Sujet Précédent Sujet Suivant

AVG, Malaware, Spybot.. Innefficace

Fermé
Faystoss Messages postés 9 Date d'inscription mercredi 27 octobre 2010 Statut Membre Dernière intervention 29 octobre 2010 - Modifié par Faystoss le 27/10/2010 à 12:39
supergeronimo44 Messages postés 862 Date d'inscription mardi 21 avril 2009 Statut Contributeur sécurité Dernière intervention 28 octobre 2011 - 12 nov. 2010 à 19:09
Bonjour,

Hier j'ai téléchargé un keygen à cette adresse
www.webadsense.net/e-m-total-video-converter-hd-3-71-100812-keygen-serial-code.html -

après l'avoir analysé par AVG , je l'ai éxecuté, je m'aperçois que ce n'est pas un keygen mais l'installation de programme malveillant, dans le gestionnaire des taches à processus,
il y a de nouveau processus: Sergica.exe, Szl.exe, Conime.exe, sshnas21.exe, Rundll32.exe ooebelfdr show center, Apoint.exe.
je crois que c'est un virus edité par cjsc computing force, virus de nom Silvers je crois.

Je m'aperçois aussi d'un espace vide dans ma barre windows en bas a droite à côté de l'heure il y a 3 incones ensuite un espace vide ensuite les autres icones je trouve sa etrange.

Donc je lance toutes les analyse possibles, Trojan remover, Trojan killer, AVG, Spybot, Malaware rien n'est détécter en mode normal et sans echec.

voici mon Highjackthis merci de votre aide :

petit probleme durant l'analyse "for some reason your system denies write access to the Hosts file."

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:32:52, on 27/10/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18527)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\AVG\AVG9\avgui.exe
C:\Users\EMACHINES\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=&Br=EM&Loc=FRN_FR&Sys=PTB&M=eMachines E510
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=&Br=EM&Loc=FRN_FR&Sys=PTB&M=eMachines E510
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=&Br=EM&Loc=FRN_FR&Sys=PTB&M=eMachines E510
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.gateway.com/g/sidepanel.html?Ch=Retail&SubCH=&Br=EM&Loc=FRN_FR&Sys=PTB&M=eMachines E510
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Audacity-tools Toolbar - {d0b1518e-3e45-4d16-a23b-4d90ef938e44} - C:\Program Files\Audacity-tools\tbAuda.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O2 - BHO: Audacity-tools Toolbar - {d0b1518e-3e45-4d16-a23b-4d90ef938e44} - C:\Program Files\Audacity-tools\tbAuda.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Audacity-tools Toolbar - {d0b1518e-3e45-4d16-a23b-4d90ef938e44} - C:\Program Files\Audacity-tools\tbAuda.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [IObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: AVGRSSTX.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

<signature>End of file - 8532 bytes


A voir également:

15 réponses

Réponse 1 / 15
supergeronimo44 Messages postés 862 Date d'inscription mardi 21 avril 2009 Statut Contributeur sécurité Dernière intervention 28 octobre 2011 84
Modifié par supergeronimo44 le 28/10/2010 à 17:31
Re- !

Alors :

Après avoir désinstallé Spybot S&D ainsi que IObit Security 360, fais TOUT ce qui suit :

1/*
Peux-tu me dire ce qu'il y a dans ce dossier :

C:\22879d58c5e3121a3e6ca4 ?

++++

2/*
Peux-tu faire une analyse sur Virus Total afin de mettre en évidence ou non un fichier infectieux ?

Pour ce faire, rends-toi à cette adresse : http://www.virustotal.com/index.html
Clique sur "Parcourir" > déroule l'arborescence jusqu'à ce fichier :

C:\Windows\WININIT.INI

Clique ensuite sur "Ouvrir" puis sur "Send File" . Patiente un peu le temps du scan.
Lorsque l'analyse est finie, fais un copié/collé du rapport que tu posteras dans ta prochaine réponse.

++++

3/*
Recommence le 2/*, mais avec ce fichier cette fois :

C:\Windows\_delis32.ini

++++

4/*
Idem avec ce fichier là :

C:\Windows\System32\user32.dll

++++

5/*
* Télécharge TDSSKiller (de Kaspersky Labs) sur ton Bureau.
* Lance le (si tu utilises Windows Vista ou 7 : fais un clic-droit dessus et choisis "Exécuter en tant qu'administrateur")
* Clique sur [Start Scan] pour démarrer l'analyse.
* Si des éléments sont trouvés, clique sur [Continue] puis sur [Reboot Now]
* Un rapport s'ouvrira au redémarrage de l'ordinateur.
* Copie/colle son contenu dans ta prochaine réponse.
Note : Le rapport se trouve également sous C:\TDSSKiller.N°deversion_Date_Heure_log.txt

~~~~~~~~

J'attends donc les rapports :
=> Virus Total
=> Celui de Malwares Byte's Anti Malware ( que tu as fait avant de poster sur le forum)
=> Celui de TDSSKiller

++
*\\ "L'important n'est pas le but, mais le chemin qui y mène" //*
=>Vive Helper-Formation !<=
1
Réponse 2 / 15
supergeronimo44 Messages postés 862 Date d'inscription mardi 21 avril 2009 Statut Contributeur sécurité Dernière intervention 28 octobre 2011 84
27 oct. 2010 à 17:03
Salut ;)


Nous allons essayer de régler ton problème ensemble. D'abord, quelques rappels :

- N'ouvre pas d'autres sujets pour le même problème (que ce soit sur ce forum ou sur un autre)
- N'hésite pas à poser des questions en cas de besoin ;)
- Sois patient(e) quand tu postes un message, je ne réponds pas instantanément : je suis bénévole et je ne suis pas en permanence devant mon ordinateur. Mais rassure toi, je ne laisse jamais tomber personne ;)
- La désinfection va se dérouler en plusieurs étapes. Même si les symptômes de l'infection disparaissent, la désinfection ne sera terminée que quand je te le confirmerai --> Merci de revenir jusqu'au bout, sinon ce qu'on a fait n'aura servi à rien.

Je veux bien prendre en charge la désinfection, à une seule condition ( en plus de celles ci-dessus) => que tu arrêtes immédiatement le P2P illégal.
Si tu es prêt à arrêter l'utilisation de keygens, cracks etc... c'est bon. Sinon, je te laisse te débrouiller tout seul.


Quand-est-ce que vous serez conscients de la dangerosité des cracks ??
=> https://forum.malekal.com/viewtopic.php?t=893&start=

=> https://forum.malekal.com/viewtopic.php?t=3257&start=



J'attends donc ta réponse pour savoir si oui ou non nous devons continuer.

++
0
Réponse 3 / 15
Faystoss Messages postés 9 Date d'inscription mercredi 27 octobre 2010 Statut Membre Dernière intervention 29 octobre 2010
27 oct. 2010 à 19:00
Merci de ta réponse supergeronimo44, désolé pour le double post mais je n'arrivait pas à supprimer l'autre. Pour le P2P je ne suis pas un grand fan de cela c'est juste que j'avais besoin de total video converter pour pouvoir convertir une video je n'avais pas d'autre solution. Donc oui je suis tout à ton écoute pour mener à bien cette desinfection j'attend tes conseils. Merci
0
Réponse 4 / 15
supergeronimo44 Messages postés 862 Date d'inscription mardi 21 avril 2009 Statut Contributeur sécurité Dernière intervention 28 octobre 2011 84
Modifié par supergeronimo44 le 27/10/2010 à 19:37
Ok.

Cependant, tu as bien vu ce que ça pouvait occasionner comme dommages pour ton PC..

~~~~~~~~

Donc,

As-tu des symptômes particuliers mis à part ces nouveaux processus ?

~~~~~~~~

* Télécharge >> OTL << sur ton bureau. => http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/

* Fais un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.
* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

~~~~~~~~
type %windir%\System32\drivers\etc\hosts /c
netsvcs
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%SYSTEMDRIVE%\*.exe
/md5start
netlogon.dll
atapi.sys
explorer.exe
userinit.exe
svchost.exe
winlogon.exe
user32.dll
ndis.sys
beep.sys
tcpip.sys
/md5stop

~~~~~~~~


* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés
Héberge moi les deux rapports comme indiqué ici => https://www.androidworld.fr/


Bonne soirée ! :)

*\\ "L'important n'est pas le but, mais le chemin qui y mène" //*
=>Vive Helper-Formation !<=
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 15
Faystoss Messages postés 9 Date d'inscription mercredi 27 octobre 2010 Statut Membre Dernière intervention 29 octobre 2010
27 oct. 2010 à 23:16
Voici le premier rapport :
OTL.Txt

OTL logfile created on: 27/10/2010 22:48:50 - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\EMACHINES\Downloads
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 101,78 Gb Total Space | 15,63 Gb Free Space | 15,35% Space Free | Partition Type: NTFS

Computer Name: PC-EMACHINES | User Name: EMACHINES | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========/color

PRC - C:\Users\EMACHINES\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgam.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\IObit\IObit Security 360\IS360srv.exe (IObit)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
PRC - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe ()
PRC - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Windows\System32\igfxext.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)


[color=#E56717]========== Modules (SafeList) ==========/color

MOD - C:\Users\EMACHINES\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)


[color=#E56717]========== Win32 Services (SafeList) ==========/color

SRV - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)
SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (IS360service) -- C:\Program Files\IObit\IObit Security 360\IS360srv.exe (IObit)
SRV - (NTIBackupSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech InfoSystems, Inc.)
SRV - (NTISchedulerSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ()
SRV - (ETService) -- C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe ()
SRV - (BUNAgentSvc) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE (Symantec Corporation)
SRV - (Automatic LiveUpdate Scheduler) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)


[color=#E56717]========== Driver Services (SafeList) ==========/color

DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (driverhardwarev2) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (CybelSoft)
DRV - (AvgTdiX) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgRkx86) -- C:\Windows\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (DritekPortIO) -- C:\PROGRA~1\LAUNCH~1\DPortIO.sys (Dritek System Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (SymIM) -- C:\Windows\System32\drivers\SymIMV.sys (Symantec Corporation)
DRV - (SYMFW) -- C:\Windows\System32\Drivers\SYMFW.SYS (Symantec Corporation)
DRV - (SYMNDISV) -- C:\Windows\System32\Drivers\SYMNDISV.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMDNS) -- C:\Windows\System32\Drivers\SYMDNS.SYS (Symantec Corporation)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (UBHelper) -- C:\Windows\System32\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (usbaudio) Pilote USB audio (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (QCMerced) -- C:\Windows\System32\drivers\lvcm.sys ()
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)


[color=#E56717]========== Standard Registry (SafeList) ==========/color


[color=#E56717]========== Internet Explorer ==========/color

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=&Br=EM&Loc=FRN_FR&Sys=PTB&M=eMachines E510
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=&Br=EM&Loc=FRN_FR&Sys=PTB&M=eMachines E510
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.gateway.com/g/sidepanel.html?Ch=Retail&SubCH=&Br=EM&Loc=FRN_FR&Sys=PTB&M=eMachines E510
IE - HKLM\..\URLSearchHook: {d0b1518e-3e45-4d16-a23b-4d90ef938e44} - C:\Program Files\Audacity-tools\tbAuda.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=&Br=EM&Loc=FRN_FR&Sys=PTB&M=eMachines E510
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {d0b1518e-3e45-4d16-a23b-4d90ef938e44} - C:\Program Files\Audacity-tools\tbAuda.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========/color

FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.863

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/10/27 11:13:00 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/10 18:45:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/10 18:45:54 | 000,000,000 | ---D | M]

[2010/08/24 18:53:30 | 000,000,000 | ---D | M] -- C:\Users\EMACHINES\AppData\Roaming\mozilla\Extensions
[2010/10/27 00:34:52 | 000,000,000 | ---D | M] -- C:\Users\EMACHINES\AppData\Roaming\mozilla\Firefox\Profiles\2ti3h7fz.default\extensions
[2010/08/28 12:55:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\EMACHINES\AppData\Roaming\mozilla\Firefox\Profiles\2ti3h7fz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/24 18:53:23 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010/10/10 18:45:51 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/10/10 18:45:51 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/10/10 18:45:51 | 000,000,748 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\MediaDICO-fr.xml
[2010/10/10 18:45:51 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/10/10 18:45:51 | 000,000,652 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/08/31 16:47:00 | 000,416,917 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 14391 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Windows\System32\BAE.dll (Gateway Inc.)
O2 - BHO: (Audacity-tools Toolbar) - {d0b1518e-3e45-4d16-a23b-4d90ef938e44} - C:\Program Files\Audacity-tools\tbAuda.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Audacity-tools Toolbar) - {d0b1518e-3e45-4d16-a23b-4d90ef938e44} - C:\Program Files\Audacity-tools\tbAuda.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Audacity-tools Toolbar) - {D0B1518E-3E45-4D16-A23B-4D90EF938E44} - C:\Program Files\Audacity-tools\tbAuda.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe (IObit)
O4 - HKLM..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe (eMachines)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (AVGRSSTX.DLL) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\EMACHINES\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\EMACHINES\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========/color

[2010/10/27 00:58:30 | 000,000,000 | ---D | C] -- C:\Users\EMACHINES\AppData\Roaming\IObit
[2010/10/27 00:58:25 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2010/10/27 00:57:58 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010/10/27 00:50:07 | 000,000,000 | ---D | C] -- C:\Users\EMACHINES\AppData\Roaming\Uniblue
[2010/10/27 00:49:55 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2010/10/27 00:37:34 | 000,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer
[2010/10/27 00:34:51 | 000,000,000 | ---D | C] -- C:\Users\EMACHINES\Documents\Simply Super Software
[2010/10/27 00:34:26 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll
[2010/10/27 00:34:23 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2010/10/27 00:34:23 | 000,000,000 | ---D | C] -- C:\Users\EMACHINES\AppData\Roaming\Simply Super Software
[2010/10/27 00:34:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2010/10/27 00:27:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/10/27 00:03:40 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/10/27 00:03:35 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/10/26 23:33:57 | 000,000,000 | ---D | C] -- C:\ProgramData\NtiDvdCopy
[2010/10/26 23:20:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/10/26 23:07:27 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/10/26 23:02:54 | 000,000,000 | ---D | C] -- C:\Users\EMACHINES\AppData\Roaming\Malwarebytes
[2010/10/26 23:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/10/26 23:02:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/26 22:47:39 | 000,000,000 | ---D | C] -- C:\Program Files\NoVirusThanks
[2010/10/26 21:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\Total Video Converter
[2010/10/26 01:25:35 | 000,000,000 | ---D | C] -- C:\22879d58c5e3121a3e6ca4
[2010/10/26 00:46:21 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC78748.rra
[2010/10/26 00:46:18 | 000,090,112 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\LQCUa5a1.rra
[2010/10/26 00:44:31 | 000,308,224 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn040c.exe
[2010/10/26 00:15:21 | 000,000,000 | ---D | C] -- C:\Users\EMACHINES\AppData\Local\Logitech-LS
[2010/10/26 00:04:50 | 000,462,848 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\LCamCpl.dll
[2010/10/26 00:04:50 | 000,282,624 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\camcpl.cpl
[2010/10/26 00:04:50 | 000,215,552 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Lvkrn12n.dll
[2010/10/26 00:04:50 | 000,029,795 | ---- | C] (Ingenient Technologies, Inc.) -- C:\Windows\System32\ITIG726.acm
[2010/10/26 00:04:48 | 000,628,736 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltocx12n.ocx
[2010/10/26 00:04:48 | 000,192,512 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltscr12n.ocx
[2010/10/26 00:04:45 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71u.dll
[2010/10/26 00:04:45 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71DEU.DLL
[2010/10/26 00:04:45 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71ITA.DLL
[2010/10/26 00:04:45 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71ESP.DLL
[2010/10/26 00:04:45 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71ENU.DLL
[2010/10/26 00:04:45 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71KOR.DLL
[2010/10/26 00:04:45 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71JPN.DLL
[2010/10/26 00:04:45 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71CHT.DLL
[2010/10/26 00:04:45 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71CHS.DLL
[2010/10/26 00:04:44 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.dll
[2010/10/26 00:04:44 | 000,466,944 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\QCUI2.dll
[2010/10/26 00:04:44 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl71.dll
[2010/10/26 00:04:44 | 000,086,016 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\vatee.ax
[2010/10/26 00:04:43 | 000,856,064 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\Ltwvc12n.dll
[2010/10/26 00:04:43 | 000,406,016 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltkrn12n.dll
[2010/10/26 00:04:42 | 000,259,072 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LTDIS12n.dll
[2010/10/26 00:04:42 | 000,207,872 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltefx12n.dll
[2010/10/26 00:04:42 | 000,164,864 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltimg12n.dll
[2010/10/26 00:04:42 | 000,141,312 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lftif12n.dll
[2010/10/26 00:04:42 | 000,131,072 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\ltfil12n.DLL
[2010/10/26 00:04:41 | 000,328,704 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\LFCMP12n.DLL
[2010/10/26 00:04:41 | 000,078,336 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lffax12n.dll
[2010/10/26 00:04:41 | 000,030,720 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\System32\lfbmp12n.dll
[2010/10/26 00:04:39 | 000,090,112 | ---- | C] (Logitech Inc.) -- C:\Windows\System32\LQCUI2.dll
[2010/10/26 00:03:43 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2010/10/25 23:44:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ma-config.com
[2010/10/25 23:44:21 | 000,000,000 | ---D | C] -- C:\Program Files\ma-config.com
[2010/10/25 22:53:40 | 000,000,000 | ---D | C] -- C:\Users\EMACHINES\AppData\Roaming\Moyea
[2010/10/25 22:53:14 | 000,000,000 | ---D | C] -- C:\Users\EMACHINES\AppData\Roaming\Leawo
[2010/10/25 22:50:26 | 000,139,264 | ---- | C] (http://www.xvid.org) -- C:\Windows\System32\xvid.ax
[2010/10/25 22:19:03 | 000,000,000 | ---D | C] -- C:\Users\EMACHINES\AppData\Roaming\FreeVideoConverter
[2010/10/25 22:13:40 | 000,000,000 | ---D | C] -- C:\VideoOutput
[2010/10/25 22:11:29 | 000,000,000 | ---D | C] -- C:\Users\EMACHINES\AppData\Roaming\AVS4YOU
[2010/10/25 22:09:09 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll
[2010/10/25 22:09:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia
[2010/10/25 22:09:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2010/10/25 22:09:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2010/10/16 10:58:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010/10/15 18:14:22 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/10/15 18:14:10 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010/10/15 18:14:01 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/10/15 18:14:00 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010/10/15 18:14:00 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010/10/15 18:13:59 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/10/15 18:13:58 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010/10/15 18:13:54 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/10/15 18:13:53 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/10/15 18:13:52 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/10/15 18:13:52 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010/10/15 18:13:51 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/10/15 18:13:51 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/10/15 18:13:51 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/10/15 18:13:51 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/10/15 18:13:51 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010/10/15 18:13:51 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/10/10 13:50:18 | 000,000,000 | ---D | C] -- C:\Users\EMACHINES\AppData\Roaming\Template
[2010/10/02 20:59:13 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[color=#E56717]========== Files - Modified Within 30 Days ==========/color

[2010/10/27 22:06:00 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/27 21:35:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/27 21:35:41 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/27 19:42:44 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2010/10/27 17:35:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/27 14:20:59 | 066,884,656 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/10/27 13:40:59 | 000,065,536 | ---- | M] () -- C:\Users\EMACHINES\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/27 11:06:01 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/27 11:03:13 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010/10/27 11:02:54 | 2136,981,504 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/27 01:42:40 | 000,000,680 | ---- | M] () -- C:\Users\EMACHINES\AppData\Local\d3d9caps.dat
[2010/10/27 00:58:34 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\IObit Security 360.lnk
[2010/10/27 00:50:03 | 000,000,891 | ---- | M] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2010/10/27 00:50:02 | 000,000,915 | ---- | M] () -- C:\Users\EMACHINES\Application Data\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk
[2010/10/27 00:37:48 | 000,000,854 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2010/10/27 00:34:46 | 000,000,938 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2010/10/27 00:03:43 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/26 01:27:22 | 000,673,938 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/10/26 01:27:22 | 000,591,320 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/10/26 01:27:22 | 000,125,636 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/10/26 01:27:22 | 000,103,194 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/10/26 00:44:30 | 000,000,280 | ---- | M] () -- C:\Windows\_delis32.ini
[2010/10/25 22:31:40 | 000,000,619 | ---- | M] () -- C:\Windows\WININIT.INI
[2010/10/25 21:55:52 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTIMP3.dll
[2010/10/22 18:52:32 | 000,304,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/10/10 21:07:31 | 000,000,104 | ---- | M] () -- C:\Users\EMACHINES\AppData\Roaming\wklnhst.dat

[color=#E56717]========== Files Created - No Company Name ==========/color

[2010/10/27 11:02:54 | 2136,981,504 | -HS- | C] () -- C:\hiberfil.sys
[2010/10/27 01:38:16 | 000,000,680 | ---- | C] () -- C:\Users\EMACHINES\AppData\Local\d3d9caps.dat
[2010/10/27 00:58:34 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\IObit Security 360.lnk
[2010/10/27 00:50:17 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job
[2010/10/27 00:50:03 | 000,000,891 | ---- | C] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2010/10/27 00:50:02 | 000,000,915 | ---- | C] () -- C:\Users\EMACHINES\Application Data\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk
[2010/10/27 00:37:48 | 000,000,854 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2010/10/27 00:34:46 | 000,000,938 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2010/10/27 00:34:26 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010/10/27 00:34:26 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010/10/27 00:34:26 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2010/10/27 00:34:25 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2010/10/27 00:03:42 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/26 00:44:30 | 000,000,280 | ---- | C] () -- C:\Windows\_delis32.ini
[2010/10/10 13:50:08 | 000,000,104 | ---- | C] () -- C:\Users\EMACHINES\AppData\Roaming\wklnhst.dat
[2010/08/25 12:56:30 | 000,000,619 | ---- | C] () -- C:\Windows\WININIT.INI
[2010/08/24 19:19:54 | 000,065,536 | ---- | C] () -- C:\Users\EMACHINES\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/24 18:55:18 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/08/24 18:55:17 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/08/24 18:55:15 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2010/08/24 18:55:15 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/08/24 18:55:15 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/08/24 18:55:14 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/08/24 18:24:13 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008/05/22 15:30:58 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/05/22 15:30:58 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/05/22 15:30:58 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/05/22 15:30:57 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/05/22 06:27:02 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008/05/22 06:27:02 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008/05/22 05:50:02 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/05/27 09:32:52 | 001,317,152 | ---- | C] () -- C:\Windows\System32\drivers\lvcm.sys
[2005/05/27 09:10:26 | 000,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

[color=#E56717]========== Custom Scans ==========/color


[color=#A23BEC]< type %windir%\System32\drivers\etc\hosts /c >/color
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
::1 localhost
# Start of entries inserted by Spybot - Search & Destroy
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
127.0.0.1 123simsen.com
127.0.0.1 www.123simsen.com
127.0.0.1 123topsearch.com
127.0.0.1 www.123topsearch.com
127.0.0.1 125sms.co.uk
127.0.0.1 www.125sms.co.uk
127.0.0.1 125sms.com
127.0.0.1 www.125sms.com
127.0.0.1 132.com
127.0.0.1 www.132.com
127.0.0.1 1337crew.info
127.0.0.1 www.1337crew.info
127.0.0.1 www.1337-crew.to
127.0.0.1 1337-crew.to
127.0.0.1 136136.net
127.0.0.1 www.136136.net
127.0.0.1 150freesms.de
127.0.0.1 www.150freesms.de
127.0.0.1 163ns.com
127.0.0.1 www.163ns.com
127.0.0.1 171203.com
127.0.0.1 17concepts.info
127.0.0.1 www.17concepts.info
127.0.0.1 17-plus.com
127.0.0.1 www.1800searchonline.com
127.0.0.1 1800searchonline.com
127.0.0.1 180searchassistant.com
127.0.0.1 www.180searchassistant.com
127.0.0.1 180solutions.com
127.0.0.1 www.180solutions.com
127.0.0.1 181.365soft.info
127.0.0.1 www.181.365soft.info
127.0.0.1 1987324.com
127.0.0.1 www.1987324.com
127.0.0.1 www.1-domains-registrations.com
127.0.0.1 1-domains-registrations.com
127.0.0.1 www.1ghporn.info
127.0.0.1 1ghporn.info
127.0.0.1 www.1importantiamreal.com
127.0.0.1 1importantiamreal.com
127.0.0.1 www.1mybigdreamnowreal.com
127.0.0.1 1mybigdreamnowreal.com
127.0.0.1 www.1sexparty.com
127.0.0.1 1sexparty.com
127.0.0.1 www.1sms.de
127.0.0.1 1sms.de
127.0.0.1 www.1spybot.com
127.0.0.1 1spybot.com
127.0.0.1 www.1stantivirus.com
127.0.0.1 1stantivirus.com
127.0.0.1 www.1stpagehere.com
127.0.0.1 1stpagehere.com
127.0.0.1 www.1stsearchportal.com
127.0.0.1 1stsearchportal.com
127.0.0.1 2.82211.net
127.0.0.1 2006ooo.com
127.0.0.1 www.2006ooo.com
127.0.0.1 www.2007-download.com
127.0.0.1 2007-download.com
127.0.0.1 2008firefox.com
127.0.0.1 www.2008firefox.com
127.0.0.1 www.2008search-destroy.com
127.0.0.1 2008search-destroy.com
127.0.0.1 www.2008-search-destroy.com
127.0.0.1 2008-search-destroy.com
127.0.0.1 2008-viewer.com
127.0.0.1 www.2008-viewer.com
127.0.0.1 2009--access.com
127.0.0.1 www.2009--access.com
127.0.0.1 www.2009antivirpro.com
127.0.0.1 2009antivirpro.com
127.0.0.1 www.2009-edition.com
127.0.0.1 2009-edition.com
127.0.0.1 www.2009-phone.com
127.0.0.1 2009-phone.com
127.0.0.1 www.2009search-destroy.com
127.0.0.1 2009search-destroy.com
127.0.0.1 2009-version.info
127.0.0.1 www.2009-version.info
127.0.0.1 2020search.com
127.0.0.1 www.2020search.com
127.0.0.1 20x2p.com
127.0.0.1 21dice.net
127.0.0.1 www.21dice.net
127.0.0.1 2-2005-search.com
127.0.0.1 www.2-2005-search.com
127.0.0.1 24.365soft.info
127.0.0.1 www.24.365soft.info
127.0.0.1 247fxxx.info
127.0.0.1 www.247fxxx.info
127.0.0.1 24-7pharmacy.info
127.0.0.1 www.24-7pharmacy.info
127.0.0.1 24-7searching-and-more.com
127.0.0.1 www.24-7searching-and-more.com
127.0.0.1 www.24teen.com
127.0.0.1 24teen.com
127.0.0.1 2hj5jtnrlax.baptogbyog.com
127.0.0.1 2ndpower.com
127.0.0.1 www.2rfsex.info
127.0.0.1 2rfsex.info
127.0.0.1 www.2search.com
127.0.0.1 2search.com
127.0.0.1 www.2search.org
127.0.0.1 2search.org
127.0.0.1 www.2squared.com
127.0.0.1 2squared.com
127.0.0.1 www.2vgporn.info
127.0.0.1 2vgporn.info
127.0.0.1 31columns.com
127.0.0.1 www.31columns.com
127.0.0.1 3-2005-search.com
127.0.0.1 www.3-2005-search.com
127.0.0.1 www.321-gratis-sms.com
127.0.0.1 321-gratis-sms.com
127.0.0.1 www.3322.org
127.0.0.1 3322.org
127.0.0.1 www.365fporn.info
127.0.0.1 365fporn.info
127.0.0.1 www.365sites.info
127.0.0.1 365sites.info
127.0.0.1 365soft.info
127.0.0.1 36obv2gzq5k.siercevay.com
127.0.0.1 www.36site.com
127.0.0.1 36site.com
127.0.0.1 3721.com
127.0.0.1 39-93.com
127.0.0.1 www.3bay.it
127.0.0.1 3bay.it
127.0.0.1 www.3dgsex.info
127.0.0.1 3dgsex.info
127.0.0.1 3o7dbisqfd4.nedqunefr.com
127.0.0.1 www.3wgporn.info
127.0.0.1 3wgporn.info
127.0.0.1 3xclipsonline.com
127.0.0.1 www.3xclipsonline.com
127.0.0.1 3xcurves.com
127.0.0.1 www.3xcurves.com
127.0.0.1 www.3xfestival.com
127.0.0.1 3xfestival.com
127.0.0.1 www.3x-festival.com
127.0.0.1 3x-festival.com
127.0.0.1 www.3x-galls.com
127.0.0.1 3x-galls.com
127.0.0.1 www.3xmiracle.com
127.0.0.1 3xmiracle.com
127.0.0.1 www.3xmoviesblog.com
127.0.0.1 3xmoviesblog.com
127.0.0.1 404dns.com
127.0.0.1 www.404dns.com
127.0.0.1 4199.com
127.0.0.1 www.4199.com
127.0.0.1 4-2005-search.com
127.0.0.1 www.4-2005-search.com
127.0.0.1 4corn.net
127.0.0.1 www.4corn.net
127.0.0.1 4ebay.it
127.0.0.1 www.4ebay.it
127.0.0.1 4klm.com
127.0.0.1 4mpg.com
127.0.0.1 www.4mpg.com
127.0.0.1 www.4-open-davinci.com
127.0.0.1 4-open-davinci.com
127.0.0.1 www.4thsex.info
127.0.0.1 4thsex.info
127.0.0.1 500sex.info
127.0.0.1 www.500sex.info
127.0.0.1 5-2005-search.com
127.0.0.1 www.5-2005-search.com
127.0.0.1 www.555royalclub.net
127.0.0.1 555royalclub.net
127.0.0.1 www.59cn.cn
127.0.0.1 59cn.cn
127.0.0.1 www.5okporn.info
127.0.0.1 5okporn.info
127.0.0.1 www.5starsblog.com
127.0.0.1 5starsblog.com
127.0.0.1 www.5zgmu7o20kt5d8yq.com
127.0.0.1 5zgmu7o20kt5d8yq.com
127.0.0.1 www.6000vornamen.de
127.0.0.1 6000vornamen.de
127.0.0.1 www.6700.cn
127.0.0.1 6700.cn
127.0.0.1 www.680180.net
127.0.0.1 680180.net
127.0.0.1 www.69loadz.com
127.0.0.1 69loadz.com
127.0.0.1 www.6hporn.info
127.0.0.1 6hporn.info
127.0.0.1 6o64cfcmkyt.tabletprescriptionshop.net
127.0.0.1 www.6plosex.info
127.0.0.1 6plosex.info
127.0.0.1 www.6sek.com
127.0.0.1 6sek.com
127.0.0.1 www.70-music.com
127.0.0.1 70-music.com
127.0.0.1 www.7322.com
127.0.0.1 7322.com
127.0.0.1 www.745970.com
127.0.0.1 745970.com
127.0.0.1 75tz.com
127.0.0.1 www.777casinoroyal.net
127.0.0.1 777casinoroyal.net
127.0.0.1 www.777casinozbest.net
127.0.0.1 777casinozbest.net
127.0.0.1 www.777gamecard.net
127.0.0.1 777gamecard.net
127.0.0.1 www.777jackpotgame.net
127.0.0.1 777jackpotgame.net
127.0.0.1 www.777luxcasino.net
127.0.0.1 777luxcasino.net
127.0.0.1 www.777playeuro.net
127.0.0.1 777playeuro.net
127.0.0.1 www.777search.com
127.0.0.1 777search.com
127.0.0.1 www.777starsgame.net
127.0.0.1 777starsgame.net
127.0.0.1 www.777top.com
127.0.0.1 777top.com
127.0.0.1 www.777web-casinoz.net
127.0.0.1 777web-casinoz.net
127.0.0.1 www.777webgamez.ru
127.0.0.1 777webgamez.ru
127.0.0.1 www.7939.com
127.0.0.1 7939.com
127.0.0.1 www.7jksex.info
127.0.0.1 7jksex.info
127.0.0.1 80gw6ry3i3x3qbrkwhxhw.032439.com
127.0.0.1 www.80-music.com
127.0.0.1 80-music.com
127.0.0.1 82211.net
127.0.0.1 8866.org
127.0.0.1 www.888best-games.net
127.0.0.1 888best-games.net
127.0.0.1 888gamegold.net
127.0.0.1 www.888gamegold.net
127.0.0.1 888gamevip.net
127.0.0.1 www.888gamevip.net
127.0.0.1 888globalplay.net
127.0.0.1 www.888globalplay.net
127.0.0.1 www.888-lucky.net
127.0.0.1 888-lucky.net
127.0.0.1 88sms.ch
127.0.0.1 www.88sms.ch
127.0.0.1 88vcd.com
127.0.0.1 www.88vcd.com
127.0.0.1 8ad.com
127.0.0.1 www.8ad.com
127.0.0.1 www.8-download.com
127.0.0.1 8-download.com
127.0.0.1 www.90-music.com
127.0.0.1 90-music.com
127.0.0.1 www.9505.com
127.0.0.1 9505.com
127.0.0.1 www.971searchbox.com
127.0.0.1 971searchbox.com
127.0.0.1 www.99downloads.de
127.0.0.1 99downloads.de
127.0.0.1 9mmporn.com
127.0.0.1 a.bestmanage.org
127.0.0.1 aaa.losnigerad.com
127.0.0.1 aaabesthomepage.com
127.0.0.1 www.aaabesthomepage.com
127.0.0.1 aaasexypics.com
127.0.0.1 aaawebfinder.com
127.0.0.1 www.aaawebfinder.com
127.0.0.1 aantivir.de
127.0.0.1 www.aantivir.de
127.0.0.1 aaqadarsztriv.com
127.0.0.1 www.aaqadarsztriv.com
127.0.0.1 www.aaqada-rsztriv.com
127.0.0.1 aaqada-rsztriv.com
127.0.0.1 aaqadaueorn.com
127.0.0.1 www.aaqadaueorn.com
127.0.0.1 aaqada-ueorn.com
127.0.0.1 www.aaqada-ueorn.com
127.0.0.1 www.aaqada-ygco.com
127.0.0.1 aaqada-ygco.com
127.0.0.1 aaqada-ymct.com
127.0.0.1 www.aaqada-ymct.com
127.0.0.1 aaszxy.ru
127.0.0.1 www.aaszxy.ru
127.0.0.1 aav2008.com
127.0.0.1 www.aav2008.com
127.0.0.1 aavc.com
127.0.0.1 aavira.de
127.0.0.1 www.aavira.de
127.0.0.1 www.abccodec.com
127.0.0.1 abccodec.com
127.0.0.1 abcdperformance.com
127.0.0.1 www.abcdperformance.com
127.0.0.1 abc-find.info
127.0.0.1 www.abc-find.info
127.0.0.1 abcload.de
127.0.0.1 www.abcload.de
127.0.0.1 abcsearch.com
127.0.0.1 www.abcsearch.com
127.0.0.1 abcways.com
127.0.0.1 www.abcways.com
127.0.0.1 abetterinternet.com
127.0.0.1 www.abetterinternet.com
127.0.0.1 abiword-download.com
127.0.0.1 www.abiword-download.com
127.0.0.1 abnetsoft.info
127.0.0.1 www.abnetsoft.info
127.0.0.1 www.abntivir.de
127.0.0.1 abntivir.de
127.0.0.1 about-adult.net
127.0.0.1 www.about-adult.net
127.0.0.1 aboutclicker.com
127.0.0.1 www.aboutclicker.com
127.0.0.1 www.abrp.net
127.0.0.1 abrp.net
127.0.0.1 absolutee.com
127.0.0.1 www.absolutee.com
127.0.0.1 abvira.de
127.0.0.1 www.abvira.de
127.0.0.1 ac1.healthcare-ultimate.com
127.0.0.1 www.ac1.healthcare-ultimate.com
127.0.0.1 ac66.cn
127.0.0.1 www.ac66.cn
127.0.0.1 acaiporn.info
127.0.0.1 www.acaiporn.info
127.0.0.1 access.navinetwork.com
127.0.0.1 access.rapid-pass.net
127.0.0.1 www.accessactivexvideo.com
127.0.0.1 accessactivexvideo.com
127.0.0.1 accessclips.com
127.0.0.1 www.accessclips.com
127.0.0.1 access-dvd.com
127.0.0.1 www.access-dvd.com
127.0.0.1 www.accesskeygenerator.com
127.0.0.1 accesskeygenerator.com
127.0.0.1 accessthefuture.net
127.0.0.1 www.accessthefuture.net
127.0.0.1 accessvid.net
127.0.0.1 www.accessvid.net
127.0.0.1 www.acemedic.com
127.0.0.1 acemedic.com
127.0.0.1 www.ace-webmaster.com
127.0.0.1 ace-webmaster.com
127.0.0.1 acjp.com
127.0.0.1 acrobat-2007.com
127.0.0.1 www.acrobat-2007.com
127.0.0.1 acrobat-8.com
127.0.0.1 www.acrobat-8.com
127.0.0.1 www.acrobat-center.com
127.0.0.1 acrobat-center.com
127.0.0.1 acrobat-hq.com
127.0.0.1 www.acrobat-hq.com
127.0.0.1 www.acrobatreader-8.com
127.0.0.1 acrobatreader-8.com
127.0.0.1 www.acrobat-reader-8.de
127.0.0.1 acrobat-reader-8.de
127.0.0.1 www.acrobat-stop.com
127.0.0.1 acrobat-stop.com
127.0.0.1 actionbreastcancer.org
127.0.0.1 www.actionbreastcancer.org
127.0.0.1 activesearcher.info
127.0.0.1 www.activesearcher.info
127.0.0.1 www.activesecurityscaner.org
127.0.0.1 activesecurityscaner.org
127.0.0.1 activexaccessobject.com
127.0.0.1 www.activexaccessobject.com
127.0.0.1 activexaccessvideo.com
127.0.0.1 www.activexaccessvideo.com
127.0.0.1 activexemedia.com
127.0.0.1 www.activexemedia.com
127.0.0.1 activexmediaobject.com
127.0.0.1 www.activexmediaobject.com
127.0.0.1 activexmediapro.com
127.0.0.1 www.activexmediapro.com
127.0.0.1 activexmediasite.com
127.0.0.1 www.activexmediasite.com
127.0.0.1 activexmediasoftware.com
127.0.0.1 www.activexmediasoftware.com
127.0.0.1 activexmediasource.com
127.0.0.1 www.activexmediasource.com
127.0.0.1 www.activexmediatool.com
127.0.0.1 activexmediatool.com
127.0.0.1 activexmediatour.com
127.0.0.1 www.activexmediatour.com
127.0.0.1 activexsoftwares.com
127.0.0.1 www.activexsoftwares.com
127.0.0.1 www.activexsource.com
127.0.0.1 activexsource.com
127.0.0.1 activexupdate.com
127.0.0.1 www.activexupdate.com
127.0.0.1 www.activexvideo.com
127.0.0.1 activexvideo.com
127.0.0.1 activexvideotool.com
127.0.0.1 www.activexvideotool.com
127.0.0.1 acvira.de
127.0.0.1 www.acvira.de
127.0.0.1 www.ad.marketingsector.com
127.0.0.1 ad.marketingsector.com
127.0.0.1 www.ad.mokead.com
127.0.0.1 ad.mokead.com
127.0.0.1 ad.oinadserver.com
127.0.0.1 ad.outerinfoads.com
127.0.0.1 ad25.com
127.0.0.1 www.ad25.com
127.0.0.1 ad45.com
127.0.0.1 www.ad45.com
127.0.0.1 ad77.com
127.0.0.1 www.ad77.com
127.0.0.1 ad86.com
127.0.0.1 www.ad86.com
127.0.0.1 www.adamsupportgroup.org
127.0.0.1 adamsupportgroup.org
127.0.0.1 adarmor.com
127.0.0.1 www.adarmor.com
127.0.0.1 adasearch.com
127.0.0.1 www.adasearch.com
127.0.0.1 adatoms.com
127.0.0.1 www.adatoms.com
127.0.0.1 adaware.cc
127.0.0.1 adawarenow.com
127.0.0.1 www.adawarenow.com
127.0.0.1 adchannel.contextplus.net
127.0.0.1 addetect.com
127.0.0.1 www.addetect.com
127.0.0.1 add-hhh.info
127.0.0.1 www.add-hhh.info
127.0.0.1 addictivetechnologies.com
127.0.0.1 www.addictivetechnologies.com
127.0.0.1 www.addictivetechnologies.net
127.0.0.1 addictivetechnologies.net
127.0.0.1 addioerrori.com
127.0.0.1 www.addioerrori.com
127.0.0.1 www.add-manager.com
127.0.0.1 add-manager.com
127.0.0.1 addresswebsearch.com
127.0.0.1 www.addresswebsearch.com
127.0.0.1 www.addstand.ru
127.0.0.1 addstand.ru
127.0.0.1 www.adgate.info
127.0.0.1 adgate.info
127.0.0.1 www.adintelligence.net
127.0.0.1 adintelligence.net
127.0.0.1 www.adioserrores.com
127.0.0.1 adioserrores.com
127.0.0.1 www.adipics.com
127.0.0.1 adipics.com
127.0.0.1 www.adlogix.com
127.0.0.1 adlogix.com
127.0.0.1 admin2cash.biz
127.0.0.1 www.admin2cash.biz
127.0.0.1 adnet-plus.com
127.0.0.1 adnetserver.com
127.0.0.1 www.adnetserver.com
127.0.0.1 adobe-9.com
127.0.0.1 www.adobe-9.com
127.0.0.1 adobe-download-now.com
127.0.0.1 adobe-downloads.com
127.0.0.1 www.adobe-downloads.com
127.0.0.1 adobe-reader-8.fr
127.0.0.1 www.adobe-reader-8.fr
127.0.0.1 adprotect.com
127.0.0.1 www.adprotect.com
127.0.0.1 ads.centralmedia.ws
127.0.0.1 ads.k8l.info
127.0.0.1 ads.kmpads.com
127.0.0.1 ads.kw.revenue.net
127.0.0.1 ads.marketingsector.com
127.0.0.1 ads.searchingbooth.com
127.0.0.1 ads.z-quest.com
127.0.0.1 ads1.revenue.net
127.0.0.1 www.ads183.com
127.0.0.1 ads183.com
127.0.0.1 adscontex.com
127.0.0.1 www.adscontex.com
127.0.0.1 adservices1.enhance.com
127.0.0.1 www.adservices1.enhance.com
127.0.0.1 adserving.favorit-network.com
127.0.0.1 adservs.com
127.0.0.1 adsextend.net
127.0.0.1 www.adsextend.net
127.0.0.1 www.adshttp.com
127.0.0.1 adshttp.com
127.0.0.1 adsniffer.com
127.0.0.1 www.adsniffer.com
127.0.0.1 adsonwww.com
127.0.0.1 www.adsonwww.com
127.0.0.1 www.adspics.com
127.0.0.1 adspics.com
127.0.0.1 adsrevenue.net
127.0.0.1 www.adsrevenue.net
127.0.0.1 adtrak.net
127.0.0.1 www.adtrak.net
127.0.0.1 adtrgt.com
127.0.0.1 www.adult18codec.com
127.0.0.1 adult18codec.com
127.0.0.1 www.adult777search.info
127.0.0.1 adult777search.info
127.0.0.1 adultan.com
127.0.0.1 www.adultan.com
127.0.0.1 www.adultcodec-2008.com
127.0.0.1 adultcodec-2008.com
127.0.0.1 adultcodecstars.com
127.0.0.1 www.adultcodecstars.com
127.0.0.1 www.adult-engine-search.com
127.0.0.1 adult-engine-search.com
127.0.0.1 adult-erotic-guide.net
127.0.0.1 www.adult-erotic-guide.net
127.0.0.1 www.adultfilmsite.com
127.0.0.1 adultfilmsite.com
127.0.0.1 www.adult-friends-finder.net
127.0.0.1 adult-friends-finder.net
127.0.0.1 adultgambling.org
127.0.0.1 adult-host.org
127.0.0.1 www.adulthyperlinks.com
127.0.0.1 adulthyperlinks.com
127.0.0.1 www.adultmovieplus.com
127.0.0.1 adultmovieplus.com
127.0.0.1 adult-mpg.net
127.0.0.1 www.adult-mpg.net
127.0.0.1 adult-personal.us
127.0.0.1 adultsgames.net
127.0.0.1 www.adultsonlyvids.com
127.0.0.1 adultsonlyvids.com
127.0.0.1 www.adultsper.com
127.0.0.1 adultsper.com
127.0.0.1 www.adulttds.com
127.0.0.1 adulttds.com
127.0.0.1 www.adultzoneworld.com
127.0.0.1 adultzoneworld.com
127.0.0.1 www.advancedcleaner.com
127.0.0.1 advancedcleaner.com
127.0.0.1 advancedetective.com
127.0.0.1 www.advancedetective.com
127.0.0.1 advancedpccleaner.com
127.0.0.1 www.advancedpccleaner.com
127.0.0.1 www.advancedxpfixer.com
127.0.0.1 advancedxpfixer.com
127.0.0.1 advancesoftpc.com
127.0.0.1 www.advancesoftpc.com
127.0.0.1 advcash.biz
127.0.0.1 www.advcash.biz
127.0.0.1 advert.exaccess.ru
127.0.0.1 advertisemoney.info
127.0.0.1 www.advertisemoney.info
127.0.0.1 advertising.paltalk.com
127.0.0.1 advertising-money.info
127.0.0.1 www.advertising-money.info
127.0.0.1 www.advert-network.com
127.0.0.1 advert-network.com
127.0.0.1 ad-ware.cc
127.0.0.1 www.ad-w-a-r-e.com
127.0.0.1 ad-w-a-r-e.com
127.0.0.1 www.a-d-w-a-r-e.com
127.0.0.1 a-d-w-a-r-e.com
127.0.0.1 adware.pro
127.0.0.1 www.adware.pro
127.0.0.1 adwarealert.com
127.0.0.1 www.adwarealert.com
127.0.0.1 www.ad-warealert.com
127.0.0.1 ad-warealert.com
127.0.0.1 www.adwarearrest.com
127.0.0.1 adwarearrest.com
127.0.0.1 adwarebazooka.com
127.0.0.1 www.adwarebazooka.com
127.0.0.1 adwarebot.com
127.0.0.1 www.adwarebot.com
127.0.0.1 adwarecommander.com
127.0.0.1 www.adwarecommander.com
127.0.0.1 adwaredeluxe.com
127.0.0.1 www.adwaredeluxe.com
127.0.0.1 adware-download.com
127.0.0.1 www.adware-download.com
127.0.0.1 www.adwarefinder.com
127.0.0.1 adwarefinder.com
127.0.0.1 www.adwaregold.com
127.0.0.1 adwaregold.com
127.0.0.1 www.adwarepatrol.com
127.0.0.1 adwarepatrol.com
127.0.0.1 www.adwareplatinum.com
127.0.0.1 adwareplatinum.com
127.0.0.1 www.adwarepro.org
127.0.0.1 adwarepro.org
127.0.0.1 www.adwareprofessional.com
127.0.0.1 adwareprofessional.com
127.0.0.1 www.adwareprotectionsite.com
127.0.0.1 adwareprotectionsite.com
127.0.0.1 www.adwarepunisher.com
127.0.0.1 adwarepunisher.com
127.0.0.1 www.adwareremover.ws
127.0.0.1 adwareremover.ws
127.0.0.1 www.adwaresafety.com
127.0.0.1 adwaresafety.com
127.0.0.1 www.adwarexp.com
127.0.0.1 adwarexp.com
127.0.0.1 www.adwareye.com
127.0.0.1 adwareye.com
127.0.0.1 affiliate.idownload.com
127.0.0.1 www.aflgate.com
127.0.0.1 aflgate.com
127.0.0.1 www.afporn7.info
127.0.0.1 afporn7.info
127.0.0.1 africaspromise.org
127.0.0.1 www.againstate.ru
127.0.0.1 againstate.ru
127.0.0.1 agentstudio.com
127.0.0.1 www.ageofconans.net
127.0.0.1 ageofconans.net
127.0.0.1 www.agiloo.net
127.0.0.1 agiloo.net
127.0.0.1 www.aginegialle.it
127.0.0.1 aginegialle.it
127.0.0.1 www.aglowcopy.ru
127.0.0.1 aglowcopy.ru
127.0.0.1 www.agmoky.info
127.0.0.1 agmoky.info
127.0.0.1 www.agporn.info
127.0.0.1 agporn.info
127.0.0.1 www.ahnenforschung.de
127.0.0.1 ahnenforschung.de
127.0.0.1 www.ahtivir.de
127.0.0.1 ahtivir.de
127.0.0.1 www.aifind.info
127.0.0.1 aifind.info
127.0.0.1 www.aircolumn.com
127.0.0.1 aircolumn.com
127.0.0.1 www.airtleworld.com
127.0.0.1 airtleworld.com
127.0.0.1 www.aitalia.it
127.0.0.1 aitalia.it
127.0.0.1 www.aivira.de
127.0.0.1 aivira.de
127.0.0.1 ak74r262qse.ciwnulvu.com
127.0.0.1 akamai.downloadv3.com
127.0.0.1 www.aklitalia.it
127.0.0.1 aklitalia.it
127.0.0.1 akril.com
127.0.0.1 alcatel.ws
127.0.0.1 www.alertspy.com
127.0.0.1 alertspy.com
127.0.0.1 www.alfacleaner.com
127.0.0.1 alfacleaner.com
127.0.0.1 alfa-search.com
127.0.0.1 www.alialia.it
127.0.0.1 alialia.it
127.0.0.1 www.alimentiveness.net
127.0.0.1 alimentiveness.net
127.0.0.1 www.aliotalia.it
127.0.0.1 aliotalia.it
127.0.0.1 www.alirtalia.it
127.0.0.1 alirtalia.it
127.0.0.1 www.alitaia.it
127.0.0.1 alitaia.it
127.0.0.1 www.alitaklia.it
127.0.0.1 alitaklia.it
127.0.0.1 www.alitala.it
127.0.0.1 alitala.it
127.0.0.1 www.alitali.it
127.0.0.1 alitali.it
127.0.0.1 www.alitaliaq.it
127.0.0.1 alitaliaq.it
127.0.0.1 www.alitalias.it
0
Réponse 6 / 15
Faystoss Messages postés 9 Date d'inscription mercredi 27 octobre 2010 Statut Membre Dernière intervention 29 octobre 2010
27 oct. 2010 à 23:17
Et le deuxieme rapport:
Extras.Txt

OTL Extras logfile created on: 27/10/2010 22:48:50 - Run 1
OTL by OldTimer - Version 3.2.17.1 Folder = C:\Users\EMACHINES\Downloads
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 101,78 Gb Total Space | 15,63 Gb Free Space | 15,35% Space Free | Partition Type: NTFS

Computer Name: PC-EMACHINES | User Name: EMACHINES | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B92105C-59EC-41E4-B6F4-D8472E28A494}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{57ABC1AB-9FD2-4DF5-8074-0AF352CA1AD4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{709394B8-3FDD-43B3-81E6-7367613CFF9F}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{8679C9A8-00DE-4864-961E-92DB13ACEC98}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |

[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19404AD1-B719-49BA-9CC4-A6F5C01C19CE}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{232C7DE5-CD7B-4E4B-95F2-18277BDB0CA2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3AB68FA2-8AB1-45E0-B685-14876A649D7D}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{3F53DBAA-E0E8-4148-ACBD-A9C33804D543}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{45C84037-3EC9-45E4-A05A-A241FE23995D}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{5D26EC53-4CA4-49E6-B618-A2A7FE74F4E8}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{5E7E4316-62FF-4282-A705-D8AF1A67CCA4}" = dir=in | app=c:\program files\avg\avg9\avgdiagex.exe |
"{6756CC61-734D-4561-B765-49BA70D655AB}" = dir=in | app=c:\program files\avg\avg9\avgam.exe |
"{72975893-FCBC-4369-A935-CCAC21D2E262}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{7382CB1C-CE7E-424D-A0D0-883E6DB0E049}" = dir=in | app=c:\program files\avg\avg9\avgemc.exe |
"{75A048D0-9ACA-46E7-8B18-1762C4C772AF}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{7B0614EA-1126-4747-A4EE-F8ECE4E0D6D7}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{847C8A95-32EB-4F75-8CBE-A4F723CEFE6C}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{A31D1C76-D6BD-4F42-A0B1-19381F970436}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{B337B5D4-2ACC-490A-BB8A-D46123B8FCC4}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\maconfservice.exe |
"{DE1511E9-4A2D-447D-A361-B3B04D9BC03D}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{EDB90C08-40C1-478C-BFD3-B2BD1ADDDE68}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{EF4F1F47-3EE4-4742-80BB-A1AAE29064A6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F6CAA00F-027A-4A97-BA22-7523E39600E3}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"TCP Query User{D17CDD56-B2F3-42AD-BC41-62C676B7984C}C:\users\emachines\desktop\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\users\emachines\desktop\counter-strike source\hl2.exe |
"UDP Query User{CC3B43F5-1F62-474A-AFC4-2036F3FC3E57}C:\users\emachines\desktop\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\users\emachines\desktop\counter-strike source\hl2.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}" = Microsoft Works
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}" = Bookworm Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11019760}" = eMachines
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110265407}" = Bejeweled 2 Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110305887}" = Diner Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111265347}" = Luxor
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113537610}" = Build-a-lot
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113772953}" = Amazing Adventures The Lost Tomb
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11386547}" = Farm Frenzy
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8686D4FE-62EF-46FB-B9FD-00679EB381FF}_is1" = Trojan Killer 2.0
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96EB95A2-5245-4EA2-B6EA-B8BA2FBF64C4}" = Ma-Config.com
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logiciel QuickCam de Logitech
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity-tools Toolbar" = Audacity-tools Toolbar
"AVG9Uninstall" = AVG 9.0
"Google Desktop" = Google Desktop
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"IObit Security 360_is1" = IObit Security 360
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.2.5 (Full)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"Multimedia Tools - Audacity" = Multimedia Tools - Audacity
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation)
"Trojan Remover_is1" = Trojan Remover 6.8.2
"VLC media player" = VLC media player 1.1.4
"WinLiveSuite_Wave3" = Installation Windows Live
"WinRAR archiver" = Archiveur WinRAR
"X'nStop_is1" = X'nStop 2.5

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 17/10/2010 04:48:17 | Computer Name = PC-EMACHINES | Source = WinMgmt | ID = 10
Description =

Error - 17/10/2010 11:40:17 | Computer Name = PC-EMACHINES | Source = WinMgmt | ID = 10
Description =

Error - 17/10/2010 16:01:05 | Computer Name = PC-EMACHINES | Source = Google Update | ID = 20
Description =

Error - 20/10/2010 07:23:22 | Computer Name = PC-EMACHINES | Source = WinMgmt | ID = 10
Description =

Error - 20/10/2010 08:01:07 | Computer Name = PC-EMACHINES | Source = Google Update | ID = 20
Description =

Error - 22/10/2010 12:53:51 | Computer Name = PC-EMACHINES | Source = WinMgmt | ID = 10
Description =

Error - 23/10/2010 04:56:18 | Computer Name = PC-EMACHINES | Source = WinMgmt | ID = 10
Description =

Error - 24/10/2010 04:14:22 | Computer Name = PC-EMACHINES | Source = WinMgmt | ID = 10
Description =

Error - 24/10/2010 13:55:14 | Computer Name = PC-EMACHINES | Source = WinMgmt | ID = 10
Description =

Error - 25/10/2010 03:19:16 | Computer Name = PC-EMACHINES | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 23/10/2010 05:01:23 | Computer Name = PC-EMACHINES | Source = Service Control Manager | ID = 7000
Description =

Error - 23/10/2010 05:01:50 | Computer Name = PC-EMACHINES | Source = Service Control Manager | ID = 7009
Description =

Error - 23/10/2010 05:01:50 | Computer Name = PC-EMACHINES | Source = Service Control Manager | ID = 7000
Description =

Error - 24/10/2010 04:12:51 | Computer Name = PC-EMACHINES | Source = HTTP | ID = 15016
Description =

Error - 24/10/2010 13:53:43 | Computer Name = PC-EMACHINES | Source = HTTP | ID = 15016
Description =

Error - 24/10/2010 18:04:47 | Computer Name = PC-EMACHINES | Source = Dhcp | ID = 1002
Description = Le bail de l'adresse IP 10.0.0.132 pour la carte réseau dont l'adresse
réseau est 001FE2A6367D a été refusé par le serveur DHCP 192.168.166.123 (celui-ci
a envoyé un message DHCPNACK).

Error - 25/10/2010 03:17:51 | Computer Name = PC-EMACHINES | Source = HTTP | ID = 15016
Description =

Error - 25/10/2010 12:31:11 | Computer Name = PC-EMACHINES | Source = Service Control Manager | ID = 7011
Description =

Error - 25/10/2010 15:54:51 | Computer Name = PC-EMACHINES | Source = cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.

Error - 25/10/2010 15:54:57 | Computer Name = PC-EMACHINES | Source = cdrom | ID = 262151
Description = Le périphérique \Device\CdRom0 comporte un bloc défectueux.


< End of report >
0
Réponse 7 / 15
Faystoss Messages postés 9 Date d'inscription mercredi 27 octobre 2010 Statut Membre Dernière intervention 29 octobre 2010
27 oct. 2010 à 23:20
Les Liens pour télécharger les fichiers sont:

https://www.androidworld.fr/

https://www.androidworld.fr/
0
Réponse 8 / 15
supergeronimo44 Messages postés 862 Date d'inscription mardi 21 avril 2009 Statut Contributeur sécurité Dernière intervention 28 octobre 2011 84
28 oct. 2010 à 09:55
Salut ;)

Merci !!

Je vais regarder les rapports dans la journée, et te communique les démarches à effectuer au plus tôt.
En attendant, évites de faire des scans en utilisant divers logiciels inutiles... :)

++
0
Réponse 9 / 15
supergeronimo44 Messages postés 862 Date d'inscription mardi 21 avril 2009 Statut Contributeur sécurité Dernière intervention 28 octobre 2011 84
Modifié par supergeronimo44 le 28/10/2010 à 13:56
Peux-tu me fournir les rapports de tous les scans que tu as effectué ( ceux cités dans ton premier message). Héberge les avec le tutoriel si ils sont trop longs ;-)

Pourrais-tu aussi désinstaller Spybot S&D ( via Ajout/Suppression de programmes), car il est obsolète aujourd'hui (CF => https://forum.malekal.com/viewtopic.php?t=8765&start=#p64338 ), et il pourra empêcher le bon fonctionnement des outils de désinfection plus tard.

Je continue à décortiquer les deux rapports, et j'attends les rapports des scans que tu as fait.

++
*\\ "L'important n'est pas le but, mais le chemin qui y mène" //*
=>Vive Helper-Formation !<=
0
Réponse 10 / 15
Faystoss Messages postés 9 Date d'inscription mercredi 27 octobre 2010 Statut Membre Dernière intervention 29 octobre 2010
29 oct. 2010 à 18:27
Pour La Troisieme:

Antivirus Version Last Update Result
AhnLab-V3 2010.10.29.00 2010.10.28 -
AntiVir 7.10.13.74 2010.10.29 -
Antiy-AVL 2.0.3.7 2010.10.29 -
Authentium 5.2.0.5 2010.10.29 -
Avast 4.8.1351.0 2010.10.29 -
Avast5 5.0.594.0 2010.10.29 -
AVG 9.0.0.851 2010.10.28 -
BitDefender 7.2 2010.10.29 -
CAT-QuickHeal 11.00 2010.10.26 -
ClamAV 0.96.2.0-git 2010.10.29 -
Comodo 6552 2010.10.29 -
DrWeb 5.0.2.03300 2010.10.29 -
Emsisoft 5.0.0.50 2010.10.29 -
eSafe 7.0.17.0 2010.10.28 -
eTrust-Vet 36.1.7942 2010.10.29 -
F-Prot 4.6.2.117 2010.10.29 -
F-Secure 9.0.16160.0 2010.10.29 -
Fortinet 4.2.249.0 2010.10.29 -
GData 21 2010.10.29 -
Ikarus T3.1.1.90.0 2010.10.29 -
Jiangmin 13.0.900 2010.10.29 -
K7AntiVirus 9.67.2865 2010.10.29 -
Kaspersky 7.0.0.125 2010.10.29 -
McAfee 5.400.0.1158 2010.10.29 -
McAfee-GW-Edition 2010.1C 2010.10.29 -
Microsoft 1.6301 2010.10.29 -
NOD32 5575 2010.10.29 -
Norman 6.06.10 2010.10.29 -
nProtect 2010-10-29.01 2010.10.29 -
Panda 10.0.2.7 2010.10.29 -
PCTools 7.0.3.5 2010.10.29 -
Prevx 3.0 2010.10.29 -
Rising 22.71.03.02 2010.10.29 -
Sophos 4.59.0 2010.10.29 -
Sunbelt 7165 2010.10.29 -
SUPERAntiSpyware 4.40.0.1006 2010.10.29 -
Symantec 20101.2.0.161 2010.10.29 -
TheHacker 6.7.0.1.073 2010.10.29 -
TrendMicro 9.120.0.1004 2010.10.29 -
TrendMicro-HouseCall 9.120.0.1004 2010.10.29 -
VBA32 3.12.14.1 2010.10.29 -
ViRobot 2010.10.25.4110 2010.10.29 -
VirusBuster 12.70.12.0 2010.10.29 -
Additional information
Show all
MD5 : 25a5de0574e6a2937e06ffdb4900e282
SHA1 : c4393cee8b2d60db1ff810bd7eb5e43c0ea049ae
SHA256: a06d76957de35cc9732a5d33781e6c61a7f8aee0622b5c67b1dacbee09786f43
ssdeep: 6:d6ClLVDlkqi23fxS6aVslkqi23fxS6Bpz0o5jDlkqi23fxS6i0RPlkqi23fxS6Ex:Dx5kqZ5X
kqZ55dZ5kqZ5q0nkqZ5sKM
File size : 280 bytes
First seen: 2010-10-29 16:23:13
Last seen : 2010-10-29 16:23:13
TrID:
Generic INI configuration (100.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

VT Community

0

This file has never been reviewed by any VT Community member. Be the first one to comment on it!
0
Réponse 11 / 15
Faystoss Messages postés 9 Date d'inscription mercredi 27 octobre 2010 Statut Membre Dernière intervention 29 octobre 2010
29 oct. 2010 à 18:32
Pour La Quatrieme:

Antivirus Version Last Update Result
AhnLab-V3 2010.10.29.00 2010.10.28 -
AntiVir 7.10.13.74 2010.10.29 -
Antiy-AVL 2.0.3.7 2010.10.29 -
Authentium 5.2.0.5 2010.10.29 -
Avast 4.8.1351.0 2010.10.29 -
Avast5 5.0.594.0 2010.10.29 -
AVG 9.0.0.851 2010.10.28 -
BitDefender 7.2 2010.10.29 -
CAT-QuickHeal 11.00 2010.10.26 -
ClamAV 0.96.2.0-git 2010.10.29 -
Comodo 6552 2010.10.29 -
DrWeb 5.0.2.03300 2010.10.29 -
Emsisoft 5.0.0.50 2010.10.29 -
eSafe 7.0.17.0 2010.10.28 -
eTrust-Vet 36.1.7942 2010.10.29 -
F-Prot 4.6.2.117 2010.10.29 -
F-Secure 9.0.16160.0 2010.10.29 -
Fortinet 4.2.249.0 2010.10.29 -
GData 21 2010.10.29 -
Ikarus T3.1.1.90.0 2010.10.29 -
Jiangmin 13.0.900 2010.10.29 -
K7AntiVirus 9.67.2865 2010.10.29 -
Kaspersky 7.0.0.125 2010.10.29 -
McAfee 5.400.0.1158 2010.10.29 -
McAfee-GW-Edition 2010.1C 2010.10.29 -
Microsoft 1.6301 2010.10.29 -
NOD32 5575 2010.10.29 -
Norman 6.06.10 2010.10.29 -
nProtect 2010-10-29.01 2010.10.29 -
Panda 10.0.2.7 2010.10.29 -
PCTools 7.0.3.5 2010.10.29 -
Prevx 3.0 2010.10.29 -
Rising 22.71.03.02 2010.10.29 -
Sophos 4.59.0 2010.10.29 -
Sunbelt 7165 2010.10.29 -
SUPERAntiSpyware 4.40.0.1006 2010.10.29 -
Symantec 20101.2.0.161 2010.10.29 -
TheHacker 6.7.0.1.073 2010.10.29 -
TrendMicro 9.120.0.1004 2010.10.29 -
TrendMicro-HouseCall 9.120.0.1004 2010.10.29 -
VBA32 3.12.14.1 2010.10.29 -
ViRobot 2010.10.25.4110 2010.10.29 -
VirusBuster 12.70.12.0 2010.10.29 -
Additional information
Show all
MD5 : b974d9f06dc7d1908e825dc201681269
SHA1 : adac0a0426de6204c26bd2b31fc9a2db5f2d8db1
SHA256: 7d949455aa3dcf063a0ca185e3e7d22d12e221e27e5051d611e3daac6d5d9501
ssdeep: 12288:ZcOSTGk99mEB7HfDH6K8s336jJFU8HlYg5L+smxpZ4:ZyptfTtJ86oL2Z
File size : 627200 bytes
First seen: 2009-02-20 01:31:20
Last seen : 2010-10-29 16:29:09
TrID:
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: Multi-User Windows USER API Client DLL
original name: user32
internal name: user32
file version.: 6.0.6001.18000 (longhorn_rtm.080118-1840)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x1642D
timedatestamp....: 0x4791A773 (Sat Jan 19 07:32:03 2008)
machinetype......: 0x14c (I386)

[[ 4 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x671FF, 0x67200, 6.65, 8a49eb14f43e15aa667b00f071beae0a
.data, 0x69000, 0x1700, 0x1400, 1.97, e74cb5e575b1c33243534b20544b562d
.rsrc, 0x6B000, 0x2D520, 0x2D600, 5.61, 071b8fc2973a93ece4447e52cbf36fad
.reloc, 0x99000, 0x312C, 0x3200, 6.72, 87d0ee9f1525635b3cdcd4bd8f3bab59

[[ 4 import(s) ]]
ntdll.dll: RtlUnwind, NtQueryLicenseValue, NlsAnsiCodePage, _aulldvrm, _wtoi, _alldiv, iswspace, qsort, LdrFlushAlternateResourceModules, RtlCheckRegistryKey, RtlMultiByteToUnicodeSize, RtlPcToFileHeader, wcsrchr, NtRaiseHardError, RtlIsNameLegalDOS8Dot3, strrchr, NtQueryKey, NtEnumerateValueKey, RtlSizeHeap, RtlGetThreadLangIdByIndex, RtlRunEncodeUnicodeString, RtlRunDecodeUnicodeString, _wcsicmp, RtlReAllocateHeap, CsrAllocateMessagePointer, RtlAllocateAndInitializeSid, RtlFreeSid, CsrAllocateCaptureBuffer, CsrCaptureMessageBuffer, CsrFreeCaptureBuffer, RtlNtStatusToDosError, NtOpenThreadToken, NtOpenProcessToken, NtQueryInformationToken, CsrClientCallServer, memmove, NtCallbackReturn, _allmul, RtlUnicodeToMultiByteSize, RtlInitializeCriticalSection, NtQuerySystemInformation, RtlDeleteCriticalSection, RtlImageNtHeader, RtlGetIntegerAtom, CsrClientConnectToServer, RtlIsThreadWithinLoaderCallout, NtYieldExecution, NtCreateKey, NtSetValueKey, NtDeleteValueKey, wcstoul, NtVdmControl, _vsnwprintf, RtlQueryInformationActiveActivationContext, RtlInitAnsiString, RtlAnsiStringToUnicodeString, RtlCreateUnicodeStringFromAsciiz, RtlFreeUnicodeString, NtOpenDirectoryObject, NtSetSecurityObject, NtQuerySecurityObject, NtQueryInformationProcess, wcstol, RtlActivateActivationContextUnsafeFast, RtlDeactivateActivationContextUnsafeFast, RtlFindActivationContextSectionString, RtlReleaseActivationContext, RtlMultiByteToUnicodeN, RtlUnicodeToMultiByteN, RtlLeaveCriticalSection, RtlEnterCriticalSection, memset, memcpy, RtlAllocateHeap, RtlFreeHeap, RtlOpenCurrentUser, NtEnumerateKey, NtOpenKey, NtClose, NtQueryValueKey, RtlInitUnicodeString, RtlUnicodeStringToInteger, RtlAnsiCharToUnicodeChar, DbgPrint
KERNEL32.dll: SearchPathW, ExpandEnvironmentStringsW, LoadLibraryExW, GlobalAddAtomW, GetCurrentProcess, GetCurrentThread, ExitThread, GetExitCodeThread, CreateThread, GlobalHandle, FoldStringW, Sleep, GetStringTypeW, GetStringTypeA, GetCPInfo, FindResourceW, CloseHandle, ReadFile, SetFileTime, EnumResourceNamesExW, GetSystemWindowsDirectoryW, CopyFileW, MoveFileW, DeleteFileW, CreateProcessW, AddAtomA, AddAtomW, GetAtomNameA, GetAtomNameW, IsValidLocale, ConvertDefaultLocale, CompareStringW, GetCurrentDirectoryW, SetCurrentDirectoryW, lstrlenW, GetSystemDirectoryW, FindClose, FindNextFileW, FindFirstFileW, GetThreadLocale, MulDiv, ProcessIdToSessionId, GetCurrentProcessId, WerpNotifyUseStringResource, InterlockedCompareExchange, IsDBCSLeadByte, GetVersionExW, GetSystemDefaultLangID, WerpNotifyLoadStringResource, UnmapViewOfFile, GetFileSize, MapViewOfFile, CreateFileMappingW, LCMapStringW, QueryPerformanceCounter, QueryPerformanceFrequency, GetTickCount, lstrlenA, GlobalFindAtomA, GetModuleFileNameA, GetModuleHandleA, GlobalAddAtomA, DelayLoadFailureHook, LoadLibraryA, GetSystemTimeAsFileTime, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDBCSLeadByteEx, DisableThreadLibraryCalls, GetModuleHandleW, FindResourceExA, FindResourceExW, LoadStringBaseExW, SizeofResource, RegisterWaitForInputIdle, QueryActCtxSettingsW, GetCurrentThreadId, LocalSize, LocalUnlock, LocalLock, LocalReAlloc, GetACP, lstrcmpiA, InterlockedIncrement, InterlockedDecrement, SetLastError, GlobalFindAtomW, lstrcmpiW, CreateFileW, WritePrivateProfileStringW, SetEvent, WaitForMultipleObjectsEx, GlobalAlloc, MultiByteToWideChar, GlobalReAlloc, GetOEMCP, GetLastError, WideCharToMultiByte, GlobalFlags, GetLocaleInfoW, GlobalFree, GetModuleFileNameW, GlobalGetAtomNameW, GlobalGetAtomNameA, InterlockedExchange, LoadLibraryW, GetProcAddress, FreeLibrary, DeleteAtom, LocalAlloc, GlobalDeleteAtom, LocalFree, GlobalSize, GlobalLock, GlobalUnlock, GetUserDefaultLCID, GetPrivateProfileStringW, LoadResource, GetLogicalDrives
GDI32.dll: GetClipRgn, ExtSelectClipRgn, GetHFONT, GetMapMode, SetGraphicsMode, GetClipBox, CreateRectRgn, CreateRectRgnIndirect, SetLayout, GetBoundsRect, ExcludeClipRect, PlayEnhMetaFile, GdiGetBitmapBitsSize, CreatePen, Ellipse, CreateEllipticRgn, GdiFixUpHandle, GetTextCharacterExtra, SetTextCharacterExtra, GetCurrentObject, GetViewportOrgEx, SetViewportOrgEx, PolyPatBlt, CreateBrushIndirect, SetBoundsRect, CopyEnhMetaFileW, CopyMetaFileW, GetPaletteEntries, CreatePalette, SetPaletteEntries, bInitSystemAndFontsDirectoriesW, bMakePathNameW, cGetTTFFromFOT, GetPixel, ExtTextOutA, GetTextCharsetInfo, QueryFontAssocStatus, GetCharWidthInfo, GetCharWidthA, GetTextFaceW, GetCharABCWidthsA, GetCharABCWidthsW, SetBrushOrgEx, CreateFontIndirectW, EnumFontsW, GetTextFaceAliasW, GetTextMetricsW, GetTextColor, GdiGetCodePage, GetTextCharset, GetBkMode, GetViewportExtEx, GetWindowExtEx, GdiGetCharDimensions, GdiPrinterThunk, GdiAddFontResourceW, TranslateCharsetInfo, SaveDC, OffsetWindowOrgEx, RestoreDC, ExtTextOutW, GetDIBits, CreateDIBSection, SetStretchBltMode, SelectPalette, RealizePalette, CreateDIBitmap, CreateCompatibleBitmap, SetBitmapBits, DeleteDC, GdiValidateHandle, GdiDllInitialize, GdiProcessSetup, GetStockObject, CreateSolidBrush, CreateCompatibleDC, GdiConvertBitmapV5, GdiCreateLocalEnhMetaFile, GdiCreateLocalMetaFilePict, GetRgnBox, CombineRgn, OffsetRgn, MirrorRgn, EnableEUDC, GdiConvertToDevmodeW, GetTextExtentPointA, GetTextExtentPointW, CreateBitmap, SetLayoutWidth, PatBlt, TextOutA, TextOutW, BitBlt, SetRectRgn, GdiConvertAndCheckDC, GetObjectType, StretchBlt, GdiReleaseDC, GdiConvertEnhMetaFile, GdiConvertMetaFilePict, DeleteEnhMetaFile, DeleteMetaFile, DeleteObject, GetDIBColorTable, GetDeviceCaps, StretchDIBits, GetLayout, SetBkColor, SetTextColor, GetObjectW, CreateDCW, GetBkColor, SetBkMode, SelectObject, IntersectClipRect, GetTextAlign, SetTextAlign, SetDIBits
ADVAPI32.dll: GetTokenInformation, OpenThreadToken, OpenProcessToken, RegQueryInfoKeyW, RegEnumValueW, RegOpenKeyExW, RegQueryValueExW, RegisterEventSourceW, ReportEventW, CheckTokenMembership, DeregisterEventSource, CheckAppInitBlockedServiceIdentity, RegDeleteKeyW, RegCreateKeyExW, RegCloseKey, RegSetValueExW

[[ 779 export(s) ]]
ActivateKeyboardLayout, AddClipboardFormatListener, AdjustWindowRect, AdjustWindowRectEx, AlignRects, AllowForegroundActivation, AllowSetForegroundWindow, AnimateWindow, AnyPopup, AppendMenuA, AppendMenuW, ArrangeIconicWindows, AttachThreadInput, BeginDeferWindowPos, BeginPaint, BlockInput, BringWindowToTop, BroadcastSystemMessage, BroadcastSystemMessageA, BroadcastSystemMessageExA, BroadcastSystemMessageExW, BroadcastSystemMessageW, BuildReasonArray, CalcMenuBar, CallMsgFilter, CallMsgFilterA, CallMsgFilterW, CallNextHookEx, CallWindowProcA, CallWindowProcW, CancelShutdown, CascadeChildWindows, CascadeWindows, ChangeClipboardChain, ChangeDisplaySettingsA, ChangeDisplaySettingsExA, ChangeDisplaySettingsExW, ChangeDisplaySettingsW, ChangeMenuA, ChangeMenuW, ChangeWindowMessageFilter, CharLowerA, CharLowerBuffA, CharLowerBuffW, CharLowerW, CharNextA, CharNextExA, CharNextW, CharPrevA, CharPrevExA, CharPrevW, CharToOemA, CharToOemBuffA, CharToOemBuffW, CharToOemW, CharUpperA, CharUpperBuffA, CharUpperBuffW, CharUpperW, CheckDesktopByThreadId, CheckDlgButton, CheckMenuItem, CheckMenuRadioItem, CheckRadioButton, CheckWindowThreadDesktop, ChildWindowFromPoint, ChildWindowFromPointEx, CliImmSetHotKey, ClientThreadSetup, ClientToScreen, ClipCursor, CloseClipboard, CloseDesktop, CloseWindow, CloseWindowStation, CopyAcceleratorTableA, CopyAcceleratorTableW, CopyIcon, CopyImage, CopyRect, CountClipboardFormats, CreateAcceleratorTableA, CreateAcceleratorTableW, CreateCaret, CreateCursor, CreateDesktopA, CreateDesktopExA, CreateDesktopExW, CreateDesktopW, CreateDialogIndirectParamA, CreateDialogIndirectParamAorW, CreateDialogIndirectParamW, CreateDialogParamA, CreateDialogParamW, CreateIcon, CreateIconFromResource, CreateIconFromResourceEx, CreateIconIndirect, CreateMDIWindowA, CreateMDIWindowW, CreateMenu, CreatePopupMenu, CreateSystemThreads, CreateWindowExA, CreateWindowExW, CreateWindowStationA, CreateWindowStationW, CsrBroadcastSystemMessageExW, CtxInitUser32, DdeAbandonTransaction, DdeAccessData, DdeAddData, DdeClientTransaction, DdeCmpStringHandles, DdeConnect, DdeConnectList, DdeCreateDataHandle, DdeCreateStringHandleA, DdeCreateStringHandleW, DdeDisconnect, DdeDisconnectList, DdeEnableCallback, DdeFreeDataHandle, DdeFreeStringHandle, DdeGetData, DdeGetLastError, DdeGetQualityOfService, DdeImpersonateClient, DdeInitializeA, DdeInitializeW, DdeKeepStringHandle, DdeNameService, DdePostAdvise, DdeQueryConvInfo, DdeQueryNextServer, DdeQueryStringA, DdeQueryStringW, DdeReconnect, DdeSetQualityOfService, DdeSetUserHandle, DdeUnaccessData, DdeUninitialize, DefDlgProcA, DefDlgProcW, DefFrameProcA, DefFrameProcW, DefMDIChildProcA, DefMDIChildProcW, DefRawInputProc, DefWindowProcA, DefWindowProcW, DeferWindowPos, DeleteMenu, DeregisterShellHookWindow, DestroyAcceleratorTable, DestroyCaret, DestroyCursor, DestroyIcon, DestroyMenu, DestroyReasons, DestroyWindow, DeviceEventWorker, DialogBoxIndirectParamA, DialogBoxIndirectParamAorW, DialogBoxIndirectParamW, DialogBoxParamA, DialogBoxParamW, DisableProcessWindowsGhosting, DispatchMessageA, DispatchMessageW, DisplayExitWindowsWarnings, DlgDirListA, DlgDirListComboBoxA, DlgDirListComboBoxW, DlgDirListW, DlgDirSelectComboBoxExA, DlgDirSelectComboBoxExW, DlgDirSelectExA, DlgDirSelectExW, DoSoundConnect, DoSoundDisconnect, DragDetect, DragObject, DrawAnimatedRects, DrawCaption, DrawCaptionTempA, DrawCaptionTempW, DrawEdge, DrawFocusRect, DrawFrame, DrawFrameControl, DrawIcon, DrawIconEx, DrawMenuBar, DrawMenuBarTemp, DrawStateA, DrawStateW, DrawTextA, DrawTextExA, DrawTextExW, DrawTextW, DwmGetDxRgn, DwmHintDxUpdate, DwmStartRedirection, DwmStopRedirection, EditWndProc, EmptyClipboard, EnableMenuItem, EnableScrollBar, EnableWindow, EndDeferWindowPos, EndDialog, EndMenu, EndPaint, EndTask, EnterReaderModeHelper, EnumChildWindows, EnumClipboardFormats, EnumDesktopWindows, EnumDesktopsA, EnumDesktopsW, EnumDisplayDevicesA, EnumDisplayDevicesW, EnumDisplayMonitors, EnumDisplaySettingsA, EnumDisplaySettingsExA, EnumDisplaySettingsExW, EnumDisplaySettingsW, EnumPropsA, EnumPropsExA, EnumPropsExW, EnumPropsW, EnumThreadWindows, EnumWindowStationsA, EnumWindowStationsW, EnumWindows, EqualRect, ExcludeUpdateRgn, ExitWindowsEx, FillRect, FindWindowA, FindWindowExA, FindWindowExW, FindWindowW, FlashWindow, FlashWindowEx, FrameRect, FreeDDElParam, FrostCrashedWindow, GetActiveWindow, GetAltTabInfo, GetAltTabInfoA, GetAltTabInfoW, GetAncestor, GetAppCompatFlags, GetAppCompatFlags2, GetAsyncKeyState, GetCapture, GetCaretBlinkTime, GetCaretPos, GetClassInfoA, GetClassInfoExA, GetClassInfoExW, GetClassInfoW, GetClassLongA, GetClassLongW, GetClassNameA, GetClassNameW, GetClassWord, GetClientRect, GetClipCursor, GetClipboardData, GetClipboardFormatNameA, GetClipboardFormatNameW, GetClipboardOwner, GetClipboardSequenceNumber, GetClipboardViewer, GetComboBoxInfo, GetCursor, GetCursorFrameInfo, GetCursorInfo, GetCursorPos, GetDC, GetDCEx, GetDesktopWindow, GetDialogBaseUnits, GetDlgCtrlID, GetDlgItem, GetDlgItemInt, GetDlgItemTextA, GetDlgItemTextW, GetDoubleClickTime, GetFocus, GetForegroundWindow, GetGUIThreadInfo, GetGuiResources, GetIconInfo, GetIconInfoExA, GetIconInfoExW, GetInputDesktop, GetInputState, GetInternalWindowPos, GetKBCodePage, GetKeyNameTextA, GetKeyNameTextW, GetKeyState, GetKeyboardLayout, GetKeyboardLayoutList, GetKeyboardLayoutNameA, GetKeyboardLayoutNameW, GetKeyboardState, GetKeyboardType, GetLastActivePopup, GetLastInputInfo, GetLayeredWindowAttributes, GetListBoxInfo, GetMenu, GetMenuBarInfo, GetMenuCheckMarkDimensions, GetMenuContextHelpId, GetMenuDefaultItem, GetMenuInfo, GetMenuItemCount, GetMenuItemID, GetMenuItemInfoA, GetMenuItemInfoW, GetMenuItemRect, GetMenuState, GetMenuStringA, GetMenuStringW, GetMessageA, GetMessageExtraInfo, GetMessagePos, GetMessageTime, GetMessageW, GetMonitorInfoA, GetMonitorInfoW, GetMouseMovePointsEx, GetNextDlgGroupItem, GetNextDlgTabItem, GetOpenClipboardWindow, GetParent, GetPhysicalCursorPos, GetPriorityClipboardFormat, GetProcessDefaultLayout, GetProcessWindowStation, GetProgmanWindow, GetPropA, GetPropW, GetQueueStatus, GetRawInputBuffer, GetRawInputData, GetRawInputDeviceInfoA, GetRawInputDeviceInfoW, GetRawInputDeviceList, GetReasonTitleFromReasonCode, GetRegisteredRawInputDevices, GetScrollBarInfo, GetScrollInfo, GetScrollPos, GetScrollRange, GetSendMessageReceiver, GetShellWindow, GetSubMenu, GetSysColor, GetSysColorBrush, GetSystemMenu, GetSystemMetrics, GetTabbedTextExtentA, GetTabbedTextExtentW, GetTaskmanWindow, GetThreadDesktop, GetTitleBarInfo, GetTopWindow, GetUpdateRect, GetUpdateRgn, GetUpdatedClipboardFormats, GetUserObjectInformationA, GetUserObjectInformationW, GetUserObjectSecurity, GetWinStationInfo, GetWindow, GetWindowContextHelpId, GetWindowDC, GetWindowInfo, GetWindowLongA, GetWindowLongW, GetWindowMinimizeRect, GetWindowModuleFileName, GetWindowModuleFileNameA, GetWindowModuleFileNameW, GetWindowPlacement, GetWindowRect, GetWindowRgn, GetWindowRgnBox, GetWindowRgnEx, GetWindowTextA, GetWindowTextLengthA, GetWindowTextLengthW, GetWindowTextW, GetWindowThreadProcessId, GetWindowWord, GhostWindowFromHungWindow, GrayStringA, GrayStringW, HideCaret, HiliteMenuItem, HungWindowFromGhostWindow, IMPGetIMEA, IMPGetIMEW, IMPQueryIMEA, IMPQueryIMEW, IMPSetIMEA, IMPSetIMEW, ImpersonateDdeClientWindow, InSendMessage, InSendMessageEx, InflateRect, InitializeLpkHooks, InsertMenuA, InsertMenuItemA, InsertMenuItemW, InsertMenuW, InternalGetWindowIcon, InternalGetWindowText, IntersectRect, InvalidateRect, InvalidateRgn, InvertRect, IsCharAlphaA, IsCharAlphaNumericA, IsCharAlphaNumericW, IsCharAlphaW, IsCharLowerA, IsCharLowerW, IsCharUpperA, IsCharUpperW, IsChild, IsClipboardFormatAvailable, IsDialogMessage, IsDialogMessageA, IsDialogMessageW, IsDlgButtonChecked, IsGUIThread, IsHungAppWindow, IsIconic, IsMenu, IsProcessDPIAware, IsRectEmpty, IsSETEnabled, IsServerSideWindow, IsThreadDesktopComposited, IsWinEventHookInstalled, IsWindow, IsWindowEnabled, IsWindowInDestroy, IsWindowRedirectedForPrint, IsWindowUnicode, IsWindowVisible, IsWow64Message, IsZoomed, KillTimer, LoadAcceleratorsA, LoadAcceleratorsW, LoadBitmapA, LoadBitmapW, LoadCursorA, LoadCursorFromFileA, LoadCursorFromFileW, LoadCursorW, LoadIconA, LoadIconW, LoadImageA, LoadImageW, LoadKeyboardLayoutA, LoadKeyboardLayoutEx, LoadKeyboardLayoutW, LoadLocalFonts, LoadMenuA, LoadMenuIndirectA, LoadMenuIndirectW, LoadMenuW, LoadRemoteFonts, LoadStringA, LoadStringW, LockSetForegroundWindow, LockWindowStation, LockWindowUpdate, LockWorkStation, LogicalToPhysicalPoint, LookupIconIdFromDirectory, LookupIconIdFromDirectoryEx, MBToWCSEx, MB_GetString, MapDialogRect, MapVirtualKeyA, MapVirtualKeyExA, MapVirtualKeyExW, MapVirtualKeyW, MapWindowPoints, MenuItemFromPoint, MenuWindowProcA, MenuWindowProcW, MessageBeep, MessageBoxA, MessageBoxExA, MessageBoxExW, MessageBoxIndirectA, MessageBoxIndirectW, MessageBoxTimeoutA, MessageBoxTimeoutW, MessageBoxW, ModifyMenuA, ModifyMenuW, MonitorFromPoint, MonitorFromRect, MonitorFromWindow, MoveWindow, MsgWaitForMultipleObjects, MsgWaitForMultipleObjectsEx, NotifyWinEvent, OemKeyScan, OemToCharA, OemToCharBuffA, OemToCharBuffW, OemToCharW, OffsetRect, OpenClipboard, OpenDesktopA, OpenDesktopW, OpenIcon, OpenInputDesktop, OpenThreadDesktop, OpenWindowStationA, OpenWindowStationW, PackDDElParam, PaintDesktop, PaintMenuBar, PaintMonitor, PeekMessageA, PeekMessageW, PhysicalToLogicalPoint, PostMessageA, PostMessageW, PostQuitMessage, PostThreadMessageA, PostThreadMessageW, PrintWindow, PrivateExtractIconExA, PrivateExtractIconExW, PrivateExtractIconsA, PrivateExtractIconsW, PrivateRegisterICSProc, PtInRect, QuerySendMessage, RealChildWindowFromPoint, RealGetWindowClass, RealGetWindowClassA, RealGetWindowClassW, ReasonCodeNeedsBugID, ReasonCodeNeedsComment, RecordShutdownReason, RedrawWindow, RegisterClassA, RegisterClassExA, RegisterClassExW, RegisterClassW, RegisterClipboardFormatA, RegisterClipboardFormatW, RegisterDeviceNotificationA, RegisterDeviceNotificationW, RegisterErrorReportingDialog, RegisterFrostWindow, RegisterGhostWindow, RegisterHotKey, RegisterLogonProcess, RegisterMessagePumpHook, RegisterPowerSettingNotification, RegisterRawInputDevices, RegisterServicesProcess, RegisterSessionPort, RegisterShellHookWindow, RegisterSystemThread, RegisterTasklist, RegisterUserApiHook, RegisterWindowMessageA, RegisterWindowMessageW, ReleaseCapture, ReleaseDC, RemoveClipboardFormatListener, RemoveMenu, RemovePropA, RemovePropW, ReplyMessage, ResolveDesktopForWOW, ReuseDDElParam, ScreenToClient, ScrollChildren, ScrollDC, ScrollWindow, ScrollWindowEx, SendDlgItemMessageA, SendDlgItemMessageW, SendIMEMessageExA, SendIMEMessageExW, SendInput, SendMessageA, SendMessageCallbackA, SendMessageCallbackW, SendMessageTimeoutA, SendMessageTimeoutW, SendMessageW, SendNotifyMessageA, SendNotifyMessageW, SetActiveWindow, SetCapture, SetCaretBlinkTime, SetCaretPos, SetClassLongA, SetClassLongW, SetClassWord, SetClipboardData, SetClipboardViewer, SetConsoleReserveKeys, SetCursor, SetCursorContents, SetCursorPos, SetDebugErrorLevel, SetDeskWallpaper, SetDlgItemInt, SetDlgItemTextA, SetDlgItemTextW, SetDoubleClickTime, SetFocus, SetForegroundWindow, SetInternalWindowPos, SetKeyboardState, SetLastErrorEx, SetLayeredWindowAttributes, SetMenu, SetMenuContextHelpId, SetMenuDefaultItem, SetMenuInfo, SetMenuItemBitmaps, SetMenuItemInfoA, SetMenuItemInfoW, SetMessageExtraInfo, SetMessageQueue, SetMirrorRendering, SetParent, SetPhysicalCursorPos, SetProcessDPIAware, SetProcessDefaultLayout, SetProcessWindowStation, SetProgmanWindow, SetPropA, SetPropW, SetRect, SetRectEmpty, SetScrollInfo, SetScrollPos, SetScrollRange, SetShellWindow, SetShellWindowEx, SetSysColors, SetSysColorsTemp, SetSystemCursor, SetSystemMenu, SetTaskmanWindow, SetThreadDesktop, SetTimer, SetUserObjectInformationA, SetUserObjectInformationW, SetUserObjectSecurity, SetWinEventHook, SetWindowContextHelpId, SetWindowLongA, SetWindowLongW, SetWindowPlacement, SetWindowPos, SetWindowRgn, SetWindowRgnEx, SetWindowStationUser, SetWindowTextA, SetWindowTextW, SetWindowWord, SetWindowsHookA, SetWindowsHookExA, SetWindowsHookExW, SetWindowsHookW, ShowCaret, ShowCursor, ShowOwnedPopups, ShowScrollBar, ShowStartGlass, ShowSystemCursor, ShowWindow, ShowWindowAsync, ShutdownBlockReasonCreate, ShutdownBlockReasonDestroy, ShutdownBlockReasonQuery, SoftModalMessageBox, SoundSentry, SubtractRect, SwapMouseButton, SwitchDesktop, SwitchDesktopWithFade, SwitchToThisWindow, SystemParametersInfoA, SystemParametersInfoW, TabbedTextOutA, TabbedTextOutW, TileChildWindows, TileWindows, ToAscii, ToAsciiEx, ToUnicode, ToUnicodeEx, TrackMouseEvent, TrackPopupMenu, TrackPopupMenuEx, TranslateAccelerator, TranslateAcceleratorA, TranslateAcceleratorW, TranslateMDISysAccel, TranslateMessage, TranslateMessageEx, UnhookWinEvent, UnhookWindowsHook, UnhookWindowsHookEx, UnionRect, UnloadKeyboardLayout, UnlockWindowStation, UnpackDDElParam, UnregisterClassA, UnregisterClassW, UnregisterDeviceNotification, UnregisterHotKey, UnregisterMessagePumpHook, UnregisterPowerSettingNotification, UnregisterSessionPort, UnregisterUserApiHook, UpdateLayeredWindow, UpdateLayeredWindowIndirect, UpdatePerUserSystemParameters, UpdateWindow, UpdateWindowTransform, User32InitializeImmEntryTable, UserClientDllInitialize, UserHandleGrantAccess, UserLpkPSMTextOut, UserLpkTabbedTextOut, UserRealizePalette, UserRegisterWowHandlers, ValidateRect, ValidateRgn, VkKeyScanA, VkKeyScanExA, VkKeyScanExW, VkKeyScanW, WCSToMBEx, WINNLSEnableIME, WINNLSGetEnableStatus, WINNLSGetIMEHotkey, WaitForInputIdle, WaitMessage, Win32PoolAllocationStats, WinHelpA, WinHelpW, WindowFromDC, WindowFromPhysicalPoint, WindowFromPoint, _UserTestTokenForInteractive, keybd_event, mouse_event, wsprintfA, wsprintfW, wvsprintfA, wvsprintfW
ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 422400
CompanyName: Microsoft Corporation
EntryPoint: 0x1642d
FileDescription: Multi-User Windows USER API Client DLL
FileFlagsMask: 0x003f
FileOS: Windows NT 32-bit
FileSize: 612 kB
FileSubtype: 0
FileType: Win32 DLL
FileVersion: 6.0.6001.18000 (longhorn_rtm.080118-1840)
FileVersionNumber: 6.0.6001.18000
ImageVersion: 6.0
InitializedDataSize: 204800
InternalName: user32
LanguageCode: English (U.S.)
LegalCopyright: Microsoft Corporation. All rights reserved.
LinkerVersion: 8.0
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 6.0
ObjectFileType: Dynamic link library
OriginalFilename: user32
PEType: PE32
ProductName: Microsoft Windows Operating System
ProductVersion: 6.0.6001.18000
ProductVersionNumber: 6.0.6001.18000
Subsystem: Windows GUI
SubsystemVersion: 6.0
TimeStamp: 2008:01:19 08:32:03+01:00
UninitializedDataSize: 0

VT Community

0

This file has never been reviewed by any VT Community member. Be the first one to comment on it!
0
Réponse 12 / 15
Faystoss Messages postés 9 Date d'inscription mercredi 27 octobre 2010 Statut Membre Dernière intervention 29 octobre 2010
29 oct. 2010 à 18:34
Analyse TDSSKILLER

2010/10/29 18:32:58.0686 TDSS rootkit removing tool 2.4.5.1 Oct 26 2010 11:28:49
2010/10/29 18:32:58.0686 ================================================================================
2010/10/29 18:32:58.0686 SystemInfo:
2010/10/29 18:32:58.0686
2010/10/29 18:32:58.0686 OS Version: 6.0.6001 ServicePack: 1.0
2010/10/29 18:32:58.0686 Product type: Workstation
2010/10/29 18:32:58.0686 ComputerName: PC-EMACHINES
2010/10/29 18:32:58.0686 UserName: EMACHINES
2010/10/29 18:32:58.0686 Windows directory: C:\Windows
2010/10/29 18:32:58.0686 System windows directory: C:\Windows
2010/10/29 18:32:58.0686 Processor architecture: Intel x86
2010/10/29 18:32:58.0686 Number of processors: 2
2010/10/29 18:32:58.0686 Page size: 0x1000
2010/10/29 18:32:58.0686 Boot type: Normal boot
2010/10/29 18:32:58.0686 ================================================================================
2010/10/29 18:32:59.0201 Initialize success
2010/10/29 18:33:02.0259 ================================================================================
2010/10/29 18:33:02.0259 Scan started
2010/10/29 18:33:02.0259 Mode: Manual;
2010/10/29 18:33:02.0259 ================================================================================
2010/10/29 18:33:02.0883 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2010/10/29 18:33:02.0945 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2010/10/29 18:33:02.0992 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2010/10/29 18:33:03.0039 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2010/10/29 18:33:03.0085 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2010/10/29 18:33:03.0179 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
2010/10/29 18:33:03.0226 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2010/10/29 18:33:03.0304 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2010/10/29 18:33:03.0366 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2010/10/29 18:33:03.0413 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2010/10/29 18:33:03.0460 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2010/10/29 18:33:03.0507 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2010/10/29 18:33:03.0538 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2010/10/29 18:33:03.0616 ApfiltrService (0a0fbc30de483233124cdaef8e5cbcdd) C:\Windows\system32\DRIVERS\Apfiltr.sys
2010/10/29 18:33:03.0663 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2010/10/29 18:33:03.0725 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2010/10/29 18:33:03.0772 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/10/29 18:33:03.0803 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2010/10/29 18:33:03.0897 athr (d5abeb24a3a3138b35f88931fb04e100) C:\Windows\system32\DRIVERS\athr.sys
2010/10/29 18:33:04.0131 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\Windows\system32\Drivers\avgldx86.sys
2010/10/29 18:33:04.0224 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\Windows\system32\Drivers\avgmfx86.sys
2010/10/29 18:33:04.0271 AvgRkx86 (5bbcd8646074a3af4ee9b321d12c2b64) C:\Windows\system32\Drivers\avgrkx86.sys
2010/10/29 18:33:04.0318 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\Windows\system32\Drivers\avgtdix.sys
2010/10/29 18:33:04.0411 b57nd60x (aa6b367ca7da571dfc3374ec137d87a5) C:\Windows\system32\DRIVERS\b57nd60x.sys
2010/10/29 18:33:04.0489 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2010/10/29 18:33:04.0552 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2010/10/29 18:33:04.0614 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2010/10/29 18:33:04.0661 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2010/10/29 18:33:04.0708 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2010/10/29 18:33:04.0770 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2010/10/29 18:33:04.0817 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2010/10/29 18:33:04.0879 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2010/10/29 18:33:04.0942 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2010/10/29 18:33:04.0989 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2010/10/29 18:33:05.0082 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/10/29 18:33:05.0145 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2010/10/29 18:33:05.0207 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2010/10/29 18:33:05.0316 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2010/10/29 18:33:05.0425 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/10/29 18:33:05.0472 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2010/10/29 18:33:05.0550 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2010/10/29 18:33:05.0644 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2010/10/29 18:33:05.0659 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2010/10/29 18:33:05.0722 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
2010/10/29 18:33:05.0784 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2010/10/29 18:33:05.0847 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys
2010/10/29 18:33:05.0925 DritekPortIO (5c918d413f5837e67a85775c9873775e) C:\PROGRA~1\LAUNCH~1\DPortIO.sys
2010/10/29 18:33:06.0018 driverhardwarev2 (a694d8db6d360a3bbb0bd1517f1c1aee) C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
2010/10/29 18:33:06.0174 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2010/10/29 18:33:06.0283 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2010/10/29 18:33:06.0361 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2010/10/29 18:33:06.0455 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2010/10/29 18:33:06.0517 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2010/10/29 18:33:06.0564 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2010/10/29 18:33:06.0642 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2010/10/29 18:33:06.0673 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2010/10/29 18:33:06.0736 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2010/10/29 18:33:06.0783 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2010/10/29 18:33:06.0829 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2010/10/29 18:33:06.0892 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/10/29 18:33:06.0954 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2010/10/29 18:33:07.0017 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2010/10/29 18:33:07.0063 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2010/10/29 18:33:07.0173 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2010/10/29 18:33:07.0204 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/10/29 18:33:07.0251 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2010/10/29 18:33:07.0282 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2010/10/29 18:33:07.0344 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
2010/10/29 18:33:07.0391 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2010/10/29 18:33:07.0453 HTTP (33b02459e86d0a2b86a6b9fe19139390) C:\Windows\system32\drivers\HTTP.sys
2010/10/29 18:33:07.0500 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2010/10/29 18:33:07.0531 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/10/29 18:33:07.0672 iaStor (2358c53f30cb9dcd1d3843c4e2f299b2) C:\Windows\system32\DRIVERS\iaStor.sys
2010/10/29 18:33:07.0734 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2010/10/29 18:33:07.0875 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
2010/10/29 18:33:07.0953 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2010/10/29 18:33:08.0046 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys
2010/10/29 18:33:08.0187 IntcAzAudAddService (2deb2538c9372568bb67b5fdf2359790) C:\Windows\system32\drivers\RTKVHDA.sys
2010/10/29 18:33:08.0436 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2010/10/29 18:33:08.0467 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2010/10/29 18:33:08.0545 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/10/29 18:33:08.0670 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2010/10/29 18:33:08.0717 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2010/10/29 18:33:08.0764 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2010/10/29 18:33:08.0795 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2010/10/29 18:33:08.0873 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/10/29 18:33:08.0920 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2010/10/29 18:33:08.0967 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2010/10/29 18:33:09.0013 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/10/29 18:33:09.0060 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/10/29 18:33:09.0154 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
2010/10/29 18:33:09.0279 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2010/10/29 18:33:09.0325 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2010/10/29 18:33:09.0357 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2010/10/29 18:33:09.0403 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2010/10/29 18:33:09.0435 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2010/10/29 18:33:09.0513 LVUSBSta (c5efbd05a5195402121711a6ebbb271f) C:\Windows\system32\DRIVERS\LVUSBSta.sys
2010/10/29 18:33:09.0575 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2010/10/29 18:33:09.0653 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2010/10/29 18:33:09.0731 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2010/10/29 18:33:09.0778 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2010/10/29 18:33:09.0809 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2010/10/29 18:33:09.0840 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2010/10/29 18:33:09.0887 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2010/10/29 18:33:09.0918 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2010/10/29 18:33:09.0965 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2010/10/29 18:33:10.0027 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2010/10/29 18:33:10.0043 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2010/10/29 18:33:10.0121 mrxsmb (7afc42e60432fd1014f5342f2b1b1f74) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/10/29 18:33:10.0152 mrxsmb10 (8a75752ae17924f65452746674b14b78) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/10/29 18:33:10.0230 mrxsmb20 (f4d0f3252e651f02be64984ffa738394) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/10/29 18:33:10.0277 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2010/10/29 18:33:10.0339 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2010/10/29 18:33:10.0402 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2010/10/29 18:33:10.0449 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2010/10/29 18:33:10.0511 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2010/10/29 18:33:10.0542 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/10/29 18:33:10.0573 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2010/10/29 18:33:10.0620 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2010/10/29 18:33:10.0683 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/10/29 18:33:10.0714 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2010/10/29 18:33:10.0745 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2010/10/29 18:33:10.0823 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2010/10/29 18:33:10.0885 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2010/10/29 18:33:10.0948 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/10/29 18:33:10.0979 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/10/29 18:33:11.0026 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/10/29 18:33:11.0041 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2010/10/29 18:33:11.0073 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2010/10/29 18:33:11.0104 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2010/10/29 18:33:11.0182 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2010/10/29 18:33:11.0229 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2010/10/29 18:33:11.0260 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2010/10/29 18:33:11.0322 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2010/10/29 18:33:11.0416 NTIDrvr (2757d2ba59aee155209e24942ab127c9) C:\Windows\system32\DRIVERS\NTIDrvr.sys
2010/10/29 18:33:11.0478 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2010/10/29 18:33:11.0525 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2010/10/29 18:33:11.0556 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2010/10/29 18:33:11.0603 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2010/10/29 18:33:11.0634 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2010/10/29 18:33:11.0743 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
2010/10/29 18:33:11.0806 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2010/10/29 18:33:11.0853 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2010/10/29 18:33:11.0884 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2010/10/29 18:33:11.0915 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2010/10/29 18:33:11.0946 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2010/10/29 18:33:11.0993 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2010/10/29 18:33:12.0071 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2010/10/29 18:33:12.0227 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2010/10/29 18:33:12.0274 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2010/10/29 18:33:12.0383 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2010/10/29 18:33:12.0477 QCMerced (9a155d31b8e52f41b258282092cc93a7) C:\Windows\system32\DRIVERS\LVCM.sys
2010/10/29 18:33:12.0991 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2010/10/29 18:33:13.0054 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2010/10/29 18:33:13.0101 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2010/10/29 18:33:13.0132 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2010/10/29 18:33:13.0210 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/10/29 18:33:13.0272 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/10/29 18:33:13.0319 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2010/10/29 18:33:13.0350 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2010/10/29 18:33:13.0381 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/10/29 18:33:13.0428 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2010/10/29 18:33:13.0459 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2010/10/29 18:33:13.0522 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2010/10/29 18:33:13.0584 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
2010/10/29 18:33:13.0647 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2010/10/29 18:33:13.0709 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2010/10/29 18:33:13.0771 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2010/10/29 18:33:13.0818 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2010/10/29 18:33:13.0865 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2010/10/29 18:33:13.0896 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2010/10/29 18:33:13.0959 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2010/10/29 18:33:13.0990 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2010/10/29 18:33:14.0021 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2010/10/29 18:33:14.0068 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys
2010/10/29 18:33:14.0130 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2010/10/29 18:33:14.0177 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2010/10/29 18:33:14.0193 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2010/10/29 18:33:14.0255 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2010/10/29 18:33:14.0302 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2010/10/29 18:33:14.0395 srv (5754e8bae40943871d0ab9becbf335e8) C:\Windows\system32\DRIVERS\srv.sys
2010/10/29 18:33:14.0458 srv2 (d47b09ff7d28ee44d728f57c2d1fab86) C:\Windows\system32\DRIVERS\srv2.sys
2010/10/29 18:33:14.0489 srvnet (32d52290341a740881521e118106acd6) C:\Windows\system32\DRIVERS\srvnet.sys
2010/10/29 18:33:14.0536 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2010/10/29 18:33:14.0583 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2010/10/29 18:33:14.0645 SYMDNS (fbc9c3b9805849e4cd78aa920e8cd26d) C:\Windows\System32\Drivers\SYMDNS.SYS
2010/10/29 18:33:14.0676 SymEvent (e03ee3ef1037099554d17bed99545a5e) C:\Windows\system32\Drivers\SYMEVENT.SYS
2010/10/29 18:33:14.0723 SYMFW (4c1638572e422554944619b2ee51c9a9) C:\Windows\System32\Drivers\SYMFW.SYS
2010/10/29 18:33:14.0770 SymIM (9bcbef50804a8c25a16781cb53231bfa) C:\Windows\system32\DRIVERS\SymIMv.sys
2010/10/29 18:33:14.0832 SYMNDISV (ffff1f125e0d6b2047816720627e867c) C:\Windows\System32\Drivers\SYMNDISV.SYS
2010/10/29 18:33:14.0879 SYMREDRV (fc89356b6aa9dee10a284c18215c5b60) C:\Windows\System32\Drivers\SYMREDRV.SYS
2010/10/29 18:33:14.0941 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2010/10/29 18:33:14.0988 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2010/10/29 18:33:15.0097 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
2010/10/29 18:33:15.0175 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
2010/10/29 18:33:15.0222 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2010/10/29 18:33:15.0253 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2010/10/29 18:33:15.0285 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2010/10/29 18:33:15.0316 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2010/10/29 18:33:15.0363 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2010/10/29 18:33:15.0441 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/10/29 18:33:15.0487 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2010/10/29 18:33:15.0519 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
2010/10/29 18:33:15.0565 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2010/10/29 18:33:15.0612 UBHelper (f763e070843ee2803de1395002b42938) C:\Windows\system32\drivers\UBHelper.sys
2010/10/29 18:33:15.0659 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2010/10/29 18:33:15.0721 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2010/10/29 18:33:15.0768 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2010/10/29 18:33:15.0799 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2010/10/29 18:33:15.0831 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2010/10/29 18:33:15.0877 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2010/10/29 18:33:15.0940 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
2010/10/29 18:33:16.0018 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/10/29 18:33:16.0065 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2010/10/29 18:33:16.0111 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
2010/10/29 18:33:16.0158 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
2010/10/29 18:33:16.0205 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2010/10/29 18:33:16.0236 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2010/10/29 18:33:16.0283 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/10/29 18:33:16.0314 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/10/29 18:33:16.0361 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2010/10/29 18:33:16.0423 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/10/29 18:33:16.0470 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2010/10/29 18:33:16.0548 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2010/10/29 18:33:16.0595 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2010/10/29 18:33:16.0626 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2010/10/29 18:33:16.0673 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2010/10/29 18:33:16.0720 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2010/10/29 18:33:16.0782 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2010/10/29 18:33:16.0813 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2010/10/29 18:33:16.0876 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2010/10/29 18:33:16.0907 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/10/29 18:33:16.0923 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2010/10/29 18:33:16.0985 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2010/10/29 18:33:17.0032 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2010/10/29 18:33:17.0250 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/10/29 18:33:17.0359 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
2010/10/29 18:33:17.0406 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2010/10/29 18:33:17.0500 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/10/29 18:33:17.0640 ================================================================================
2010/10/29 18:33:17.0640 Scan finished
2010/10/29 18:33:17.0640 ================================================================================
0
Réponse 13 / 15
Faystoss Messages postés 9 Date d'inscription mercredi 27 octobre 2010 Statut Membre Dernière intervention 29 octobre 2010
29 oct. 2010 à 18:35
Et je suis désolé pour le scan de malware mais je ne l'ai pas enregistrer, d'ailleurs j'en ai enregistrer aucun, désolé.
0
Réponse 14 / 15
supergeronimo44 Messages postés 862 Date d'inscription mardi 21 avril 2009 Statut Contributeur sécurité Dernière intervention 28 octobre 2011 84
1 nov. 2010 à 17:59
Salut !!

Me voilà donc de retour.

~~~~~~~~
Ok pour les scans, sauf le 1 & le 2 d'ici => https://forums.commentcamarche.net/forum/affich-19616063-avg-malaware-spybot-innefficace#9 ..

~~~~~~~~
J'attends donc les réponses :)

Bonne soirée !
0
Réponse 15 / 15
supergeronimo44 Messages postés 862 Date d'inscription mardi 21 avril 2009 Statut Contributeur sécurité Dernière intervention 28 octobre 2011 84
12 nov. 2010 à 19:09
y'a quelqu'un ?????????????????
0

Discussions similaires

Spybot - Search & Destroy utile ?
jerome9359 -
hubertaaz -

14 réponses
Demande de clé d'activation gratuite d'AVG internet security
MIDOWOKPOK -
midowokpok -

4 réponses
Virtumonde.dll détècté avec spybot ??
Banban la tulipe -
dom -

18 réponses
comment arrêter temporairement AVG Anti-Virus
defleppard -
Lapatte -

5 réponses
supprimer avg
slaika -
Fidji13 -

39 réponses