Microsoft Corporation) MD5=2BBD3970018270D2C6A0B069F568154E -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.16738_none_86a5e1554e593846\mrxsmb10.sys
[2010/02/23 13:16:58 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=32E743994055D8D4729E2F2E0EF4758D -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6002.22346_none_8aef65c661cd9c04\mrxsmb10.sys
[2009/01/21 07:43:02 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=3C9B1B7D11B08B465598C6B87A8B1735 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.22175_none_88e77a5264c08f99\mrxsmb10.sys
[2010/02/23 15:14:51 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=47E13AB23371BE3279EEF22BBFA2C1BE -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.17025_none_86ad8c514e53fde0\mrxsmb10.sys
[2010/02/23 13:30:28 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=581305791239FAC6B5B4225AB0C7A7E4 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.22641_none_8903f26c64abc82d\mrxsmb10.sys
[2008/01/21 04:24:10 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=67E55CED3FC143C82A8197988BFC1F9A -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18000_none_88a48b894b6ead85\mrxsmb10.sys
[2009/01/21 07:43:02 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=7F14576D4F7B1930F951FE585201BBA4 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18068_none_886bae514b981fe3\mrxsmb10.sys
[2010/02/23 13:32:36 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=8A75752AE17924F65452746674B14B78 -- C:\Windows\System32\drivers\mrxsmb10.sys
[2010/02/23 13:32:36 | 000,212,992 | ---- | M] (Microsoft Corporation) MD5=8A75752AE17924F65452746674B14B78 -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18431_none_888523a74b860f4b\mrxsmb10.sys
[2010/02/23 13:30:59 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=A6130566AC4178473B5DAC8F8F74407D -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.21230_none_872759a4677e380f\mrxsmb10.sys
[2009/01/21 07:47:11 | 000,211,968 | ---- | M] (Microsoft Corporation) MD5=F813456C00B904DC3B6558CAD7B13BBA -- C:\Windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.20904_none_874beea267621c08\mrxsmb10.sys
 
[color=#A23BEC]< MD5 for: MRXSMB20.SYS  >[/color]
[2010/02/23 13:10:13 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=28B3F1AB44BDD4432C041581412F17D9 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6002.18213_none_8cb9a1f386f18fd3\mrxsmb20.sys
[2008/01/21 04:24:28 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=3268B8C3FA92BFC086355C39B45E9CC9 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6001.18000_none_8adaf59b89c5e0f6\mrxsmb20.sys
[2010/02/23 13:30:53 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=3D475E770D3AB2D0C5E3E1386871F9DA -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6000.21230_none_895dc3b6a5d56b80\mrxsmb20.sys
[2010/02/23 15:14:42 | 000,058,368 | ---- | M] (Microsoft Corporation) MD5=90B3FC7BD6B3D7EE7635DEBBA2187F66 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6000.17025_none_88e3f6638cab3151\mrxsmb20.sys
[2010/02/23 13:16:50 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=98A085E296A9BA865CAE56C1BCB1A0F6 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6002.22346_none_8d25cfd8a024cf75\mrxsmb20.sys
[2010/02/23 13:30:23 | 000,079,360 | ---- | M] (Microsoft Corporation) MD5=A4BD317F6D6AD2B3A1FF81DC063748D4 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6001.22641_none_8b3a5c7ea302fb9e\mrxsmb20.sys
[2010/02/23 13:32:33 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=F4D0F3252E651F02BE64984FFA738394 -- C:\Windows\System32\drivers\mrxsmb20.sys
[2010/02/23 13:32:33 | 000,078,848 | ---- | M] (Microsoft Corporation) MD5=F4D0F3252E651F02BE64984FFA738394 -- C:\Windows\winsxs\x86_microsoft-windows-smb20-minirdr_31bf3856ad364e35_6.0.6001.18431_none_8abb8db989dd42bc\mrxsmb20.sys
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2008/01/21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\System32\drivers\ndis.sys
[2008/01/21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2008/01/21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
[color=#A23BEC]< MD5 for: NVSTOR.SYS  >[/color]
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
[color=#A23BEC]< MD5 for: RASACD.SYS  >[/color]
[2008/01/21 04:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\System32\drivers\rasacd.sys
[2008/01/21 04:24:19 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=147D7F9C556D259924351FEB0DE606C3 -- C:\Windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasacd.sys
 
[color=#A23BEC]< MD5 for: RDPCDD.SYS  >[/color]
[2008/01/21 04:24:06 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=89E59BE9A564262A3FB6C4F4F1CD9899 -- C:\Windows\System32\drivers\RDPCDD.sys
[2008/01/21 04:24:06 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=89E59BE9A564262A3FB6C4F4F1CD9899 -- C:\Windows\winsxs\x86_microsoft-windows-t..niportdisplaydriver_31bf3856ad364e35_6.0.6001.18000_none_d4db241b3e3ef7e4\RDPCDD.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2008/01/21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008/01/21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
 
[color=#A23BEC]< MD5 for: SERVICES.EXE  >[/color]
[2008/01/21 04:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\System32\services.exe
[2008/01/21 04:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
 
[color=#A23BEC]< MD5 for: SMSS.EXE  >[/color]
[2008/01/21 04:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\System32\smss.exe
[2008/01/21 04:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
 
[color=#A23BEC]< MD5 for: SPOOLSV.EXE  >[/color]
[2010/08/17 15:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\System32\spoolsv.exe
[2010/08/17 15:32:33 | 000,126,464 | ---- | M] (Microsoft Corporation) MD5=3665F79026A3F91FBCA63F2C65A09B19 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[2008/01/21 04:24:45 | 000,125,952 | ---- | M] (Microsoft Corporation) MD5=846CDF9A3CF4DA9B306ADFB7D55EE4C2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[2010/08/17 16:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=8554097E5136C3BF9F69FE578A1B35F4 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[2010/08/17 16:20:09 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=AAE98B295E88D439A6E0F6E8929424FB -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[2010/08/17 15:27:48 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=E807FC542C295BA256CE3567829E02A6 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe
 
[color=#A23BEC]< MD5 for: STORPORT.SYS  >[/color]
[2008/01/21 04:24:03 | 000,123,960 | ---- | M] (Microsoft Corporation) MD5=39AD2C7B9C05C1CCD12480890DBA4EB5 -- C:\Windows\System32\drivers\Storport.sys
[2008/01/21 04:24:03 | 000,123,960 | ---- | M] (Microsoft Corporation) MD5=39AD2C7B9C05C1CCD12480890DBA4EB5 -- C:\Windows\winsxs\x86_microsoft-windows-storport_31bf3856ad364e35_6.0.6001.18000_none_277c4ea9302ee5d3\Storport.sys
 
[color=#A23BEC]< MD5 for: SVCHOST.EXE  >[/color]
[2008/01/21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
 
[color=#A23BEC]< MD5 for: TCPIP.SYS  >[/color]
[2009/01/21 07:35:36 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009/08/15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009/08/14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2009/08/14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2010/06/16 17:55:58 | 000,902,032 | ---- | M] (Microsoft Corporation) MD5=6216A954ED7045B62880A92D6C9B9FC7 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[2009/08/14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2010/06/16 18:39:32 | 000,912,776 | ---- | M] (Microsoft Corporation) MD5=6A10AFCE0B38371064BE41C1FBFD3C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[2010/06/16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\System32\drivers\tcpip.sys
[2010/06/16 17:59:54 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=782568AB6A43160A159B6215B70BCCE9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[2009/01/21 07:35:36 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009/08/14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010/06/16 18:04:57 | 000,905,088 | ---- | M] (Microsoft Corporation) MD5=A474879AFA4A596B3A531F3E69730DBF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[2008/01/21 04:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009/08/14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
 
[color=#A23BEC]< MD5 for: TERMDD.SYS  >[/color]
[2006/11/02 11:50:28 | 000,050,792 | ---- | M] (Microsoft Corporation) MD5=2C549BD9DD091FBFAA0A2A48E82EC2FB -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\termdd.sys
[2008/01/21 04:23:01 | 000,054,328 | ---- | M] (Microsoft Corporation) MD5=A048056F5E1A96A9BF3071B91741A5AA -- C:\Windows\System32\drivers\termdd.sys
[2008/01/21 04:23:01 | 000,054,328 | ---- | M] (Microsoft Corporation) MD5=A048056F5E1A96A9BF3071B91741A5AA -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\termdd.sys
[2008/01/21 04:23:01 | 000,054,328 | ---- | M] (Microsoft Corporation) MD5=A048056F5E1A96A9BF3071B91741A5AA -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\termdd.sys
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2008/01/21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
[color=#A23BEC]< MD5 for: WIN32K.SYS  >[/color]
[2009/01/21 07:22:35 | 002,028,544 | ---- | M] (Microsoft Corporation) MD5=0FB1E39EE209B26B70A8C1E1A56D38DF -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.20782_none_b7425913b6bceacf\win32k.sys
[2010/12/31 15:59:47 | 002,048,000 | ---- | M] (Microsoft Corporation) MD5=2EE9A7A6563BEB2D325028BFA1639A94 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22560_none_bb22b62fb0fb5265\win32k.sys
[2009/01/21 07:39:37 | 002,029,568 | ---- | M] (Microsoft Corporation) MD5=541DF3F03A378BDD96A917A4CB8C71A2 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.20922_none_b7833c67b68c3d77\win32k.sys
[2010/08/31 16:33:39 | 002,046,464 | ---- | M] (Microsoft Corporation) MD5=5A259D684426F7DCBD6D435347955FF4 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22478_none_bb1fe6adb0fc3be7\win32k.sys
[2009/01/21 07:22:35 | 002,032,128 | ---- | M] (Microsoft Corporation) MD5=5B1E0409A9A6C415543732F21B2B7CC6 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22125_none_b96c781fb3b0201f\win32k.sys
[2008/01/21 04:24:35 | 002,031,616 | ---- | M] (Microsoft Corporation) MD5=664FCB81B53ECC5A1ACB325D50EB11C0 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18000_none_b8f379ba9a86c9c0\win32k.sys
[2009/01/21 07:22:35 | 002,027,008 | ---- | M] (Microsoft Corporation) MD5=6FF39E07708091C05FC748DB2DE833EA -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16646_none_b6e7fd209d7b409d\win32k.sys
[2010/12/31 15:24:31 | 002,039,296 | ---- | M] (Microsoft Corporation) MD5=7BE33568CBC736ACD18BF868CCFDD721 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22824_none_b96b851fb3b0f2d9\win32k.sys
[2010/12/31 15:25:17 | 002,038,784 | ---- | M] (Microsoft Corporation) MD5=7E2B88A06365DB40AB739E51DE750A1A -- C:\Windows\System32\win32k.sys
[2010/12/31 15:25:17 | 002,038,784 | ---- | M] (Microsoft Corporation) MD5=7E2B88A06365DB40AB739E51DE750A1A -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18573_none_b8aad4a29abccb1f\win32k.sys
[2010/08/31 15:39:46 | 002,037,248 | ---- | M] (Microsoft Corporation) MD5=8B8F4094E0C58022F8CBA3D33E45E244 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18523_none_b8e0e43e9a943f6a\win32k.sys
[2009/01/21 07:39:37 | 002,033,152 | ---- | M] (Microsoft Corporation) MD5=8BE357305D4BBEC35DBBE7D5536EE8C9 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22271_none_b9326941b3dc439f\win32k.sys
[2009/01/21 07:22:35 | 002,032,128 | ---- | M] (Microsoft Corporation) MD5=8F2DA4DDC21250ABA9206352A1080299 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18027_none_b8e4dbe89a90b303\win32k.sys
[2009/01/21 07:39:37 | 002,032,640 | ---- | M] (Microsoft Corporation) MD5=9304DD0014438C06261994960E24418A -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18145_none_b8cd3d629aa2b55e\win32k.sys
[2009/01/21 07:39:37 | 002,027,520 | ---- | M] (Microsoft Corporation) MD5=A90760D6F915CBB28E7F240668881BDE -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16754_none_b6db2e869d852707\win32k.sys
[2010/08/31 15:27:38 | 002,038,272 | ---- | M] (Microsoft Corporation) MD5=C2F2451A71234D5CF5D0E6C6546FAC6D -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18305_none_badef87897a88c81\win32k.sys
[2010/08/31 15:38:10 | 002,037,760 | ---- | M] (Microsoft Corporation) MD5=CFDC1586D84A187D38512528F60CA7E5 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22754_none_b94b1375b3c94985\win32k.sys
[2010/12/31 15:57:01 | 002,039,808 | ---- | M] (Microsoft Corporation) MD5=FD9B62599B3AD261D203040BC7DDEC65 -- C:\Windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18365_none_ba9e18f097d93427\win32k.sys
 
[color=#A23BEC]< MD5 for: WININIT.EXE  >[/color]
[2008/01/21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008/01/21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2008/01/21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008/01/21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2008/01/21 04:23:51 | 001,730,560 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\apds.dll
[2010/12/18 08:22:10 | 011,080,704 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\ieframe.dll
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
 
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2008/01/21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
[color=#A23BEC]< CREATERESTOREPOINT >[/color]
< End of report >
tendzen
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 30 Mai 2011 10:59
 

Re: Ecran noir et menace avast

Message le 30 Mai 2011 18:07

salut!

Quelqu'un peux m'aider à traduire, ou m'expliquer ce que je dois faire svp? merci
tendzen
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 30 Mai 2011 10:59
 

Re: Ecran noir et menace avast

Message le 30 Mai 2011 18:52

ok fait ceci.



Relance donc le cd que tu viens de graver puis relance OTLPE et dans cette fenêtre.

Image
Sous [color="#0000FF"]Custom Scan box[/color] copie_colle le contenu du cadre ci dessous:

:OTL
SRV - File not found [Auto] -- -- (Norton Internet Security)
IE - HKU\S-1-5-21-4245941210-965044527-4046636747-1000\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - Reg Error: Key error. File not found
FF - prefs.js..extensions.enabledItems: {4daac69c-cba7-45e2-9bc8-1044483d3352}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {34EFA911-B536-4C08-BECE-CD5E55C875B0}:1.0
FF - prefs.js..extensions.enabledItems: {4daac69c-cba7-45e2-9bc8-1044483d3352}:3.3.2.1
FF - prefs.js..extensions.enabledItems: {34EFA911-B536-4C08-BECE-CD5E55C875B0}:1.0
File not found (No name found) --
O2 - BHO: () - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: () - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-4245941210-965044527-4046636747-1000\..\Toolbar\WebBrowser: (no name) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - No CLSID value found.
O3 - HKU\S-1-5-21-4245941210-965044527-4046636747-1000\..\Toolbar\WebBrowser: () - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O33 - MountPoints2\{ea36a8bc-b98c-11de-a7d2-00238be6dec5}\Shell\Auto\command - "" = F:\AdobeR.exe e
[2010/11/26 17:43:25 | 000,000,000 | ---D | M] -- C:\Users\smith\AppData\Roaming\OfferBox
[2010/11/26 22:47:18 | 000,000,000 | ---D | M] -- C:\Users\smith\AppData\Roaming\OpenCandy
[2010/11/17 19:14:10 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/10 00:49:22 | 000,000,000 | ---D | M] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/02 15:05:10 | 000,000,000 | ---D | M] -- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
:Commands
[emptytemp]

* Cliques sur l'icône RUNFIX (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport s'ouvrir "OTL.log"
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Mets le rapport ici car il prend bien de la place.
http://www.cijoint.fr/index.php
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: Ecran noir et menace avast

Message le 30 Mai 2011 19:48

Ok j'ai un message :

"the system requieres a reboot to finish removing files.
Reboot now?"

Je coche oui ou non?
tendzen
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 30 Mai 2011 10:59
 

Re: Ecran noir et menace avast

Message le 30 Mai 2011 19:50

oui rebootes pour valider les suppressions.
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Message le 30 Mai 2011 20:03

ok c fait,
par contre dans c: le dernier fichier enregistré il s'appelle _OTL, avec sous fichier removed files, et ca : c'est le bon?

Code: Tout sélectionner
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security deleted successfully.
Registry value HKEY_USERS\S-1-5-21-4245941210-965044527-4046636747-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{4daac69c-cba7-45e2-9bc8-1044483d3352} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4daac69c-cba7-45e2-9bc8-1044483d3352}\ not found.
Prefs.js: {4daac69c-cba7-45e2-9bc8-1044483d3352}:3.3.2.1 removed from extensions.enabledItems
Prefs.js: {34EFA911-B536-4C08-BECE-CD5E55C875B0}:1.0 removed from extensions.enabledItems
Prefs.js: {4daac69c-cba7-45e2-9bc8-1044483d3352}:3.3.2.1 removed from extensions.enabledItems
Prefs.js: {34EFA911-B536-4C08-BECE-CD5E55C875B0}:1.0 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-4245941210-965044527-4046636747-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}\ not found.
Registry value HKEY_USERS\S-1-5-21-4245941210-965044527-4046636747-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea36a8bc-b98c-11de-a7d2-00238be6dec5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ea36a8bc-b98c-11de-a7d2-00238be6dec5}\ not found.
File F:\AdobeR.exe e not found.
C:\Users\smith\AppData\Roaming\OfferBox folder moved successfully.
C:\Users\smith\AppData\Roaming\OpenCandy\OpenCandy_689926CC8009425DA74AB49F4176146B folder moved successfully.
C:\Users\smith\AppData\Roaming\OpenCandy folder moved successfully.
C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86 folder moved successfully.
C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86 folder moved successfully.
C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} folder moved successfully.
C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}\x86 folder moved successfully.
C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD} folder moved successfully.
C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86 folder moved successfully.
C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: smith
->Temp folder emptied: 503444 bytes
->Temporary Internet Files folder emptied: 33438 bytes
->Java cache emptied: 37667874 bytes
->FireFox cache emptied: 70814348 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 4084 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3157133 bytes
 
Total Files Cleaned = 107,00 mb
 
 
OTLPE by OldTimer - Version 3.1.46.0 log created on 05302011_204452

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
tendzen
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 30 Mai 2011 10:59
 

Re: Ecran noir et menace avast

Message le 30 Mai 2011 20:06

on fait comment pour déchiffrer?
faut trouver tout ce qui est en 'no found' c'est ca l'idée? désolée si je pose trop de questions mais j'aimerais bien pas restée ignorante tant qu'à faire!
tendzen
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 30 Mai 2011 10:59
 

Re: Ecran noir et menace avast

Message le 30 Mai 2011 20:08

ok comment va le pc maintenant?
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: Ecran noir et menace avast

Message le 30 Mai 2011 20:10

Toujours pas d'ecran en mode normal
tendzen
Visiteur Confirmé
Visiteur Confirmé
 
Messages: 29
Inscription: 30 Mai 2011 10:59
 

Re: Ecran noir et menace avast

Message le 30 Mai 2011 20:18

tendzen a écrit:Toujours pas d'ecran en mode normal


arrête ton pc puis débranche le de secteur. débranche ton écran et ensuite appui 20 secondes sur le bouton power du pc.
rebranche tout et regarde si ton écran fonctionne cette fois.
on fait comment pour déchiffrer?


je ne t'oublies pas pour cette question.


faut trouver tout ce qui est en 'no found' c'est ca l'idée?
rien trouvé :oops:

donc vérifies aussi les connections si elles sont bien en place, normalement oui.
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Suivante


Sujets similaires

Message [résolu] Appels indésirables
Bonsoir? J'ai besoin d'aide, je n'en peux plus, mon portable est sur liste rouge, j'ai plusieurs appels par jour, d'un cabinet de santé, "santénéa", ils demandent à parler à ma femme, qui est décédée en octobre 2022, je ne comprends pas le lien entre mon numéro de portable et ma femme. ? J ...
Réponses: 27

Message Installation malveillante AVAST
BonjourMon père s'est fait prendre la main sur son PC pour installer AVAST.Suite à cette opération à 220 euros, je lui ai fait mettre opposition sur sa carte, 5 tentatives de prélévement ont bien été faites.On vient de passer FRST.Quelqu'un peut m'aider si nécessaire ?Merci de votre aidehttps://pjjo ...
Réponses: 2

Message [Résolu] Récupération du dual boot
Bonjour,Pourriez-vous m'aider à remettre le dual boot" sur un pc portable HP modèle G7 1235 SF" qui a Windows 10 et Ubuntu 24.04 que j'ai installé dans " l'espace libre" du disque dur mais au démarrage c'est Ubuntu qui est démarre directement, comment faire ?J'aurai voulu garder ...
Réponses: 13

Message conseil sur les marques d'écran
Bonjour, je vais offrir un écran à mon fiston pour Noël. Je m'en suis acheté un récemment un AOC dont je suis satisfait maisJe ne connais pas les nouvelles marques alors est ce que quelqu'un à un avis sur ces 3 modèles svp ? Merci. => ICI <==> LA <==> ET LA <=
Réponses: 3

Message Outil capture d'écran ne fonctionne pas - W11
Bonjour à toutes et tous !Venant d'acquérir un nouveau PC équipé de W11 (Pro), je suis face à un problème que je ne parviens pas à résoudre malgré les nombreuses pistes déjà explorées.Cela concerne l'outil capture qui ne fonctionne plus.Je dis bien qui fonctionne plus car il était opérationnel avant ...
Réponses: 167

Message [résolu] Inscris à l'insu de mon plein gré
Bonjour J'ai un souci, qui m'énerve vraiment, ma fille m'a réglé une smart TV, pour que le Chromecast intégré fonctionne elle m'a créé un compte sur google. Presque sur chaque site, j'ai ceci :Sur le site TV loisir, je n'ai pas fait exprès, j'ai cliqué sur ok, au lieu de la croix, ça m'a créé un com ...
Réponses: 3


Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 10 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.