Possible trojan, facebook hacked, suddenly slow computer

Solved
By needhelp51
Jan 25, 2013
Topic Status:
Not open for further replies.
  1. Hello, please I need help please to make sure my computer is clean. Thanks for your attention.

    Here is Malwarebytes log:

    Malwarebytes Anti-Malware 1.70.0.1100
    www.malwarebytes.org
    Version de la base de données: v2013.01.25.08
    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    Toshiba :: TOSHIBA-29519BD [administrateur]
    2013-01-25 17:36:17
    mbam-log-2013-01-25 (17-36-17).txt
    Type d'examen: Examen rapide
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 200038
    Temps écoulé: 7 minute(s), 9 seconde(s)
    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)
    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)
    Clé(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)
    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)
    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)
    Dossier(s) détecté(s): 0
    (Aucun élément nuisible détecté)
    Fichier(s) détecté(s): 0
    (Aucun élément nuisible détecté)
    (fin)
    DDS log:

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_37
    Run by Toshiba at 17:44:51 on 2013-01-25
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.2.1036.18.3070.2126 [GMT -5:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    FW: COMODO Firewall *Enabled*
    .
    ============== Running Processes ================
    .
    C:\Program Files\Emsisoft Anti-Malware\a2service.exe
    C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Google\Update\GoogleUpdate.exe
    C:\WINDOWS\system32\lxdxcoms.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files\Secunia\PSI\PSIA.exe
    C:\WINDOWS\system32\fxssvc.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
    C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
    C:\Program Files\Synaptics\SynTP\Toshiba.exe
    C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
    C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe
    C:\Program Files\AVAST Software\Avast\avastUI.exe
    C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\Program Files\Secunia\PSI\psi_tray.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Secunia\PSI\sua.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    C:\WINDOWS\system32\svchost.exe -k rpcss
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.ca/
    uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
    mURLSearchHooks: {855F3B16-6D32-4fe6-8A56-BBB695989046} - <orphaned>
    mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\fichiers communs\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - c:\program files\wot\WOT.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: WOT: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - c:\program files\wot\WOT.dll
    TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - c:\program files\wot\WOT.dll
    TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [LaunchApp] launchapp
    mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
    mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
    mRun: [SmoothView] c:\program files\toshiba\utilitaire de zoom toshiba\SmoothView.exe
    mRun: [Toshiba Hotkey Utility] "c:\program files\toshiba\windows utilities\Hotkey.exe" /lang FR
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [nwiz] nwiz.exe /installquiet
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [Adobe ARM] "c:\program files\fichiers communs\adobe\arm\1.0\AdobeARM.exe"
    mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe"
    mRun: [IntelWireless] "c:\program files\fichiers communs\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray
    mRun: [lxdxmon.exe] "c:\program files\lexmark 3600-4600 series\lxdxmon.exe"
    mRun: [EzPrint] "c:\program files\lexmark 3600-4600 series\ezprint.exe"
    mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
    mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
    mRun: [SunJavaUpdateSched] "c:\program files\fichiers communs\java\java update\jusched.exe"
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\ramasst.lnk - c:\windows\system32\RAMASST.exe
    StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    uPolicies-Explorer: NoDriveAutoRun = dword:67108863
    mPolicies-Explorer: NoDriveAutoRun = dword:67108863
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    mPolicies-Explorer: NoDriveAutoRun = dword:67108863
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} - hxxp://209.50.106.51:8181/kxhcm10.ocx
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1325644805328
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1349558900881
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    TCP: NameServer = 142.217.192.9 142.217.192.8
    TCP: Interfaces\{0E7BCCCD-D995-4FF4-BEFE-BB1761D46E3E} : DHCPNameServer = 142.217.192.9 142.217.192.8
    Handler: intu-ir2011 - {DFF68B15-A8D3-420b-B32C-E9554E2F5C15} - <orphaned>
    Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
    AppInit_DLLs= c:\windows\system32\guard32.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\toshiba\application data\mozilla\firefox\profiles\34z1afo4.default\
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
    FF - plugin: c:\windows\system32\npdeployJava1.dll
    FF - plugin: c:\windows\system32\npptools.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\emsisoft anti-malware\a2ddax86.sys [2012-1-4 17904]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-10-3 738504]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-10-3 361032]
    R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-3-11 497952]
    R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-3-11 32640]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-8-11 116608]
    R2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service;c:\program files\emsisoft anti-malware\a2service.exe [2012-1-4 3085736]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-10-3 21256]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-10-3 44808]
    R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2012-3-11 1990464]
    R2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe -service --> c:\windows\system32\lxdxcoms.exe -service [?]
    R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-6-25 35088]
    R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-10-14 994360]
    R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-10-14 399416]
    R3 NETwLx32; Pilote de carte de la série Intel(R) Wireless WiFi Link 5000 pour Windows XP 32 bits ;c:\windows\system32\drivers\NETwLx32.sys [2012-1-5 6609920]
    R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdxserv.exe [2012-2-29 94208]
    S3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2012-1-4 54072]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
    S3 PROCEXP151;PROCEXP151;\??\c:\windows\system32\drivers\procexp151.sys --> c:\windows\system32\drivers\PROCEXP151.SYS [?]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2013-01-12 14:26:31 262704 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    ==================== Find3M ====================
    .
    2013-01-12 14:29:09 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-01-12 14:29:09 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
    2012-12-14 21:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-11-13 11:55:44 1866496 ----a-w- c:\windows\system32\win32k.sys
    2012-11-08 16:29:12 1402312 ----a-w- c:\windows\system32\msxml4.dll
    2012-11-07 23:38:16 32640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
    2012-11-07 23:38:14 497952 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
    2012-11-07 23:38:13 18096 ----a-w- c:\windows\system32\drivers\cmderd.sys
    2012-11-07 23:37:35 34024 ----a-w- c:\windows\system32\cmdcsr.dll
    2012-11-07 23:37:34 301264 ----a-w- c:\windows\system32\guard32.dll
    2012-11-06 02:01:34 1371648 ----a-w- c:\windows\system32\msxml6.dll
    2012-11-02 02:02:37 375296 ----a-w- c:\windows\system32\dpnet.dll
    2012-11-01 12:17:51 916992 ----a-w- c:\windows\system32\wininet.dll
    2012-11-01 12:17:50 43520 ------w- c:\windows\system32\licmgr10.dll
    2012-11-01 12:17:50 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2012-11-01 00:35:34 385024 ------w- c:\windows\system32\html.iec
    2012-10-30 23:51:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2012-10-30 23:51:07 41224 ----a-w- c:\windows\avastSS.scr
    .
    ============= FINISH: 17:45:30,84 ===============

    Attach log:

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Édition familiale
    Boot Device: \Device\HarddiskVolume1
    Install Date: 2012-01-03 20:37:37
    System Uptime: 2013-01-25 17:22:51 (0 hours ago)
    .
    Motherboard: TOSHIBA | | Satellite P100
    Processor: Genuine Intel(R) CPU T2400 @ 1.83GHz | U2E1 | 1839/166mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 112 GiB total, 23,599 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Carte réseau 1394
    Device ID: V1394\NIC1394\8E0921C09F00
    Manufacturer: Microsoft
    Name: Carte réseau 1394
    PNP Device ID: V1394\NIC1394\8E0921C09F00
    Service: NIC1394
    .
    ==== System Restore Points ===================
    .
    RP181: 2012-12-06 03:25:02 - Point de vérification système
    RP182: 2012-12-08 21:18:34 - Point de vérification système
    RP183: 2012-12-09 22:44:19 - Point de vérification système
    RP184: 2012-12-11 22:45:39 - Point de vérification système
    RP185: 2012-12-12 21:21:45 - Software Distribution Service 3.0
    RP186: 2012-12-13 21:55:13 - Point de vérification système
    RP187: 2012-12-14 22:25:01 - Point de vérification système
    RP188: 2012-12-15 22:35:15 - Point de vérification système
    RP189: 2012-12-16 22:44:18 - Point de vérification système
    RP190: 2012-12-18 23:50:57 - Point de vérification système
    RP191: 2012-12-21 00:38:28 - Point de vérification système
    RP192: 2012-12-24 13:08:19 - Software Distribution Service 3.0
    RP193: 2012-12-26 13:28:53 - Point de vérification système
    RP194: 2012-12-27 13:53:58 - Point de vérification système
    RP195: 2012-12-28 14:10:05 - Point de vérification système
    RP196: 2012-12-29 17:54:29 - Point de vérification système
    RP197: 2012-12-30 18:18:20 - Point de vérification système
    RP198: 2012-12-31 19:17:29 - Point de vérification système
    RP199: 2013-01-01 19:54:54 - Point de vérification système
    RP200: 2013-01-02 20:16:58 - Point de vérification système
    RP201: 2013-01-05 13:46:34 - Point de vérification système
    RP202: 2013-01-05 21:05:46 - Software Distribution Service 3.0
    RP203: 2013-01-06 21:12:38 - Point de vérification système
    RP204: 2013-01-07 21:57:48 - Point de vérification système
    RP205: 2013-01-08 22:14:48 - Point de vérification système
    RP206: 2013-01-09 22:16:45 - Point de vérification système
    RP207: 2013-01-09 23:41:25 - Software Distribution Service 3.0
    RP208: 2013-01-12 12:22:00 - Point de vérification système
    RP209: 2013-01-13 12:37:54 - Point de vérification système
    RP210: 2013-01-14 23:05:10 - Software Distribution Service 3.0
    RP211: 2013-01-17 20:16:12 - Point de vérification système
    RP212: 2013-01-18 20:22:44 - Point de vérification système
    RP213: 2013-01-19 21:22:10 - Point de vérification système
    RP214: 2013-01-20 21:58:25 - Point de vérification système
    RP215: 2013-01-22 21:14:53 - Point de vérification système
    RP216: 2013-01-23 22:50:20 - Point de vérification système
    .
    ==== Installed Programs ======================
    .
    7-Zip 9.20
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.5) - Français
    Assist TOSHIBA
    Assistant de connexion Windows Live
    Audacity 2.0
    avast! Free Antivirus
    Canon Digital Camera USB WIA Driver
    CCleaner
    COMODO Internet Security
    Conexant HD Audio
    Dorgem 2.1.0
    Emsisoft Anti-Malware
    ESET Online Scanner v3
    File Shredder 2.5
    Google Update Helper
    HDAUDIO Soft Data Fax Modem with SmartCP
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB954550-v5)
    inSSIDer
    Installation Windows Live
    Intel PROSet Wireless
    Intel(R) PRO Network Connections Drivers
    InterVideo WinDVD Creator 2
    InterVideo WinDVD for TOSHIBA
    IrfanView (remove only)
    Java Auto Updater
    Java(TM) 6 Update 37
    LAME v3.99.3 (for Windows)
    Lecteur Windows Media 11
    Lexmark 3600-4600 Series
    Logiciel Intel(R) PROSet/Wireless WiFi
    Malwarebytes Anti-Malware version 1.70.0.1100
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 French Language Pack
    Microsoft .NET Framework 1.1 Security Update (KB2698023)
    Microsoft .NET Framework 1.1 Security Update (KB2742597)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Client Profile FRA Language Pack
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Network Monitor 3.4
    Microsoft Network Monitor: NetworkMonitor Parsers 3.4
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    mIRC
    Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2510531)
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2544521)
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2618444)
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2647516)
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2675157)
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2699988)
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2722913)
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2744842)
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2761465)
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2799329)
    Mise à jour de sécurité pour Windows Internet Explorer 8 (KB982381)
    Mise à jour de sécurité pour Windows XP (KB2757638)
    Mise à jour de sécurité pour Windows XP (KB923789)
    Mise à jour pour Windows Internet Explorer 8 (KB2598845)
    Mise à jour pour Windows Internet Explorer 8 (KB2632503)
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra
    Module linguistique Microsoft .NET Framework 4 Client Profile FRA
    Mozilla Firefox 18.0 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP3 Parser
    MSXML 4.0 SP3 Parser (KB2721691)
    MSXML 4.0 SP3 Parser (KB2758694)
    NVIDIA Drivers
    OpenOffice.org 3.4.1
    Outil de diagnostic PC TOSHIBA
    Outil de téléchargement Windows Live
    Pilote du DVD-RAM
    Réducteur de bruit lect. CD/DVD
    Screenshot Captor 3.03.01
    SD Secure Module
    Secunia PSI (2.0.0.4003)
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870)
    Segoe UI
    Sonic DLA
    Sonic RecordNow!
    Spybot - Search & Destroy
    SUPERAntiSpyware
    Synaptics Pointing Device Driver
    Texas Instruments PCIxx21/x515/xx12 drivers.
    TIPCI
    TOSHIBA ConfigFree
    Toshiba Controls Utility
    Toshiba Hotkey Utility
    Toshiba Tbiosdrv Driver
    Toshiba Touchpad Utility
    Toshiba Utility
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Utilitaire de zoom TOSHIBA
    VLC media player 2.0.5
    WebFldrs XP
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 8
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Messenger
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Service Pack 3
    WinPcap 4.1.2
    WOT pour Internet Explorer
    XML Paper Specification Shared Components Language Pack 1.0
    .
    ==== Event Viewer Messages From Past Week ========
    .
    2013-01-25 17:23:31, error: Service Control Manager [7009] - Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService.
    2013-01-25 17:23:31, error: Service Control Manager [7000] - Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
    2013-01-24 17:19:03, error: Service Control Manager [7009] - Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService.
    2013-01-24 17:19:03, error: Service Control Manager [7000] - Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
    2013-01-23 16:19:35, error: Service Control Manager [7009] - Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService.
    2013-01-23 16:19:35, error: Service Control Manager [7000] - Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
    2013-01-22 20:17:27, error: Service Control Manager [7009] - Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService.
    2013-01-22 20:17:27, error: Service Control Manager [7000] - Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
    2013-01-21 17:17:22, error: Service Control Manager [7009] - Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService.
    2013-01-21 17:17:22, error: Service Control Manager [7000] - Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
    2013-01-20 09:41:18, error: Service Control Manager [7009] - Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService.
    2013-01-20 09:41:18, error: Service Control Manager [7000] - Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
    2013-01-19 08:59:15, error: Service Control Manager [7009] - Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService.
    2013-01-19 08:59:15, error: Service Control Manager [7000] - Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
    2013-01-18 17:19:09, error: Service Control Manager [7009] - Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService.
    2013-01-18 17:19:09, error: Service Control Manager [7000] - Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
    .
    ==== End Of File ===========================
  2. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Hi there...

    Adware Cleaning

    Please download AdwCleaner by Xplode onto your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Delete.
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your reply.
    • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.


    Junkware Removal Tool

    Please download Junkware Removal Tool to your desktop.
    • Warning! Once the scan is complete JRT will shut down your browser with NO warning.
    • Shut down your protection software now to avoid potential conflicts.
    • Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.
    • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Copy and Paste the JRT.txt log into your next message.


    ESET Online Scan

    Please run a free online scan with the ESET Online Scanner
    • Tick the box next to YES, I accept the Terms of Use
    • Click Start
    • When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
    • Click Start or wait for the scanner to load.
    • Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
    • Click Scan (This scan can take several hours, so please be patient)
    • Once the scan is completed, there are a couple of things to keep in mind:
    • 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
    • 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
    • Open the logfile from wherever you saved it
    • Copy and paste the contents in your next reply.
  3. needhelp51

    needhelp51 TechSpot Enthusiast Topic Starter Posts: 203

    Hello, thanks for your help.

    Here is the log for AdwCleaner:

    # AdwCleaner v2.108 - Rapport créé le 25/01/2013 à 20:11:21
    # Mis à jour le 24/01/2013 par Xplode
    # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
    # Nom d'utilisateur : Toshiba - TOSHIBA-29519BD
    # Mode de démarrage : Normal
    # Exécuté depuis : C:\Documents and Settings\Toshiba\Bureau\adwcleaner.exe
    # Option [Suppression]

    ***** [Services] *****

    ***** [Fichiers / Dossiers] *****
    Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar
    Dossier Supprimé : C:\Program Files\ICQ6Toolbar
    ***** [Registre] *****
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
    ***** [Navigateurs] *****
    -\\ Internet Explorer v8.0.6001.18702
    Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
    -\\ Mozilla Firefox v18.0 (en-US)
    Fichier : C:\Documents and Settings\Toshiba\Application Data\Mozilla\Firefox\Profiles\34z1afo4.default\prefs.js
    [OK] Le fichier ne contient aucune entrée illégitime.
    *************************
    AdwCleaner[R1].txt - [1500 octets] - [25/01/2013 20:10:38]
    AdwCleaner[S1].txt - [1475 octets] - [25/01/2013 20:11:21]
    ########## EOF - C:\AdwCleaner[S1].txt - [1535 octets] ##########
    Log for JRT:

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 4.5.0 (01.23.2013:2)
    OS: Microsoft Windows XP x86
    Ran by Toshiba on 2013-01-25 at 20:19:19,31
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    ~~~ Services

    ~~~ Registry Values
    Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
    Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL

    ~~~ Registry Keys
    Successfully deleted: [Registry Key] hkey_current_user\software\billp studios\detected\startup

    ~~~ Files

    ~~~ Folders


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 2013-01-25 at 20:26:44,07
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan for Eset:

    No threats found - (No log generated - it seems...)
  4. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    TDSSKiller Scan

    Please download and run TDSSKiller to your desktop as outlined below:

    Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    For Windows XP, double-click to start.
    For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

    [​IMG]

    -------------------------

    Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    [​IMG]

    ------------------------

    Click the Start Scan button.

    [​IMG]

    -----------------------

    If a suspicious object is detected, the default action will be Skip, click on Continue
    If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue


    [​IMG]

    ----------------------

    If malicious objects are found, they will show in the Scan results and offer three (3) options.

    Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


    [​IMG]


    --------------------

    A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

    Sometimes these logs can be very large, in that case please attach it.

    -------------------

    Here's a summary of what to do if you would like to print it out:

    If a suspicious object is detected, the default action will be Skip, click on Continue
    If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue

    If malicious objects are found, they will show in the Scan results and offer three (3) options.

    Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


    OTL Quick Scan

    Please download OTL by OldTimer to your Desktop.
    • Close all windows and double click OTL.exe.
    • Click Quick Scan button and let the program run uninterrupted.
    • It will produce a log for you called OTL.txt, please post it in your next reply.
    • You may need to use two posts to get it all.
  5. needhelp51

    needhelp51 TechSpot Enthusiast Topic Starter Posts: 203

    Hello,

    Only suspicious objects found by tdsskiller, so I skipped and continued as instructed:


    10:04:17.0546 0368 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
    10:04:19.0546 0368 ============================================================
    10:04:19.0546 0368 Current date / time: 2013/01/26 10:04:19.0546
    10:04:19.0546 0368 SystemInfo:
    10:04:19.0546 0368
    10:04:19.0546 0368 OS Version: 5.1.2600 ServicePack: 3.0
    10:04:19.0546 0368 Product type: Workstation
    10:04:19.0546 0368 ComputerName: TOSHIBA-29519BD
    10:04:19.0546 0368 UserName: Toshiba
    10:04:19.0546 0368 Windows directory: C:\WINDOWS
    10:04:19.0546 0368 System windows directory: C:\WINDOWS
    10:04:19.0546 0368 Processor architecture: Intel x86
    10:04:19.0546 0368 Number of processors: 2
    10:04:19.0546 0368 Page size: 0x1000
    10:04:19.0546 0368 Boot type: Normal boot
    10:04:19.0546 0368 ============================================================
    10:04:21.0187 0368 BG loaded
    10:04:21.0609 0368 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
    10:04:21.0609 0368 ============================================================
    10:04:21.0609 0368 \Device\Harddisk0\DR0:
    10:04:21.0609 0368 MBR partitions:
    10:04:21.0609 0368 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
    10:04:21.0609 0368 ============================================================
    10:04:21.0656 0368 C: <-> \Device\Harddisk0\DR0\Partition1
    10:04:21.0656 0368 ============================================================
    10:04:21.0656 0368 Initialize success
    10:04:21.0656 0368 ============================================================
    10:04:31.0375 3396 ============================================================
    10:04:31.0375 3396 Scan started
    10:04:31.0375 3396 Mode: Manual; SigCheck; TDLFS;
    10:04:31.0375 3396 ============================================================
    10:04:31.0843 3396 ================ Scan system memory ========================
    10:04:31.0843 3396 System memory - ok
    10:04:31.0843 3396 ================ Scan services =============================
    10:04:31.0984 3396 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    10:04:32.0140 3396 !SASCORE - ok
    10:04:32.0296 3396 [ A8A4E18857CDFD8D9AB81E2C9EAF89B5 ] a2acc C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
    10:04:32.0406 3396 a2acc - ok
    10:04:32.0609 3396 [ C753789DFC2E3BCC3A273FF325AC0E44 ] a2AntiMalware C:\Program Files\Emsisoft Anti-Malware\a2service.exe
    10:04:32.0796 3396 a2AntiMalware - ok
    10:04:32.0875 3396 [ F7EABCA8375EA2DC6F35C4BCA4757515 ] A2DDA C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys
    10:04:32.0906 3396 A2DDA - ok
    10:04:33.0140 3396 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
    10:04:33.0171 3396 Aavmker4 - ok
    10:04:33.0187 3396 Abiosdsk - ok
    10:04:33.0187 3396 abp480n5 - ok
    10:04:33.0265 3396 [ E5E6DBFC41EA8AAD005CB9A57A96B43B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
    10:04:33.0687 3396 ACPI - ok
    10:04:33.0687 3396 [ E4ABC1212B70BB03D35E60681C447210 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
    10:04:33.0843 3396 ACPIEC - ok
    10:04:33.0953 3396 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    10:04:33.0968 3396 AdobeFlashPlayerUpdateSvc - ok
    10:04:33.0968 3396 adpu160m - ok
    10:04:34.0031 3396 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
    10:04:34.0171 3396 aec - ok
    10:04:34.0218 3396 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
    10:04:34.0281 3396 AFD - ok
    10:04:34.0296 3396 Aha154x - ok
    10:04:34.0296 3396 aic78u2 - ok
    10:04:34.0296 3396 aic78xx - ok
    10:04:34.0343 3396 [ 758FDC60D41716EF889D849989B4B1CD ] Alerter C:\WINDOWS\system32\alrsvc.dll
    10:04:34.0546 3396 Alerter - ok
    10:04:34.0578 3396 [ 5E9A6658A2A69AE7EB195113B7A2E7A9 ] ALG C:\WINDOWS\System32\alg.exe
    10:04:34.0640 3396 ALG - ok
    10:04:34.0656 3396 AliIde - ok
    10:04:34.0656 3396 amsint - ok
    10:04:34.0671 3396 AppMgmt - ok
    10:04:34.0718 3396 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
    10:04:34.0859 3396 Arp1394 - ok
    10:04:34.0859 3396 asc - ok
    10:04:34.0875 3396 asc3350p - ok
    10:04:34.0875 3396 asc3550 - ok
    10:04:35.0015 3396 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
    10:04:35.0031 3396 aspnet_state - ok
    10:04:35.0078 3396 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
    10:04:35.0093 3396 aswFsBlk - ok
    10:04:35.0125 3396 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
    10:04:35.0156 3396 aswMon2 - ok
    10:04:35.0171 3396 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
    10:04:35.0187 3396 AswRdr - ok
    10:04:35.0234 3396 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
    10:04:35.0265 3396 aswSnx - ok
    10:04:35.0343 3396 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
    10:04:35.0375 3396 aswSP - ok
    10:04:35.0406 3396 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
    10:04:35.0421 3396 aswTdi - ok
    10:04:35.0437 3396 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    10:04:35.0562 3396 AsyncMac - ok
    10:04:35.0593 3396 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
    10:04:35.0734 3396 atapi - ok
    10:04:35.0734 3396 Atdisk - ok
    10:04:35.0765 3396 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    10:04:35.0890 3396 Atmarpc - ok
    10:04:35.0937 3396 [ B4005AEF7873144634765B570DAC466E ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
    10:04:36.0078 3396 AudioSrv - ok
    10:04:36.0109 3396 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
    10:04:36.0234 3396 audstub - ok
    10:04:36.0359 3396 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    10:04:36.0375 3396 avast! Antivirus - ok
    10:04:36.0390 3396 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
    10:04:36.0531 3396 Beep - ok
    10:04:36.0593 3396 [ BAA0B6E647C1AD593E9BAE5CC31BCFFB ] BITS C:\WINDOWS\system32\qmgr.dll
    10:04:36.0765 3396 BITS - ok
    10:04:36.0781 3396 [ 141BEFBD4F2A84A66E2F54B9E32E40D1 ] BoiHwsetup C:\WINDOWS\system32\drivers\BoiHwSetup.sys
    10:04:36.0812 3396 BoiHwsetup - ok
    10:04:36.0875 3396 [ 952322AE7F95A21F3EEDA99C36C68663 ] Browser C:\WINDOWS\System32\browser.dll
    10:04:36.0921 3396 Browser - ok
    10:04:36.0937 3396 catchme - ok
    10:04:36.0953 3396 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
    10:04:37.0140 3396 cbidf2k - ok
    10:04:37.0140 3396 cd20xrnt - ok
    10:04:37.0156 3396 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
    10:04:37.0328 3396 Cdaudio - ok
    10:04:37.0375 3396 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
    10:04:37.0531 3396 Cdfs - ok
    10:04:37.0546 3396 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
    10:04:37.0671 3396 Cdrom - ok
    10:04:37.0781 3396 [ 3CB0CC8879956C187E87E18634EE5164 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    10:04:37.0796 3396 CFSvcs ( UnsignedFile.Multi.Generic ) - warning
    10:04:37.0796 3396 CFSvcs - detected UnsignedFile.Multi.Generic (1)
    10:04:37.0796 3396 Changer - ok
    10:04:37.0828 3396 [ 793EF38A5FD086C3C8E48A8A861562ED ] CiSvc C:\WINDOWS\system32\cisvc.exe
    10:04:37.0953 3396 CiSvc - ok
    10:04:37.0968 3396 [ 8B30CBB0C07D49B2658FB190946B0E7E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
    10:04:38.0093 3396 ClipSrv - ok
    10:04:38.0156 3396 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    10:04:38.0171 3396 clr_optimization_v2.0.50727_32 - ok
    10:04:38.0281 3396 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    10:04:38.0312 3396 clr_optimization_v4.0.30319_32 - ok
    10:04:38.0375 3396 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    10:04:38.0484 3396 CmBatt - ok
    10:04:38.0687 3396 [ 2A2D72271844C52F004901A60312B96A ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    10:04:38.0812 3396 cmdAgent - ok
    10:04:38.0890 3396 [ 9181CC4D007ADBE21DB9A11BFECAFEF5 ] cmdGuard C:\WINDOWS\system32\DRIVERS\cmdguard.sys
    10:04:38.0937 3396 cmdGuard - ok
    10:04:38.0968 3396 [ C5A9FB50E8CA7FD99F256255FEE71580 ] cmdHlp C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
    10:04:39.0000 3396 cmdHlp - ok
    10:04:39.0015 3396 CmdIde - ok
    10:04:39.0031 3396 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
    10:04:39.0234 3396 Compbatt - ok
    10:04:39.0234 3396 COMSysApp - ok
    10:04:39.0250 3396 Cpqarray - ok
    10:04:39.0296 3396 [ 7A6D0B71035E123FDDA2156A25578AD3 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
    10:04:39.0437 3396 CryptSvc - ok
    10:04:39.0437 3396 dac2w2k - ok
    10:04:39.0453 3396 dac960nt - ok
    10:04:39.0515 3396 [ 0203B1AAD358F206CB0A3C1F93CCE17A ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
    10:04:39.0609 3396 DcomLaunch - ok
    10:04:39.0656 3396 [ 318F535DC05551D96DEEB90B6D6904DE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
    10:04:39.0796 3396 Dhcp - ok
    10:04:39.0812 3396 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
    10:04:39.0953 3396 Disk - ok
    10:04:40.0000 3396 [ EE4325BECEF51B8C32B4329097E4F301 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
    10:04:40.0015 3396 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning
    10:04:40.0015 3396 DLABOIOM - detected UnsignedFile.Multi.Generic (1)
    10:04:40.0015 3396 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
    10:04:40.0046 3396 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning
    10:04:40.0046 3396 DLACDBHM - detected UnsignedFile.Multi.Generic (1)
    10:04:40.0062 3396 [ 1519522FD0CC96E84BD0EAF585CDBF65 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
    10:04:40.0078 3396 DLADResN ( UnsignedFile.Multi.Generic ) - warning
    10:04:40.0078 3396 DLADResN - detected UnsignedFile.Multi.Generic (1)
    10:04:40.0093 3396 [ 752376E109A090970BFA9722F0F40B03 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
    10:04:40.0093 3396 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning
    10:04:40.0093 3396 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)
    10:04:40.0109 3396 [ 62EE7902E74B90BF1CCC4643FC6C07A7 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
    10:04:40.0125 3396 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning
    10:04:40.0125 3396 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)
    10:04:40.0140 3396 [ 5C220124C5AFEAEE84A9BB89D685C17B ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
    10:04:40.0156 3396 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning
    10:04:40.0156 3396 DLAPoolM - detected UnsignedFile.Multi.Generic (1)
    10:04:40.0156 3396 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
    10:04:40.0171 3396 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning
    10:04:40.0171 3396 DLARTL_N - detected UnsignedFile.Multi.Generic (1)
    10:04:40.0171 3396 [ 4EBB78D9BBF072119363B35B9B3E518F ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
    10:04:40.0187 3396 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning
    10:04:40.0187 3396 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)
    10:04:40.0187 3396 [ 333B770E52D2CEA7BD86391120466E43 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
    10:04:40.0203 3396 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning
    10:04:40.0203 3396 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)
    10:04:40.0218 3396 dmadmin - ok
    10:04:40.0312 3396 [ F5DEADD42335FB33EDCA74ECB2F36CBA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
    10:04:40.0515 3396 dmboot - ok
    10:04:40.0562 3396 [ 5A7C47C9B3F9FB92A66410A7509F0C71 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
    10:04:40.0781 3396 dmio - ok
    10:04:40.0812 3396 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
    10:04:40.0937 3396 dmload - ok
    10:04:40.0984 3396 [ 6797C23D6B79935482D7F0E8CA5E5B67 ] dmserver C:\WINDOWS\System32\dmserver.dll
    10:04:41.0140 3396 dmserver - ok
    10:04:41.0171 3396 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
    10:04:41.0296 3396 DMusic - ok
    10:04:41.0343 3396 [ 1A1E59377FB6CACD711CC5073C4A7D79 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
    10:04:41.0359 3396 Dnscache - ok
    10:04:41.0421 3396 [ 3FCF86F03D0302443C21CE6E5BBF7A25 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
    10:04:41.0562 3396 Dot3svc - ok
    10:04:41.0578 3396 dpti2o - ok
    10:04:41.0625 3396 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
    10:04:41.0734 3396 drmkaud - ok
    10:04:41.0750 3396 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
    10:04:41.0765 3396 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning
    10:04:41.0765 3396 DRVMCDB - detected UnsignedFile.Multi.Generic (1)
    10:04:41.0781 3396 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
    10:04:41.0796 3396 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning
    10:04:41.0796 3396 DRVNDDM - detected UnsignedFile.Multi.Generic (1)
    10:04:41.0843 3396 [ C9FFBD6B8EDC46CD3D13E3C6DB914FB7 ] DVD-RAM_Service C:\WINDOWS\system32\DVDRAMSV.exe
    10:04:41.0859 3396 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - warning
    10:04:41.0859 3396 DVD-RAM_Service - detected UnsignedFile.Multi.Generic (1)
    10:04:41.0921 3396 [ E1FA10ED8F9F700C1BE1EAE05A80EF57 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
    10:04:41.0953 3396 e1express - ok
    10:04:41.0984 3396 [ 8B5FC9087D2CAB110BC2ED5CC5E7B8AC ] EapHost C:\WINDOWS\System32\eapsvc.dll
    10:04:42.0093 3396 EapHost - ok
    10:04:42.0125 3396 [ 94F948CB12C4D35483F1E815DEB16C7B ] ERSvc C:\WINDOWS\System32\ersvc.dll
    10:04:42.0265 3396 ERSvc - ok
    10:04:42.0328 3396 [ C3FB1D70CB88722267949694BA51759E ] Eventlog C:\WINDOWS\system32\services.exe
    10:04:42.0359 3396 Eventlog - ok
    10:04:42.0390 3396 [ EC16AE9B37EACF871629227A3F3913FD ] EventSystem C:\WINDOWS\system32\es.dll
    10:04:42.0437 3396 EventSystem - ok
    10:04:42.0562 3396 [ 9D6A019DEA917F305AF23209FEDD5F16 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    10:04:42.0625 3396 EvtEng - ok
    10:04:42.0718 3396 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
    10:04:42.0875 3396 Fastfat - ok
    10:04:42.0937 3396 [ 1B8542F338CDD86929A084A455837158 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
    10:04:42.0984 3396 FastUserSwitchingCompatibility - ok
    10:04:43.0031 3396 [ 305687EB8C8E0A12A0B2BAE387B6E466 ] Fax C:\WINDOWS\system32\fxssvc.exe
    10:04:43.0218 3396 Fax - ok
    10:04:43.0265 3396 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
    10:04:43.0406 3396 Fdc - ok
    10:04:43.0421 3396 [ 31F923EB2170FC172C81ABDA0045D18C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
    10:04:43.0546 3396 Fips - ok
    10:04:43.0546 3396 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
    10:04:43.0671 3396 Flpydisk - ok
    10:04:43.0718 3396 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
    10:04:43.0843 3396 FltMgr - ok
    10:04:43.0890 3396 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    10:04:43.0906 3396 FontCache3.0.0.0 - ok
    10:04:43.0937 3396 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
    10:04:44.0062 3396 Fs_Rec - ok
    10:04:44.0109 3396 [ A86859B77B908C18C2657F284AA29FE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    10:04:44.0234 3396 Ftdisk - ok
    10:04:44.0296 3396 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
    10:04:44.0421 3396 Gpc - ok
    10:04:44.0500 3396 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
    10:04:44.0515 3396 gupdate - ok
    10:04:44.0515 3396 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
    10:04:44.0531 3396 gupdatem - ok
    10:04:44.0578 3396 [ A8BCCB6AB8E43C39F4EF1BC4DB8D6165 ] HdAudAddService C:\WINDOWS\system32\drivers\CHDAud.sys
    10:04:44.0656 3396 HdAudAddService - ok
    10:04:44.0671 3396 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    10:04:44.0796 3396 HDAudBus - ok
    10:04:44.0890 3396 [ 1247F83B705AF0E796330442F7967CF8 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
    10:04:45.0046 3396 helpsvc - ok
    10:04:45.0062 3396 HidServ - ok
    10:04:45.0109 3396 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
    10:04:45.0281 3396 HidUsb - ok
    10:04:45.0312 3396 [ 17B3C3D40CDBA40C2E331D28BE4DE27F ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
    10:04:45.0453 3396 hkmsvc - ok
    10:04:45.0453 3396 hpn - ok
    10:04:45.0515 3396 [ A30D7011C1B80A0BC16602D99218D522 ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
    10:04:45.0546 3396 HSFHWAZL - ok
    10:04:45.0609 3396 [ 5A5A7721D9C62D77FC0FABA9B2CF5BE9 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
    10:04:45.0687 3396 HSF_DPV - ok
    10:04:45.0765 3396 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
    10:04:45.0812 3396 HTTP - ok
    10:04:45.0843 3396 [ BD31CFACE38D1800ABDB43F4260AF0D5 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
    10:04:45.0984 3396 HTTPFilter - ok
    10:04:46.0000 3396 i2omgmt - ok
    10:04:46.0000 3396 i2omp - ok
    10:04:46.0062 3396 [ A09BDC4ED10E3B2E0EC27BB94AF32516 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    10:04:46.0265 3396 i8042prt - ok
    10:04:46.0359 3396 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    10:04:46.0406 3396 IDriverT ( UnsignedFile.Multi.Generic ) - warning
    10:04:46.0406 3396 IDriverT - detected UnsignedFile.Multi.Generic (1)
    10:04:46.0515 3396 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    10:04:46.0562 3396 idsvc - ok
    10:04:46.0609 3396 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
    10:04:46.0750 3396 Imapi - ok
    10:04:46.0812 3396 [ C4221678BBAA55239C23632875759961 ] ImapiService C:\WINDOWS\system32\imapi.exe
    10:04:47.0015 3396 ImapiService - ok
    10:04:47.0031 3396 ini910u - ok
    10:04:47.0062 3396 [ E1DF634BEC066B3D4FFE437BCB78C282 ] Inspect C:\WINDOWS\system32\DRIVERS\inspect.sys
    10:04:47.0078 3396 Inspect - ok
    10:04:47.0093 3396 IntelIde - ok
    10:04:47.0140 3396 [ AD340800C35A42D4DE1641A37FEEA34C ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
    10:04:47.0296 3396 intelppm - ok
    10:04:47.0312 3396 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
    10:04:47.0453 3396 Ip6Fw - ok
    10:04:47.0500 3396 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    10:04:47.0625 3396 IpFilterDriver - ok
    10:04:47.0625 3396 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
    10:04:47.0765 3396 IpInIp - ok
    10:04:47.0812 3396 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
    10:04:47.0937 3396 IpNat - ok
    10:04:47.0953 3396 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
    10:04:48.0078 3396 IPSec - ok
    10:04:48.0109 3396 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
    10:04:48.0187 3396 IRENUM - ok
    10:04:48.0203 3396 [ 355836975A67B6554BCA60328CD6CB74 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
    10:04:48.0312 3396 isapnp - ok
    10:04:48.0328 3396 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
    10:04:48.0359 3396 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
    10:04:48.0359 3396 Iviaspi - detected UnsignedFile.Multi.Generic (1)
    10:04:48.0453 3396 [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
    10:04:48.0484 3396 JavaQuickStarterService - ok
    10:04:48.0484 3396 [ 16813155807C6881F4BFBF6657424659 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    10:04:48.0609 3396 Kbdclass - ok
    10:04:48.0625 3396 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
    10:04:48.0765 3396 kmixer - ok
    10:04:48.0781 3396 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
    10:04:48.0796 3396 KSecDD - ok
    10:04:48.0843 3396 [ 1DB8078A32E03AC8F5EB5E6DCAC2AA34 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
    10:04:48.0890 3396 lanmanserver - ok
    10:04:48.0906 3396 [ AD54EAD46D92F413BE189AABC1C59490 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
    10:04:48.0953 3396 lanmanworkstation - ok
    10:04:48.0953 3396 Lavasoft Kernexplorer - ok
    10:04:48.0968 3396 lbrtfdc - ok
    10:04:49.0015 3396 [ 0F357C079AC529A844AB5B18E4EEF881 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
    10:04:49.0171 3396 LmHosts - ok
    10:04:49.0265 3396 [ 4A0B6533F035D74729942EE1D19C35C5 ] lxdxCATSCustConnectService C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe
    10:04:49.0343 3396 lxdxCATSCustConnectService - ok
    10:04:49.0359 3396 lxdx_device - ok
    10:04:49.0390 3396 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
    10:04:49.0421 3396 mdmxsdk - ok
    10:04:49.0453 3396 [ 7EFAC183A25B30FB5D64CC9D484B1EB6 ] meiudf C:\WINDOWS\system32\Drivers\meiudf.sys
    10:04:49.0468 3396 meiudf ( UnsignedFile.Multi.Generic ) - warning
    10:04:49.0468 3396 meiudf - detected UnsignedFile.Multi.Generic (1)
    10:04:49.0500 3396 [ E67A66A3781C1A483F0F8992664CBE0D ] Messenger C:\WINDOWS\System32\msgsvc.dll
    10:04:49.0640 3396 Messenger - ok
    10:04:49.0656 3396 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
    10:04:49.0796 3396 mnmdd - ok
    10:04:49.0828 3396 [ D3A2870CD96CDA7BCFF3DC54F64087AD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
    10:04:50.0015 3396 mnmsrvc - ok
    10:04:50.0062 3396 [ 510ADE9327FE84C10254E1902697E25F ] Modem C:\WINDOWS\system32\drivers\Modem.sys
    10:04:50.0171 3396 Modem - ok
    10:04:50.0203 3396 [ 027C01BD7EF3349AAEBC883D8A799EFB ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
    10:04:50.0343 3396 Mouclass - ok
    10:04:50.0343 3396 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
    10:04:50.0468 3396 MountMgr - ok
    10:04:50.0546 3396 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    10:04:50.0562 3396 MozillaMaintenance - ok
    10:04:50.0578 3396 mraid35x - ok
    10:04:50.0609 3396 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    10:04:50.0734 3396 MRxDAV - ok
    10:04:50.0796 3396 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    10:04:50.0875 3396 MRxSmb - ok
    10:04:50.0890 3396 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
    10:04:51.0031 3396 Msfs - ok
    10:04:51.0031 3396 MSIServer - ok
    10:04:51.0062 3396 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
    10:04:51.0171 3396 MSKSSRV - ok
    10:04:51.0203 3396 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    10:04:51.0328 3396 MSPCLOCK - ok
    10:04:51.0343 3396 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
    10:04:51.0468 3396 MSPQM - ok
    10:04:51.0484 3396 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    10:04:51.0609 3396 mssmbios - ok
    10:04:51.0656 3396 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
    10:04:51.0687 3396 Mup - ok
    10:04:51.0734 3396 [ 69E4FBBABAEEE1BFF422E091DA3171DA ] napagent C:\WINDOWS\System32\qagentrt.dll
    10:04:51.0875 3396 napagent - ok
    10:04:51.0937 3396 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
    10:04:52.0062 3396 NDIS - ok
    10:04:52.0109 3396 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    10:04:52.0140 3396 NdisTapi - ok
    10:04:52.0156 3396 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    10:04:52.0312 3396 Ndisuio - ok
    10:04:52.0312 3396 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    10:04:52.0437 3396 NdisWan - ok
    10:04:52.0468 3396 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
    10:04:52.0500 3396 NDProxy - ok
    10:04:52.0515 3396 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
    10:04:52.0625 3396 NetBIOS - ok
    10:04:52.0656 3396 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
    10:04:52.0765 3396 NetBT - ok
    10:04:52.0828 3396 [ 5C9B1D83755B36237B70F95DF3D46A52 ] NetDDE C:\WINDOWS\system32\netdde.exe
    10:04:52.0937 3396 NetDDE - ok
    10:04:52.0953 3396 [ 5C9B1D83755B36237B70F95DF3D46A52 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
    10:04:53.0062 3396 NetDDEdsdm - ok
    10:04:53.0093 3396 [ 1265EB253ED4EBE4ACB3BD5F548FF796 ] Netdevio C:\WINDOWS\system32\DRIVERS\netdevio.sys
    10:04:53.0109 3396 Netdevio ( UnsignedFile.Multi.Generic ) - warning
    10:04:53.0109 3396 Netdevio - detected UnsignedFile.Multi.Generic (1)
    10:04:53.0156 3396 [ 91E6024D6D4DCDECDB36C43ECF9BBECB ] Netlogon C:\WINDOWS\system32\lsass.exe
    10:04:53.0281 3396 Netlogon - ok
    10:04:53.0296 3396 [ BE0CB143FA427D93440DED18DB8C918B ] Netman C:\WINDOWS\System32\netman.dll
    10:04:53.0421 3396 Netman - ok
    10:04:53.0484 3396 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    10:04:53.0500 3396 NetTcpPortSharing - ok
    10:04:53.0859 3396 [ 72062B53186E4A3F5FCBC41EBB62B905 ] NETwLx32 C:\WINDOWS\system32\DRIVERS\NETwLx32.sys
    10:04:54.0515 3396 NETwLx32 - ok
    10:04:54.0578 3396 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
    10:04:54.0781 3396 NIC1394 - ok
    10:04:54.0796 3396 [ 6F5F546A92C7B6AE45DB1D6910781EB0 ] Nla C:\WINDOWS\System32\mswsock.dll
    10:04:54.0843 3396 Nla - ok
    10:04:54.0843 3396 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
    10:04:54.0968 3396 nm - ok
    10:04:55.0031 3396 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\WINDOWS\system32\drivers\npf.sys
    10:04:55.0046 3396 NPF - ok
    10:04:55.0062 3396 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
    10:04:55.0218 3396 Npfs - ok
    10:04:55.0296 3396 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
    10:04:55.0468 3396 Ntfs - ok
    10:04:55.0484 3396 [ 91E6024D6D4DCDECDB36C43ECF9BBECB ] NtLmSsp C:\WINDOWS\system32\lsass.exe
    10:04:55.0609 3396 NtLmSsp - ok
    10:04:55.0656 3396 [ 037D92B3A7853A183FCAB77FB1D13D6C ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
    10:04:55.0828 3396 NtmsSvc - ok
    10:04:55.0875 3396 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
    10:04:56.0000 3396 Null - ok
    10:04:56.0218 3396 [ 24F48F02FA8D9EFDA3425440F9814057 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    10:04:56.0421 3396 nv - ok
    10:04:56.0453 3396 [ 2F1829856FC8C22C3605A42AAFE5E8C2 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
    10:04:56.0484 3396 NVSvc - ok
    10:04:56.0500 3396 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    10:04:56.0609 3396 NwlnkFlt - ok
    10:04:56.0640 3396 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    10:04:56.0781 3396 NwlnkFwd - ok
    10:04:56.0843 3396 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    10:04:56.0953 3396 ohci1394 - ok
    10:04:56.0984 3396 [ 8FD0BDBEA875D06CCF6C945CA9ABAF75 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
    10:04:57.0109 3396 Parport - ok
    10:04:57.0125 3396 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
    10:04:57.0234 3396 PartMgr - ok
    10:04:57.0250 3396 [ 9575C5630DB8FB804649A6959737154C ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
    10:04:57.0359 3396 ParVdm - ok
    10:04:57.0359 3396 [ 043410877BDA580C528F45165F7125BC ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
    10:04:57.0484 3396 PCI - ok
    10:04:57.0500 3396 PCIDump - ok
    10:04:57.0500 3396 [ F4BFDE7209C14A07AAA61E4D6AE69EAC ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
    10:04:57.0625 3396 PCIIde - ok
    10:04:57.0640 3396 [ F0406CBC60BDB0394A0E17FFB04CDD3D ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
    10:04:57.0765 3396 Pcmcia - ok
    10:04:57.0765 3396 PDCOMP - ok
    10:04:57.0765 3396 PDFRAME - ok
    10:04:57.0781 3396 PDRELI - ok
    10:04:57.0781 3396 PDRFRAME - ok
    10:04:57.0796 3396 perc2 - ok
    10:04:57.0796 3396 perc2hib - ok
    10:04:57.0828 3396 [ 444F122E68DB44C0589227781F3C8B3F ] Pfc C:\WINDOWS\system32\drivers\pfc.sys
    10:04:57.0859 3396 Pfc ( UnsignedFile.Multi.Generic ) - warning
    10:04:57.0859 3396 Pfc - detected UnsignedFile.Multi.Generic (1)
    10:04:57.0875 3396 [ C3FB1D70CB88722267949694BA51759E ] PlugPlay C:\WINDOWS\system32\services.exe
    10:04:57.0906 3396 PlugPlay - ok
    10:04:57.0906 3396 [ 91E6024D6D4DCDECDB36C43ECF9BBECB ] PolicyAgent C:\WINDOWS\system32\lsass.exe
    10:04:58.0031 3396 PolicyAgent - ok
    10:04:58.0062 3396 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
    10:04:58.0187 3396 PptpMiniport - ok
    10:04:58.0203 3396 PROCEXP151 - ok
    10:04:58.0203 3396 [ 91E6024D6D4DCDECDB36C43ECF9BBECB ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
    10:04:58.0328 3396 ProtectedStorage - ok
    10:04:58.0328 3396 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
    10:04:58.0453 3396 PSched - ok
    10:04:58.0468 3396 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf.sys
    10:04:58.0484 3396 PSI - ok
    10:04:58.0515 3396 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
    10:04:58.0656 3396 Ptilink - ok
    10:04:58.0656 3396 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
    10:04:58.0671 3396 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
    10:04:58.0671 3396 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
    10:04:58.0687 3396 [ 7DC7ACA4E775E9D823F5773A2F47A2AC ] qkbfiltr C:\WINDOWS\system32\drivers\qkbfiltr.sys
    10:04:58.0734 3396 qkbfiltr ( UnsignedFile.Multi.Generic ) - warning
    10:04:58.0734 3396 qkbfiltr - detected UnsignedFile.Multi.Generic (1)
    10:04:58.0734 3396 ql1080 - ok
    10:04:58.0750 3396 Ql10wnt - ok
    10:04:58.0750 3396 ql12160 - ok
    10:04:58.0765 3396 ql1240 - ok
    10:04:58.0765 3396 ql1280 - ok
    10:04:58.0796 3396 [ 8652B9E134C3478BE948BF089DF8ED5E ] qmofiltr C:\WINDOWS\system32\drivers\qmofiltr.sys
    10:04:58.0812 3396 qmofiltr ( UnsignedFile.Multi.Generic ) - warning
    10:04:58.0812 3396 qmofiltr - detected UnsignedFile.Multi.Generic (1)
    10:04:58.0828 3396 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
    10:04:58.0968 3396 RasAcd - ok
    10:04:59.0015 3396 [ 78DA9CCDAC683EF5AA87D1C919F6D221 ] RasAuto C:\WINDOWS\System32\rasauto.dll
    10:04:59.0156 3396 RasAuto - ok
    10:04:59.0171 3396 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    10:04:59.0296 3396 Rasl2tp - ok
    10:04:59.0343 3396 [ 0A48DF90B4784F9B90A2671AF992C914 ] RasMan C:\WINDOWS\System32\rasmans.dll
    10:04:59.0468 3396 RasMan - ok
    10:04:59.0468 3396 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    10:04:59.0609 3396 RasPppoe - ok
    10:04:59.0656 3396 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
    10:04:59.0781 3396 Raspti - ok
    10:04:59.0812 3396 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
    10:04:59.0921 3396 Rdbss - ok
    10:04:59.0921 3396 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    10:05:00.0062 3396 RDPCDD - ok
    10:05:00.0125 3396 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
    10:05:00.0171 3396 RDPWD - ok
    10:05:00.0218 3396 [ 9F63D9C5B238ED1C375D417EFF3D5BE7 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
    10:05:00.0375 3396 RDSessMgr - ok
    10:05:00.0421 3396 [ D8EB2A7904DB6C916EB5361878DDCBAE ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
    10:05:00.0546 3396 redbook - ok
    10:05:00.0671 3396 [ 6987DC1DD7A7159752DFB1F6AABAE062 ] RegSrvc C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    10:05:00.0703 3396 RegSrvc - ok
    10:05:00.0750 3396 [ 7DA370C31673C99497BD07068EE6E354 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
    10:05:00.0890 3396 RemoteAccess - ok
    10:05:00.0921 3396 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
    10:05:00.0953 3396 rpcapd - ok
    10:05:00.0968 3396 [ 499C59A2584F6D4EA41E944DA571D993 ] RpcLocator C:\WINDOWS\system32\locator.exe
    10:05:01.0156 3396 RpcLocator - ok
    10:05:01.0187 3396 [ 0203B1AAD358F206CB0A3C1F93CCE17A ] RpcSs C:\WINDOWS\System32\rpcss.dll
    10:05:01.0234 3396 RpcSs - ok
    10:05:01.0296 3396 [ 414964844F4793ACB868D057E8ED997E ] RSVP C:\WINDOWS\system32\rsvp.exe
    10:05:01.0437 3396 RSVP - ok
    10:05:01.0531 3396 [ 662973C942738D4B2FE8147E63DE66B3 ] S24EventMonitor C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    10:05:01.0578 3396 S24EventMonitor - ok
    10:05:01.0671 3396 [ 27FC71DA659305E260ACBDA15A318399 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
    10:05:01.0687 3396 s24trans - ok
    10:05:01.0703 3396 [ 91E6024D6D4DCDECDB36C43ECF9BBECB ] SamSs C:\WINDOWS\system32\lsass.exe
    10:05:01.0890 3396 SamSs - ok
    10:05:01.0937 3396 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    10:05:01.0953 3396 SASDIFSV - ok
    10:05:01.0953 3396 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    10:05:01.0968 3396 SASKUTIL - ok
    10:05:02.0015 3396 [ 67949CC8A865296C1333C96A4E1A2D66 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
    10:05:02.0156 3396 SCardSvr - ok
    10:05:02.0203 3396 [ 55F5C5C1BE1A78E285033E432BA01597 ] Schedule C:\WINDOWS\system32\schedsvc.dll
    10:05:02.0328 3396 Schedule - ok
    10:05:02.0390 3396 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
    10:05:02.0515 3396 sdbus - ok
    10:05:02.0562 3396 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
    10:05:02.0640 3396 Secdrv - ok
    10:05:02.0656 3396 [ 5AC311C0AF2AF5EC221670BB8DC479D3 ] seclogon C:\WINDOWS\System32\seclogon.dll
    10:05:02.0796 3396 seclogon - ok
    10:05:02.0937 3396 [ 5B66DB4877BBAC9F7493AA8D84421E49 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
    10:05:02.0984 3396 Secunia PSI Agent - ok
    10:05:03.0062 3396 [ 0E88FDF474F2CDD370A4A6CE77D018F0 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
    10:05:03.0093 3396 Secunia Update Agent - ok
    10:05:03.0156 3396 [ 3531366F38F453D08FE72E7B32DFE786 ] SENS C:\WINDOWS\system32\sens.dll
    10:05:03.0312 3396 SENS - ok
    10:05:03.0359 3396 [ 93D313C31F7AD9EA2B75F26075413C7C ] Serial C:\WINDOWS\system32\drivers\Serial.sys
    10:05:03.0562 3396 Serial - ok
    10:05:03.0609 3396 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
    10:05:03.0734 3396 sffdisk - ok
    10:05:03.0750 3396 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
    10:05:03.0875 3396 sffp_sd - ok
    10:05:03.0890 3396 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
    10:05:04.0015 3396 Sfloppy - ok
    10:05:04.0078 3396 [ F4CE708A7D17A625DE6C0FD746D50E88 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
    10:05:04.0234 3396 SharedAccess - ok
    10:05:04.0281 3396 [ 1B8542F338CDD86929A084A455837158 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
    10:05:04.0312 3396 ShellHWDetection - ok
    10:05:04.0312 3396 Simbad - ok
    10:05:04.0328 3396 Sparrow - ok
    10:05:04.0343 3396 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
    10:05:04.0468 3396 splitter - ok
    10:05:04.0500 3396 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
    10:05:04.0546 3396 Spooler - ok
    10:05:04.0593 3396 [ B52181023B827ACDA36C1B76751EBFFD ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
    10:05:04.0687 3396 sr - ok
    10:05:04.0718 3396 [ 6469C53F4D16FA6055CCA265BC03DB66 ] srservice C:\WINDOWS\system32\srsvc.dll
    10:05:04.0828 3396 srservice - ok
    10:05:04.0890 3396 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
    10:05:04.0968 3396 Srv - ok
    10:05:05.0015 3396 [ EA9E0DB8684CEF2FD3BADD671DF5A112 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
    10:05:05.0109 3396 SSDPSRV - ok
    10:05:05.0171 3396 [ D76B0E8A4ECAD1ADCC75FD14A7ACC54C ] stisvc C:\WINDOWS\system32\wiaservc.dll
    10:05:05.0328 3396 stisvc - ok
    10:05:05.0375 3396 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
    10:05:05.0562 3396 swenum - ok
    10:05:05.0609 3396 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
    10:05:05.0734 3396 swmidi - ok
    10:05:05.0734 3396 SwPrv - ok
    10:05:05.0750 3396 symc810 - ok
    10:05:05.0750 3396 symc8xx - ok
    10:05:05.0765 3396 sym_hi - ok
    10:05:05.0765 3396 sym_u3 - ok
    10:05:05.0828 3396 [ E295FFFFF3AAF9A6A40B29497901908F ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
    10:05:05.0859 3396 SynTP - ok
    10:05:05.0875 3396 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
    10:05:05.0984 3396 sysaudio - ok
    10:05:06.0015 3396 [ 0899061318A6B1D9596AABFC77F45E44 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
    10:05:06.0406 3396 SysmonLog - ok
    10:05:06.0453 3396 [ 8E5231171AD6595FF002E848CC54FCD7 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
    10:05:06.0593 3396 TapiSrv - ok
    10:05:06.0640 3396 [ 1F26D86828039C0B594399F7F2FFEF09 ] TBiosDrv C:\WINDOWS\system32\Drivers\Tbiosdrv.sys
    10:05:06.0671 3396 TBiosDrv ( UnsignedFile.Multi.Generic ) - warning
    10:05:06.0671 3396 TBiosDrv - detected UnsignedFile.Multi.Generic (1)
    10:05:06.0734 3396 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
    10:05:06.0781 3396 Tcpip - ok
    10:05:06.0812 3396 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
    10:05:07.0031 3396 TDPIPE - ok
    10:05:07.0046 3396 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
    10:05:07.0171 3396 TDTCP - ok
    10:05:07.0203 3396 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
    10:05:07.0328 3396 TermDD - ok
    10:05:07.0359 3396 [ 710BC85A8C22626EE094439E3EA0D38C ] TermService C:\WINDOWS\System32\termsrv.dll
    10:05:07.0500 3396 TermService - ok
    10:05:07.0515 3396 [ 1B8542F338CDD86929A084A455837158 ] Themes C:\WINDOWS\System32\shsvcs.dll
    10:05:07.0546 3396 Themes - ok
    10:05:07.0609 3396 [ 244CFBFFDEFB77F3DF571A8CD108FC06 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
    10:05:07.0625 3396 tifm21 - ok
    10:05:07.0640 3396 TosIde - ok
    10:05:07.0703 3396 [ E1A84A5067627407A53C2C4F8D8A1D2E ] TrkWks C:\WINDOWS\system32\trkwks.dll
    10:05:07.0828 3396 TrkWks - ok
    10:05:07.0843 3396 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
    10:05:07.0968 3396 Udfs - ok
    10:05:07.0984 3396 UIUSys - ok
    10:05:07.0984 3396 ultra - ok
    10:05:08.0046 3396 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
    10:05:08.0187 3396 Update - ok
    10:05:08.0234 3396 [ BD8166A495B02308F364B36249475F22 ] upnphost C:\WINDOWS\System32\upnphost.dll
    10:05:08.0328 3396 upnphost - ok
    10:05:08.0359 3396 [ 1EDC93D7BD731B5CA6248AE245099B60 ] UPS C:\WINDOWS\System32\ups.exe
    10:05:08.0500 3396 UPS - ok
    10:05:08.0546 3396 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    10:05:08.0671 3396 usbccgp - ok
    10:05:08.0703 3396 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
    10:05:08.0875 3396 usbehci - ok
    10:05:08.0921 3396 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
    10:05:09.0046 3396 usbhub - ok
    10:05:09.0062 3396 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
    10:05:09.0218 3396 usbprint - ok
    10:05:09.0265 3396 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
    10:05:09.0437 3396 usbscan - ok
    10:05:09.0437 3396 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    10:05:09.0546 3396 USBSTOR - ok
    10:05:09.0562 3396 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    10:05:09.0687 3396 usbuhci - ok
    10:05:09.0703 3396 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
    10:05:09.0828 3396 VgaSave - ok
    10:05:09.0828 3396 ViaIde - ok
    10:05:09.0843 3396 [ 46DE1126684369BACE4849E4FC8C43CA ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
    10:05:09.0968 3396 VolSnap - ok
    10:05:10.0031 3396 [ 5A4DA252B2C0550AB83D129C02CF6C19 ] VSS C:\WINDOWS\System32\vssvc.exe
    10:05:10.0109 3396 VSS - ok
    10:05:10.0156 3396 [ C1F726EE0B043B074A68992BC4AEF8FD ] W32Time C:\WINDOWS\system32\w32time.dll
    10:05:10.0296 3396 W32Time - ok
    10:05:10.0406 3396 [ B1F126E7E28877106D60E6FF3998D033 ] w39n51 C:\WINDOWS\system32\DRIVERS\w39n51.sys
    10:05:10.0453 3396 w39n51 - ok
    10:05:10.0531 3396 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
    10:05:10.0671 3396 Wanarp - ok
    10:05:10.0671 3396 WDICA - ok
    10:05:10.0718 3396 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
  6. needhelp51

    needhelp51 TechSpot Enthusiast Topic Starter Posts: 203

    (continues)


    10:05:10.0843 3396 wdmaud - ok
    10:05:10.0890 3396 [ 714670E64FBE6D28D99871ED9A52A334 ] WebClient C:\WINDOWS\System32\webclnt.dll
    10:05:11.0015 3396 WebClient - ok
    10:05:11.0078 3396 [ E0A00B06EA067C84E124B407DFFA1AF1 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
    10:05:11.0156 3396 winachsf - ok
    10:05:11.0312 3396 [ 5E9DEAE9980FF34BCD6DDE2E9E2BF911 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
    10:05:11.0437 3396 winmgmt - ok
    10:05:11.0484 3396 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
    10:05:11.0500 3396 WmdmPmSN - ok
    10:05:11.0531 3396 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
    10:05:11.0640 3396 WmiAcpi - ok
    10:05:11.0671 3396 [ 4E8E8A58F56B25D0795F484E5EB7F898 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
    10:05:11.0796 3396 WmiApSrv - ok
    10:05:11.0937 3396 [ C9BEA742CE225CC993C9465FDDAE4656 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
    10:05:11.0968 3396 WMPNetworkSvc - ok
    10:05:12.0062 3396 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    10:05:12.0109 3396 WPFFontCache_v0400 - ok
    10:05:12.0140 3396 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
    10:05:12.0265 3396 WS2IFSL - ok
    10:05:12.0328 3396 [ C1FD85DB4A80A98D60ECB7A828E77FE0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
    10:05:12.0546 3396 wscsvc - ok
    10:05:12.0562 3396 [ 75D6C5C3D2C93B1F9931E5DFB693AE2A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
    10:05:12.0687 3396 wuauserv - ok
    10:05:12.0718 3396 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    10:05:12.0781 3396 WudfPf - ok
    10:05:12.0812 3396 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
    10:05:12.0859 3396 WudfSvc - ok
    10:05:12.0921 3396 [ C336E54EE0C291A02F004667DB1E66CB ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
    10:05:13.0062 3396 WZCSVC - ok
    10:05:13.0093 3396 [ F92A87FDDA0C11C8604FBC2B864FA726 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
    10:05:13.0250 3396 xmlprov - ok
    10:05:13.0250 3396 ================ Scan global ===============================
    10:05:13.0312 3396 [ 61013AB2E38550619637AA6CC02383D4 ] C:\WINDOWS\system32\basesrv.dll
    10:05:13.0359 3396 [ 8FB644D08037BB9CF532F697CCC0A8E6 ] C:\WINDOWS\system32\winsrv.dll
    10:05:13.0390 3396 [ 8FB644D08037BB9CF532F697CCC0A8E6 ] C:\WINDOWS\system32\winsrv.dll
    10:05:13.0421 3396 [ C3FB1D70CB88722267949694BA51759E ] C:\WINDOWS\system32\services.exe
    10:05:13.0437 3396 [Global] - ok
    10:05:13.0437 3396 ================ Scan MBR ==================================
    10:05:13.0453 3396 [ 09CE7397AF23D4C0B331B89D0297CC7E ] \Device\Harddisk0\DR0
    10:05:14.0015 3396 \Device\Harddisk0\DR0 - ok
    10:05:14.0015 3396 ================ Scan VBR ==================================
    10:05:14.0015 3396 [ 73C6E5BE10F2BCBD84990E5B2BC86CB9 ] \Device\Harddisk0\DR0\Partition1
    10:05:14.0015 3396 \Device\Harddisk0\DR0\Partition1 - ok
    10:05:14.0015 3396 ============================================================
    10:05:14.0015 3396 Scan finished
    10:05:14.0015 3396 ============================================================
    10:05:14.0156 3772 Detected object count: 22
    10:05:14.0156 3772 Actual detected object count: 22
    10:05:23.0703 3772 CFSvcs ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0703 3772 CFSvcs ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0703 3772 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0703 3772 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0703 3772 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0703 3772 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0703 3772 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0703 3772 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0718 3772 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0718 3772 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0718 3772 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0718 3772 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0718 3772 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0718 3772 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0718 3772 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0718 3772 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0718 3772 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0718 3772 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0718 3772 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0718 3772 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0734 3772 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0734 3772 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0734 3772 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0734 3772 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0734 3772 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0734 3772 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0734 3772 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0734 3772 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0734 3772 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0734 3772 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0734 3772 meiudf ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0734 3772 meiudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0750 3772 Netdevio ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0750 3772 Netdevio ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0750 3772 Pfc ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0750 3772 Pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0750 3772 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0750 3772 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0750 3772 qkbfiltr ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0750 3772 qkbfiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0750 3772 qmofiltr ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0750 3772 qmofiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:05:23.0750 3772 TBiosDrv ( UnsignedFile.Multi.Generic ) - skipped by user
    10:05:23.0750 3772 TBiosDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
    10:06:01.0562 1808 Deinitialize success
  7. needhelp51

    needhelp51 TechSpot Enthusiast Topic Starter Posts: 203

    Hello, here is OTL quick scan:

    OTL logfile created on: 2013-01-26 09:01:32 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Toshiba\Bureau
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

    3,00 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 83,53% Memory free
    4,88 Gb Paging File | 4,43 Gb Available in Paging File | 90,94% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 111,79 Gb Total Space | 24,14 Gb Free Space | 21,59% Space Free | Partition Type: NTFS

    Computer Name: TOSHIBA-29519BD | User Name: Toshiba | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013-01-26 08:47:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
    PRC - [2012-11-27 21:50:02 | 003,085,736 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe
    PRC - [2012-11-07 18:37:37 | 001,990,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    PRC - [2012-11-07 18:37:11 | 006,756,048 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    PRC - [2012-10-30 18:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2012-10-30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2012-09-22 15:19:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    PRC - [2012-09-17 11:41:54 | 000,254,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
    PRC - [2011-10-24 18:58:52 | 001,407,248 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
    PRC - [2011-10-24 18:58:46 | 000,882,960 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
    PRC - [2011-10-24 17:53:14 | 000,870,672 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    PRC - [2011-10-24 17:37:18 | 001,210,640 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
    PRC - [2011-10-24 17:34:56 | 000,481,552 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
    PRC - [2011-10-14 01:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
    PRC - [2011-10-14 01:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
    PRC - [2011-10-14 01:01:46 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
    PRC - [2010-02-04 00:28:07 | 000,107,176 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe
    PRC - [2010-02-04 00:27:55 | 000,672,424 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
    PRC - [2009-10-16 12:10:34 | 000,589,824 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdxcoms.exe
    PRC - [2008-04-13 21:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2006-01-05 17:00:06 | 001,589,248 | ---- | M] (TOSHIBA Inc.) -- C:\Program Files\TOSHIBA\Windows Utilities\Hotkey.exe
    PRC - [2005-12-15 13:21:00 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe
    PRC - [2005-10-05 23:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
    PRC - [2005-05-17 03:24:50 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    PRC - [2005-04-11 10:08:00 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    PRC - [2005-01-17 12:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    PRC - [2004-08-27 20:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
    PRC - [2004-08-27 20:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013-01-26 03:50:01 | 002,048,512 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13012600\algo.dll
    MOD - [2012-12-18 09:28:24 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
    MOD - [2010-02-04 00:27:55 | 000,672,424 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
    MOD - [2010-02-03 23:41:38 | 000,081,920 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxcaps.dll
    MOD - [2010-02-03 23:41:23 | 000,380,928 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxscw.dll
    MOD - [2010-02-03 23:41:20 | 000,782,336 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxdrs.dll
    MOD - [2010-02-03 23:39:11 | 000,364,544 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\iptk.dll
    MOD - [2010-02-03 23:28:27 | 000,589,824 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxdatr.dll
    MOD - [2010-02-03 23:28:15 | 000,069,632 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxcnv4.dll
    MOD - [2009-10-16 18:12:46 | 000,147,968 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdxdrpp.dll
    MOD - [2007-09-06 04:11:34 | 000,151,552 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxptp.dll


    ========== Services (SafeList) ==========

    SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
    SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2013-01-12 09:29:11 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013-01-04 22:45:32 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012-11-27 21:50:02 | 003,085,736 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
    SRV - [2012-11-07 18:37:37 | 001,990,464 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
    SRV - [2012-10-30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2012-09-22 15:19:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
    SRV - [2011-10-24 18:58:46 | 000,882,960 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
    SRV - [2011-10-24 17:53:14 | 000,870,672 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
    SRV - [2011-10-24 17:34:56 | 000,481,552 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
    SRV - [2011-10-14 01:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
    SRV - [2011-10-14 01:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
    SRV - [2010-06-25 12:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
    SRV - [2009-10-16 18:00:52 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe -- (lxdxCATSCustConnectService)
    SRV - [2009-10-16 12:10:34 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lxdxcoms.exe -- (lxdx_device)
    SRV - [2005-04-03 18:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
    SRV - [2005-01-17 12:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
    SRV - [2004-08-27 20:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\PROCEXP151.SYS -- (PROCEXP151)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
    DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
    DRV - [2012-11-07 18:38:17 | 000,099,080 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
    DRV - [2012-11-07 18:38:16 | 000,032,640 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
    DRV - [2012-11-07 18:38:14 | 000,497,952 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
    DRV - [2012-10-30 18:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
    DRV - [2012-10-30 18:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2012-10-30 18:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2012-10-30 18:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
    DRV - [2012-10-30 18:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
    DRV - [2012-10-30 18:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
    DRV - [2012-10-30 18:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2012-06-29 21:18:16 | 000,054,072 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
    DRV - [2011-07-22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2011-07-12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2011-05-19 13:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
    DRV - [2010-10-07 07:11:38 | 006,609,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETwLx32.sys -- (NETwLx32)
    DRV - [2010-09-01 03:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
    DRV - [2010-06-25 12:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
    DRV - [2010-05-19 22:15:04 | 000,013,952 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
    DRV - [2008-04-13 13:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
    DRV - [2006-01-12 10:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
    DRV - [2005-12-28 18:20:38 | 000,561,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
    DRV - [2005-12-04 14:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51)
    DRV - [2005-11-29 14:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
    DRV - [2005-11-07 19:12:00 | 000,997,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
    DRV - [2005-11-07 19:11:00 | 000,723,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
    DRV - [2005-11-07 19:11:00 | 000,202,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
    DRV - [2005-10-05 23:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
    DRV - [2005-10-05 23:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
    DRV - [2005-10-05 23:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
    DRV - [2005-10-05 23:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
    DRV - [2005-10-05 23:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
    DRV - [2005-10-05 23:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
    DRV - [2005-10-05 23:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
    DRV - [2005-08-25 06:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
    DRV - [2005-08-25 06:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
    DRV - [2005-06-11 00:42:00 | 000,005,504 | ---- | M] (Quanta Computer Corp) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BoiHwSetup.sys -- (BoiHwsetup)
    DRV - [2005-06-01 23:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
    DRV - [2005-05-05 08:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qmofiltr.sys -- (qmofiltr)
    DRV - [2003-09-18 19:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
    DRV - [2003-01-29 10:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
    DRV - [2002-01-24 14:43:40 | 000,006,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tbiosdrv.sys -- (TBiosDrv)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\URLSearchHook: - No CLSID value found
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
    IE - HKCU\..\URLSearchHook: - No CLSID value found
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-04 12:15:56 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-01-12 09:26:31 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

    [2012-08-19 11:00:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Toshiba\Application Data\Mozilla\Extensions
    [2012-10-24 20:00:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Toshiba\Application Data\Mozilla\Firefox\Profiles\34z1afo4.default\extensions
    [2013-01-12 09:26:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2012-12-05 22:02:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
    [2013-01-26 00:22:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions
    [2013-01-26 00:23:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2013-01-26 00:22:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
    [2013-01-04 22:45:48 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2013-01-04 22:45:12 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
    [2013-01-04 22:45:12 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

    O1 HOSTS File: ([2012-10-27 18:48:47 | 000,443,910 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: 127.0.0.1 www.007guard.com
    O1 - Hosts: 127.0.0.1 007guard.com
    O1 - Hosts: 127.0.0.1 008i.com
    O1 - Hosts: 127.0.0.1 www.008k.com
    O1 - Hosts: 127.0.0.1 008k.com
    O1 - Hosts: 127.0.0.1 www.00hq.com
    O1 - Hosts: 127.0.0.1 00hq.com
    O1 - Hosts: 127.0.0.1 010402.com
    O1 - Hosts: 127.0.0.1 www.032439.com
    O1 - Hosts: 127.0.0.1 032439.com
    O1 - Hosts: 127.0.0.1 www.0scan.com
    O1 - Hosts: 127.0.0.1 0scan.com
    O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1000gratisproben.com
    O1 - Hosts: 127.0.0.1 1001namen.com
    O1 - Hosts: 127.0.0.1 www.1001namen.com
    O1 - Hosts: 127.0.0.1 100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100888290cs.com
    O1 - Hosts: 127.0.0.1 www.100sexlinks.com
    O1 - Hosts: 127.0.0.1 100sexlinks.com
    O1 - Hosts: 127.0.0.1 www.10sek.com
    O1 - Hosts: 127.0.0.1 10sek.com
    O1 - Hosts: 127.0.0.1 www.1-2005-search.com
    O1 - Hosts: 127.0.0.1 1-2005-search.com
    O1 - Hosts: 15273 more lines...
    O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
    O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
    O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
    O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
    O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe (Lexmark International Inc.)
    O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)
    O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
    O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation)
    O4 - HKLM..\Run: [LaunchApp] launchapp File not found
    O4 - HKLM..\Run: [lxdxmon.exe] C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe ()
    O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
    O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe (TOSHIBA Corporation)
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
    O4 - HKLM..\Run: [Toshiba Hotkey Utility] C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe (TOSHIBA Inc.)
    O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
    O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
    O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} http://209.50.106.51:8181/kxhcm10.ocx (KXHCM10 Control)
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/...ls/en/x86/client/wuweb_site.cab?1325644805328 (WUWebControl Class)
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1349558900881 (MUWebControl Class)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
    O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
    O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB (Reg Error: Key error.)
    O18 - Protocol\Handler\intu-ir2011 - No CLSID value found
    O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
    O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
    O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
    O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006-01-18 05:32:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013-01-26 08:47:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
    [2013-01-26 08:47:15 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Toshiba\Bureau\tdsskiller.exe
    [2013-01-25 20:19:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
    [2013-01-25 20:19:08 | 000,000,000 | ---D | C] -- C:\JRT
    [2013-01-25 20:09:00 | 000,499,147 | ---- | C] (Oleg N. Scherbakov) -- C:\Documents and Settings\Toshiba\Bureau\JRT.exe
    [2013-01-25 17:38:07 | 000,688,992 | R--- | C] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\dds.com
    [2013-01-25 17:37:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Bureau\fab
    [2013-01-23 21:03:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Toshiba\Recent
    [2013-01-12 09:31:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
    [888 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013-01-26 09:05:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
    [2013-01-26 08:55:24 | 000,043,758 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [2013-01-26 08:53:20 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
    [2013-01-26 08:51:56 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2013-01-26 08:51:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2013-01-26 08:51:40 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
    [2013-01-26 08:47:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
    [2013-01-26 08:47:15 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Toshiba\Bureau\tdsskiller.exe
    [2013-01-26 08:46:00 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2013-01-26 00:12:50 | 004,069,512 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\03 - Paul Daraiche - A Mia madre.wma
    [2013-01-26 00:11:56 | 002,490,932 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\02 - Francis Lalanne - On se retrouvera.mp3
    [2013-01-26 00:05:32 | 003,477,656 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\01 - Eric Charen - Bienvenue.wma
    [2013-01-25 20:09:03 | 000,499,147 | ---- | M] (Oleg N. Scherbakov) -- C:\Documents and Settings\Toshiba\Bureau\JRT.exe
    [2013-01-25 20:08:43 | 000,578,255 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\adwcleaner.exe
    [2013-01-25 17:38:12 | 000,688,992 | R--- | M] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\dds.com
    [2013-01-25 17:23:26 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2013-01-24 17:18:43 | 000,143,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2013-01-23 21:57:20 | 000,075,089 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\RRQ_releve_de_participation - 2013-01-23 21h54.pdf
    [2013-01-23 16:26:08 | 003,104,339 | ---- | M] () -- C:\Documents and Settings\Toshiba\Mes documents\J'ai besoin de toi, j'ai besoin de lui ( Nicole Croisille ).wmv.mp3
    [2013-01-19 13:56:29 | 000,057,888 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\Odalric 2013-01-11.jpg
    [2013-01-12 09:31:04 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
    [2013-01-12 09:26:37 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
    [2013-01-11 22:07:09 | 000,555,754 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
    [2013-01-11 22:07:09 | 000,484,084 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2013-01-11 22:07:09 | 000,096,390 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
    [2013-01-11 22:07:09 | 000,081,296 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2013-01-10 18:22:30 | 004,191,035 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\Hotmail.zip
    [2013-01-07 20:10:41 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2013-01-05 19:27:38 | 000,363,875 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\capture.zip
    [2013-01-05 18:07:27 | 000,182,105 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\reno.jpg
    [2013-01-05 15:13:16 | 000,059,698 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\Screenshot - 2013-01-05 , 15_13_10.jpg
    [2013-01-05 11:44:26 | 000,033,507 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\laid3.jpg
    [2013-01-05 11:43:55 | 000,038,405 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\laid2.jpg
    [2013-01-05 11:42:43 | 000,054,506 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\laid1.jpg
    [2013-01-05 11:26:03 | 000,082,127 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\422244_3780298943966_1651047337_n.jpg
    [2013-01-05 11:07:02 | 000,028,026 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\283290_157664880977951_7366182_n.jpg
    [2013-01-05 11:06:44 | 000,018,715 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\392725_194743810603391_400390879_n.jpg
    [2013-01-05 11:06:13 | 000,011,791 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\60926_400601533350950_487906773_n.jpg
    [2013-01-01 12:34:49 | 000,045,815 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\Calcul gril.pdf
    [2013-01-01 12:26:02 | 000,014,788 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\Calcul gril.ods
    [2012-12-27 21:37:04 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
    [888 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013-01-26 00:09:47 | 004,069,512 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\03 - Paul Daraiche - A Mia madre.wma
    [2013-01-26 00:09:39 | 002,490,932 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\02 - Francis Lalanne - On se retrouvera.mp3
    [2013-01-26 00:03:51 | 003,477,656 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\01 - Eric Charen - Bienvenue.wma
    [2013-01-25 20:08:39 | 000,578,255 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\adwcleaner.exe
    [2013-01-24 17:18:43 | 000,143,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2013-01-23 21:57:20 | 000,075,089 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\RRQ_releve_de_participation - 2013-01-23 21h54.pdf
    [2013-01-23 16:26:08 | 003,104,339 | ---- | C] () -- C:\Documents and Settings\Toshiba\Mes documents\J'ai besoin de toi, j'ai besoin de lui ( Nicole Croisille ).wmv.mp3
    [2013-01-19 13:56:53 | 000,057,888 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\Odalric 2013-01-11.jpg
    [2013-01-12 09:31:04 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
    [2013-01-10 18:22:30 | 004,191,035 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\Hotmail.zip
    [2013-01-05 19:27:36 | 000,363,875 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\capture.zip
    [2013-01-05 18:07:27 | 000,182,105 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\reno.jpg
    [2013-01-05 15:13:16 | 000,059,698 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\Screenshot - 2013-01-05 , 15_13_10.jpg
    [2013-01-05 11:44:26 | 000,033,507 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\laid3.jpg
    [2013-01-05 11:43:55 | 000,038,405 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\laid2.jpg
    [2013-01-05 11:42:57 | 000,054,506 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\laid1.jpg
    [2013-01-05 11:26:19 | 000,082,127 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\422244_3780298943966_1651047337_n.jpg
    [2013-01-05 11:07:15 | 000,028,026 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\283290_157664880977951_7366182_n.jpg
    [2013-01-05 11:06:49 | 000,018,715 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\392725_194743810603391_400390879_n.jpg
    [2013-01-05 11:06:40 | 000,011,791 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\60926_400601533350950_487906773_n.jpg
    [2013-01-01 12:34:48 | 000,045,815 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\Calcul gril.pdf
    [2013-01-01 12:26:02 | 000,014,788 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\Calcul gril.ods
    [2013-01-01 12:11:07 | 000,431,104 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\SCAN0001.JPG
    [2012-04-02 06:10:06 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2012-03-31 15:44:26 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\DonationCoder_ScreenshotCaptor_InstallInfo.dat
    [2012-03-31 15:44:26 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\DonationCoder_ScreenshotCaptor_InstallInfo.dat
    [2012-03-27 19:08:06 | 000,004,520 | ---- | C] () -- C:\WINDOWS\gwpreset.ini
    [2012-03-27 19:08:06 | 000,000,042 | ---- | C] () -- C:\WINDOWS\goldwave.ini
    [2012-03-14 20:18:03 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDXhcp.dll
    [2012-03-14 20:18:03 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\LXDXinst.dll
    [2012-03-07 21:36:36 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
    [2012-02-29 23:33:12 | 001,105,920 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxserv.dll
    [2012-02-29 23:33:12 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxusb1.dll
    [2012-02-29 23:33:12 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxpmui.dll
    [2012-02-29 23:33:12 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxprox.dll
    [2012-02-29 23:33:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdxvs.dll
    [2012-02-29 23:33:11 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcomc.dll
    [2012-02-29 23:33:11 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxhbn3.dll
    [2012-02-29 23:33:11 | 000,589,824 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcoms.exe
    [2012-02-29 23:33:11 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcomm.dll
    [2012-02-29 23:33:11 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxinpa.dll
    [2012-02-29 23:33:11 | 000,360,448 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcfg.exe
    [2012-02-29 23:33:11 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxiesc.dll
    [2012-02-29 23:33:11 | 000,315,392 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxih.exe
    [2012-02-29 23:33:11 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdxgrd.dll
    [2012-02-29 23:33:10 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxlmpm.dll
    [2012-02-14 19:03:43 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2012-02-08 04:16:24 | 000,616,414 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\census.cache
    [2012-02-08 04:15:20 | 000,175,661 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\ars.cache
    [2012-02-07 21:54:33 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\housecall.guid.cache
    [2012-01-17 19:03:13 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
    [2012-01-17 19:03:13 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
    [2012-01-07 22:11:56 | 000,068,608 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012-01-03 20:39:24 | 000,000,038 | ---- | C] () -- C:\Documents and Settings\Toshiba\null
    [2012-01-03 20:38:44 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\fusioncache.dat
    [2012-01-03 20:34:54 | 000,006,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\Tbiosdrv.sys
    [2012-01-03 20:34:50 | 000,000,037 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
    [2012-01-03 20:34:44 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI

    ========== ZeroAccess Check ==========

    [2006-01-18 07:00:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shdocvw.dll -- [2010-04-16 11:07:57 | 001,510,400 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 05:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-13 21:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    ========== LOP Check ==========

    [2012-10-03 18:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
    [2012-07-02 10:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CPA_VA
    [2012-03-31 15:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DonationCoder
    [2012-06-28 18:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
    [2012-05-28 17:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
    [2012-09-23 10:17:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lexmark 3600-4600 Series
    [2012-03-18 15:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Paessler
    [2012-09-15 15:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\Audacity
    [2012-03-31 15:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\DonationCoder
    [2012-01-04 19:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\ElevatedDiagnostics
    [2012-08-01 17:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\freac
    [2012-05-26 19:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\Garmin
    [2012-02-09 19:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\GetRightToGo
    [2012-05-28 17:08:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\ICQ
    [2012-05-28 17:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\ICQ Search
    [2012-03-24 16:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\InterVideo
    [2012-01-07 11:20:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\OpenOffice.org
    [2012-01-14 13:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\toshiba
    [2012-01-14 10:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\WinPatrol

    ========== Purity Check ==========



    < End of report >
  8. needhelp51

    needhelp51 TechSpot Enthusiast Topic Starter Posts: 203

    Hello, here is OTL "Extras" log:

    OTL Extras logfile created on: 2013-01-26 09:01:32 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Toshiba\Bureau
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18702)
    Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

    3,00 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 83,53% Memory free
    4,88 Gb Paging File | 4,43 Gb Available in Paging File | 90,94% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 111,79 Gb Total Space | 24,14 Gb Free Space | 21,59% Space Free | Partition Type: NTFS

    Computer Name: TOSHIBA-29519BD | User Name: Toshiba | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    htmlfile [edit] -- Reg Error: Key error.
    InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
    "C:\WINDOWS\system32\lxdxcoms.exe" = C:\WINDOWS\system32\lxdxcoms.exe:*:Enabled:3600-4600 Series Server -- ( )
    "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxpswx.exe:*:Enabled:printer Status Window Interface -- ()
    "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxjswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxjswx.exe:*:Enabled:Job Status Window Interface -- ()
    "C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxtime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxtime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.)
    "C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe" = C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe:*:Enabled:printer Device Monitor -- ()
    "C:\Program Files\Lexmark 3600-4600 Series\Wireless\lxdxwpss.exe" = C:\Program Files\Lexmark 3600-4600 Series\Wireless\lxdxwpss.exe:*:Enabled: -- (Lexmark International, Inc.)
    "C:\Program Files\Lexmark 3600-4600 Series\Diagnostics\LXDXdiag.exe" = C:\Program Files\Lexmark 3600-4600 Series\Diagnostics\LXDXdiag.exe:*:Enabled: -- ()


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{099D12EC-0321-4CAC-A0CC-33D020156FCD}" = Toshiba Utility
    "{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
    "{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
    "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
    "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = Assist TOSHIBA
    "{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
    "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37
    "{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
    "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
    "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
    "{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
    "{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{5A1A9AB2-2F68-462D-A67D-7C855DFF5EEB}" = Microsoft Network Monitor: NetworkMonitor Parsers 3.4
    "{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
    "{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = Utilitaire de zoom TOSHIBA
    "{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
    "{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}" = OpenOffice.org 3.4.1
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
    "{9A08615A-6113-46F9-8819-5BA66B6600FD}" = Toshiba Hotkey Utility
    "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = Pilote du DVD-RAM
    "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Réducteur de bruit lect. CD/DVD
    "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
    "{A2F2C44A-869E-4C32-9CEC-E22B1CC91F06}" = Microsoft Network Monitor 3.4
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Français
    "{ACA1086B-9B62-4F80-B4B9-5659395E4F25}" = Toshiba Controls Utility
    "{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
    "{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C0DA129B-1E45-494D-A362-5CD0109C306B}" = WOT pour Internet Explorer
    "{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
    "{C8005A7B-9638-41DD-B83B-AF277754E211}" = Logiciel Intel(R) PROSet/Wireless WiFi
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
    "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
    "{F06AB18D-6F98-48E8-9441-E3290244143D}" = inSSIDer
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F77890F3-774A-4CBE-A2E3-7BB0DC71D1FA}" = Toshiba Touchpad Utility
    "7-Zip" = 7-Zip 9.20
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Audacity_is1" = Audacity 2.0
    "avast" = avast! Free Antivirus
    "Canon Digital Camera USB WIA Driver" = Canon Digital Camera USB WIA Driver
    "CCleaner" = CCleaner
    "CNXT_HDAUDIO" = Conexant HD Audio
    "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5047&SUBSYS_1179FF31" = HDAUDIO Soft Data Fax Modem with SmartCP
    "Dorgem_is1" = Dorgem 2.1.0
    "File Shredder_is1" = File Shredder 2.5
    "ie8" = Windows Internet Explorer 8
    "InstallShield_{099D12EC-0321-4CAC-A0CC-33D020156FCD}" = Toshiba Utility
    "InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers.
    "InstallShield_{ACA1086B-9B62-4F80-B4B9-5659395E4F25}" = Toshiba Controls Utility
    "InstallShield_{F77890F3-774A-4CBE-A2E3-7BB0DC71D1FA}" = Toshiba Touchpad Utility
    "IrfanView" = IrfanView (remove only)
    "LAME_is1" = LAME v3.99.3 (for Windows)
    "Lexmark 3600-4600 Series" = Lexmark 3600-4600 Series
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
    "mIRC" = mIRC
    "Mozilla Firefox 18.0 (x86 en-US)" = Mozilla Firefox 18.0 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "NVIDIA Drivers" = NVIDIA Drivers
    "Outil de diagnostic PC" = Outil de diagnostic PC TOSHIBA
    "ProInst" = Intel PROSet Wireless
    "PROSet" = Intel(R) PRO Network Connections Drivers
    "ScreenshotCaptor_is1" = Screenshot Captor 3.03.01
    "Secunia PSI" = Secunia PSI (2.0.0.4003)
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "Toshiba Tbiosdrv Driver" = Toshiba Tbiosdrv Driver
    "VLC media player" = VLC media player 2.0.5
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Lecteur Windows Media 11
    "Windows XP Service" = Windows XP Service Pack 3
    "WinLiveSuite_Wave3" = Installation Windows Live
    "WinPcapInst" = WinPcap 4.1.2
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
    "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 2013-01-20 14:28:49 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1002
    Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
    hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

    Error - 2013-01-20 22:17:23 | Computer Name = TOSHIBA-29519BD | Source = Application Error | ID = 1000
    Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
    défaillant msxml3.dll, version 8.100.1053.0, adresse de défaillance 0x000a1465.

    Error - 2013-01-21 18:17:27 | Computer Name = TOSHIBA-29519BD | Source = PerfNet | ID = 2004
    Description = Impossible d'ouvrir le Service serveur. Les données de performance
    du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
    0.

    Error - 2013-01-22 21:17:31 | Computer Name = TOSHIBA-29519BD | Source = PerfNet | ID = 2004
    Description = Impossible d'ouvrir le Service serveur. Les données de performance
    du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
    0.

    Error - 2013-01-23 17:19:40 | Computer Name = TOSHIBA-29519BD | Source = PerfNet | ID = 2004
    Description = Impossible d'ouvrir le Service serveur. Les données de performance
    du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
    0.

    Error - 2013-01-24 18:19:07 | Computer Name = TOSHIBA-29519BD | Source = PerfNet | ID = 2004
    Description = Impossible d'ouvrir le Service serveur. Les données de performance
    du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
    0.

    Error - 2013-01-25 18:23:39 | Computer Name = TOSHIBA-29519BD | Source = PerfNet | ID = 2004
    Description = Impossible d'ouvrir le Service serveur. Les données de performance
    du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
    0.

    Error - 2013-01-25 21:13:55 | Computer Name = TOSHIBA-29519BD | Source = PerfNet | ID = 2004
    Description = Impossible d'ouvrir le Service serveur. Les données de performance
    du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
    0.

    Error - 2013-01-26 09:43:17 | Computer Name = TOSHIBA-29519BD | Source = PerfNet | ID = 2004
    Description = Impossible d'ouvrir le Service serveur. Les données de performance
    du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
    0.

    Error - 2013-01-26 09:52:09 | Computer Name = TOSHIBA-29519BD | Source = PerfNet | ID = 2004
    Description = Impossible d'ouvrir le Service serveur. Les données de performance
    du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
    0.

    [ System Events ]
    Error - 2013-01-24 18:19:03 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7000
    Description = Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison
    de l'erreur : %%1053

    Error - 2013-01-24 18:19:46 | Computer Name = TOSHIBA-29519BD | Source = DCOM | ID = 10010
    Description = Le serveur {4EB61BAC-A3B6-4760-9581-655041EF4D69} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 2013-01-25 18:23:31 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7009
    Description = Délai (30000 millisecondes) d'attente pour une connexion du service
    lxdxCATSCustConnectService.

    Error - 2013-01-25 18:23:31 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7000
    Description = Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison
    de l'erreur : %%1053

    Error - 2013-01-25 21:13:48 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7009
    Description = Délai (30000 millisecondes) d'attente pour une connexion du service
    lxdxCATSCustConnectService.

    Error - 2013-01-25 21:13:48 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7000
    Description = Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison
    de l'erreur : %%1053

    Error - 2013-01-26 09:43:10 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7009
    Description = Délai (30000 millisecondes) d'attente pour une connexion du service
    lxdxCATSCustConnectService.

    Error - 2013-01-26 09:43:10 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7000
    Description = Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison
    de l'erreur : %%1053

    Error - 2013-01-26 09:52:06 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7009
    Description = Délai (30000 millisecondes) d'attente pour une connexion du service
    lxdxCATSCustConnectService.

    Error - 2013-01-26 09:52:06 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7000
    Description = Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison
    de l'erreur : %%1053


    < End of report >
  9. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Hi there. It all appears to be good, so we will finish up to make sure your computer is protected from malware in the future.

    Clean up System Restore

    Now, to get you off to a clean start, we will be creating a new Restore Point, then clearing the old ones to make sure you do not get reinfected, in case you need to "restore back."
    • Select Start > All Programs > Accessories > System tools > System Restore.
    • On the dialogue box that appears select Create a Restore Point
    • Click NEXT
    • Enter a name e.g. Clean
    • Click CREATE

    Remove tools, temp files, old Restore Points

    Please run OTL
    • Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

    • Then click the Run Fix button at the top.
    • Note: The fix for OTL sometimes hides your Desktop and Start menu so the cleanup can be completed. Do not be alerted, as this is normal.
    • It may open a log for you, but I don't need that.

    To remove all of the tools we used and the files and folders they created do the following:
    Double click OTL.exe.
    • Click the CleanUp button.
    • Select Yes when the "Begin cleanup Process?" prompt appears.
    • If you are prompted to Reboot during the cleanup, select Yes.
    • The tool will delete itself once it finishes.
    Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

    Security Check

    Please download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  10. needhelp51

    needhelp51 TechSpot Enthusiast Topic Starter Posts: 203

    Hello, here is the security check log:

    Results of screen317's Security Check version 0.99.57
    Windows XP Service Pack 3 x86
    Internet Explorer 8
    ``````````````Antivirus/Firewall Check:``````````````
    avast! Free Antivirus
    COMODO Internet Security
    `````````Anti-malware/Other Utilities Check:`````````
    MVPS Hosts File
    Spybot - Search & Destroy
    SUPERAntiSpyware
    Secunia PSI (2.0.0.4003)
    Malwarebytes Anti-Malware version 1.70.0.1100
    CCleaner
    Java(TM) 6 Update 37
    Java version out of Date!
    Adobe Flash Player 11.5.502.146
    Adobe Reader 10.1.5 Adobe Reader out of Date!
    Mozilla Firefox (18.0.1)
    ````````Process Check: objlist.exe by Laurent````````
    Comodo Firewall cmdagent.exe
    Comodo Firewall cfp.exe
    Emsisoft Anti-Malware a2service.exe
    AVAST Software Avast AvastSvc.exe
    AVAST Software Avast avastUI.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C:: 0%
    ````````````````````End of Log``````````````````````
  11. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Java Update!

    Please download the newest version of Java from Java.com.

    Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
    Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
    Search in the list for all previous installed versions of Java. (J2SE Runtime Environment). Please uninstall/remove each of them.

    Once old versions are gone, please install the newest version.

    Read more about Java exploit problems


    Adobe Reader Update!

    Please download the newest version of Adobe Acrobat Reader from Adobe.com

    Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
    Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
    Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

    Once old versions are gone, please install the newest version.


    Personal Tips on Preventing Malware

    See this page for more info about malware and prevention.


    Any other questions before I mark this topic solved?
  12. needhelp51

    needhelp51 TechSpot Enthusiast Topic Starter Posts: 203

    Yes I do have one last question, a software I have called Secunia PSI usually takes care of updating Java and Adobe Reader automatically and removing old versions when a scan is performed. It usually works fine however I did not perform the scan in a while. Can I update through Secunia in the future or should I always perform the update manually by removing old versions first?
  13. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    That should be fine. Secunia is a favorite among us. :)

    Topic solved.
    needhelp51 likes this.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.