Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected by Search Engine Redirects


  • This topic is locked This topic is locked
20 replies to this topic

#1 thisis8

thisis8

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:51 PM

Posted 22 August 2011 - 10:00 PM

Hello everyone,

for the past few days my computer has been infected with some malware, or virus, or whatever.. I do not have the exact term.
The symptoms are: when I do a search on the internet (using indifferently bing, google, etc) and click on one of the results, it redirects me to random websites.

I've been trying -with the help of a friend who works in computer fixing- everything:
-Spybot Search and Destroy
-Malwarebytes Anti-Malware
-Kapersky spyware removal
-Super Anti Spyware
-Spyware doctor
-Avira Scan
everytime on the safe mode.
Some things has been found and fixed, but the problem is still here!

So my friend finally asked me to run ComboFix. I ran it... before finding your tutorial. So yes, I already ran it.

Even though, then I decided to follow your tutorial, steps by steps.
http://www.bleepingcomputer.com/forums/topic34773.html

And here I am, with my DDS and ARK logs.

I am totally lost.

Should I just abandon and format my machine? Oh no...

Before I finally paste my log, I want to give you an information - or, let's say, more of a feeling.
After looking at the DDS log, I must say I have big suspicion on

2011-08-19 02:32 . 2011-08-19 02:32 711680 ----a-w- c:\windows\system32\KBDINTEL32.del

Because it appeared approx. when the trouble all started.
My ZoneAlarm firewall once asked me if I wanted to allow KBDINTEL32 to access the internet.
First I said no. But then, no internet access anymore, I couldn't go on the net.
So I went back to the firewall and said OK, 'allowKBDINTEL32 to access the internet'.
Then I could finally access the internet.
But for me, since that my problems appeared.

I might just be wrong, but it's my feeling.
What do you think?

Anyway...
Thanks for your help and hard work.

I am looking forward hearing back from the community!

Thanks so much,
Merci!

Camille.


My DDS log:


.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_21
Run by grégoire at 21:43:36 on 2011-08-22
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3038.1611 [GMT -4:00]
.
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\ZoneLabs\vsmon.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\sony\Network Utility\NSUService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files\sony\VAIO Event Service\VESMgr.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conime.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\sony\VAIO Mode Switch\VMSwitch.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [MarketingTools] c:\program files\sony\marketing tools\MarketingTools.exe
mRun: [VMSwitch] "c:\program files\sony\vaio mode switch\VMSwitch.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xporter vers Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{77CDAE4B-6366-4455-80F4-406D93E5C682} : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{E4D3EB9D-D268-46D6-A806-2786A24BB826} : DhcpNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\grégoire\appdata\roaming\mozilla\firefox\profiles\h1e5bb4y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=fr
FF - prefs.js: network.proxy.http - localhost
FF - prefs.js: network.proxy.http_port - 9666
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.ssl - localhost
FF - prefs.js: network.proxy.ssl_port - 9666
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\browserplusplugins\229bdeab3149a3a52a9f79372c5212c8\npybrowserplus_2.9.8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\users\grã©goire\appdata\local\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\users\grã©goire\appdata\roaming\facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\users\grã©goire\appdata\roaming\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\users\grã©goire\appdata\roaming\mozilla\firefox\profiles\h1e5bb4y.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\users\grã©goire\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Adobe DLM (powered by getPlus®): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: vShare Plugin: vshareus@toolbar - %profile%\extensions\vshareus@toolbar
FF - Ext: VisualizeUs: visualizeus@sergi.meseguer - %profile%\extensions\visualizeus@sergi.meseguer
FF - Ext: XUL Cache: {276c0d85-0ae4-443a-814a-c3eef0ad8b47} - %profile%\extensions\{276c0d85-0ae4-443a-814a-c3eef0ad8b47}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
.
============= SERVICES / DRIVERS ===============
.
R0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\drivers\shpf.sys [2009-3-23 23712]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-6-24 11608]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2010-8-9 22104]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\avira\antivir desktop\sched.exe [2009-6-24 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-6-24 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-6-24 61960]
R2 NSUService;NSUService;c:\program files\sony\network utility\NSUService.exe [2009-4-23 303104]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 RtkAudioService;Realtek Audio Service;c:\program files\realtek\audio\hda\RtkAudioService.exe [2009-3-24 109088]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-8-21 1153368]
R2 uCamMonitor;CamMonitor;c:\program files\arcsoft\magic-i visual effects 2\uCamMonitor.exe [2009-4-23 104960]
R2 VCFw;VAIO Content Folder Watcher;c:\program files\common files\sony shared\vaio content folder watcher\VCFw.exe [2009-1-14 5184872]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2009-4-23 17920]
R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-8-28 3664384]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-3-23 9344]
S2 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2009-3-24 415592]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-8-20 41272]
S3 PLAVService;PLAVService;c:\program files\common files\plav\plavservice.exe [2010-9-8 599384]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2009-4-23 394536]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2009-4-23 83240]
.
=============== Created Last 30 ================
.
2011-08-23 01:06:28 -------- d-----w- c:\users\grégoire\appdata\local\temp
2011-08-23 00:59:28 -------- d-----w- C:\$RECYCLE.BIN
2011-08-23 00:40:21 98816 ----a-w- c:\windows\sed.exe
2011-08-23 00:40:21 518144 ----a-w- c:\windows\SWREG.exe
2011-08-23 00:40:21 256000 ----a-w- c:\windows\PEV.exe
2011-08-23 00:40:21 208896 ----a-w- c:\windows\MBR.exe
2011-08-22 20:44:38 -------- d-----w- c:\users\grégoire\appdata\local\Thinstall
2011-08-21 22:33:50 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-08-21 22:33:50 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-08-21 19:14:59 -------- d-----w- c:\windows\RestoreSafeDeleted
2011-08-21 16:47:31 -------- d-----w- c:\programdata\PLAV
2011-08-21 16:46:58 -------- d-----w- c:\programdata\ParetoLogic
2011-08-21 16:46:58 -------- d-----w- c:\program files\common files\ParetoLogic
2011-08-21 16:46:14 -------- d-----w- c:\programdata\ParetoLogic Anti-Virus PLUS
2011-08-21 16:46:14 -------- d-----w- c:\program files\common files\PLAV
2011-08-21 16:46:13 -------- d-----w- c:\program files\ParetoLogic
2011-08-21 16:39:25 2 --shatr- c:\windows\winstart.bat
2011-08-20 16:25:46 -------- d-----w- c:\users\grégoire\appdata\roaming\Malwarebytes
2011-08-20 16:25:34 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-20 16:25:29 -------- d-----w- c:\programdata\Malwarebytes
2011-08-20 16:25:26 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-20 16:25:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-20 16:10:54 -------- d-----w- c:\users\grégoire\appdata\roaming\Avira
2011-08-19 02:32:12 711680 ----a-w- c:\windows\system32\KBDINTEL32.del
2011-08-17 23:41:47 -------- d-----w- c:\users\grégoire\appdata\roaming\Amazon
2011-08-17 23:41:18 -------- d-----w- c:\program files\Amazon
2011-08-03 18:05:36 -------- d-----w- c:\programdata\ESTsoft
2011-08-03 18:05:35 -------- d-----w- c:\program files\ESTsoft
2011-08-03 18:05:33 -------- d-----w- c:\users\grégoire\appdata\roaming\ESTsoft
2011-08-03 18:05:33 -------- d-----w- c:\program files\Zip rar
.
==================== Find3M ====================
.
.
============= FINISH: 21:44:11,92 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:51 PM

Posted 27 August 2011 - 10:05 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

Posted Image In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/415704 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

Posted Image If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS and GMER log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice


Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:51 PM

Posted 01 September 2011 - 10:10 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!

#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,963 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:10:51 PM

Posted 04 September 2011 - 10:36 PM

Reopened at member's request.

~ OB
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#5 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:51 AM

Posted 05 September 2011 - 07:20 AM

Salut Camille,

My name is Casey and I will be helping you with your malware problems.

Whilst I research the problems in your logs, it is very important that you do not make any changes to this PC. Specifically, do not run any further malware removal tools or try to remove anything yourself.

You may wish to "Watch Topic" so that you are immediately informed of any replies I make. I also ask that you reply to my posts within 5 days else your topic will be closed as stale.

Throughout the removal process, if you have any questions then you should ask them. If you are unsure of my instructions or something does not go as planned - then please tell me. Conversely, it is also important that you answer any questions I have and that you keep me updated on the state of the PC.

Regards,

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#6 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:51 AM

Posted 05 September 2011 - 07:30 AM

Hi,

:step1: Before we start, let's have a look at that ComboFix log. It should be saved at C:\ComboFix.txt. If you have any other logs from the scanners/tools you've run could you please zip them up and attach them here.

:step2: I do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove either Avira AntiVir Personal or ParetoLogic Anti-Virus PLUS - I recommend that you remove ParetoLogic (however it is your choice).

:step3: Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#7 thisis8

thisis8
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:51 PM

Posted 05 September 2011 - 12:04 PM

Casey, Orange Blossom, thank you for your support.
Here is an update on my situation.

-- Casey: I answer your question bellow, at the end of the post.

Because my PC is my work tool, and because I was afraid my datas where not safe anymore with this malware I have, I decided to format and re-install everything back on my PC. I did it few days ago.

What I did:
-format hard drive
-reinstall windows
-reinstall all my programms
-reinstall all my docs
-reinstall my Firefox profile that I backed up before formatting to keep all my bookmarks, pass word, etc.
-reinstall my Windows Mail messages and contact that I backed up before formatting

Now, guess what?
The MALWARE IS STILL HERE!
The only change is the frequency. It only happens 50% of the times.
Do you think it's hiding somewhere in my docs, firefox or windows mail datas?

To give you an update and fresh datas, I followed the instructions given to me by the HelpBot on its Aug 27th post.
Here is the log and I attached Ark.txt and Attach.zip.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_22
Run by Grégoire at 12:24:57 on 2011-09-05
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3038.1802 [GMT -4:00]
.
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\ZoneLabs\vsmon.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files\sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Program Files\sony\Marketing Tools\MarketingTools.exe
C:\Program Files\sony\VAIO Mode Switch\VMSwitch.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Grégoire\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=SNYT
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [MarketingTools] c:\program files\sony\marketing tools\MarketingTools.exe
mRun: [VMSwitch] "c:\program files\sony\vaio mode switch\VMSwitch.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\users\grgoir~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Envoyer au périphérique &Bluetooth... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{3A675989-5E20-4ECC-855A-A6622C7EDA1C} : DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\grégoire\appdata\roaming\mozilla\firefox\profiles\4wno7tms.default\
.
============= SERVICES / DRIVERS ===============
.
R0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\drivers\shpf.sys [2009-3-23 23712]
R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\avira\antivir desktop\sched.exe [2011-8-29 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-8-29 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-8-29 61960]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 RtkAudioService;Realtek Audio Service;c:\program files\realtek\audio\hda\RtkAudioService.exe [2009-3-24 109088]
R2 uCamMonitor;CamMonitor;c:\program files\arcsoft\magic-i visual effects 2\uCamMonitor.exe [2011-8-28 104960]
R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2009-3-24 415592]
R2 VCFw;VAIO Content Folder Watcher;c:\program files\common files\sony shared\vaio content folder watcher\VCFw.exe [2009-1-14 5184872]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2011-8-28 17920]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-3-24 29736]
R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-8-28 3664384]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-3-23 9344]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2011-8-28 394536]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2011-8-28 83240]
.
=============== Created Last 30 ================
.
2011-09-03 00:03:43 -------- d-----w- c:\users\grégoire\appdata\roaming\DivX
2011-08-30 02:06:54 -------- d-----r- C:\MES DOCS
2011-08-30 01:38:01 -------- d-----w- c:\users\grégoire\appdata\roaming\OpenOffice.org
2011-08-30 01:35:42 -------- d-----w- c:\program files\OpenOffice.org 3
2011-08-30 01:35:05 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-30 00:28:35 -------- d-----w- c:\users\grégoire\appdata\roaming\Avira
2011-08-30 00:16:58 457304 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2011-08-30 00:16:57 -------- d-----w- c:\windows\system32\ZoneLabs
2011-08-30 00:16:56 -------- d-----w- c:\program files\Zone Labs
2011-08-30 00:15:26 -------- d-----w- c:\programdata\CheckPoint
2011-08-30 00:15:25 -------- d-----w- c:\windows\Internet Logs
2011-08-30 00:04:56 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-08-30 00:04:55 -------- d-----w- c:\programdata\Avira
2011-08-30 00:04:55 -------- d-----w- c:\program files\Avira
2011-08-29 23:54:16 -------- d-----w- c:\users\grégoire\appdata\roaming\Macromedia
2011-08-28 21:28:04 -------- d-----w- c:\windows\system32\syncdb
2011-08-28 21:28:04 -------- d-----w- c:\users\grégoire\appdata\roaming\Adobe
2011-08-28 21:11:52 -------- d-----w- c:\users\grégoire\appdata\roaming\ATI
2011-08-28 21:11:44 -------- d-----w- c:\users\grégoire\appdata\roaming\Sony Corporation
2011-08-28 21:10:58 -------- d-----r- c:\users\grégoire\Searches
2011-08-28 21:10:47 -------- d-----w- c:\users\grégoire\appdata\roaming\Identities
2011-08-28 21:10:44 -------- d-----r- c:\users\grégoire\Contacts
2011-08-28 20:53:58 -------- d-sh--we c:\programdata\Modèles
2011-08-28 20:53:58 -------- d-sh--we c:\programdata\Menu Démarrer
2011-08-28 20:53:58 -------- d-sh--we c:\programdata\Favoris
2011-08-28 20:53:58 -------- d-sh--we c:\programdata\Bureau
2011-08-28 20:53:58 -------- d-sh--we c:\program files\Fichiers communs
2011-08-28 15:37:41 -------- d-----w- C:\_FS_SWRINFO
2011-08-28 15:37:40 -------- d-----w- C:\Documentation
2011-08-28 15:37:20 -------- d-----w- c:\programdata\Roaming
2011-08-28 15:36:49 -------- d-----w- c:\program files\Cisco
2011-08-28 15:36:48 -------- d-----w- c:\program files\common files\Intel
2011-08-28 15:36:01 -------- d-----w- c:\program files\Microsoft
2011-08-28 15:34:37 143689544 ----a-w- c:\program files\common files\windows live\.cache\wlc1A83.tmp
2011-08-28 15:34:26 -------- d-----w- c:\program files\common files\Windows Live
2011-08-28 15:33:41 -------- d-----w- c:\program files\common files\InterVideo
2011-08-28 15:31:42 -------- d-----w- c:\program files\InterVideo
2011-08-28 15:26:10 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2011-08-28 15:25:10 98304 ----a-w- c:\windows\system32\VESWinlogon.dll
2011-08-28 15:18:37 -------- d-----w- c:\program files\common files\Sonic Shared
2011-08-28 15:18:07 129520 ------w- c:\windows\system32\pxafs.dll
2011-08-28 15:11:22 -------- d-----w- c:\program files\Microsoft Office Suite Activation Assistant
2011-08-28 15:08:30 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2011-08-28 15:08:30 32592 ----a-w- c:\windows\system32\msonpmon.dll
2011-08-28 15:07:27 -------- d-----w- c:\windows\PCHEALTH
2011-08-28 14:58:01 212480 ----a-w- c:\windows\system32\PCDLIB32.DLL
2011-08-28 14:57:56 55808 ----a-w- c:\windows\system32\ArcSoftKsUFilter.dll
2011-08-28 14:57:56 17920 ----a-w- c:\windows\system32\drivers\ArcSoftKsUFilter.sys
2011-08-28 14:57:52 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2011-08-28 14:57:52 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2011-08-28 14:57:52 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll
2011-08-28 14:57:52 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2011-08-28 14:57:51 614532 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\IKernel.exe
2011-08-28 14:56:48 -------- d-----w- c:\program files\DivX
2011-08-28 14:56:48 -------- d-----w- c:\program files\common files\DivX Shared
2011-08-28 14:50:33 -------- d-----w- c:\program files\ATI Technologies
2011-08-28 14:40:11 -------- d-----w- c:\program files\common files\PX Storage Engine
2011-08-28 14:37:28 -------- d-----w- c:\windows\Sonysys
.
==================== Find3M ====================
.
.
============= FINISH: 12:25:16,69 ===============


Casey:

1- As I formatted my PC, the ComboFix Log I created a week ago is not valid anymore. Should I run it again? Let me know and I'll post the log for you.
2- I checked, now it seems that I have only Avira running. No other programm such as Pareto is listed in the control panel / add/remove. By the way, I have no Idea what this Pareto thing is, and don't remember installing it on my pc.
3- here is the TDSS Killer logn - nothing has been found:
2011/09/05 13:01:13.0155 2724 TDSS rootkit removing tool 2.5.18.0 Sep 5 2011 09:53:09
2011/09/05 13:01:14.0809 2724 ================================================================================
2011/09/05 13:01:14.0809 2724 SystemInfo:
2011/09/05 13:01:14.0809 2724
2011/09/05 13:01:14.0809 2724 OS Version: 6.0.6001 ServicePack: 1.0
2011/09/05 13:01:14.0809 2724 Product type: Workstation
2011/09/05 13:01:14.0809 2724 ComputerName: ZOUM-ZOUM
2011/09/05 13:01:14.0809 2724 UserName: Grégoire
2011/09/05 13:01:14.0809 2724 Windows directory: C:\Windows
2011/09/05 13:01:14.0809 2724 System windows directory: C:\Windows
2011/09/05 13:01:14.0809 2724 Processor architecture: Intel x86
2011/09/05 13:01:14.0809 2724 Number of processors: 2
2011/09/05 13:01:14.0809 2724 Page size: 0x1000
2011/09/05 13:01:14.0809 2724 Boot type: Normal boot
2011/09/05 13:01:14.0809 2724 ================================================================================
2011/09/05 13:01:15.0402 2724 Initialize success
2011/09/05 13:01:18.0335 1076 ================================================================================
2011/09/05 13:01:18.0335 1076 Scan started
2011/09/05 13:01:18.0335 1076 Mode: Manual;
2011/09/05 13:01:18.0335 1076 ================================================================================
2011/09/05 13:01:18.0803 1076 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
2011/09/05 13:01:18.0927 1076 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/09/05 13:01:19.0068 1076 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/09/05 13:01:19.0083 1076 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/09/05 13:01:19.0146 1076 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/09/05 13:01:19.0286 1076 AFD (763e172a55177e478cb419f88fd0ba03) C:\Windows\system32\drivers\afd.sys
2011/09/05 13:01:19.0380 1076 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/09/05 13:01:19.0505 1076 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/09/05 13:01:19.0551 1076 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/09/05 13:01:19.0598 1076 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/09/05 13:01:19.0614 1076 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/09/05 13:01:19.0645 1076 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/09/05 13:01:19.0723 1076 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/09/05 13:01:19.0895 1076 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/09/05 13:01:19.0941 1076 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/09/05 13:01:20.0004 1076 ArcSoftKsUFilter (857b48965a0503b7ab795d4bfe7cbd8b) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
2011/09/05 13:01:20.0113 1076 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/09/05 13:01:20.0144 1076 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
2011/09/05 13:01:20.0316 1076 atikmdag (6f2cc6403012375385d556bf39382b74) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/09/05 13:01:20.0503 1076 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/09/05 13:01:20.0628 1076 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/09/05 13:01:20.0721 1076 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/09/05 13:01:20.0831 1076 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/09/05 13:01:20.0893 1076 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/09/05 13:01:20.0924 1076 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/09/05 13:01:20.0955 1076 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/09/05 13:01:21.0049 1076 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/09/05 13:01:21.0111 1076 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/09/05 13:01:21.0127 1076 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/09/05 13:01:21.0158 1076 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/09/05 13:01:21.0221 1076 BthEnum (cce53afc28347cc18ea139972e5b5e5a) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/09/05 13:01:21.0314 1076 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/09/05 13:01:21.0392 1076 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
2011/09/05 13:01:21.0470 1076 BTHPORT (ac8a1689d5efc4d214201155a78d8f4b) C:\Windows\system32\Drivers\BTHport.sys
2011/09/05 13:01:21.0548 1076 BTHUSB (288c1f74e3e2eed6c7b54eb3aac70856) C:\Windows\system32\Drivers\BTHUSB.sys
2011/09/05 13:01:21.0642 1076 btwaudio (6e41621e03d91167ceae555ce2b468b8) C:\Windows\system32\drivers\btwaudio.sys
2011/09/05 13:01:21.0704 1076 btwavdt (7e67b295081b33ea22c0fb04798b306c) C:\Windows\system32\drivers\btwavdt.sys
2011/09/05 13:01:21.0782 1076 btwl2cap (54c2ee0a3cec586629035d771aacae67) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/09/05 13:01:21.0845 1076 btwrchid (4b4f992ee709c40efd33ba4d2bafa402) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/09/05 13:01:21.0907 1076 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/09/05 13:01:21.0985 1076 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
2011/09/05 13:01:22.0063 1076 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/09/05 13:01:22.0125 1076 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
2011/09/05 13:01:22.0235 1076 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/09/05 13:01:22.0313 1076 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/09/05 13:01:22.0344 1076 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/09/05 13:01:22.0375 1076 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/09/05 13:01:22.0469 1076 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/09/05 13:01:22.0578 1076 DfsC (9e635ae5e8ad93e2b5989e2e23679f97) C:\Windows\system32\Drivers\dfsc.sys
2011/09/05 13:01:22.0671 1076 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
2011/09/05 13:01:22.0734 1076 DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
2011/09/05 13:01:22.0859 1076 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/09/05 13:01:22.0952 1076 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
2011/09/05 13:01:23.0046 1076 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/09/05 13:01:23.0124 1076 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
2011/09/05 13:01:23.0249 1076 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/09/05 13:01:23.0358 1076 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/09/05 13:01:23.0483 1076 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
2011/09/05 13:01:23.0529 1076 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
2011/09/05 13:01:23.0592 1076 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/09/05 13:01:23.0639 1076 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/09/05 13:01:23.0654 1076 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/09/05 13:01:23.0685 1076 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/09/05 13:01:23.0717 1076 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
2011/09/05 13:01:23.0810 1076 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/09/05 13:01:23.0857 1076 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/09/05 13:01:23.0951 1076 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/09/05 13:01:24.0044 1076 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/09/05 13:01:24.0075 1076 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/09/05 13:01:24.0091 1076 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/09/05 13:01:24.0153 1076 HidUsb (e2b5bd48afcc0f0974fb44641b223250) C:\Windows\system32\DRIVERS\hidusb.sys
2011/09/05 13:01:24.0185 1076 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/09/05 13:01:24.0294 1076 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/09/05 13:01:24.0356 1076 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/09/05 13:01:24.0512 1076 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/09/05 13:01:24.0543 1076 HTTP (406c027c18e98a396faa1963dad5ff70) C:\Windows\system32\drivers\HTTP.sys
2011/09/05 13:01:24.0606 1076 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/09/05 13:01:24.0715 1076 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/09/05 13:01:24.0777 1076 iaStor (db0cc620b27a928d968c1a1e9cd9cb87) C:\Windows\system32\DRIVERS\iaStor.sys
2011/09/05 13:01:24.0824 1076 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/09/05 13:01:24.0980 1076 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/09/05 13:01:25.0152 1076 IntcAzAudAddService (3aa1f82efa2b0454af163124c9920d16) C:\Windows\system32\drivers\RTKVHDA.sys
2011/09/05 13:01:25.0277 1076 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/09/05 13:01:25.0323 1076 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/09/05 13:01:25.0479 1076 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/09/05 13:01:25.0526 1076 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/09/05 13:01:25.0557 1076 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/09/05 13:01:25.0589 1076 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/09/05 13:01:25.0635 1076 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/09/05 13:01:25.0682 1076 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/09/05 13:01:25.0698 1076 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/09/05 13:01:25.0729 1076 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/09/05 13:01:25.0823 1076 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/09/05 13:01:25.0854 1076 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys
2011/09/05 13:01:25.0916 1076 KSecDD (5367dc846cae9639b899bfd13b97a8c9) C:\Windows\system32\Drivers\ksecdd.sys
2011/09/05 13:01:25.0979 1076 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/09/05 13:01:26.0041 1076 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/09/05 13:01:26.0150 1076 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/09/05 13:01:26.0197 1076 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/09/05 13:01:26.0228 1076 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/09/05 13:01:26.0291 1076 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/09/05 13:01:26.0415 1076 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/09/05 13:01:26.0493 1076 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/09/05 13:01:26.0540 1076 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/09/05 13:01:26.0649 1076 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/09/05 13:01:26.0681 1076 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/09/05 13:01:26.0696 1076 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/09/05 13:01:26.0727 1076 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/09/05 13:01:26.0868 1076 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/09/05 13:01:26.0915 1076 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/09/05 13:01:26.0946 1076 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/09/05 13:01:26.0977 1076 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
2011/09/05 13:01:27.0086 1076 mrxsmb (c4ad205530888404e2b5fc8d9319b119) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/09/05 13:01:27.0102 1076 mrxsmb10 (0a986b34f1678a2697574d7b1664e2dd) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/09/05 13:01:27.0149 1076 mrxsmb20 (3268b8c3fa92bfc086355c39b45e9cc9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/09/05 13:01:27.0211 1076 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/09/05 13:01:27.0289 1076 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/09/05 13:01:27.0351 1076 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/09/05 13:01:27.0398 1076 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/09/05 13:01:27.0523 1076 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/09/05 13:01:27.0570 1076 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/09/05 13:01:27.0601 1076 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/09/05 13:01:27.0648 1076 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
2011/09/05 13:01:27.0679 1076 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/09/05 13:01:27.0788 1076 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/09/05 13:01:27.0851 1076 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
2011/09/05 13:01:27.0913 1076 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
2011/09/05 13:01:28.0038 1076 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
2011/09/05 13:01:28.0116 1076 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/09/05 13:01:28.0194 1076 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/09/05 13:01:28.0256 1076 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/09/05 13:01:28.0303 1076 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/09/05 13:01:28.0397 1076 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/09/05 13:01:28.0428 1076 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
2011/09/05 13:01:28.0646 1076 NETw5v32 (ba420e8ebfcad35581fe8e4c64f71469) C:\Windows\system32\DRIVERS\NETw5v32.sys
2011/09/05 13:01:28.0787 1076 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/09/05 13:01:28.0833 1076 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
2011/09/05 13:01:28.0865 1076 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/09/05 13:01:28.0927 1076 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
2011/09/05 13:01:29.0052 1076 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/09/05 13:01:29.0099 1076 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/09/05 13:01:29.0114 1076 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/09/05 13:01:29.0145 1076 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/09/05 13:01:29.0192 1076 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/09/05 13:01:29.0364 1076 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/09/05 13:01:29.0426 1076 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/09/05 13:01:29.0457 1076 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
2011/09/05 13:01:29.0504 1076 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/09/05 13:01:29.0613 1076 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
2011/09/05 13:01:29.0676 1076 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
2011/09/05 13:01:29.0691 1076 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/09/05 13:01:29.0769 1076 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/09/05 13:01:29.0941 1076 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/09/05 13:01:29.0988 1076 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/09/05 13:01:30.0050 1076 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
2011/09/05 13:01:30.0097 1076 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
2011/09/05 13:01:30.0253 1076 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/09/05 13:01:30.0378 1076 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/09/05 13:01:30.0425 1076 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/09/05 13:01:30.0471 1076 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/09/05 13:01:30.0503 1076 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/09/05 13:01:30.0581 1076 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/09/05 13:01:30.0612 1076 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
2011/09/05 13:01:30.0659 1076 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
2011/09/05 13:01:30.0705 1076 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/09/05 13:01:30.0768 1076 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/09/05 13:01:30.0877 1076 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/09/05 13:01:30.0939 1076 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
2011/09/05 13:01:31.0002 1076 regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
2011/09/05 13:01:31.0127 1076 RFCOMM (23f486726da7a9b2f3ec7326421a9c36) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/09/05 13:01:31.0189 1076 rimsptsk (f7d9ecf41ebd3cf6c65944368150f66b) C:\Windows\system32\DRIVERS\rimsptsk.sys
2011/09/05 13:01:31.0205 1076 risdptsk (1be6c42767a7c67ba31ae32b293b37a3) C:\Windows\system32\DRIVERS\risdptsk.sys
2011/09/05 13:01:31.0251 1076 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/09/05 13:01:31.0361 1076 RTHDMIAzAudService (a95b16ff762ff217847b97e6f05778ee) C:\Windows\system32\drivers\RtHDMIV.sys
2011/09/05 13:01:31.0501 1076 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/09/05 13:01:31.0595 1076 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
2011/09/05 13:01:31.0688 1076 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/09/05 13:01:31.0829 1076 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
2011/09/05 13:01:31.0875 1076 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
2011/09/05 13:01:31.0907 1076 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/09/05 13:01:31.0985 1076 SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
2011/09/05 13:01:32.0016 1076 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/09/05 13:01:32.0031 1076 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/09/05 13:01:32.0063 1076 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/09/05 13:01:32.0094 1076 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/09/05 13:01:32.0141 1076 shpf (0e0e7ecaf83f793effa080685e24d2db) C:\Windows\system32\DRIVERS\shpf.sys
2011/09/05 13:01:32.0234 1076 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/09/05 13:01:32.0297 1076 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/09/05 13:01:32.0312 1076 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/09/05 13:01:32.0406 1076 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
2011/09/05 13:01:32.0437 1076 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/09/05 13:01:32.0531 1076 srv (73dddbeec61e78568082916a27aadaee) C:\Windows\system32\DRIVERS\srv.sys
2011/09/05 13:01:32.0593 1076 srv2 (805fac010405ad3f82ef8df0bb035d81) C:\Windows\system32\DRIVERS\srv2.sys
2011/09/05 13:01:32.0609 1076 srvnet (f63a0a58aafe34d7a1a0a74abccdd9c0) C:\Windows\system32\DRIVERS\srvnet.sys
2011/09/05 13:01:32.0671 1076 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/09/05 13:01:32.0765 1076 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/09/05 13:01:32.0827 1076 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/09/05 13:01:32.0858 1076 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/09/05 13:01:32.0889 1076 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/09/05 13:01:32.0952 1076 SynTP (99da94793332aadbb17bbb521ae56e21) C:\Windows\system32\DRIVERS\SynTP.sys
2011/09/05 13:01:33.0077 1076 Tcpip (a6a02ef5b5e40fbd31a1adc577da54bb) C:\Windows\system32\drivers\tcpip.sys
2011/09/05 13:01:33.0217 1076 Tcpip6 (a6a02ef5b5e40fbd31a1adc577da54bb) C:\Windows\system32\DRIVERS\tcpip.sys
2011/09/05 13:01:33.0311 1076 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
2011/09/05 13:01:33.0357 1076 TcUsb (55fe712f574da1a726ad74b20886a529) C:\Windows\system32\Drivers\tcusb.sys
2011/09/05 13:01:33.0420 1076 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/09/05 13:01:33.0451 1076 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/09/05 13:01:33.0498 1076 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
2011/09/05 13:01:33.0591 1076 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
2011/09/05 13:01:33.0669 1076 TPM (cb258c2f726f1be73c507022be33ebb3) C:\Windows\system32\drivers\tpm.sys
2011/09/05 13:01:33.0716 1076 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/09/05 13:01:33.0763 1076 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/09/05 13:01:33.0794 1076 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
2011/09/05 13:01:33.0888 1076 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/09/05 13:01:33.0935 1076 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
2011/09/05 13:01:34.0044 1076 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/09/05 13:01:34.0075 1076 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/09/05 13:01:34.0200 1076 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/09/05 13:01:34.0215 1076 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/09/05 13:01:34.0262 1076 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/09/05 13:01:34.0309 1076 usbccgp (a7cd5b4adea26765cab06bdab7b07b13) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/09/05 13:01:34.0340 1076 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/09/05 13:01:34.0434 1076 usbehci (686d4188ae36254c3008b71fedacadf3) C:\Windows\system32\DRIVERS\usbehci.sys
2011/09/05 13:01:34.0496 1076 usbhub (4e42f665a658f08d153f7fffe7c83806) C:\Windows\system32\DRIVERS\usbhub.sys
2011/09/05 13:01:34.0543 1076 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/09/05 13:01:34.0574 1076 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
2011/09/05 13:01:34.0683 1076 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/09/05 13:01:34.0715 1076 usbuhci (40f95a3d6d50d82f947f1d167c2ec39d) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/09/05 13:01:34.0777 1076 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
2011/09/05 13:01:34.0964 1076 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/09/05 13:01:35.0011 1076 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/09/05 13:01:35.0042 1076 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/09/05 13:01:35.0073 1076 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/09/05 13:01:35.0089 1076 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/09/05 13:01:35.0136 1076 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/09/05 13:01:35.0151 1076 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
2011/09/05 13:01:35.0183 1076 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
2011/09/05 13:01:35.0292 1076 Vsdatant (6be75cfce25e42e79c0757c60d88fecb) C:\Windows\system32\DRIVERS\vsdatant.sys
2011/09/05 13:01:35.0448 1076 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/09/05 13:01:35.0604 1076 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/09/05 13:01:35.0713 1076 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/05 13:01:35.0744 1076 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/09/05 13:01:35.0900 1076 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/09/05 13:01:36.0025 1076 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/09/05 13:01:36.0181 1076 WimFltr (090a2b8f055343815556a01f725f6c35) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/09/05 13:01:36.0259 1076 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/09/05 13:01:36.0399 1076 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
2011/09/05 13:01:36.0509 1076 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/09/05 13:01:36.0587 1076 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/09/05 13:01:36.0665 1076 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys
2011/09/05 13:01:36.0727 1076 yukonwlh (67e3d2af24c3873e6a0cac89de78d63b) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/09/05 13:01:36.0774 1076 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
2011/09/05 13:01:36.0805 1076 Boot (0x1200) (e68042b2ee33a8c5c8d3576ac5a4dc5e) \Device\Harddisk0\DR0\Partition0
2011/09/05 13:01:36.0821 1076 ================================================================================
2011/09/05 13:01:36.0821 1076 Scan finished
2011/09/05 13:01:36.0821 1076 ================================================================================
2011/09/05 13:01:36.0836 2776 Detected object count: 0
2011/09/05 13:01:36.0836 2776 Actual detected object count: 0

Thanks so much.
Let me know if I can do anything for you!

Camille

Attached File  Attach.zip   2.44KB   1 downloads
Attached File  ark.txt   8.36KB   2 downloads

#8 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:51 AM

Posted 06 September 2011 - 05:48 AM

Hi,

So you're still experiencing search engine redirects? Does it occur in both Internet Explorer and Firefox?

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#9 thisis8

thisis8
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:51 PM

Posted 09 September 2011 - 09:32 PM

Hi Casey,

Yes, i am still experiencing these redirections.

Before I formatted it used to happen with both Firefox and Internet Explorer.

Now, it seems to happen less frequently than before, and only with Firefox.
I tried the past few days and it never happened again with IE. Only FF!
...

Gregoire.

#10 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:51 AM

Posted 10 September 2011 - 09:05 AM

Hi Gregoire,

Now, it seems to happen less frequently than before, and only with Firefox.
I tried the past few days and it never happened again with IE. Only FF!


This may well be good news. It would seem as though you've probably transferred a bit of malware which has infected Firefox, which isn't too hard to deal with normally. Let's see if we can find it :)

We need to create an OTL Report
  • Please download OTL from here
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#11 thisis8

thisis8
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:51 PM

Posted 11 September 2011 - 10:09 AM

Hi Casey,

here is the OTL.txt:

OTL logfile created on: 11/09/2011 11:01:30 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Grégoire\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,97 Gb Total Physical Memory | 1,66 Gb Available Physical Memory | 55,79% Memory free
6,14 Gb Paging File | 4,60 Gb Available in Paging File | 74,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285,23 Gb Total Space | 87,86 Gb Free Space | 30,80% Space Free | Partition Type: NTFS

Computer Name: ZOUM-ZOUM | User Name: Grégoire | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - [2011/09/11 10:55:21 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Grégoire\Desktop\OTL.exe
PRC - [2011/08/28 11:18:13 | 000,026,112 | ---- | M] (Sony Corporation) -- C:\Program Files\sony\Marketing Tools\MarketingTools.exe
PRC - [2011/08/12 02:19:21 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/07/20 11:32:27 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/04/21 07:55:54 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/04/21 07:55:37 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/21 07:55:20 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe
PRC - [2011/03/18 01:24:50 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2011/01/17 19:09:00 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 19:09:00 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/02/04 11:01:30 | 000,538,472 | ---- | M] (Sony Corporation) -- C:\Program Files\sony\VAIO Mode Switch\VMSwitch.exe
PRC - [2009/01/24 05:31:28 | 000,780,840 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009/01/24 05:31:26 | 002,312,744 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
PRC - [2009/01/24 05:31:26 | 000,559,656 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009/01/21 04:07:42 | 000,313,264 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2009/01/21 04:07:42 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009/01/19 06:49:20 | 000,203,624 | ---- | M] (Sony Corporation) -- C:\Program Files\sony\VAIO Event Service\VESMgr.exe
PRC - [2009/01/19 06:49:20 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
PRC - [2009/01/14 07:38:38 | 005,184,872 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2009/01/05 22:04:54 | 000,109,088 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
PRC - [2008/12/19 09:02:08 | 001,771,368 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2008/12/19 09:02:08 | 000,415,592 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe
PRC - [2008/12/18 06:18:58 | 000,874,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
PRC - [2008/12/18 04:53:50 | 000,317,288 | ---- | M] (Sony Corporation) -- C:\Program Files\sony\ISB Utility\ISBMgr.exe
PRC - [2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/09/18 04:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2008/08/20 10:38:30 | 000,860,160 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/08/20 10:08:02 | 000,466,944 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/01/20 22:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/20 22:23:32 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\WinMail.exe
PRC - [2007/01/04 13:48:50 | 000,112,152 | ---- | M] (InterVideo) -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/05 22:55:58 | 006,277,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/08/29 21:37:20 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/08/28 10:51:22 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3328.39969__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2011/08/28 10:51:22 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3328.40036__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011/08/28 10:51:22 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3328.40008__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2011/08/28 10:51:22 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3328.39955__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011/08/28 10:51:22 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3328.39970__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011/08/28 10:51:22 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3328.40037__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011/08/28 10:51:22 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3328.40008__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011/08/28 10:51:22 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3328.40019__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2011/08/28 10:51:22 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3328.39961__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011/08/28 10:51:22 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3328.40003__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2011/08/28 10:51:22 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3328.40007__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2011/08/28 10:51:22 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3328.39965__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011/08/28 10:51:22 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3328.39990__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2011/08/28 10:51:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3328.39961__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011/08/28 10:51:21 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3328.40015__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2011/08/28 10:51:20 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3328.39992__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2011/08/28 10:51:20 | 000,712,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3328.39962__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011/08/28 10:51:20 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3328.39971__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2011/08/28 10:51:20 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3328.39987__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2011/08/28 10:51:20 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3328.39991__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2011/08/28 10:51:20 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3328.40002__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2011/08/28 10:51:20 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3328.39974__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2011/08/28 10:51:20 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3328.39971__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011/08/28 10:51:20 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3328.40001__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2011/08/28 10:51:20 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3328.39992__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2011/08/28 10:51:20 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3328.39991__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2011/08/28 10:51:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3328.39974__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2011/08/28 10:51:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3328.39992__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2011/08/28 10:51:20 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3328.40001__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2011/08/28 10:51:20 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3328.40002__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2011/08/28 10:51:19 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3294.18708__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011/08/28 10:51:19 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3294.18735__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011/08/28 10:51:19 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011/08/28 10:51:19 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011/08/28 10:51:19 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3294.18785__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011/08/28 10:51:19 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3294.18699__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011/08/28 10:51:19 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3294.18701__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011/08/28 10:51:19 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3294.18832__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011/08/28 10:51:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3294.18753__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2011/08/28 10:51:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3294.18737__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011/08/28 10:51:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3294.18731__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011/08/28 10:51:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3294.18717__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011/08/28 10:51:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011/08/28 10:51:19 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3294.18709__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011/08/28 10:51:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3294.18745__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011/08/28 10:51:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3294.18787__90ba9c70f846762e\DEM.OS.dll
MOD - [2011/08/28 10:51:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2011/08/28 10:51:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3294.18755__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011/08/28 10:51:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011/08/28 10:51:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3294.18727__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011/08/28 10:51:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3294.18758__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011/08/28 10:51:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3294.18755__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011/08/28 10:51:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3294.18751__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2011/08/28 10:51:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3294.18787__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2011/08/28 10:51:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3294.18795__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011/08/28 10:51:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3294.18747__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011/08/28 10:51:19 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3294.18794__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011/08/28 10:51:19 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011/08/28 10:51:18 | 000,503,808 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3328.40062__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2011/08/28 10:51:18 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3328.40031__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011/08/28 10:51:18 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3294.18772__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2011/08/28 10:51:18 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3328.40030__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011/08/28 10:51:18 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3294.18767__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2011/08/28 10:51:18 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3294.18766__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2011/08/28 10:51:18 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3294.18765__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2011/08/28 10:51:18 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3328.40044__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011/08/28 10:51:18 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2011/08/28 10:51:18 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3294.18725__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011/08/28 10:51:18 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3294.18742__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2011/08/28 10:51:18 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3294.18760__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2011/08/28 10:51:18 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3294.18756__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2011/08/28 10:51:18 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3294.18748__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2011/08/28 10:51:18 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3294.18769__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2011/08/28 10:51:18 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2011/08/28 10:51:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3294.18720__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2011/08/28 10:51:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3294.18745__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011/08/28 10:51:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3294.18757__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011/08/28 10:51:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3294.18746__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011/08/28 10:51:18 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011/08/28 10:51:18 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2011/08/28 10:51:18 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2011/08/28 10:51:18 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3328.39951__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011/08/28 10:51:17 | 001,142,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3328.39958__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011/08/28 10:51:17 | 000,540,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3328.40026__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2011/08/28 10:51:17 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3328.39965__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011/08/28 10:51:17 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3328.39953__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011/08/28 10:51:17 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3328.39954__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2011/08/28 10:51:17 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3294.18750__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011/08/28 10:51:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3294.18714__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011/08/28 10:51:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3294.18740__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011/08/28 10:51:17 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3328.40031__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011/08/28 10:51:17 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3294.18748__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011/08/28 10:51:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3294.18744__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011/08/28 10:51:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3294.18774__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2011/08/28 10:51:16 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3328.39953__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2011/08/28 10:51:16 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3328.39952__90ba9c70f846762e\APM.Server.dll
MOD - [2011/08/28 10:51:16 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3328.39951__90ba9c70f846762e\AEM.Server.dll
MOD - [2011/08/28 10:51:16 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2011/08/12 02:19:21 | 001,846,232 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2009/03/24 05:42:26 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll
MOD - [2009/03/24 05:42:24 | 000,086,016 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll
MOD - [2009/02/12 16:03:21 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2009/01/24 05:19:00 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
MOD - [2009/01/19 06:49:22 | 000,010,752 | ---- | M] () -- C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
MOD - [2008/08/26 05:41:42 | 000,016,384 | R--- | M] () -- c:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008/01/21 04:34:46 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008/01/21 04:33:37 | 000,430,080 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_fr_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2008/01/21 04:33:26 | 000,499,712 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_fr_b77a5c561934e089\System.ServiceModel.resources.dll
MOD - [2008/01/20 22:53:33 | 000,241,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\5ff73b37102042c3e28f22106dde8ad4\System.IdentityModel.Selectors.ni.dll
MOD - [2008/01/20 22:53:32 | 001,118,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\44573dbcf8c8046c8d4b9ba8109d90e7\System.IdentityModel.ni.dll
MOD - [2008/01/20 22:53:31 | 002,445,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\529360b58964fe947006d8669aea62f3\System.Runtime.Serialization.ni.dll
MOD - [2008/01/20 22:53:27 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\ee487a5b3e62f510183f68538f583135\SMDiagnostics.ni.dll
MOD - [2008/01/20 22:53:26 | 018,071,552 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\cfcba8cb539cb3dc5e92c544bd6d9dc5\System.ServiceModel.ni.dll
MOD - [2008/01/20 22:52:55 | 000,233,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\80a3d0416c6660b86e245bd1f6b66fd8\System.ServiceProcess.ni.dll
MOD - [2008/01/20 22:52:50 | 013,193,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\45ee94a63c463b93e3ff694c6ecd0820\System.Windows.Forms.ni.dll
MOD - [2008/01/20 22:52:15 | 001,667,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a35f567c4c67d6b1ca9a0023852847a2\System.Drawing.ni.dll
MOD - [2008/01/20 22:52:13 | 012,513,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\369cdfcbaefd8f28200e295c26c2141f\System.Web.ni.dll
MOD - [2008/01/20 22:52:00 | 000,815,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\8fe7232e97fdf63c6b146e93f432d7d7\System.Runtime.Remoting.ni.dll
MOD - [2008/01/20 22:51:50 | 005,771,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\02cf61328d59df9b3ec09544f449a781\System.Xml.ni.dll
MOD - [2008/01/20 22:51:43 | 001,011,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15366cc16c2550064601b5167821667d\System.Configuration.ni.dll
MOD - [2008/01/20 22:51:40 | 008,265,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\267d4c344058092e6950c11594244f90\System.ni.dll
MOD - [2008/01/20 22:51:31 | 011,722,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5b3e3b0551bcaa722c27dbb089c431e4\mscorlib.ni.dll
MOD - [2008/01/20 22:51:31 | 000,027,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e2170385d6492ce6539124c5a3b361a8\Accessibility.ni.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/09/07 20:26:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/07/20 11:32:27 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/21 07:55:37 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/18 01:26:14 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009/01/24 05:31:26 | 000,559,656 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/01/21 04:07:44 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009/01/21 04:07:42 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009/01/21 04:07:42 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009/01/19 10:43:04 | 000,394,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2009/01/19 06:49:20 | 000,203,624 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009/01/16 15:59:08 | 000,083,240 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2009/01/14 07:38:38 | 005,184,872 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009/01/07 18:10:32 | 000,114,688 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2009/01/05 22:04:54 | 000,109,088 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe -- (RtkAudioService)
SRV - [2008/12/19 09:02:08 | 000,415,592 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2008/09/18 04:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008/08/20 10:38:30 | 000,860,160 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/08/20 10:08:02 | 000,466,944 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/08/01 08:31:00 | 000,109,056 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/01/04 13:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - [2011/07/20 11:33:06 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/07/20 11:33:06 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 15:28:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/15 16:30:46 | 000,457,304 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2009/02/12 16:03:15 | 004,303,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/02/09 16:14:51 | 000,155,808 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008/11/24 18:41:52 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2008/11/18 20:08:46 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2008/10/22 20:02:23 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2008/10/22 20:02:02 | 000,068,608 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/08/28 17:48:46 | 003,664,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel®
DRV - [2008/08/25 20:01:46 | 000,023,712 | ---- | M] (Sony Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\shpf.sys -- (shpf)
DRV - [2008/06/06 20:02:55 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2008/04/24 08:06:40 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2008/01/24 22:14:25 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/01/20 22:23:26 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM) Module de plateforme sécurisée (TPM)
DRV - [2007/04/17 14:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SNYT&bmod=SNYT


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2262983982-930267688-3375879511-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SNYT&bmod=EU01
IE - HKU\S-1-5-21-2262983982-930267688-3375879511-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-2262983982-930267688-3375879511-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2262983982-930267688-3375879511-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig?hl=fr"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: vshareus@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: visualizeus@sergi.meseguer:0.5.5
FF - prefs.js..extensions.enabledItems: {276c0d85-0ae4-443a-814a-c3eef0ad8b47}:1.0
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110704
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 4

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/29 20:30:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/08/29 20:31:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Grégoire\AppData\Roaming\mozilla\Extensions
[2011/08/31 21:15:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Grégoire\AppData\Roaming\mozilla\Firefox\Profiles\4wno7tms.default\extensions
[2011/08/29 20:42:47 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Grégoire\AppData\Roaming\mozilla\Firefox\Profiles\4wno7tms.default\extensions\{276c0d85-0ae4-443a-814a-c3eef0ad8b47}
[2011/08/29 20:42:47 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Grégoire\AppData\Roaming\mozilla\Firefox\Profiles\4wno7tms.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/08/29 20:42:47 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\Grégoire\AppData\Roaming\mozilla\Firefox\Profiles\4wno7tms.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/08/29 20:42:46 | 000,000,000 | ---D | M] (VisualizeUs) -- C:\Users\Grégoire\AppData\Roaming\mozilla\Firefox\Profiles\4wno7tms.default\extensions\visualizeus@sergi.meseguer
[2011/08/29 20:42:47 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\Grégoire\AppData\Roaming\mozilla\Firefox\Profiles\4wno7tms.default\extensions\vshareus@toolbar
[2011/09/05 13:31:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/08/29 21:35:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/09/05 13:31:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\GRéGOIRE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4WNO7TMS.DEFAULT\EXTENSIONS\{276C0D85-0AE4-443A-814A-C3EEF0AD8B47}
File not found (No name found) -- C:\USERS\GRéGOIRE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4WNO7TMS.DEFAULT\EXTENSIONS\{A0D7CCB3-214D-498B-B4AA-0E8FDA9A7BF7}
File not found (No name found) -- C:\USERS\GRéGOIRE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4WNO7TMS.DEFAULT\EXTENSIONS\{A3A5C777-F583-4FEF-9380-AB4ADD1BC2A8}.XPI
File not found (No name found) -- C:\USERS\GRéGOIRE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4WNO7TMS.DEFAULT\EXTENSIONS\VISUALIZEUS@SERGI.MESEGUER
[2011/08/12 02:19:22 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/08/12 00:52:47 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2011/08/12 00:14:12 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/08/12 00:52:48 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2011/08/12 00:52:48 | 000,001,154 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2011/08/12 00:52:48 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2011/08/12 00:52:48 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2011/09/07 21:00:40 | 000,001,666 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 8 more lines...
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VMSwitch] C:\Program Files\Sony\VAIO Mode Switch\VMSwitch.exe (Sony Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2262983982-930267688-3375879511-1000..\Run: [AdobeBridge] File not found
O4 - Startup: C:\Users\Grégoire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A675989-5E20-4ECC-855A-A6622C7EDA1C}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 60 Days ==========

[2011/09/11 10:55:19 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Users\Grégoire\Desktop\OTL.exe
[2011/09/07 21:05:58 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2011/09/07 20:43:42 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2011/09/07 20:34:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2011/09/07 20:34:38 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2011/09/07 20:34:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2011/09/07 20:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4
[2011/09/07 20:26:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2011/09/06 20:32:43 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\Desktop\PICTURES
[2011/09/05 22:55:58 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/09/05 22:54:37 | 000,750,296 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\Grégoire\Desktop\install_flashplayer10_chra_aih.exe
[2011/09/05 20:46:13 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Roaming\vlc
[2011/09/05 20:41:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/09/05 20:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011/09/05 15:14:17 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\Desktop\APPARTEMENT GD CLEM
[2011/09/05 13:31:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/09/05 13:31:36 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/09/05 13:31:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/09/05 13:31:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/09/05 12:59:13 | 001,401,136 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Grégoire\Desktop\tdsskiller.exe
[2011/09/05 12:30:34 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\Desktop\gmer
[2011/09/05 12:13:58 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Grégoire\Desktop\dds.scr
[2011/09/02 20:03:43 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Roaming\DivX
[2011/09/02 10:34:39 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\Desktop\ted
[2011/08/29 22:06:54 | 000,000,000 | R--D | C] -- C:\MES DOCS
[2011/08/29 21:42:34 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Local\Adobe
[2011/08/29 21:38:01 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Roaming\OpenOffice.org
[2011/08/29 21:37:02 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2011/08/29 21:35:42 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2011/08/29 21:35:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/08/29 21:35:05 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/08/29 21:34:52 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/08/29 20:30:58 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Roaming\Mozilla
[2011/08/29 20:30:58 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Local\Mozilla
[2011/08/29 20:30:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/08/29 20:28:35 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Roaming\Avira
[2011/08/29 20:17:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoneAlarm
[2011/08/29 20:17:53 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsregexp.dll
[2011/08/29 20:17:43 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2011/08/29 20:17:43 | 000,220,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011/08/29 20:17:43 | 000,098,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2011/08/29 20:17:22 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2011/08/29 20:17:22 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2011/08/29 20:17:08 | 000,104,448 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zlcommdb.dll
[2011/08/29 20:17:08 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zlcomm.dll
[2011/08/29 20:17:06 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vswmi.dll
[2011/08/29 20:17:04 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zpeng25.dll
[2011/08/29 20:17:03 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vspubapi.dll
[2011/08/29 20:17:03 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsxml.dll
[2011/08/29 20:17:03 | 000,108,032 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsmonapi.dll
[2011/08/29 20:17:02 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsdata.dll
[2011/08/29 20:16:58 | 000,457,304 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\drivers\vsdatant.sys
[2011/08/29 20:16:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\ZoneLabs
[2011/08/29 20:16:56 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2011/08/29 20:15:26 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2011/08/29 20:15:25 | 000,715,264 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsutil.dll
[2011/08/29 20:15:25 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsinit.dll
[2011/08/29 20:15:25 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2011/08/29 20:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/08/29 20:04:57 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011/08/29 20:04:56 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/08/29 20:04:56 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/08/29 20:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/08/29 20:04:55 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/08/29 19:54:16 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Roaming\Macromedia
[2011/08/28 17:28:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\syncdb
[2011/08/28 17:28:04 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Roaming\Adobe
[2011/08/28 17:12:16 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Local\Sony_Corporation
[2011/08/28 17:12:03 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\Documents\Dossier Echanges Bluetooth
[2011/08/28 17:12:03 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Local\Broadcom
[2011/08/28 17:11:52 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Roaming\ATI
[2011/08/28 17:11:52 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Local\ATI
[2011/08/28 17:11:44 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Roaming\Sony Corporation
[2011/08/28 17:11:44 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Local\Google
[2011/08/28 17:10:58 | 000,000,000 | R--D | C] -- C:\Users\Grégoire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/08/28 17:10:58 | 000,000,000 | R--D | C] -- C:\Users\Grégoire\Searches
[2011/08/28 17:10:58 | 000,000,000 | R--D | C] -- C:\Users\Grégoire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/08/28 17:10:47 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Roaming\Identities
[2011/08/28 17:10:44 | 000,000,000 | R--D | C] -- C:\Users\Grégoire\Contacts
[2011/08/28 17:10:41 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Local\VirtualStore
[2011/08/28 17:00:27 | 000,000,000 | --SD | C] -- C:\Users\Grégoire\AppData\Roaming\Microsoft
[2011/08/28 17:00:27 | 000,000,000 | R--D | C] -- C:\Users\Grégoire\Videos
[2011/08/28 17:00:27 | 000,000,000 | R--D | C] -- C:\Users\Grégoire\Saved Games
[2011/08/28 17:00:27 | 000,000,000 | R--D | C] -- C:\Users\Grégoire\Pictures
[2011/08/28 17:00:27 | 000,000,000 | R--D | C] -- C:\Users\Grégoire\Music
[2011/08/28 17:00:27 | 000,000,000 | R--D | C] -- C:\Users\Grégoire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/08/28 17:00:27 | 000,000,000 | R--D | C] -- C:\Users\Grégoire\Links
[2011/08/28 17:00:27 | 000,000,000 | R--D | C] -- C:\Users\Grégoire\Favorites
[2011/08/28 17:00:27 | 000,000,000 | R--D | C] -- C:\Users\Grégoire\Downloads
[2011/08/28 17:00:27 | 000,000,000 | R--D | C] -- C:\Users\Grégoire\Documents
[2011/08/28 17:00:27 | 000,000,000 | R--D | C] -- C:\Users\Grégoire\Desktop
[2011/08/28 17:00:27 | 000,000,000 | R--D | C] -- C:\Users\Grégoire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/08/28 17:00:27 | 000,000,000 | -HSD | C] -- C:\Users\Grégoire\Voisinage réseau
[2011/08/28 17:00:27 | 000,000,000 | -HSD | C] -- C:\Users\Grégoire\Voisinage d'impression
[2011/08/28 17:00:27 | 000,000,000 | -HSD | C] -- C:\Users\Grégoire\AppData\Local\Temporary Internet Files
[2011/08/28 17:00:27 | 000,000,000 | -HSD | C] -- C:\Users\Grégoire\SendTo
[2011/08/28 17:00:27 | 000,000,000 | -HSD | C] -- C:\Users\Grégoire\Recent
[2011/08/28 17:00:27 | 000,000,000 | -HSD | C] -- C:\Users\Grégoire\Modèles
[2011/08/28 17:00:27 | 000,000,000 | -HSD | C] -- C:\Users\Grégoire\Documents\Mes vidéos
[2011/08/28 17:00:27 | 000,000,000 | -HSD | C] -- C:\Users\Grégoire\Documents\Mes images
[2011/08/28 17:00:27 | 000,000,000 | -HSD | C] -- C:\Users\Grégoire\Mes documents
[2011/08/28 17:00:27 | 000,000,000 | -HSD | C] -- C:\Users\Grégoire\Menu Démarrer
[2011/08/28 17:00:27 | 000,000,000 | -HSD | C] -- C:\Users\Grégoire\Documents\Ma musique
[2011/08/28 17:00:27 | 000,000,000 | -HSD | C] -- C:\Users\Grégoire\Local Settings
[2011/08/28 17:00:27 | 000,000,000 | -HSD | C] -- C:\Users\Grégoire\AppData\Local\Historique
[2011/08/28 17:00:27 | 000,000,000 | -HSD | C] -- C:\Users\Grégoire\Cookies
[2011/08/28 17:00:27 | 000,000,000 | -HSD | C] -- C:\Users\Grégoire\Application Data
[2011/08/28 17:00:27 | 000,000,000 | -HSD | C] -- C:\Users\Grégoire\AppData\Local\Application Data
[2011/08/28 17:00:27 | 000,000,000 | -H-D | C] -- C:\Users\Grégoire\AppData
[2011/08/28 17:00:27 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Local\Temp
[2011/08/28 17:00:27 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\Roaming
[2011/08/28 17:00:27 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Local\Microsoft
[2011/08/28 17:00:27 | 000,000,000 | ---D | C] -- C:\Users\Grégoire\AppData\Roaming\Media Center Programs
[2011/08/28 16:53:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modèles
[2011/08/28 16:53:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes vidéos
[2011/08/28 16:53:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Mes images
[2011/08/28 16:53:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Démarrer
[2011/08/28 16:53:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Ma musique
[2011/08/28 16:53:58 | 000,000,000 | -HSD | C] -- C:\Program Files\Fichiers communs
[2011/08/28 16:53:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoris
[2011/08/28 16:53:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Bureau
[2011/08/28 11:37:41 | 000,000,000 | ---D | C] -- C:\_FS_SWRINFO
[2011/08/28 11:37:40 | 000,000,000 | ---D | C] -- C:\Documentation
[2011/08/28 11:37:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2011/08/28 11:36:49 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2011/08/28 11:36:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2011/08/28 11:36:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2011/08/28 11:36:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011/08/28 11:35:52 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011/08/28 11:35:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011/08/28 11:35:24 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011/08/28 11:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011/08/28 11:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterVideo WinDVD
[2011/08/28 11:33:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InterVideo
[2011/08/28 11:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\InterVideo
[2011/08/28 11:30:51 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2011/08/28 11:30:50 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2011/08/28 11:30:50 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2011/08/28 11:30:50 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2011/08/28 11:30:50 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2011/08/28 11:30:50 | 000,068,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2011/08/28 11:30:50 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2011/08/28 11:30:49 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2011/08/28 11:30:49 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2011/08/28 11:30:49 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2011/08/28 11:30:49 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2011/08/28 11:30:49 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2011/08/28 11:30:49 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2011/08/28 11:30:45 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2011/08/28 11:30:44 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2011/08/28 11:30:44 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2011/08/28 11:30:44 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2011/08/28 11:30:44 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2011/08/28 11:30:44 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2011/08/28 11:30:44 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2011/08/28 11:30:43 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2011/08/28 11:30:43 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2011/08/28 11:30:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft WebCam Companion 2
[2011/08/28 11:30:24 | 001,645,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2011/08/28 11:29:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update 4
[2011/08/28 11:26:10 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2011/08/28 11:25:10 | 000,098,304 | ---- | C] (Sony Corporation) -- C:\Windows\System32\VESWinlogon.dll
[2011/08/28 11:24:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Edit Components 6
[2011/08/28 11:20:25 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Audio Suite
[2011/08/28 11:19:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/08/28 11:19:38 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
[2011/08/28 11:19:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011/08/28 11:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/08/28 11:19:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Uninstall
[2011/08/28 11:19:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sonic
[2011/08/28 11:19:07 | 000,000,000 | ---D | C] -- C:\Program Files\Roxio
[2011/08/28 11:18:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Easy Media Creator 10 LJ
[2011/08/28 11:18:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sonic Shared
[2011/08/28 11:18:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Roxio Shared
[2011/08/28 11:18:07 | 000,129,520 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxafs.dll
[2011/08/28 11:11:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office Suite Activation Assistant
[2011/08/28 11:08:34 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011/08/28 11:08:30 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2011/08/28 11:07:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/08/28 11:07:27 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011/08/28 11:05:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011/08/28 11:05:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/08/28 11:02:49 | 000,000,000 | ---D | C] -- C:\ProgramData\SiteAdvisor
[2011/08/28 10:58:22 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2011/08/28 10:58:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect
[2011/08/28 10:58:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Magic-i Visual Effects 2
[2011/08/28 10:58:01 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\System32\PCDLIB32.DLL
[2011/08/28 10:57:56 | 000,055,808 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\System32\ArcSoftKsUFilter.dll
[2011/08/28 10:57:56 | 000,017,920 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys
[2011/08/28 10:57:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ArcSoft
[2011/08/28 10:57:53 | 000,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2011/08/28 10:57:13 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011/08/28 10:56:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2011/08/28 10:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2011/08/28 10:56:48 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011/08/28 10:54:15 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Video & Photo Suite
[2011/08/28 10:52:48 | 000,072,176 | ---- | C] (Sonic Solutions) -- C:\Windows\System32\pxhpinst.exe
[2011/08/28 10:51:25 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/08/28 10:51:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/08/28 10:50:33 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/08/28 10:45:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2011/08/28 10:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2011/08/28 10:39:05 | 000,000,000 | ---D | C] -- C:\Windows\Fonts\Fonts
[2011/08/28 10:37:28 | 000,000,000 | ---D | C] -- C:\Windows\Sonysys
[2011/08/28 10:37:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Centre de réinstallation VAIO
[2011/08/28 10:32:12 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011/08/28 10:19:53 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 60 Days ==========

[2011/09/11 10:55:21 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Grégoire\Desktop\OTL.exe
[2011/09/11 09:56:01 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/11 09:56:01 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/11 09:55:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/11 09:55:41 | 3186,663,424 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/11 00:54:39 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/09/09 22:20:34 | 000,669,566 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2011/09/09 22:20:34 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/09/09 22:20:34 | 000,123,556 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2011/09/09 22:20:34 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/09/09 10:41:51 | 037,991,925 | ---- | M] () -- C:\Users\Grégoire\Desktop\logo papa.ai
[2011/09/07 22:49:31 | 000,079,871 | ---- | M] () -- C:\Users\Grégoire\Desktop\Photo du 46767872-08- à 12.59.jpg
[2011/09/07 22:49:24 | 000,079,871 | ---- | M] () -- C:\Users\Grégoire\Desktop\attachment.php
[2011/09/07 21:20:16 | 002,280,512 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/09/07 21:00:40 | 000,001,666 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/09/06 23:11:20 | 000,081,792 | ---- | M] () -- C:\Users\Grégoire\Desktop\photo.JPG
[2011/09/05 22:55:58 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/09/05 22:54:40 | 000,750,296 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\Grégoire\Desktop\install_flashplayer10_chra_aih.exe
[2011/09/05 20:41:33 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/09/05 20:40:36 | 021,073,936 | ---- | M] () -- C:\Users\Grégoire\Desktop\vlc-1.1.11-win32.exe
[2011/09/05 15:09:49 | 004,513,894 | ---- | M] () -- C:\Users\Grégoire\Desktop\APPARTEMENT GD CLEM.zip
[2011/09/05 15:02:01 | 004,513,894 | ---- | M] () -- C:\Users\Grégoire\Documents\APPARTEMENT GD CLEM.zip
[2011/09/05 12:59:21 | 001,401,136 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Grégoire\Desktop\tdsskiller.exe
[2011/09/05 12:30:22 | 000,294,216 | ---- | M] () -- C:\Users\Grégoire\Desktop\gmer.zip
[2011/09/05 12:29:57 | 000,000,000 | ---- | M] () -- C:\Users\Grégoire\defogger_reenable
[2011/09/05 12:29:31 | 000,050,477 | ---- | M] () -- C:\Users\Grégoire\Desktop\Defogger.exe
[2011/09/05 12:26:21 | 000,002,496 | ---- | M] () -- C:\Users\Grégoire\Desktop\Attach.zip
[2011/09/05 12:14:00 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Grégoire\Desktop\dds.scr
[2011/09/04 17:10:23 | 000,006,656 | ---- | M] () -- C:\Users\Grégoire\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/29 22:08:54 | 000,000,471 | ---- | M] () -- C:\Users\Grégoire\Desktop\Projets - Raccourci.lnk
[2011/08/29 22:08:54 | 000,000,471 | ---- | M] () -- C:\Users\Grégoire\Desktop\Musique - Raccourci.lnk
[2011/08/29 22:08:54 | 000,000,466 | ---- | M] () -- C:\Users\Grégoire\Desktop\Photos - Raccourci.lnk
[2011/08/29 21:38:25 | 000,001,028 | ---- | M] () -- C:\Users\Grégoire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2011/08/29 20:48:46 | 000,000,104 | ---- | M] () -- C:\Users\Grégoire\Application Data\Microsoft\Internet Explorer\Quick Launch\Courrier électronique - Raccourci.lnk
[2011/08/29 20:30:53 | 000,000,870 | ---- | M] () -- C:\Users\Grégoire\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/08/29 20:30:53 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/08/29 20:18:13 | 000,420,800 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2011/08/28 17:10:32 | 000,000,000 | RH-- | M] () -- C:\Windows\System32\drivers\104D_Sony_VGN-SR41MW.mrk
[2011/08/28 11:51:32 | 000,065,328 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011/08/28 11:47:17 | 000,000,040 | -H-- | M] () -- C:\Windows\System32\ivireg.ivr
[2011/08/28 11:29:59 | 000,000,000 | ---- | M] () -- C:\Windows\VAIOUpdt.INI
[2011/07/20 11:33:06 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/07/20 11:33:06 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys

========== Files Created - No Company Name ==========

[2011/09/07 23:08:31 | 037,991,925 | ---- | C] () -- C:\Users\Grégoire\Desktop\logo papa.ai
[2011/09/07 22:49:31 | 000,079,871 | ---- | C] () -- C:\Users\Grégoire\Desktop\Photo du 46767872-08- à 12.59.jpg
[2011/09/07 22:49:23 | 000,079,871 | ---- | C] () -- C:\Users\Grégoire\Desktop\attachment.php
[2011/09/06 23:11:20 | 000,081,792 | ---- | C] () -- C:\Users\Grégoire\Desktop\photo.JPG
[2011/09/05 20:41:33 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/09/05 20:38:25 | 021,073,936 | ---- | C] () -- C:\Users\Grégoire\Desktop\vlc-1.1.11-win32.exe
[2011/09/05 15:09:49 | 004,513,894 | ---- | C] () -- C:\Users\Grégoire\Desktop\APPARTEMENT GD CLEM.zip
[2011/09/05 15:01:59 | 004,513,894 | ---- | C] () -- C:\Users\Grégoire\Documents\APPARTEMENT GD CLEM.zip
[2011/09/05 12:30:22 | 000,294,216 | ---- | C] () -- C:\Users\Grégoire\Desktop\gmer.zip
[2011/09/05 12:29:57 | 000,000,000 | ---- | C] () -- C:\Users\Grégoire\defogger_reenable
[2011/09/05 12:29:31 | 000,050,477 | ---- | C] () -- C:\Users\Grégoire\Desktop\Defogger.exe
[2011/09/05 12:26:21 | 000,002,496 | ---- | C] () -- C:\Users\Grégoire\Desktop\Attach.zip
[2011/09/02 20:03:40 | 000,006,656 | ---- | C] () -- C:\Users\Grégoire\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/29 22:08:54 | 000,000,471 | ---- | C] () -- C:\Users\Grégoire\Desktop\Projets - Raccourci.lnk
[2011/08/29 22:08:54 | 000,000,471 | ---- | C] () -- C:\Users\Grégoire\Desktop\Musique - Raccourci.lnk
[2011/08/29 22:08:54 | 000,000,466 | ---- | C] () -- C:\Users\Grégoire\Desktop\Photos - Raccourci.lnk
[2011/08/29 21:38:25 | 000,001,028 | ---- | C] () -- C:\Users\Grégoire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
[2011/08/29 20:48:46 | 000,000,104 | ---- | C] () -- C:\Users\Grégoire\Application Data\Microsoft\Internet Explorer\Quick Launch\Courrier électronique - Raccourci.lnk
[2011/08/29 20:30:53 | 000,000,870 | ---- | C] () -- C:\Users\Grégoire\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/08/29 20:30:53 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/08/29 20:30:52 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/08/29 20:17:43 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/08/29 20:16:57 | 000,420,800 | -H-- | C] () -- C:\Windows\System32\drivers\vsconfig.xml
[2011/08/28 17:11:02 | 000,000,949 | ---- | C] () -- C:\Users\Grégoire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/08/28 17:10:57 | 000,000,944 | ---- | C] () -- C:\Users\Grégoire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/08/28 17:10:43 | 000,000,915 | ---- | C] () -- C:\Users\Grégoire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/08/28 17:10:32 | 000,000,000 | RH-- | C] () -- C:\Windows\System32\drivers\104D_Sony_VGN-SR41MW.mrk
[2011/08/28 17:00:27 | 000,000,258 | ---- | C] () -- C:\Users\Grégoire\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/08/28 17:00:27 | 000,000,240 | ---- | C] () -- C:\Users\Grégoire\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/08/28 11:47:13 | 000,000,040 | -H-- | C] () -- C:\Windows\System32\ivireg.ivr
[2011/08/28 11:29:59 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2011/08/28 11:29:24 | 000,000,671 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO MusicBox.lnk
[2011/08/28 11:26:59 | 000,001,551 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Movie Story.lnk
[2011/08/28 11:26:21 | 000,001,809 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Media plus.lnk
[2011/08/28 11:24:02 | 000,000,781 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outil de restauration de données VAIO.lnk
[2011/08/28 11:21:51 | 000,002,035 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
[2011/08/28 10:56:35 | 000,000,914 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Click to Disc Editor.lnk
[2011/08/28 10:54:15 | 000,001,890 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Click to Disc.lnk
[2011/08/28 10:54:15 | 000,001,850 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Content Exporter.lnk
[2011/08/28 10:19:55 | 3186,663,424 | -HS- | C] () -- C:\hiberfil.sys
[2009/03/24 04:20:08 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/03/23 21:05:13 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1511.dll
[2009/03/23 21:04:24 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009/03/23 21:04:11 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2009/03/23 21:04:10 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009/03/23 21:04:10 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009/03/23 21:04:10 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2009/03/23 21:04:10 | 000,011,264 | ---- | C] () -- C:\Windows\System32\atimuixx.dll
[2009/03/23 12:33:28 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/03/23 12:33:28 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/03/23 12:28:55 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/01/21 04:40:50 | 000,669,566 | ---- | C] () -- C:\Windows\System32\perfh00C.dat
[2008/01/21 04:40:50 | 000,340,236 | ---- | C] () -- C:\Windows\System32\perfi00C.dat
[2008/01/21 04:40:50 | 000,123,556 | ---- | C] () -- C:\Windows\System32\perfc00C.dat
[2008/01/21 04:40:50 | 000,037,390 | ---- | C] () -- C:\Windows\System32\perfd00C.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 002,280,512 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,587,178 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,101,250 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

< End of report >


and the Extras.Txt:

OTL Extras logfile created on: 11/09/2011 11:01:30 - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Grégoire\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,97 Gb Total Physical Memory | 1,66 Gb Available Physical Memory | 55,79% Memory free
6,14 Gb Paging File | 4,60 Gb Available in Paging File | 74,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285,23 Gb Total Space | 87,86 Gb Free Space | 30,80% Space Free | Partition Type: NTFS

Computer Name: ZOUM-ZOUM | User Name: Grégoire | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-2262983982-930267688-3375879511-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2B9004B6-5D29-4818-A58F-DEF4F95D33BF}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{53DF7806-6C3D-4CD3-A22D-EBDC52AAB22C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{97D6BB3D-0178-4335-BABE-20B6EC3AB566}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{422062C2-7196-4438-AF35-E5C7D39B22C6}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{5885C64A-6132-421A-9535-BD6EB0AC4692}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{836734D5-527E-4F32-BFD5-D09C346B6204}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{872B21A4-C207-4FE0-AB93-C56686BC2587}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{887CC428-C8E9-4543-8B4A-3E389B175489}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{9F9593BC-75B9-4388-88AF-B584DC1FB08A}" = protocol=6 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe |
"{B1D79CB0-DE17-444B-8F37-30B0E9363B84}" = protocol=17 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe |
"{E7676C86-E858-4C1E-B1CE-BB1C82C544F9}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{01523985-2098-43AF-9C97-12B07BE02A9B}" = Windows Live Call
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{0534F8BF-EBFD-004B-5DED-1010CBF353B8}" = CCC Help Dutch
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05653DE1-6567-40C6-B930-39D399B64369}" = OpenOffice.org 3.3
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{068F037B-2723-48E3-85F1-4D7D93A29D2A}" = VAIO Content Metadata Intelligent Analyzing Manager
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A1B60E0-F250-BD91-79C9-C29B9C05A5AA}" = Catalyst Control Center InstallProxy
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{13C5C85D-3CD9-DF9C-77A9-8173781CD170}" = CCC Help Spanish
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16BAB4DD-34F6-EBC5-F40B-72146464CDE0}" = Catalyst Control Center Core Implementation
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{190CD8ED-D83B-EB89-9BE9-8CC04569A4CB}" = CCC Help Thai
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Support de Présentation VAIO
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 26
"{26C05EE9-C5C7-F22C-A298-B97926F36E3E}" = CCC Help Turkish
"{2878C3C9-9D91-430F-8F50-885BB23DB001}" = VAIO Content Folder Watcher
"{2B5DDB2D-053E-F1C8-3234-DAE9FCF4B318}" = CCC Help Finnish
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2EF15529-A351-FDFA-C393-491483B04784}" = CCC Help Italian
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{327B75F0-92AF-420A-988F-FA596A218E0B}" = VAIO Content Folder Watcher
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3CCB732A-E472-4CF9-B1EE-F18365341FE0}" = Installation Windows Live
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43112A37-7CDD-745A-6EB4-9A9BA982DB2A}" = CCC Help English
"{47A2CE5C-EA1F-4F58-8A0A-9452CBA795CD}" = Click to Disc
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4DCB123A-6DD2-8436-2FBA-0244ADF65F42}" = CCC Help Russian
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{52A7C6A6-6B88-47D1-922E-9F8A7E089E6A}" = Logiciel Intel® PROSet/Wireless WiFi
"{52D93C83-FDEA-D1B2-5185-D1271DC15C6C}" = Catalyst Control Center Localization All
"{52E51086-747D-AEB9-B440-14B84CC247E0}" = Catalyst Control Center Graphics Light
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{54CC8FFD-0F64-07B4-EFC1-40C0449F4B85}" = ccc-utility
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{568D1DC1-4038-BF79-E58D-81311FD41F91}" = CCC Help Greek
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = Outil de restauration de données VAIO
"{58BDDF4F-6EA2-4EE8-9CF6-1B7B01E07191}" = VAIO Edit Components
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5F5867F0-2D23-4338-A206-01A76C823924}" = Gestion de l’alimentation de VAIO
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64DBE9FE-A07D-41A0-B81A-8D416D9647FF}" = VAIO Content Folder Watcher
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{7010F660-F97B-4565-9BA2-F985FFFB42B1}" = VAIO Mode Switch
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{77217D44-363B-9BF6-04F8-FE432D9AFE35}" = CCC Help Czech
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7B79CD75-F848-4B33-83E3-0EE1A1805A8C}" = VAIO Movie Story
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}" = VAIO Update 4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{88E1A4BD-995D-EB00-26E5-9BEFA9E213A6}" = CCC Help Polish
"{8A120CC0-95C6-DEEF-F60B-8B0866660920}" = CCC Help Hungarian
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90124382-85E3-DE67-F0F7-4C37B7040BF4}" = CCC Help Chinese Standard
"{914B46A6-7C4B-3AA2-DFF7-E39EB5F7141E}" = Skins
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{948FD689-B34E-5A26-F926-111A1A74A43D}" = CCC Help Japanese
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{99A9CE2D-DFB1-3277-D1C7-5C34C21179EF}" = ccc-core-static
"{9A44DC8C-13C7-6ADE-3516-C1FEDC0267F8}" = CCC Help Swedish
"{9A4FBD51-811D-33E9-116B-D26C662B588C}" = CCC Help Norwegian
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{A17E786D-ACC6-8D11-8B25-D83AB85B6534}" = CCC Help German
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{A9D3D707-4A1A-4227-BE6E-F16448B4CB63}" = VAIO Entertainment Platform
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1036-7B44-A90100000001}" = Adobe Reader 9.0.1 - Français
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B12F3362-A328-9499-949A-A95C6EF21CB6}" = Catalyst Control Center Graphics Previews Vista
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.5
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BFD85D24-D4F3-4CCC-B518-D7C4FC29C76D}" = VAIO Content Metadata Intelligent Analyzing Manager
"{C144CB60-EE5D-B625-C672-176AC5B488D2}" = ATI Catalyst Install Manager
"{C1555BC5-88B1-466B-BC79-062B5715DF92}" = VAIO Content Metadata XML Interface Library
"{C4567E61-7997-5F6A-0A4B-F667328D3ED3}" = Catalyst Control Center Graphics Previews Common
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C62AEA0E-90B0-4049-9780-8499A18A34D7}" = VAIO Content Metadata Manager Setting
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD77F1C7-9A53-0883-F660-2FE859B47BAA}" = Catalyst Control Center Graphics Full Existing
"{CD7E6232-D41D-4E5B-ABE1-0264B6260309}" = VAIO Content Metadata Intelligent Analyzing Manager
"{D239B547-8B20-4BDE-888D-C9CCA823FFD8}" = WIDCOMM Bluetooth Software
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D613E659-6503-42A8-9617-4F599061EAD5}" = VAIO MusicBox
"{D6E592B3-67DA-4BBB-9783-E1838FB253A2}" = Assistant de connexion Windows Live
"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DEF97A70-C67D-41E1-837C-6462C97A6F65}" = OpenMG Secure Module 5.3.00
"{E3453B1B-C91B-4C48-B046-8DF635DD46F2}" = VAIO Content Metadata XML Interface Library
"{E3E86D88-6370-73DA-29F9-D09D43337688}" = CCC Help Korean
"{E412146D-4D11-3363-804E-096D51988B69}" = CCC Help Portuguese
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{E9F6CD2A-CF41-6442-CB8A-34665511BFC8}" = CCC Help Chinese Traditional
"{EADE97A7-E7AA-43FD-A042-92A68E0187A6}" = VAIO Content Metadata Manager Setting
"{EBF8380D-8B72-6938-923A-5891703BCB4E}" = CCC Help Danish
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Préréglage personnalisé de SonicStage Mastering Studio Audio Filter
"{ED0CFA85-9E9F-67B4-89C4-A07C42D51FB3}" = Catalyst Control Center Graphics Full New
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EEFE8A83-8D7E-21AF-F1C6-D617DC6D5455}" = CCC Help French
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"dt icon module" =
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{DEF97A70-C67D-41E1-837C-6462C97A6F65}" = OpenMG Secure Module 5.3.00
"MarketingTools" = VAIO Marketing Tools
"MFU Module" =
"Mozilla Firefox 6.0 (x86 fr)" = Mozilla Firefox 6.0 (x86 fr)
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VAIO Help and Support" =
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite_Wave3" = Installation Windows Live
"ZoneAlarm" = ZoneAlarm

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28/08/2011 11:49:15 | Computer Name = WIN-7ETLZJNJPS6 | Source = SideBySide | ID = 16842785
Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ».
Assembly
dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 28/08/2011 11:49:15 | Computer Name = WIN-7ETLZJNJPS6 | Source = SideBySide | ID = 16842785
Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\WksWP.exe ».
Assembly
dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 28/08/2011 11:49:16 | Computer Name = WIN-7ETLZJNJPS6 | Source = SideBySide | ID = 16842785
Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\WksWP.exe ».
Assembly
dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 28/08/2011 16:53:23 | Computer Name = Zoum-Zoum | Source = WinMgmt | ID = 10
Description =

Error - 28/08/2011 16:53:33 | Computer Name = Zoum-Zoum | Source = VzCdbSvc | ID = 7
Description = Échec de chargement du module d'extension. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Code
d'erreur = 0x80042019)

Error - 28/08/2011 16:54:45 | Computer Name = Zoum-Zoum | Source = Windows Search Service Profile Notification | ID = 2
Description =

Error - 28/08/2011 17:12:02 | Computer Name = Zoum-Zoum | Source = SideBySide | ID = 16842785
Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksdb.exe ».
Assembly
dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 28/08/2011 17:12:02 | Computer Name = Zoum-Zoum | Source = SideBySide | ID = 16842785
Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksdb.exe ».
Assembly
dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 28/08/2011 17:12:02 | Computer Name = Zoum-Zoum | Source = SideBySide | ID = 16842785
Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\WksCal.exe ».
Assembly
dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

Error - 28/08/2011 17:12:05 | Computer Name = Zoum-Zoum | Source = SideBySide | ID = 16842785
Description = La création du contexte d’activation a échoué pour « C:\Windows\Installer\{0214A441-A4AB-43A8-8DEF-2F73C5364673}\wksss.exe ».
Assembly
dépendant msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé.

[ System Events ]
Error - 09/09/2011 15:24:28 | Computer Name = Zoum-Zoum | Source = HTTP | ID = 15016
Description =

Error - 09/09/2011 15:24:33 | Computer Name = Zoum-Zoum | Source = Service Control Manager | ID = 7000
Description =

Error - 09/09/2011 21:13:56 | Computer Name = Zoum-Zoum | Source = HTTP | ID = 15016
Description =

Error - 09/09/2011 21:14:04 | Computer Name = Zoum-Zoum | Source = Service Control Manager | ID = 7000
Description =

Error - 10/09/2011 13:13:15 | Computer Name = Zoum-Zoum | Source = HTTP | ID = 15016
Description =

Error - 10/09/2011 13:13:19 | Computer Name = Zoum-Zoum | Source = Service Control Manager | ID = 7000
Description =

Error - 10/09/2011 19:45:39 | Computer Name = Zoum-Zoum | Source = HTTP | ID = 15016
Description =

Error - 10/09/2011 19:45:44 | Computer Name = Zoum-Zoum | Source = Service Control Manager | ID = 7000
Description =

Error - 11/09/2011 09:56:01 | Computer Name = Zoum-Zoum | Source = HTTP | ID = 15016
Description =

Error - 11/09/2011 09:56:06 | Computer Name = Zoum-Zoum | Source = Service Control Manager | ID = 7000
Description =


< End of report >


Thanks!!!

#12 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:51 AM

Posted 11 September 2011 - 01:52 PM

Hi,

It seems that from some entries in your HOSTS file, that you may be trying to get around Adobe licencing checks. Is this the case? If so, I must tell you that:

No subject matter will be allowed whose purpose is to defeat existing copyright or security measures. If a user persists and/or the activity is obviously illegal the staff reserves the right to remove such content and/or ban the user. This would also mean encouraging the use or continued use of pirated software is not permitted, and subject to the same consequences.


I strongly suggest that, if this is the case, you legally purchase the software or remove it from your PC.

We need to run an OTL Fix
  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.
    :OTL
    FF - prefs.js..extensions.enabledItems: {276c0d85-0ae4-443a-814a-c3eef0ad8b47}:1.0
    FF - prefs.js..network.proxy.http: "localhost"
    FF - prefs.js..network.proxy.http_port: 9666
    FF - prefs.js..network.proxy.socks: "localhost"
    FF - prefs.js..network.proxy.socks_port: 9050
    FF - prefs.js..network.proxy.socks_remote_dns: true
    FF - prefs.js..network.proxy.ssl: "localhost"
    FF - prefs.js..network.proxy.ssl_port: 9666
    FF - prefs.js..network.proxy.type: 4
    [2011/08/29 20:42:47 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Grégoire\AppData\Roaming\mozilla\Firefox\Profiles\4wno7tms.default\extensions\{276c0d85-0ae4-443a-814a-c3eef0ad8b47}
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O4 - HKU\S-1-5-21-2262983982-930267688-3375879511-1000..\Run: [AdobeBridge] File not found
    O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
    
    :commands
    [CREATERESTOREPOINT]
    
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click Posted Image.
  • A report will open. Copy and Paste that report in your next reply.

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#13 thisis8

thisis8
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:51 PM

Posted 12 September 2011 - 08:47 PM

Casey,
as I am not even using these Adobe products much, I felt more secure to uninstall all of them. I'm clear now. But I didn't update my hosts. Do I have to?

As for the OTL: I ran the fix, it did't ask for a reboot. Here is the report:

========== OTL ==========
Prefs.js: {276c0d85-0ae4-443a-814a-c3eef0ad8b47}:1.0 removed from extensions.enabledItems
Prefs.js: "localhost" removed from network.proxy.http
Prefs.js: 9666 removed from network.proxy.http_port
Prefs.js: "localhost" removed from network.proxy.socks
Prefs.js: 9050 removed from network.proxy.socks_port
Prefs.js: true removed from network.proxy.socks_remote_dns
Prefs.js: "localhost" removed from network.proxy.ssl
Prefs.js: 9666 removed from network.proxy.ssl_port
Prefs.js: 4 removed from network.proxy.type
C:\Users\Grégoire\AppData\Roaming\mozilla\Firefox\Profiles\4wno7tms.default\extensions\{276c0d85-0ae4-443a-814a-c3eef0ad8b47}\defaults\preferences folder moved successfully.
C:\Users\Grégoire\AppData\Roaming\mozilla\Firefox\Profiles\4wno7tms.default\extensions\{276c0d85-0ae4-443a-814a-c3eef0ad8b47}\defaults folder moved successfully.
C:\Users\Grégoire\AppData\Roaming\mozilla\Firefox\Profiles\4wno7tms.default\extensions\{276c0d85-0ae4-443a-814a-c3eef0ad8b47}\chrome folder moved successfully.
C:\Users\Grégoire\AppData\Roaming\mozilla\Firefox\Profiles\4wno7tms.default\extensions\{276c0d85-0ae4-443a-814a-c3eef0ad8b47} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_USERS\S-1-5-21-2262983982-930267688-3375879511-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui\ deleted successfully.
========== COMMANDS ==========


OTL by OldTimer - Version 3.2.27.0 log created on 09122011_214522

Thanks again for your valuable help.

Camille

Edited by thisis8, 12 September 2011 - 08:50 PM.


#14 thisis8

thisis8
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:51 PM

Posted 12 September 2011 - 08:50 PM

Oh Casey, I just tried several searches on Firefox and it seems to work now. I'll keep trying in the next few days and will let you know..

Merci!!

#15 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:02:51 AM

Posted 13 September 2011 - 07:45 AM

Hi Camille,

Glad to hear that it's looking better :)

:step1: Update and then run a full scan with MalwareByte's AntiMalware

:step2: I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users