Traduire mon rapport otl
Fermé
basse26
Messages postés
55
Date d'inscription
samedi 22 décembre 2012
Statut
Membre
Dernière intervention
25 décembre 2012
-
22 déc. 2012 à 16:40
petitmecano Messages postés 5347 Date d'inscription mardi 7 août 2012 Statut Membre Dernière intervention 29 novembre 2019 - 23 déc. 2012 à 14:21
petitmecano Messages postés 5347 Date d'inscription mardi 7 août 2012 Statut Membre Dernière intervention 29 novembre 2019 - 23 déc. 2012 à 14:21
A voir également:
- Traduire mon rapport otl
- Traduire une page web - Guide
- Otl - Télécharger - Nettoyage
- Traduire photo - Guide
- Plan rapport de stage - Guide
- Traduire un document word - Guide
7 réponses
petitmecano
Messages postés
5347
Date d'inscription
mardi 7 août 2012
Statut
Membre
Dernière intervention
29 novembre 2019
1 029
22 déc. 2012 à 16:41
22 déc. 2012 à 16:41
Salut tu as le fichier .txt ?
basse26
Messages postés
55
Date d'inscription
samedi 22 décembre 2012
Statut
Membre
Dernière intervention
25 décembre 2012
22 déc. 2012 à 16:42
22 déc. 2012 à 16:42
oui , dsl mais je sais pas comment le poster
basse26
Messages postés
55
Date d'inscription
samedi 22 décembre 2012
Statut
Membre
Dernière intervention
25 décembre 2012
22 déc. 2012 à 16:49
22 déc. 2012 à 16:49
OTL logfile created on: 21/12/2012 09:41:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\nag\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
4,00 Gb Total Physical Memory | 2,73 Gb Available Physical Memory | 68,23% Memory free
6,00 Gb Paging File | 4,34 Gb Available in Paging File | 72,34% Paging File free
Paging file location(s): d:\pagefile.sys 2048 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 37,17 Gb Total Space | 14,57 Gb Free Space | 39,19% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 221,62 Gb Free Space | 47,58% Space Free | Partition Type: NTFS
Drive E: | 244,68 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: NAG-PC | User Name: nag | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - File not found --
PRC - [2012/12/14 19:28:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\nag\Desktop\OTL.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/03 16:47:14 | 001,259,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/12/02 18:34:23 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- D:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012/11/30 22:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/09/23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/19 08:45:40 | 000,505,872 | ---- | M] (CyberLink) -- D:\Program Files (x86)\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
PRC - [2012/09/19 08:45:35 | 000,374,560 | ---- | M] (CyberLink Corp.) -- D:\Program Files (x86)\PowerDVD12\PowerDVD12Agent.exe
PRC - [2012/09/19 08:45:35 | 000,295,440 | ---- | M] (CyberLink) -- D:\Program Files (x86)\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
PRC - [2012/09/19 08:45:30 | 000,078,352 | ---- | M] (CyberLink) -- D:\Program Files (x86)\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
PRC - [2012/09/19 08:45:12 | 000,090,640 | ---- | M] (CyberLink Corp.) -- D:\Program Files (x86)\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
PRC - [2012/08/28 06:41:08 | 000,092,632 | ---- | M] (TomTom) -- D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012/08/15 12:17:48 | 001,898,920 | ---- | M] (Doctor Web, Ltd.) -- C:\Program Files (x86)\Common Files\Doctor Web\Scanning Engine\dwengine.exe
PRC - [2011/11/24 11:59:25 | 000,407,864 | ---- | M] (Doctor Web, Ltd.) -- D:\Program Files (x86)\DrWeb\spideragent_adm.exe
PRC - [2011/11/24 11:59:24 | 001,476,920 | ---- | M] (Doctor Web, Ltd.) -- D:\Program Files (x86)\DrWeb\spideragent.exe
PRC - [2011/11/16 10:38:25 | 002,194,160 | ---- | M] (Doctor Web, Ltd.) -- D:\Program Files (x86)\DrWeb\spidergate.exe
PRC - [2011/08/15 11:31:55 | 001,591,024 | ---- | M] (Doctor Web, Ltd.) -- D:\Program Files (x86)\DrWeb\spiderml.exe
PRC - [2010/04/01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () -- D:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
PRC - [2010/03/03 19:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 19:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2012/11/14 17:12:07 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3a7eb7595728baf4078ec5f97b44180c\IAStorUtil.ni.dll
MOD - [2012/11/14 16:36:28 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll
MOD - [2012/11/14 16:36:24 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012/11/14 16:36:06 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012/11/14 16:36:02 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012/11/14 16:35:54 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012/11/14 16:35:50 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3cdcb033f930eb60badfa4500d795edb\System.Xml.ni.dll
MOD - [2012/11/14 16:35:48 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012/11/14 16:35:47 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012/11/14 16:35:43 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2011/08/24 03:39:11 | 000,655,360 | ---- | M] () -- D:\Program Files (x86)\PowerDVD12\Common\Koan\_ssl.pyd
MOD - [2011/08/24 03:39:11 | 000,081,920 | ---- | M] () -- D:\Program Files (x86)\PowerDVD12\Common\Koan\_ctypes.pyd
MOD - [2011/08/24 03:39:11 | 000,053,248 | ---- | M] () -- D:\Program Files (x86)\PowerDVD12\Common\Koan\_socket.pyd
MOD - [2010/11/13 01:54:34 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/07/14 16:23:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.resources.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - [2011/01/03 05:30:38 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Running] -- C:\Windows\SysNative\PrintCtrl.exe -- (Printer Control)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/12 04:31:10 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/03 16:47:14 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/11/30 22:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/11/29 09:26:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/19 16:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/09/23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/19 08:45:35 | 000,295,440 | ---- | M] (CyberLink) [Auto | Running] -- D:\Program Files (x86)\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2012/09/19 08:45:30 | 000,078,352 | ---- | M] (CyberLink) [Auto | Running] -- D:\Program Files (x86)\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2012/09/19 08:45:12 | 000,090,640 | ---- | M] (CyberLink Corp.) [Auto | Running] -- D:\Program Files (x86)\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2012/08/28 06:41:08 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012/08/15 12:17:48 | 001,898,920 | ---- | M] (Doctor Web, Ltd.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Doctor Web\Scanning Engine\dwengine.exe -- (DrWebEngine)
SRV - [2011/05/26 13:07:48 | 003,657,608 | ---- | M] (Doctor Web, Ltd.) [Auto | Running] -- D:\Program Files (x86)\DrWeb\frwl_svc.exe -- (DrWebFWSvc)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- D:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/03/03 19:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012/10/26 19:00:50 | 000,131,416 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2012/10/14 01:03:10 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2012/10/12 15:35:30 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:[b]64bit:[/b] - [2012/10/09 19:31:14 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:[b]64bit:[/b] - [2012/09/20 05:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2012/09/20 05:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2012/08/28 11:46:52 | 000,221,440 | ---- | M] (Doctor Web, Ltd.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\dwprot.sys -- (DwProt)
DRV:[b]64bit:[/b] - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012/07/03 16:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/01/30 12:19:06 | 000,223,960 | ---- | M] (Doctor Web, Ltd.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\spiderg3.sys -- (SpiderG3)
DRV:[b]64bit:[/b] - [2011/06/10 05:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/11 13:57:58 | 000,124,408 | ---- | M] (Doctor Web) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\drwebaf.sys -- (DRWEBAF)
DRV:[b]64bit:[/b] - [2010/11/11 13:57:58 | 000,102,904 | ---- | M] (Doctor Web) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\drwebpf.sys -- (DrWebPF)
DRV:[b]64bit:[/b] - [2010/11/09 13:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:[b]64bit:[/b] - [2010/03/03 18:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009/11/20 12:16:02 | 000,177,152 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:[b]64bit:[/b] - [2009/11/20 12:15:58 | 000,075,776 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:[b]64bit:[/b] - [2009/11/12 14:48:56 | 000,005,504 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StarOpen.sys -- (StarOpen)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2005/03/29 00:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2012/09/19 16:12:50 | 000,147,704 | ---- | M] (CyberLink Corp.) [2012/12/07 17:32:18] [Kernel | Auto | Running] -- D:\Program Files (x86)\PowerDVD12\Common\NavFilter\000.fcl -- ({73526619-C24F-470B-9BED-53D455FBB5C6})
DRV - [2012/06/20 10:35:49 | 000,083,704 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- D:\Program Files (x86)\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\Downloads
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2B 1B 26 2F 36 D3 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&mkt=fr-FR&form=IE0004
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\bin\plugin2\npjp2.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2012/12/05 23:24:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins
[2012/10/14 00:59:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nag\AppData\Roaming\mozilla\Extensions
[2012/10/14 00:59:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nag\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012/12/15 17:26:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nag\AppData\Roaming\mozilla\Firefox\Profiles\sh4d8m16.default\extensions
[2012/12/05 23:27:17 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\nag\AppData\Roaming\mozilla\firefox\profiles\sh4d8m16.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/10/01 20:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - D:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - D:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelliType Pro] C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [PrintDisp] C:\Windows\SysNative\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4 - HKLM..\Run: [Dr.Web Firewall] D:\Program Files (x86)\DrWeb\frwl_notify.exe (Doctor Web, Ltd.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [PowerDVD12Agent] D:\Program Files (x86)\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerDVD12DMREngine] D:\Program Files (x86)\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink)
O4 - HKLM..\Run: [SpIDerAgent] D:\Program Files (x86)\DrWeb\SpIDerAgent.exe (Doctor Web, Ltd.)
O4 - HKLM..\Run: [SpIDerGate] D:\Program Files (x86)\DrWeb\spidergate.exe (Doctor Web, Ltd.)
O4 - HKLM..\Run: [SpIDerMail] D:\Program Files (x86)\DrWeb\spiderml.exe (Doctor Web, Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [uTorrent] D:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [Z1] D:\Downloads\mbar-1.01.0.1011\mbar\mbar.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8:[b]64bit:[/b] - Extra context menu item: &Envoyer à OneNote - D:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: E&xporter vers Microsoft Excel - D:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: Free YouTube Download - C:\Users\nag\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: &Envoyer à OneNote - D:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - D:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\nag\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O9:[b]64bit:[/b] - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Cliquer pour appeler Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - D:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Cliquer pour appeler Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - D:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - D:\Program Files (x86)\DrWeb\drwebsp64.dll (Doctor Web, Ltd.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - D:\Program Files (x86)\DrWeb\drwebsp64.dll (Doctor Web, Ltd.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - D:\Program Files (x86)\DrWeb\drwebsp64.dll (Doctor Web, Ltd.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - D:\Program Files (x86)\DrWeb\drwebsp64.dll (Doctor Web, Ltd.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - D:\Program Files (x86)\DrWeb\drwebsp64.dll (Doctor Web, Ltd.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000017 - D:\Program Files (x86)\DrWeb\drwebsp64.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files (x86)\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files (x86)\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Program Files (x86)\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\Program Files (x86)\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\Program Files (x86)\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - D:\Program Files (x86)\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57CC703F-7A95-4B6C-89C3-CAA38F620D2A}: DhcpNameServer = 192.168.0.254
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/12/21 01:56:49 | 000,000,000 | ---D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012/12/21 01:56:56 | 000,000,000 | ---D | M] - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012/12/21 01:30:44 | 000,000,000 | ---D | C] -- C:\Autorun.inf
[2012/12/20 23:03:29 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/12/20 23:02:11 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/12/19 02:23:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012/12/18 12:22:45 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft Antimalware
[2012/12/17 21:22:53 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/12/17 21:19:52 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Local\temp
[2012/12/17 21:15:52 | 000,000,000 | -HSD | C] -- C:\DrWeb Quarantine
[2012/12/17 21:15:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/12/17 21:15:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/12/17 21:15:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/12/17 21:14:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/12/17 21:14:37 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/12/17 21:11:54 | 005,012,571 | R--- | C] (Swearware) -- C:\Users\nag\Desktop\ComboFix.exe
[2012/12/16 20:52:43 | 000,000,000 | ---D | C] -- C:\Users\nag\Doctor Web
[2012/12/15 20:13:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/12/15 20:13:33 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/12/15 17:25:50 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Roaming\QuickScan
[2012/12/14 19:28:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\nag\Desktop\OTL.exe
[2012/12/14 07:45:59 | 001,968,975 | ---- | C] (DiamondCS ) -- C:\Users\nag\Desktop\pgsetup.exe
[2012/12/14 06:53:16 | 000,075,776 | ---- | C] (NEC Electronics Corporation) -- C:\Windows\SysNative\drivers\nusb3hub.sys
[2012/12/14 06:43:10 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Local\Secunia PSI
[2012/12/14 06:43:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2012/12/14 06:42:05 | 003,137,416 | ---- | C] (Secunia) -- C:\Users\nag\Desktop\PSISetup.exe
[2012/12/14 05:44:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2012/12/09 20:44:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2012/12/07 17:40:37 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Local\MediaShow
[2012/12/07 17:34:38 | 000,000,000 | ---D | C] -- C:\Users\nag\Documents\CyberLink
[2012/12/07 17:29:40 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Local\MediaServer
[2012/12/07 17:29:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CyberLink
[2012/12/07 17:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PDVD
[2012/12/07 17:29:32 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Roaming\CyberLink
[2012/12/07 17:29:20 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Local\CyberLink
[2012/12/07 17:29:20 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/12/07 17:29:18 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
[2012/12/07 17:28:02 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[2012/12/05 23:25:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/12/05 23:25:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/12/05 20:25:06 | 000,000,000 | ---D | C] -- C:\Users\nag\Documents\Agot
[2012/12/04 13:05:55 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/12/03 21:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
[2012/12/03 21:04:42 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Local\Programs
[2012/11/29 16:53:30 | 000,000,000 | ---D | C] -- C:\Users\nag\licman
[2012/11/29 16:53:30 | 000,000,000 | ---D | C] -- C:\Users\nag\ERPro
[2012/11/26 01:46:41 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Roaming\vlc
[2012/11/26 01:46:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/11/25 20:16:20 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Roaming\uTorrent
[2012/11/22 00:33:20 | 000,000,000 | R--D | C] -- C:\MSOCache
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012/12/21 09:36:05 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\Dr.Web Update.job
[2012/12/21 09:34:13 | 000,013,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/21 09:34:13 | 000,013,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/21 09:31:43 | 001,589,400 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/21 09:31:43 | 000,717,814 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012/12/21 09:31:43 | 000,629,382 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/21 09:31:43 | 000,136,750 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012/12/21 09:31:43 | 000,112,392 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/21 09:30:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/21 09:27:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/20 23:03:29 | 000,000,699 | ---- | M] () -- C:\Users\nag\Desktop\CCleaner.lnk
[2012/12/20 18:53:18 | 000,446,136 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/19 01:15:41 | 000,745,984 | ---- | M] () -- C:\Users\nag\Desktop\winlogon.exe
[2012/12/18 01:50:10 | 000,819,712 | ---- | M] () -- C:\Users\nag\Desktop\free-iso-burner_free_iso_burner_1.2_anglais_272722.exe
[2012/12/17 21:13:42 | 005,012,571 | R--- | M] (Swearware) -- C:\Users\nag\Desktop\ComboFix.exe
[2012/12/16 20:52:13 | 106,398,136 | ---- | M] () -- C:\Users\nag\Desktop\7nhmdyib.exe
[2012/12/15 20:13:36 | 000,000,797 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/15 17:47:07 | 000,876,370 | ---- | M] () -- C:\Users\nag\AppData\Local\census.cache
[2012/12/15 17:47:00 | 000,116,884 | ---- | M] () -- C:\Users\nag\AppData\Local\ars.cache
[2012/12/15 17:28:04 | 000,000,036 | ---- | M] () -- C:\Users\nag\AppData\Local\housecall.guid.cache
[2012/12/14 19:28:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\nag\Desktop\OTL.exe
[2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/12/14 07:18:24 | 001,968,975 | ---- | M] (DiamondCS ) -- C:\Users\nag\Desktop\pgsetup.exe
[2012/12/14 06:41:04 | 003,137,416 | ---- | M] (Secunia) -- C:\Users\nag\Desktop\PSISetup.exe
[2012/12/07 17:29:18 | 000,000,916 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 12.lnk
[2012/12/05 23:25:01 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/12/05 23:14:32 | 000,043,228 | ---- | M] () -- C:\Users\nag\Desktop\bookmarks-2012-12-05.json
[2012/12/03 21:05:37 | 000,000,874 | ---- | M] () -- C:\Users\nag\Desktop\IsoBuster.lnk
[2012/12/03 16:47:14 | 000,014,446 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012/12/02 18:34:24 | 000,000,659 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/12/02 18:34:24 | 000,000,659 | ---- | M] () -- C:\Users\nag\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/12/01 06:49:26 | 003,663,213 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012/12/20 23:03:29 | 000,000,699 | ---- | C] () -- C:\Users\nag\Desktop\CCleaner.lnk
[2012/12/19 01:15:40 | 000,745,984 | ---- | C] () -- C:\Users\nag\Desktop\winlogon.exe
[2012/12/18 02:33:36 | 000,819,712 | ---- | C] () -- C:\Users\nag\Desktop\free-iso-burner_free_iso_burner_1.2_anglais_272722.exe
[2012/12/17 21:15:27 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/12/17 21:15:27 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/12/17 21:15:27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/12/17 21:15:27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/12/17 21:15:27 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/12/16 20:52:29 | 106,398,136 | ---- | C] () -- C:\Users\nag\Desktop\7nhmdyib.exe
[2012/12/15 20:13:36 | 000,000,797 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/15 17:47:07 | 000,876,370 | ---- | C] () -- C:\Users\nag\AppData\Local\census.cache
[2012/12/15 17:47:00 | 000,116,884 | ---- | C] () -- C:\Users\nag\AppData\Local\ars.cache
[2012/12/15 17:28:04 | 000,000,036 | ---- | C] () -- C:\Users\nag\AppData\Local\housecall.guid.cache
[2012/12/14 05:44:28 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2012/12/14 05:44:28 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012/12/07 17:29:18 | 000,000,916 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 12.lnk
[2012/12/05 23:25:01 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/12/05 23:25:01 | 000,000,823 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/12/05 23:14:32 | 000,043,228 | ---- | C] () -- C:\Users\nag\Desktop\bookmarks-2012-12-05.json
[2012/12/03 21:05:37 | 000,000,874 | ---- | C] () -- C:\Users\nag\Desktop\IsoBuster.lnk
[2012/11/25 20:17:13 | 000,000,659 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/11/25 20:17:13 | 000,000,659 | ---- | C] () -- C:\Users\nag\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/11/12 13:35:34 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll
[2012/11/03 17:04:46 | 000,007,627 | ---- | C] () -- C:\Users\nag\AppData\Local\Resmon.ResmonCfg
[2012/10/31 13:23:51 | 001,608,882 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/10/26 16:09:57 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2012/10/26 16:09:57 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/10/14 01:47:16 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2012/10/14 01:05:26 | 000,006,144 | ---- | C] () -- C:\Users\nag\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/26 20:57:14 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012/09/26 20:57:14 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012/09/26 20:57:14 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012/09/26 20:57:14 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
[color=#E56717]========== LOP Check ==========[/color]
[2012/10/14 01:47:23 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\Canneverbe Limited
[2012/12/15 17:50:02 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\DAEMON Tools Lite
[2012/11/19 19:29:45 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\DVDVideoSoft
[2012/10/23 19:18:09 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/11/12 13:35:09 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\Iceni
[2012/12/15 17:25:57 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\QuickScan
[2012/11/19 19:48:05 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\Samsung
[2012/10/14 00:59:55 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\TomTom
[2012/12/21 09:37:45 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\uTorrent
[2012/12/14 18:41:35 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\Windows Live Writer
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 175 bytes -> C:\ProgramData\Temp:0CE7F3C9
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\nag\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy
4,00 Gb Total Physical Memory | 2,73 Gb Available Physical Memory | 68,23% Memory free
6,00 Gb Paging File | 4,34 Gb Available in Paging File | 72,34% Paging File free
Paging file location(s): d:\pagefile.sys 2048 4096 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 37,17 Gb Total Space | 14,57 Gb Free Space | 39,19% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 221,62 Gb Free Space | 47,58% Space Free | Partition Type: NTFS
Drive E: | 244,68 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: NAG-PC | User Name: nag | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - File not found --
PRC - [2012/12/14 19:28:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\nag\Desktop\OTL.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/03 16:47:14 | 001,259,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/12/02 18:34:23 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- D:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012/11/30 22:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/09/23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/19 08:45:40 | 000,505,872 | ---- | M] (CyberLink) -- D:\Program Files (x86)\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
PRC - [2012/09/19 08:45:35 | 000,374,560 | ---- | M] (CyberLink Corp.) -- D:\Program Files (x86)\PowerDVD12\PowerDVD12Agent.exe
PRC - [2012/09/19 08:45:35 | 000,295,440 | ---- | M] (CyberLink) -- D:\Program Files (x86)\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
PRC - [2012/09/19 08:45:30 | 000,078,352 | ---- | M] (CyberLink) -- D:\Program Files (x86)\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
PRC - [2012/09/19 08:45:12 | 000,090,640 | ---- | M] (CyberLink Corp.) -- D:\Program Files (x86)\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
PRC - [2012/08/28 06:41:08 | 000,092,632 | ---- | M] (TomTom) -- D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012/08/15 12:17:48 | 001,898,920 | ---- | M] (Doctor Web, Ltd.) -- C:\Program Files (x86)\Common Files\Doctor Web\Scanning Engine\dwengine.exe
PRC - [2011/11/24 11:59:25 | 000,407,864 | ---- | M] (Doctor Web, Ltd.) -- D:\Program Files (x86)\DrWeb\spideragent_adm.exe
PRC - [2011/11/24 11:59:24 | 001,476,920 | ---- | M] (Doctor Web, Ltd.) -- D:\Program Files (x86)\DrWeb\spideragent.exe
PRC - [2011/11/16 10:38:25 | 002,194,160 | ---- | M] (Doctor Web, Ltd.) -- D:\Program Files (x86)\DrWeb\spidergate.exe
PRC - [2011/08/15 11:31:55 | 001,591,024 | ---- | M] (Doctor Web, Ltd.) -- D:\Program Files (x86)\DrWeb\spiderml.exe
PRC - [2010/04/01 10:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () -- D:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
PRC - [2010/03/03 19:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 19:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2012/11/14 17:12:07 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3a7eb7595728baf4078ec5f97b44180c\IAStorUtil.ni.dll
MOD - [2012/11/14 16:36:28 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03cfab5534482e8fc313ead6edc19100\System.Web.ni.dll
MOD - [2012/11/14 16:36:24 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012/11/14 16:36:06 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012/11/14 16:36:02 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012/11/14 16:35:54 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012/11/14 16:35:50 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3cdcb033f930eb60badfa4500d795edb\System.Xml.ni.dll
MOD - [2012/11/14 16:35:48 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012/11/14 16:35:47 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012/11/14 16:35:43 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2011/08/24 03:39:11 | 000,655,360 | ---- | M] () -- D:\Program Files (x86)\PowerDVD12\Common\Koan\_ssl.pyd
MOD - [2011/08/24 03:39:11 | 000,081,920 | ---- | M] () -- D:\Program Files (x86)\PowerDVD12\Common\Koan\_ctypes.pyd
MOD - [2011/08/24 03:39:11 | 000,053,248 | ---- | M] () -- D:\Program Files (x86)\PowerDVD12\Common\Koan\_socket.pyd
MOD - [2010/11/13 01:54:34 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/07/14 16:23:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_fr_b77a5c561934e089\System.Runtime.Remoting.resources.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - [2011/01/03 05:30:38 | 000,077,824 | ---- | M] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [Auto | Running] -- C:\Windows\SysNative\PrintCtrl.exe -- (Printer Control)
SRV:[b]64bit:[/b] - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:[b]64bit:[/b] - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/12 04:31:10 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/03 16:47:14 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/11/30 22:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/11/29 09:26:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/19 16:14:08 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/09/23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/19 08:45:35 | 000,295,440 | ---- | M] (CyberLink) [Auto | Running] -- D:\Program Files (x86)\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2012/09/19 08:45:30 | 000,078,352 | ---- | M] (CyberLink) [Auto | Running] -- D:\Program Files (x86)\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2012/09/19 08:45:12 | 000,090,640 | ---- | M] (CyberLink Corp.) [Auto | Running] -- D:\Program Files (x86)\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2012/08/28 06:41:08 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- D:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012/08/15 12:17:48 | 001,898,920 | ---- | M] (Doctor Web, Ltd.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Doctor Web\Scanning Engine\dwengine.exe -- (DrWebEngine)
SRV - [2011/05/26 13:07:48 | 003,657,608 | ---- | M] (Doctor Web, Ltd.) [Auto | Running] -- D:\Program Files (x86)\DrWeb\frwl_svc.exe -- (DrWebFWSvc)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- D:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/03/03 19:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2012/10/26 19:00:50 | 000,131,416 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:[b]64bit:[/b] - [2012/10/14 01:03:10 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:[b]64bit:[/b] - [2012/10/12 15:35:30 | 000,050,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:[b]64bit:[/b] - [2012/10/09 19:31:14 | 000,075,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:[b]64bit:[/b] - [2012/09/20 05:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:[b]64bit:[/b] - [2012/09/20 05:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2012/08/28 11:46:52 | 000,221,440 | ---- | M] (Doctor Web, Ltd.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\dwprot.sys -- (DwProt)
DRV:[b]64bit:[/b] - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:[b]64bit:[/b] - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2012/07/03 16:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012/01/30 12:19:06 | 000,223,960 | ---- | M] (Doctor Web, Ltd.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\spiderg3.sys -- (SpiderG3)
DRV:[b]64bit:[/b] - [2011/06/10 05:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010/11/11 13:57:58 | 000,124,408 | ---- | M] (Doctor Web) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\drwebaf.sys -- (DRWEBAF)
DRV:[b]64bit:[/b] - [2010/11/11 13:57:58 | 000,102,904 | ---- | M] (Doctor Web) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\drwebpf.sys -- (DrWebPF)
DRV:[b]64bit:[/b] - [2010/11/09 13:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:[b]64bit:[/b] - [2010/03/03 18:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009/11/20 12:16:02 | 000,177,152 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:[b]64bit:[/b] - [2009/11/20 12:15:58 | 000,075,776 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:[b]64bit:[/b] - [2009/11/12 14:48:56 | 000,005,504 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StarOpen.sys -- (StarOpen)
DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2005/03/29 00:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2012/09/19 16:12:50 | 000,147,704 | ---- | M] (CyberLink Corp.) [2012/12/07 17:32:18] [Kernel | Auto | Running] -- D:\Program Files (x86)\PowerDVD12\Common\NavFilter\000.fcl -- ({73526619-C24F-470B-9BED-53D455FBB5C6})
DRV - [2012/06/20 10:35:49 | 000,083,704 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- D:\Program Files (x86)\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope =
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\Downloads
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-FR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2B 1B 26 2F 36 D3 CD 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.google.com/?gws_rd=ssl
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{9D5BD211-422C-4164-9298-BB4186A30F31}: "URL" = https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&mkt=fr-FR&form=IE0004
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\bin\plugin2\npjp2.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: D:\bin\plugin2\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2012/12/05 23:24:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins
[2012/10/14 00:59:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nag\AppData\Roaming\mozilla\Extensions
[2012/10/14 00:59:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nag\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012/12/15 17:26:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nag\AppData\Roaming\mozilla\Firefox\Profiles\sh4d8m16.default\extensions
[2012/12/05 23:27:17 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\nag\AppData\Roaming\mozilla\firefox\profiles\sh4d8m16.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/10/01 20:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - D:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - D:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelliType Pro] C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [PrintDisp] C:\Windows\SysNative\PrintDisp.exe (ActMask Co.,Ltd - http://www.all2pdf.com)
O4 - HKLM..\Run: [Dr.Web Firewall] D:\Program Files (x86)\DrWeb\frwl_notify.exe (Doctor Web, Ltd.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [PowerDVD12Agent] D:\Program Files (x86)\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerDVD12DMREngine] D:\Program Files (x86)\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink)
O4 - HKLM..\Run: [SpIDerAgent] D:\Program Files (x86)\DrWeb\SpIDerAgent.exe (Doctor Web, Ltd.)
O4 - HKLM..\Run: [SpIDerGate] D:\Program Files (x86)\DrWeb\spidergate.exe (Doctor Web, Ltd.)
O4 - HKLM..\Run: [SpIDerMail] D:\Program Files (x86)\DrWeb\spiderml.exe (Doctor Web, Ltd.)
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [uTorrent] D:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [Z1] D:\Downloads\mbar-1.01.0.1011\mbar\mbar.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8:[b]64bit:[/b] - Extra context menu item: &Envoyer à OneNote - D:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: E&xporter vers Microsoft Excel - D:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8:[b]64bit:[/b] - Extra context menu item: Free YouTube Download - C:\Users\nag\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: &Envoyer à OneNote - D:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xporter vers Microsoft Excel - D:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\nag\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O9:[b]64bit:[/b] - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Cliquer pour appeler Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - D:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Cliquer pour appeler Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - D:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra Button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - D:\Program Files (x86)\DrWeb\drwebsp64.dll (Doctor Web, Ltd.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - D:\Program Files (x86)\DrWeb\drwebsp64.dll (Doctor Web, Ltd.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - D:\Program Files (x86)\DrWeb\drwebsp64.dll (Doctor Web, Ltd.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - D:\Program Files (x86)\DrWeb\drwebsp64.dll (Doctor Web, Ltd.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - D:\Program Files (x86)\DrWeb\drwebsp64.dll (Doctor Web, Ltd.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000017 - D:\Program Files (x86)\DrWeb\drwebsp64.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files (x86)\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files (x86)\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Program Files (x86)\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\Program Files (x86)\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\Program Files (x86)\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - D:\Program Files (x86)\DrWeb\drwebsp.dll (Doctor Web, Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57CC703F-7A95-4B6C-89C3-CAA38F620D2A}: DhcpNameServer = 192.168.0.254
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/12/21 01:56:49 | 000,000,000 | ---D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012/12/21 01:56:56 | 000,000,000 | ---D | M] - D:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012/12/21 01:30:44 | 000,000,000 | ---D | C] -- C:\Autorun.inf
[2012/12/20 23:03:29 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/12/20 23:02:11 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/12/19 02:23:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012/12/18 12:22:45 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft Antimalware
[2012/12/17 21:22:53 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/12/17 21:19:52 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Local\temp
[2012/12/17 21:15:52 | 000,000,000 | -HSD | C] -- C:\DrWeb Quarantine
[2012/12/17 21:15:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/12/17 21:15:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/12/17 21:15:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/12/17 21:14:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/12/17 21:14:37 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/12/17 21:11:54 | 005,012,571 | R--- | C] (Swearware) -- C:\Users\nag\Desktop\ComboFix.exe
[2012/12/16 20:52:43 | 000,000,000 | ---D | C] -- C:\Users\nag\Doctor Web
[2012/12/15 20:13:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/12/15 20:13:33 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/12/15 17:25:50 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Roaming\QuickScan
[2012/12/14 19:28:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\nag\Desktop\OTL.exe
[2012/12/14 07:45:59 | 001,968,975 | ---- | C] (DiamondCS ) -- C:\Users\nag\Desktop\pgsetup.exe
[2012/12/14 06:53:16 | 000,075,776 | ---- | C] (NEC Electronics Corporation) -- C:\Windows\SysNative\drivers\nusb3hub.sys
[2012/12/14 06:43:10 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Local\Secunia PSI
[2012/12/14 06:43:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2012/12/14 06:42:05 | 003,137,416 | ---- | C] (Secunia) -- C:\Users\nag\Desktop\PSISetup.exe
[2012/12/14 05:44:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2012/12/09 20:44:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2012/12/07 17:40:37 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Local\MediaShow
[2012/12/07 17:34:38 | 000,000,000 | ---D | C] -- C:\Users\nag\Documents\CyberLink
[2012/12/07 17:29:40 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Local\MediaServer
[2012/12/07 17:29:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CyberLink
[2012/12/07 17:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\PDVD
[2012/12/07 17:29:32 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Roaming\CyberLink
[2012/12/07 17:29:20 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Local\CyberLink
[2012/12/07 17:29:20 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/12/07 17:29:18 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
[2012/12/07 17:28:02 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[2012/12/05 23:25:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/12/05 23:25:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/12/05 20:25:06 | 000,000,000 | ---D | C] -- C:\Users\nag\Documents\Agot
[2012/12/04 13:05:55 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/12/03 21:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster
[2012/12/03 21:04:42 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Local\Programs
[2012/11/29 16:53:30 | 000,000,000 | ---D | C] -- C:\Users\nag\licman
[2012/11/29 16:53:30 | 000,000,000 | ---D | C] -- C:\Users\nag\ERPro
[2012/11/26 01:46:41 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Roaming\vlc
[2012/11/26 01:46:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/11/25 20:16:20 | 000,000,000 | ---D | C] -- C:\Users\nag\AppData\Roaming\uTorrent
[2012/11/22 00:33:20 | 000,000,000 | R--D | C] -- C:\MSOCache
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012/12/21 09:36:05 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\Dr.Web Update.job
[2012/12/21 09:34:13 | 000,013,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/21 09:34:13 | 000,013,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/21 09:31:43 | 001,589,400 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/21 09:31:43 | 000,717,814 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012/12/21 09:31:43 | 000,629,382 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/21 09:31:43 | 000,136,750 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012/12/21 09:31:43 | 000,112,392 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/21 09:30:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/21 09:27:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/20 23:03:29 | 000,000,699 | ---- | M] () -- C:\Users\nag\Desktop\CCleaner.lnk
[2012/12/20 18:53:18 | 000,446,136 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/19 01:15:41 | 000,745,984 | ---- | M] () -- C:\Users\nag\Desktop\winlogon.exe
[2012/12/18 01:50:10 | 000,819,712 | ---- | M] () -- C:\Users\nag\Desktop\free-iso-burner_free_iso_burner_1.2_anglais_272722.exe
[2012/12/17 21:13:42 | 005,012,571 | R--- | M] (Swearware) -- C:\Users\nag\Desktop\ComboFix.exe
[2012/12/16 20:52:13 | 106,398,136 | ---- | M] () -- C:\Users\nag\Desktop\7nhmdyib.exe
[2012/12/15 20:13:36 | 000,000,797 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/15 17:47:07 | 000,876,370 | ---- | M] () -- C:\Users\nag\AppData\Local\census.cache
[2012/12/15 17:47:00 | 000,116,884 | ---- | M] () -- C:\Users\nag\AppData\Local\ars.cache
[2012/12/15 17:28:04 | 000,000,036 | ---- | M] () -- C:\Users\nag\AppData\Local\housecall.guid.cache
[2012/12/14 19:28:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\nag\Desktop\OTL.exe
[2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/12/14 07:18:24 | 001,968,975 | ---- | M] (DiamondCS ) -- C:\Users\nag\Desktop\pgsetup.exe
[2012/12/14 06:41:04 | 003,137,416 | ---- | M] (Secunia) -- C:\Users\nag\Desktop\PSISetup.exe
[2012/12/07 17:29:18 | 000,000,916 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 12.lnk
[2012/12/05 23:25:01 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/12/05 23:14:32 | 000,043,228 | ---- | M] () -- C:\Users\nag\Desktop\bookmarks-2012-12-05.json
[2012/12/03 21:05:37 | 000,000,874 | ---- | M] () -- C:\Users\nag\Desktop\IsoBuster.lnk
[2012/12/03 16:47:14 | 000,014,446 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012/12/02 18:34:24 | 000,000,659 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/12/02 18:34:24 | 000,000,659 | ---- | M] () -- C:\Users\nag\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/12/01 06:49:26 | 003,663,213 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012/12/20 23:03:29 | 000,000,699 | ---- | C] () -- C:\Users\nag\Desktop\CCleaner.lnk
[2012/12/19 01:15:40 | 000,745,984 | ---- | C] () -- C:\Users\nag\Desktop\winlogon.exe
[2012/12/18 02:33:36 | 000,819,712 | ---- | C] () -- C:\Users\nag\Desktop\free-iso-burner_free_iso_burner_1.2_anglais_272722.exe
[2012/12/17 21:15:27 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/12/17 21:15:27 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/12/17 21:15:27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/12/17 21:15:27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/12/17 21:15:27 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/12/16 20:52:29 | 106,398,136 | ---- | C] () -- C:\Users\nag\Desktop\7nhmdyib.exe
[2012/12/15 20:13:36 | 000,000,797 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/15 17:47:07 | 000,876,370 | ---- | C] () -- C:\Users\nag\AppData\Local\census.cache
[2012/12/15 17:47:00 | 000,116,884 | ---- | C] () -- C:\Users\nag\AppData\Local\ars.cache
[2012/12/15 17:28:04 | 000,000,036 | ---- | C] () -- C:\Users\nag\AppData\Local\housecall.guid.cache
[2012/12/14 05:44:28 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2012/12/14 05:44:28 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012/12/07 17:29:18 | 000,000,916 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 12.lnk
[2012/12/05 23:25:01 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/12/05 23:25:01 | 000,000,823 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/12/05 23:14:32 | 000,043,228 | ---- | C] () -- C:\Users\nag\Desktop\bookmarks-2012-12-05.json
[2012/12/03 21:05:37 | 000,000,874 | ---- | C] () -- C:\Users\nag\Desktop\IsoBuster.lnk
[2012/11/25 20:17:13 | 000,000,659 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012/11/25 20:17:13 | 000,000,659 | ---- | C] () -- C:\Users\nag\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2012/11/12 13:35:34 | 001,391,616 | ---- | C] () -- C:\Windows\SysWow64\ActPDF.dll
[2012/11/03 17:04:46 | 000,007,627 | ---- | C] () -- C:\Users\nag\AppData\Local\Resmon.ResmonCfg
[2012/10/31 13:23:51 | 001,608,882 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/10/26 16:09:57 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2012/10/26 16:09:57 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/10/14 01:47:16 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2012/10/14 01:05:26 | 000,006,144 | ---- | C] () -- C:\Users\nag\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/26 20:57:14 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012/09/26 20:57:14 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012/09/26 20:57:14 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012/09/26 20:57:14 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
[color=#E56717]========== LOP Check ==========[/color]
[2012/10/14 01:47:23 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\Canneverbe Limited
[2012/12/15 17:50:02 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\DAEMON Tools Lite
[2012/11/19 19:29:45 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\DVDVideoSoft
[2012/10/23 19:18:09 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/11/12 13:35:09 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\Iceni
[2012/12/15 17:25:57 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\QuickScan
[2012/11/19 19:48:05 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\Samsung
[2012/10/14 00:59:55 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\TomTom
[2012/12/21 09:37:45 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\uTorrent
[2012/12/14 18:41:35 | 000,000,000 | ---D | M] -- C:\Users\nag\AppData\Roaming\Windows Live Writer
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 175 bytes -> C:\ProgramData\Temp:0CE7F3C9
< End of report >
petitmecano
Messages postés
5347
Date d'inscription
mardi 7 août 2012
Statut
Membre
Dernière intervention
29 novembre 2019
1 029
22 déc. 2012 à 16:51
22 déc. 2012 à 16:51
Pas comme ça =)
Va sur https://www.cjoint.com/ , pointe ton fichier , envoie le , donne le lien au helper ...
Va sur https://www.cjoint.com/ , pointe ton fichier , envoie le , donne le lien au helper ...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
basse26
Messages postés
55
Date d'inscription
samedi 22 décembre 2012
Statut
Membre
Dernière intervention
25 décembre 2012
22 déc. 2012 à 17:15
22 déc. 2012 à 17:15
personne pour lire mon rapport?
basse26
Messages postés
55
Date d'inscription
samedi 22 décembre 2012
Statut
Membre
Dernière intervention
25 décembre 2012
22 déc. 2012 à 20:40
22 déc. 2012 à 20:40
d accord merci beaucoup mais je peux plus le fair je n arrive plus a ouvrire ma session
petitmecano
Messages postés
5347
Date d'inscription
mardi 7 août 2012
Statut
Membre
Dernière intervention
29 novembre 2019
1 029
23 déc. 2012 à 14:21
23 déc. 2012 à 14:21
Salut
OTL moi non, ZHPDiag oui mais je ne peux plus,
Change ton titre, afin d'expliquer mieux ton problème
Change également la description & donne les symptômes le plus précisément possible
Merci
OTL moi non, ZHPDiag oui mais je ne peux plus,
Change ton titre, afin d'expliquer mieux ton problème
Change également la description & donne les symptômes le plus précisément possible
Merci
