Solved Possible trojan, facebook hacked, suddenly slow computer

Status
Not open for further replies.
N

needhelp51

Posts: 368   +0
Hello, please I need help please to make sure my computer is clean. Thanks for your attention.

Here is Malwarebytes log:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Version de la base de données: v2013.01.25.08
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Toshiba :: TOSHIBA-29519BD [administrateur]
2013-01-25 17:36:17
mbam-log-2013-01-25 (17-36-17).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 200038
Temps écoulé: 7 minute(s), 9 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
DDS log:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_37
Run by Toshiba at 17:44:51 on 2013-01-25
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.2.1036.18.3070.2126 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled*
.
============== Running Processes ================
.
C:\Program Files\Emsisoft Anti-Malware\a2service.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\lxdxcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca/
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mURLSearchHooks: {855F3B16-6D32-4fe6-8A56-BBB695989046} - <orphaned>
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\fichiers communs\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - c:\program files\wot\WOT.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: WOT: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - c:\program files\wot\WOT.dll
TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - c:\program files\wot\WOT.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [LaunchApp] launchapp
mRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [SmoothView] c:\program files\toshiba\utilitaire de zoom toshiba\SmoothView.exe
mRun: [Toshiba Hotkey Utility] "c:\program files\toshiba\windows utilities\Hotkey.exe" /lang FR
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [Adobe ARM] "c:\program files\fichiers communs\adobe\arm\1.0\AdobeARM.exe"
mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\fichiers communs\intel\wirelesscommon\iFrmewrk.exe" /tf Intel Wireless Tray
mRun: [lxdxmon.exe] "c:\program files\lexmark 3600-4600 series\lxdxmon.exe"
mRun: [EzPrint] "c:\program files\lexmark 3600-4600 series\ezprint.exe"
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "c:\program files\fichiers communs\java\java update\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\ramasst.lnk - c:\windows\system32\RAMASST.exe
StartupFolder: c:\docume~1\alluse~1\menudm~1\progra~1\dmarra~1\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} - hxxp://209.50.106.51:8181/kxhcm10.ocx
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1325644805328
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1349558900881
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 142.217.192.9 142.217.192.8
TCP: Interfaces\{0E7BCCCD-D995-4FF4-BEFE-BB1761D46E3E} : DHCPNameServer = 142.217.192.9 142.217.192.8
Handler: intu-ir2011 - {DFF68B15-A8D3-420b-B32C-E9554E2F5C15} - <orphaned>
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
AppInit_DLLs= c:\windows\system32\guard32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\toshiba\application data\mozilla\firefox\profiles\34z1afo4.default\
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\emsisoft anti-malware\a2ddax86.sys [2012-1-4 17904]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-10-3 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-10-3 361032]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-3-11 497952]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-3-11 32640]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-8-11 116608]
R2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service;c:\program files\emsisoft anti-malware\a2service.exe [2012-1-4 3085736]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-10-3 21256]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-10-3 44808]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2012-3-11 1990464]
R2 lxdx_device;lxdx_device;c:\windows\system32\lxdxcoms.exe -service --> c:\windows\system32\lxdxcoms.exe -service [?]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-6-25 35088]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-10-14 994360]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-10-14 399416]
R3 NETwLx32; Pilote de carte de la série Intel(R) Wireless WiFi Link 5000 pour Windows XP 32 bits ;c:\windows\system32\drivers\NETwLx32.sys [2012-1-5 6609920]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 lxdxCATSCustConnectService;lxdxCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdxserv.exe [2012-2-29 94208]
S3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2012-1-4 54072]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 PROCEXP151;PROCEXP151;\??\c:\windows\system32\drivers\procexp151.sys --> c:\windows\system32\drivers\PROCEXP151.SYS [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-01-12 14:26:31 262704 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
==================== Find3M ====================
.
2013-01-12 14:29:09 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-12 14:29:09 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 21:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-13 11:55:44 1866496 ----a-w- c:\windows\system32\win32k.sys
2012-11-08 16:29:12 1402312 ----a-w- c:\windows\system32\msxml4.dll
2012-11-07 23:38:16 32640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-11-07 23:38:14 497952 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-11-07 23:38:13 18096 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-11-07 23:37:35 34024 ----a-w- c:\windows\system32\cmdcsr.dll
2012-11-07 23:37:34 301264 ----a-w- c:\windows\system32\guard32.dll
2012-11-06 02:01:34 1371648 ----a-w- c:\windows\system32\msxml6.dll
2012-11-02 02:02:37 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:17:51 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:17:50 43520 ------w- c:\windows\system32\licmgr10.dll
2012-11-01 12:17:50 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35:34 385024 ------w- c:\windows\system32\html.iec
2012-10-30 23:51:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 23:51:07 41224 ----a-w- c:\windows\avastSS.scr
.
============= FINISH: 17:45:30,84 ===============

Attach log:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Édition familiale
Boot Device: \Device\HarddiskVolume1
Install Date: 2012-01-03 20:37:37
System Uptime: 2013-01-25 17:22:51 (0 hours ago)
.
Motherboard: TOSHIBA | | Satellite P100
Processor: Genuine Intel(R) CPU T2400 @ 1.83GHz | U2E1 | 1839/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 23,599 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Carte réseau 1394
Device ID: V1394\NIC1394\8E0921C09F00
Manufacturer: Microsoft
Name: Carte réseau 1394
PNP Device ID: V1394\NIC1394\8E0921C09F00
Service: NIC1394
.
==== System Restore Points ===================
.
RP181: 2012-12-06 03:25:02 - Point de vérification système
RP182: 2012-12-08 21:18:34 - Point de vérification système
RP183: 2012-12-09 22:44:19 - Point de vérification système
RP184: 2012-12-11 22:45:39 - Point de vérification système
RP185: 2012-12-12 21:21:45 - Software Distribution Service 3.0
RP186: 2012-12-13 21:55:13 - Point de vérification système
RP187: 2012-12-14 22:25:01 - Point de vérification système
RP188: 2012-12-15 22:35:15 - Point de vérification système
RP189: 2012-12-16 22:44:18 - Point de vérification système
RP190: 2012-12-18 23:50:57 - Point de vérification système
RP191: 2012-12-21 00:38:28 - Point de vérification système
RP192: 2012-12-24 13:08:19 - Software Distribution Service 3.0
RP193: 2012-12-26 13:28:53 - Point de vérification système
RP194: 2012-12-27 13:53:58 - Point de vérification système
RP195: 2012-12-28 14:10:05 - Point de vérification système
RP196: 2012-12-29 17:54:29 - Point de vérification système
RP197: 2012-12-30 18:18:20 - Point de vérification système
RP198: 2012-12-31 19:17:29 - Point de vérification système
RP199: 2013-01-01 19:54:54 - Point de vérification système
RP200: 2013-01-02 20:16:58 - Point de vérification système
RP201: 2013-01-05 13:46:34 - Point de vérification système
RP202: 2013-01-05 21:05:46 - Software Distribution Service 3.0
RP203: 2013-01-06 21:12:38 - Point de vérification système
RP204: 2013-01-07 21:57:48 - Point de vérification système
RP205: 2013-01-08 22:14:48 - Point de vérification système
RP206: 2013-01-09 22:16:45 - Point de vérification système
RP207: 2013-01-09 23:41:25 - Software Distribution Service 3.0
RP208: 2013-01-12 12:22:00 - Point de vérification système
RP209: 2013-01-13 12:37:54 - Point de vérification système
RP210: 2013-01-14 23:05:10 - Software Distribution Service 3.0
RP211: 2013-01-17 20:16:12 - Point de vérification système
RP212: 2013-01-18 20:22:44 - Point de vérification système
RP213: 2013-01-19 21:22:10 - Point de vérification système
RP214: 2013-01-20 21:58:25 - Point de vérification système
RP215: 2013-01-22 21:14:53 - Point de vérification système
RP216: 2013-01-23 22:50:20 - Point de vérification système
.
==== Installed Programs ======================
.
7-Zip 9.20
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.5) - Français
Assist TOSHIBA
Assistant de connexion Windows Live
Audacity 2.0
avast! Free Antivirus
Canon Digital Camera USB WIA Driver
CCleaner
COMODO Internet Security
Conexant HD Audio
Dorgem 2.1.0
Emsisoft Anti-Malware
ESET Online Scanner v3
File Shredder 2.5
Google Update Helper
HDAUDIO Soft Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB954550-v5)
inSSIDer
Installation Windows Live
Intel PROSet Wireless
Intel(R) PRO Network Connections Drivers
InterVideo WinDVD Creator 2
InterVideo WinDVD for TOSHIBA
IrfanView (remove only)
Java Auto Updater
Java(TM) 6 Update 37
LAME v3.99.3 (for Windows)
Lecteur Windows Media 11
Lexmark 3600-4600 Series
Logiciel Intel(R) PROSet/Wireless WiFi
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 French Language Pack
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
Microsoft .NET Framework 3.5 Language Pack SP1 - fra
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile FRA Language Pack
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Network Monitor 3.4
Microsoft Network Monitor: NetworkMonitor Parsers 3.4
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
mIRC
Mise à jour de sécurité pour Step by Step Interactive Training (KB898458)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2510531)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2544521)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2618444)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2647516)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2675157)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2699988)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2722913)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2744842)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2761465)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB2799329)
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB982381)
Mise à jour de sécurité pour Windows XP (KB2757638)
Mise à jour de sécurité pour Windows XP (KB923789)
Mise à jour pour Windows Internet Explorer 8 (KB2598845)
Mise à jour pour Windows Internet Explorer 8 (KB2632503)
Module linguistique Microsoft .NET Framework 3.5 SP1- fra
Module linguistique Microsoft .NET Framework 4 Client Profile FRA
Mozilla Firefox 18.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
NVIDIA Drivers
OpenOffice.org 3.4.1
Outil de diagnostic PC TOSHIBA
Outil de téléchargement Windows Live
Pilote du DVD-RAM
Réducteur de bruit lect. CD/DVD
Screenshot Captor 3.03.01
SD Secure Module
Secunia PSI (2.0.0.4003)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870)
Segoe UI
Sonic DLA
Sonic RecordNow!
Spybot - Search & Destroy
SUPERAntiSpyware
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
TOSHIBA ConfigFree
Toshiba Controls Utility
Toshiba Hotkey Utility
Toshiba Tbiosdrv Driver
Toshiba Touchpad Utility
Toshiba Utility
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Utilitaire de zoom TOSHIBA
VLC media player 2.0.5
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinPcap 4.1.2
WOT pour Internet Explorer
XML Paper Specification Shared Components Language Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
2013-01-25 17:23:31, error: Service Control Manager [7009] - Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService.
2013-01-25 17:23:31, error: Service Control Manager [7000] - Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
2013-01-24 17:19:03, error: Service Control Manager [7009] - Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService.
2013-01-24 17:19:03, error: Service Control Manager [7000] - Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
2013-01-23 16:19:35, error: Service Control Manager [7009] - Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService.
2013-01-23 16:19:35, error: Service Control Manager [7000] - Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
2013-01-22 20:17:27, error: Service Control Manager [7009] - Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService.
2013-01-22 20:17:27, error: Service Control Manager [7000] - Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
2013-01-21 17:17:22, error: Service Control Manager [7009] - Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService.
2013-01-21 17:17:22, error: Service Control Manager [7000] - Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
2013-01-20 09:41:18, error: Service Control Manager [7009] - Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService.
2013-01-20 09:41:18, error: Service Control Manager [7000] - Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
2013-01-19 08:59:15, error: Service Control Manager [7009] - Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService.
2013-01-19 08:59:15, error: Service Control Manager [7000] - Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
2013-01-18 17:19:09, error: Service Control Manager [7009] - Délai (30000 millisecondes) d'attente pour une connexion du service lxdxCATSCustConnectService.
2013-01-18 17:19:09, error: Service Control Manager [7000] - Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison de l'erreur : Le service n'a pas répondu assez vite à la demande de lancement ou de contrôle.
.
==== End Of File ===========================
 
Hi there...

Adware Cleaning

Please download AdwCleaner by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.


Junkware Removal Tool

Please download Junkware Removal Tool to your desktop.
  • Warning! Once the scan is complete JRT will shut down your browser with NO warning.
  • Shut down your protection software now to avoid potential conflicts.
  • Temporarily disable your antivirus and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Copy and Paste the JRT.txt log into your next message.


ESET Online Scan

Please run a free online scan with the ESET Online Scanner
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
  • Click Start or wait for the scanner to load.
  • Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, there are a couple of things to keep in mind:
  • 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
  • 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
  • Open the logfile from wherever you saved it
  • Copy and paste the contents in your next reply.
 
Hello, thanks for your help.

Here is the log for AdwCleaner:

# AdwCleaner v2.108 - Rapport créé le 25/01/2013 à 20:11:21
# Mis à jour le 24/01/2013 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Toshiba - TOSHIBA-29519BD
# Mode de démarrage : Normal
# Exécuté depuis : C:\Documents and Settings\Toshiba\Bureau\adwcleaner.exe
# Option [Suppression]

***** [Services] *****

***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar
Dossier Supprimé : C:\Program Files\ICQ6Toolbar
***** [Registre] *****
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.6001.18702
Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
-\\ Mozilla Firefox v18.0 (en-US)
Fichier : C:\Documents and Settings\Toshiba\Application Data\Mozilla\Firefox\Profiles\34z1afo4.default\prefs.js
[OK] Le fichier ne contient aucune entrée illégitime.
*************************
AdwCleaner[R1].txt - [1500 octets] - [25/01/2013 20:10:38]
AdwCleaner[S1].txt - [1475 octets] - [25/01/2013 20:11:21]
########## EOF - C:\AdwCleaner[S1].txt - [1535 octets] ##########
Log for JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.5.0 (01.23.2013:2)
OS: Microsoft Windows XP x86
Ran by Toshiba on 2013-01-25 at 20:19:19,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


~~~ Services

~~~ Registry Values
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL

~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_current_user\software\billp studios\detected\startup

~~~ Files

~~~ Folders


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2013-01-25 at 20:26:44,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan for Eset:

No threats found - (No log generated - it seems...)
 
TDSSKiller Scan

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

tdss_1.jpg


-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

tdss_2.jpg


------------------------

Click the Start Scan button.

tdss_3.jpg


-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue


tdss_4.jpg


----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


tdss_5.jpg



--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Sometimes these logs can be very large, in that case please attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


OTL Quick Scan

Please download OTL by OldTimer to your Desktop.
  • Close all windows and double click OTL.exe.
  • Click Quick Scan button and let the program run uninterrupted.
  • It will produce a log for you called OTL.txt, please post it in your next reply.
  • You may need to use two posts to get it all.
 
Hello,

Only suspicious objects found by tdsskiller, so I skipped and continued as instructed:


10:04:17.0546 0368 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:04:19.0546 0368 ============================================================
10:04:19.0546 0368 Current date / time: 2013/01/26 10:04:19.0546
10:04:19.0546 0368 SystemInfo:
10:04:19.0546 0368
10:04:19.0546 0368 OS Version: 5.1.2600 ServicePack: 3.0
10:04:19.0546 0368 Product type: Workstation
10:04:19.0546 0368 ComputerName: TOSHIBA-29519BD
10:04:19.0546 0368 UserName: Toshiba
10:04:19.0546 0368 Windows directory: C:\WINDOWS
10:04:19.0546 0368 System windows directory: C:\WINDOWS
10:04:19.0546 0368 Processor architecture: Intel x86
10:04:19.0546 0368 Number of processors: 2
10:04:19.0546 0368 Page size: 0x1000
10:04:19.0546 0368 Boot type: Normal boot
10:04:19.0546 0368 ============================================================
10:04:21.0187 0368 BG loaded
10:04:21.0609 0368 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:04:21.0609 0368 ============================================================
10:04:21.0609 0368 \Device\Harddisk0\DR0:
10:04:21.0609 0368 MBR partitions:
10:04:21.0609 0368 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF93782
10:04:21.0609 0368 ============================================================
10:04:21.0656 0368 C: <-> \Device\Harddisk0\DR0\Partition1
10:04:21.0656 0368 ============================================================
10:04:21.0656 0368 Initialize success
10:04:21.0656 0368 ============================================================
10:04:31.0375 3396 ============================================================
10:04:31.0375 3396 Scan started
10:04:31.0375 3396 Mode: Manual; SigCheck; TDLFS;
10:04:31.0375 3396 ============================================================
10:04:31.0843 3396 ================ Scan system memory ========================
10:04:31.0843 3396 System memory - ok
10:04:31.0843 3396 ================ Scan services =============================
10:04:31.0984 3396 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
10:04:32.0140 3396 !SASCORE - ok
10:04:32.0296 3396 [ A8A4E18857CDFD8D9AB81E2C9EAF89B5 ] a2acc C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
10:04:32.0406 3396 a2acc - ok
10:04:32.0609 3396 [ C753789DFC2E3BCC3A273FF325AC0E44 ] a2AntiMalware C:\Program Files\Emsisoft Anti-Malware\a2service.exe
10:04:32.0796 3396 a2AntiMalware - ok
10:04:32.0875 3396 [ F7EABCA8375EA2DC6F35C4BCA4757515 ] A2DDA C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys
10:04:32.0906 3396 A2DDA - ok
10:04:33.0140 3396 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
10:04:33.0171 3396 Aavmker4 - ok
10:04:33.0187 3396 Abiosdsk - ok
10:04:33.0187 3396 abp480n5 - ok
10:04:33.0265 3396 [ E5E6DBFC41EA8AAD005CB9A57A96B43B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:04:33.0687 3396 ACPI - ok
10:04:33.0687 3396 [ E4ABC1212B70BB03D35E60681C447210 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
10:04:33.0843 3396 ACPIEC - ok
10:04:33.0953 3396 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:04:33.0968 3396 AdobeFlashPlayerUpdateSvc - ok
10:04:33.0968 3396 adpu160m - ok
10:04:34.0031 3396 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:04:34.0171 3396 aec - ok
10:04:34.0218 3396 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:04:34.0281 3396 AFD - ok
10:04:34.0296 3396 Aha154x - ok
10:04:34.0296 3396 aic78u2 - ok
10:04:34.0296 3396 aic78xx - ok
10:04:34.0343 3396 [ 758FDC60D41716EF889D849989B4B1CD ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:04:34.0546 3396 Alerter - ok
10:04:34.0578 3396 [ 5E9A6658A2A69AE7EB195113B7A2E7A9 ] ALG C:\WINDOWS\System32\alg.exe
10:04:34.0640 3396 ALG - ok
10:04:34.0656 3396 AliIde - ok
10:04:34.0656 3396 amsint - ok
10:04:34.0671 3396 AppMgmt - ok
10:04:34.0718 3396 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
10:04:34.0859 3396 Arp1394 - ok
10:04:34.0859 3396 asc - ok
10:04:34.0875 3396 asc3350p - ok
10:04:34.0875 3396 asc3550 - ok
10:04:35.0015 3396 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:04:35.0031 3396 aspnet_state - ok
10:04:35.0078 3396 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
10:04:35.0093 3396 aswFsBlk - ok
10:04:35.0125 3396 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
10:04:35.0156 3396 aswMon2 - ok
10:04:35.0171 3396 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
10:04:35.0187 3396 AswRdr - ok
10:04:35.0234 3396 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
10:04:35.0265 3396 aswSnx - ok
10:04:35.0343 3396 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
10:04:35.0375 3396 aswSP - ok
10:04:35.0406 3396 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
10:04:35.0421 3396 aswTdi - ok
10:04:35.0437 3396 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:04:35.0562 3396 AsyncMac - ok
10:04:35.0593 3396 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:04:35.0734 3396 atapi - ok
10:04:35.0734 3396 Atdisk - ok
10:04:35.0765 3396 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:04:35.0890 3396 Atmarpc - ok
10:04:35.0937 3396 [ B4005AEF7873144634765B570DAC466E ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:04:36.0078 3396 AudioSrv - ok
10:04:36.0109 3396 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:04:36.0234 3396 audstub - ok
10:04:36.0359 3396 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:04:36.0375 3396 avast! Antivirus - ok
10:04:36.0390 3396 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:04:36.0531 3396 Beep - ok
10:04:36.0593 3396 [ BAA0B6E647C1AD593E9BAE5CC31BCFFB ] BITS C:\WINDOWS\system32\qmgr.dll
10:04:36.0765 3396 BITS - ok
10:04:36.0781 3396 [ 141BEFBD4F2A84A66E2F54B9E32E40D1 ] BoiHwsetup C:\WINDOWS\system32\drivers\BoiHwSetup.sys
10:04:36.0812 3396 BoiHwsetup - ok
10:04:36.0875 3396 [ 952322AE7F95A21F3EEDA99C36C68663 ] Browser C:\WINDOWS\System32\browser.dll
10:04:36.0921 3396 Browser - ok
10:04:36.0937 3396 catchme - ok
10:04:36.0953 3396 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:04:37.0140 3396 cbidf2k - ok
10:04:37.0140 3396 cd20xrnt - ok
10:04:37.0156 3396 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:04:37.0328 3396 Cdaudio - ok
10:04:37.0375 3396 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:04:37.0531 3396 Cdfs - ok
10:04:37.0546 3396 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:04:37.0671 3396 Cdrom - ok
10:04:37.0781 3396 [ 3CB0CC8879956C187E87E18634EE5164 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
10:04:37.0796 3396 CFSvcs ( UnsignedFile.Multi.Generic ) - warning
10:04:37.0796 3396 CFSvcs - detected UnsignedFile.Multi.Generic (1)
10:04:37.0796 3396 Changer - ok
10:04:37.0828 3396 [ 793EF38A5FD086C3C8E48A8A861562ED ] CiSvc C:\WINDOWS\system32\cisvc.exe
10:04:37.0953 3396 CiSvc - ok
10:04:37.0968 3396 [ 8B30CBB0C07D49B2658FB190946B0E7E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:04:38.0093 3396 ClipSrv - ok
10:04:38.0156 3396 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:04:38.0171 3396 clr_optimization_v2.0.50727_32 - ok
10:04:38.0281 3396 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:04:38.0312 3396 clr_optimization_v4.0.30319_32 - ok
10:04:38.0375 3396 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
10:04:38.0484 3396 CmBatt - ok
10:04:38.0687 3396 [ 2A2D72271844C52F004901A60312B96A ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
10:04:38.0812 3396 cmdAgent - ok
10:04:38.0890 3396 [ 9181CC4D007ADBE21DB9A11BFECAFEF5 ] cmdGuard C:\WINDOWS\system32\DRIVERS\cmdguard.sys
10:04:38.0937 3396 cmdGuard - ok
10:04:38.0968 3396 [ C5A9FB50E8CA7FD99F256255FEE71580 ] cmdHlp C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
10:04:39.0000 3396 cmdHlp - ok
10:04:39.0015 3396 CmdIde - ok
10:04:39.0031 3396 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
10:04:39.0234 3396 Compbatt - ok
10:04:39.0234 3396 COMSysApp - ok
10:04:39.0250 3396 Cpqarray - ok
10:04:39.0296 3396 [ 7A6D0B71035E123FDDA2156A25578AD3 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:04:39.0437 3396 CryptSvc - ok
10:04:39.0437 3396 dac2w2k - ok
10:04:39.0453 3396 dac960nt - ok
10:04:39.0515 3396 [ 0203B1AAD358F206CB0A3C1F93CCE17A ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:04:39.0609 3396 DcomLaunch - ok
10:04:39.0656 3396 [ 318F535DC05551D96DEEB90B6D6904DE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:04:39.0796 3396 Dhcp - ok
10:04:39.0812 3396 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:04:39.0953 3396 Disk - ok
10:04:40.0000 3396 [ EE4325BECEF51B8C32B4329097E4F301 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
10:04:40.0015 3396 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning
10:04:40.0015 3396 DLABOIOM - detected UnsignedFile.Multi.Generic (1)
10:04:40.0015 3396 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
10:04:40.0046 3396 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning
10:04:40.0046 3396 DLACDBHM - detected UnsignedFile.Multi.Generic (1)
10:04:40.0062 3396 [ 1519522FD0CC96E84BD0EAF585CDBF65 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
10:04:40.0078 3396 DLADResN ( UnsignedFile.Multi.Generic ) - warning
10:04:40.0078 3396 DLADResN - detected UnsignedFile.Multi.Generic (1)
10:04:40.0093 3396 [ 752376E109A090970BFA9722F0F40B03 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
10:04:40.0093 3396 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning
10:04:40.0093 3396 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)
10:04:40.0109 3396 [ 62EE7902E74B90BF1CCC4643FC6C07A7 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
10:04:40.0125 3396 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning
10:04:40.0125 3396 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)
10:04:40.0140 3396 [ 5C220124C5AFEAEE84A9BB89D685C17B ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
10:04:40.0156 3396 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning
10:04:40.0156 3396 DLAPoolM - detected UnsignedFile.Multi.Generic (1)
10:04:40.0156 3396 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
10:04:40.0171 3396 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning
10:04:40.0171 3396 DLARTL_N - detected UnsignedFile.Multi.Generic (1)
10:04:40.0171 3396 [ 4EBB78D9BBF072119363B35B9B3E518F ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
10:04:40.0187 3396 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning
10:04:40.0187 3396 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)
10:04:40.0187 3396 [ 333B770E52D2CEA7BD86391120466E43 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
10:04:40.0203 3396 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning
10:04:40.0203 3396 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)
10:04:40.0218 3396 dmadmin - ok
10:04:40.0312 3396 [ F5DEADD42335FB33EDCA74ECB2F36CBA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:04:40.0515 3396 dmboot - ok
10:04:40.0562 3396 [ 5A7C47C9B3F9FB92A66410A7509F0C71 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:04:40.0781 3396 dmio - ok
10:04:40.0812 3396 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:04:40.0937 3396 dmload - ok
10:04:40.0984 3396 [ 6797C23D6B79935482D7F0E8CA5E5B67 ] dmserver C:\WINDOWS\System32\dmserver.dll
10:04:41.0140 3396 dmserver - ok
10:04:41.0171 3396 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:04:41.0296 3396 DMusic - ok
10:04:41.0343 3396 [ 1A1E59377FB6CACD711CC5073C4A7D79 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:04:41.0359 3396 Dnscache - ok
10:04:41.0421 3396 [ 3FCF86F03D0302443C21CE6E5BBF7A25 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:04:41.0562 3396 Dot3svc - ok
10:04:41.0578 3396 dpti2o - ok
10:04:41.0625 3396 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:04:41.0734 3396 drmkaud - ok
10:04:41.0750 3396 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
10:04:41.0765 3396 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning
10:04:41.0765 3396 DRVMCDB - detected UnsignedFile.Multi.Generic (1)
10:04:41.0781 3396 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
10:04:41.0796 3396 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning
10:04:41.0796 3396 DRVNDDM - detected UnsignedFile.Multi.Generic (1)
10:04:41.0843 3396 [ C9FFBD6B8EDC46CD3D13E3C6DB914FB7 ] DVD-RAM_Service C:\WINDOWS\system32\DVDRAMSV.exe
10:04:41.0859 3396 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - warning
10:04:41.0859 3396 DVD-RAM_Service - detected UnsignedFile.Multi.Generic (1)
10:04:41.0921 3396 [ E1FA10ED8F9F700C1BE1EAE05A80EF57 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
10:04:41.0953 3396 e1express - ok
10:04:41.0984 3396 [ 8B5FC9087D2CAB110BC2ED5CC5E7B8AC ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:04:42.0093 3396 EapHost - ok
10:04:42.0125 3396 [ 94F948CB12C4D35483F1E815DEB16C7B ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:04:42.0265 3396 ERSvc - ok
10:04:42.0328 3396 [ C3FB1D70CB88722267949694BA51759E ] Eventlog C:\WINDOWS\system32\services.exe
10:04:42.0359 3396 Eventlog - ok
10:04:42.0390 3396 [ EC16AE9B37EACF871629227A3F3913FD ] EventSystem C:\WINDOWS\system32\es.dll
10:04:42.0437 3396 EventSystem - ok
10:04:42.0562 3396 [ 9D6A019DEA917F305AF23209FEDD5F16 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:04:42.0625 3396 EvtEng - ok
10:04:42.0718 3396 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:04:42.0875 3396 Fastfat - ok
10:04:42.0937 3396 [ 1B8542F338CDD86929A084A455837158 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:04:42.0984 3396 FastUserSwitchingCompatibility - ok
10:04:43.0031 3396 [ 305687EB8C8E0A12A0B2BAE387B6E466 ] Fax C:\WINDOWS\system32\fxssvc.exe
10:04:43.0218 3396 Fax - ok
10:04:43.0265 3396 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
10:04:43.0406 3396 Fdc - ok
10:04:43.0421 3396 [ 31F923EB2170FC172C81ABDA0045D18C ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:04:43.0546 3396 Fips - ok
10:04:43.0546 3396 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
10:04:43.0671 3396 Flpydisk - ok
10:04:43.0718 3396 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:04:43.0843 3396 FltMgr - ok
10:04:43.0890 3396 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:04:43.0906 3396 FontCache3.0.0.0 - ok
10:04:43.0937 3396 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:04:44.0062 3396 Fs_Rec - ok
10:04:44.0109 3396 [ A86859B77B908C18C2657F284AA29FE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:04:44.0234 3396 Ftdisk - ok
10:04:44.0296 3396 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:04:44.0421 3396 Gpc - ok
10:04:44.0500 3396 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:04:44.0515 3396 gupdate - ok
10:04:44.0515 3396 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:04:44.0531 3396 gupdatem - ok
10:04:44.0578 3396 [ A8BCCB6AB8E43C39F4EF1BC4DB8D6165 ] HdAudAddService C:\WINDOWS\system32\drivers\CHDAud.sys
10:04:44.0656 3396 HdAudAddService - ok
10:04:44.0671 3396 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:04:44.0796 3396 HDAudBus - ok
10:04:44.0890 3396 [ 1247F83B705AF0E796330442F7967CF8 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:04:45.0046 3396 helpsvc - ok
10:04:45.0062 3396 HidServ - ok
10:04:45.0109 3396 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:04:45.0281 3396 HidUsb - ok
10:04:45.0312 3396 [ 17B3C3D40CDBA40C2E331D28BE4DE27F ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:04:45.0453 3396 hkmsvc - ok
10:04:45.0453 3396 hpn - ok
10:04:45.0515 3396 [ A30D7011C1B80A0BC16602D99218D522 ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
10:04:45.0546 3396 HSFHWAZL - ok
10:04:45.0609 3396 [ 5A5A7721D9C62D77FC0FABA9B2CF5BE9 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
10:04:45.0687 3396 HSF_DPV - ok
10:04:45.0765 3396 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:04:45.0812 3396 HTTP - ok
10:04:45.0843 3396 [ BD31CFACE38D1800ABDB43F4260AF0D5 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:04:45.0984 3396 HTTPFilter - ok
10:04:46.0000 3396 i2omgmt - ok
10:04:46.0000 3396 i2omp - ok
10:04:46.0062 3396 [ A09BDC4ED10E3B2E0EC27BB94AF32516 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:04:46.0265 3396 i8042prt - ok
10:04:46.0359 3396 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:04:46.0406 3396 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:04:46.0406 3396 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:04:46.0515 3396 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:04:46.0562 3396 idsvc - ok
10:04:46.0609 3396 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:04:46.0750 3396 Imapi - ok
10:04:46.0812 3396 [ C4221678BBAA55239C23632875759961 ] ImapiService C:\WINDOWS\system32\imapi.exe
10:04:47.0015 3396 ImapiService - ok
10:04:47.0031 3396 ini910u - ok
10:04:47.0062 3396 [ E1DF634BEC066B3D4FFE437BCB78C282 ] Inspect C:\WINDOWS\system32\DRIVERS\inspect.sys
10:04:47.0078 3396 Inspect - ok
10:04:47.0093 3396 IntelIde - ok
10:04:47.0140 3396 [ AD340800C35A42D4DE1641A37FEEA34C ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:04:47.0296 3396 intelppm - ok
10:04:47.0312 3396 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
10:04:47.0453 3396 Ip6Fw - ok
10:04:47.0500 3396 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:04:47.0625 3396 IpFilterDriver - ok
10:04:47.0625 3396 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:04:47.0765 3396 IpInIp - ok
10:04:47.0812 3396 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:04:47.0937 3396 IpNat - ok
10:04:47.0953 3396 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:04:48.0078 3396 IPSec - ok
10:04:48.0109 3396 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:04:48.0187 3396 IRENUM - ok
10:04:48.0203 3396 [ 355836975A67B6554BCA60328CD6CB74 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:04:48.0312 3396 isapnp - ok
10:04:48.0328 3396 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
10:04:48.0359 3396 Iviaspi ( UnsignedFile.Multi.Generic ) - warning
10:04:48.0359 3396 Iviaspi - detected UnsignedFile.Multi.Generic (1)
10:04:48.0453 3396 [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
10:04:48.0484 3396 JavaQuickStarterService - ok
10:04:48.0484 3396 [ 16813155807C6881F4BFBF6657424659 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:04:48.0609 3396 Kbdclass - ok
10:04:48.0625 3396 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:04:48.0765 3396 kmixer - ok
10:04:48.0781 3396 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:04:48.0796 3396 KSecDD - ok
10:04:48.0843 3396 [ 1DB8078A32E03AC8F5EB5E6DCAC2AA34 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
10:04:48.0890 3396 lanmanserver - ok
10:04:48.0906 3396 [ AD54EAD46D92F413BE189AABC1C59490 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:04:48.0953 3396 lanmanworkstation - ok
10:04:48.0953 3396 Lavasoft Kernexplorer - ok
10:04:48.0968 3396 lbrtfdc - ok
10:04:49.0015 3396 [ 0F357C079AC529A844AB5B18E4EEF881 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:04:49.0171 3396 LmHosts - ok
10:04:49.0265 3396 [ 4A0B6533F035D74729942EE1D19C35C5 ] lxdxCATSCustConnectService C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe
10:04:49.0343 3396 lxdxCATSCustConnectService - ok
10:04:49.0359 3396 lxdx_device - ok
10:04:49.0390 3396 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
10:04:49.0421 3396 mdmxsdk - ok
10:04:49.0453 3396 [ 7EFAC183A25B30FB5D64CC9D484B1EB6 ] meiudf C:\WINDOWS\system32\Drivers\meiudf.sys
10:04:49.0468 3396 meiudf ( UnsignedFile.Multi.Generic ) - warning
10:04:49.0468 3396 meiudf - detected UnsignedFile.Multi.Generic (1)
10:04:49.0500 3396 [ E67A66A3781C1A483F0F8992664CBE0D ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:04:49.0640 3396 Messenger - ok
10:04:49.0656 3396 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:04:49.0796 3396 mnmdd - ok
10:04:49.0828 3396 [ D3A2870CD96CDA7BCFF3DC54F64087AD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:04:50.0015 3396 mnmsrvc - ok
10:04:50.0062 3396 [ 510ADE9327FE84C10254E1902697E25F ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:04:50.0171 3396 Modem - ok
10:04:50.0203 3396 [ 027C01BD7EF3349AAEBC883D8A799EFB ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:04:50.0343 3396 Mouclass - ok
10:04:50.0343 3396 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:04:50.0468 3396 MountMgr - ok
10:04:50.0546 3396 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:04:50.0562 3396 MozillaMaintenance - ok
10:04:50.0578 3396 mraid35x - ok
10:04:50.0609 3396 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:04:50.0734 3396 MRxDAV - ok
10:04:50.0796 3396 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:04:50.0875 3396 MRxSmb - ok
10:04:50.0890 3396 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:04:51.0031 3396 Msfs - ok
10:04:51.0031 3396 MSIServer - ok
10:04:51.0062 3396 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:04:51.0171 3396 MSKSSRV - ok
10:04:51.0203 3396 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:04:51.0328 3396 MSPCLOCK - ok
10:04:51.0343 3396 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:04:51.0468 3396 MSPQM - ok
10:04:51.0484 3396 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:04:51.0609 3396 mssmbios - ok
10:04:51.0656 3396 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:04:51.0687 3396 Mup - ok
10:04:51.0734 3396 [ 69E4FBBABAEEE1BFF422E091DA3171DA ] napagent C:\WINDOWS\System32\qagentrt.dll
10:04:51.0875 3396 napagent - ok
10:04:51.0937 3396 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:04:52.0062 3396 NDIS - ok
10:04:52.0109 3396 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:04:52.0140 3396 NdisTapi - ok
10:04:52.0156 3396 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:04:52.0312 3396 Ndisuio - ok
10:04:52.0312 3396 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:04:52.0437 3396 NdisWan - ok
10:04:52.0468 3396 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:04:52.0500 3396 NDProxy - ok
10:04:52.0515 3396 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:04:52.0625 3396 NetBIOS - ok
10:04:52.0656 3396 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:04:52.0765 3396 NetBT - ok
10:04:52.0828 3396 [ 5C9B1D83755B36237B70F95DF3D46A52 ] NetDDE C:\WINDOWS\system32\netdde.exe
10:04:52.0937 3396 NetDDE - ok
10:04:52.0953 3396 [ 5C9B1D83755B36237B70F95DF3D46A52 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:04:53.0062 3396 NetDDEdsdm - ok
10:04:53.0093 3396 [ 1265EB253ED4EBE4ACB3BD5F548FF796 ] Netdevio C:\WINDOWS\system32\DRIVERS\netdevio.sys
10:04:53.0109 3396 Netdevio ( UnsignedFile.Multi.Generic ) - warning
10:04:53.0109 3396 Netdevio - detected UnsignedFile.Multi.Generic (1)
10:04:53.0156 3396 [ 91E6024D6D4DCDECDB36C43ECF9BBECB ] Netlogon C:\WINDOWS\system32\lsass.exe
10:04:53.0281 3396 Netlogon - ok
10:04:53.0296 3396 [ BE0CB143FA427D93440DED18DB8C918B ] Netman C:\WINDOWS\System32\netman.dll
10:04:53.0421 3396 Netman - ok
10:04:53.0484 3396 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:04:53.0500 3396 NetTcpPortSharing - ok
10:04:53.0859 3396 [ 72062B53186E4A3F5FCBC41EBB62B905 ] NETwLx32 C:\WINDOWS\system32\DRIVERS\NETwLx32.sys
10:04:54.0515 3396 NETwLx32 - ok
10:04:54.0578 3396 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
10:04:54.0781 3396 NIC1394 - ok
10:04:54.0796 3396 [ 6F5F546A92C7B6AE45DB1D6910781EB0 ] Nla C:\WINDOWS\System32\mswsock.dll
10:04:54.0843 3396 Nla - ok
10:04:54.0843 3396 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
10:04:54.0968 3396 nm - ok
10:04:55.0031 3396 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\WINDOWS\system32\drivers\npf.sys
10:04:55.0046 3396 NPF - ok
10:04:55.0062 3396 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:04:55.0218 3396 Npfs - ok
10:04:55.0296 3396 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:04:55.0468 3396 Ntfs - ok
10:04:55.0484 3396 [ 91E6024D6D4DCDECDB36C43ECF9BBECB ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:04:55.0609 3396 NtLmSsp - ok
10:04:55.0656 3396 [ 037D92B3A7853A183FCAB77FB1D13D6C ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:04:55.0828 3396 NtmsSvc - ok
10:04:55.0875 3396 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
10:04:56.0000 3396 Null - ok
10:04:56.0218 3396 [ 24F48F02FA8D9EFDA3425440F9814057 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:04:56.0421 3396 nv - ok
10:04:56.0453 3396 [ 2F1829856FC8C22C3605A42AAFE5E8C2 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
10:04:56.0484 3396 NVSvc - ok
10:04:56.0500 3396 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:04:56.0609 3396 NwlnkFlt - ok
10:04:56.0640 3396 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:04:56.0781 3396 NwlnkFwd - ok
10:04:56.0843 3396 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
10:04:56.0953 3396 ohci1394 - ok
10:04:56.0984 3396 [ 8FD0BDBEA875D06CCF6C945CA9ABAF75 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
10:04:57.0109 3396 Parport - ok
10:04:57.0125 3396 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:04:57.0234 3396 PartMgr - ok
10:04:57.0250 3396 [ 9575C5630DB8FB804649A6959737154C ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:04:57.0359 3396 ParVdm - ok
10:04:57.0359 3396 [ 043410877BDA580C528F45165F7125BC ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:04:57.0484 3396 PCI - ok
10:04:57.0500 3396 PCIDump - ok
10:04:57.0500 3396 [ F4BFDE7209C14A07AAA61E4D6AE69EAC ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:04:57.0625 3396 PCIIde - ok
10:04:57.0640 3396 [ F0406CBC60BDB0394A0E17FFB04CDD3D ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
10:04:57.0765 3396 Pcmcia - ok
10:04:57.0765 3396 PDCOMP - ok
10:04:57.0765 3396 PDFRAME - ok
10:04:57.0781 3396 PDRELI - ok
10:04:57.0781 3396 PDRFRAME - ok
10:04:57.0796 3396 perc2 - ok
10:04:57.0796 3396 perc2hib - ok
10:04:57.0828 3396 [ 444F122E68DB44C0589227781F3C8B3F ] Pfc C:\WINDOWS\system32\drivers\pfc.sys
10:04:57.0859 3396 Pfc ( UnsignedFile.Multi.Generic ) - warning
10:04:57.0859 3396 Pfc - detected UnsignedFile.Multi.Generic (1)
10:04:57.0875 3396 [ C3FB1D70CB88722267949694BA51759E ] PlugPlay C:\WINDOWS\system32\services.exe
10:04:57.0906 3396 PlugPlay - ok
10:04:57.0906 3396 [ 91E6024D6D4DCDECDB36C43ECF9BBECB ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:04:58.0031 3396 PolicyAgent - ok
10:04:58.0062 3396 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:04:58.0187 3396 PptpMiniport - ok
10:04:58.0203 3396 PROCEXP151 - ok
10:04:58.0203 3396 [ 91E6024D6D4DCDECDB36C43ECF9BBECB ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:04:58.0328 3396 ProtectedStorage - ok
10:04:58.0328 3396 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:04:58.0453 3396 PSched - ok
10:04:58.0468 3396 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf.sys
10:04:58.0484 3396 PSI - ok
10:04:58.0515 3396 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:04:58.0656 3396 Ptilink - ok
10:04:58.0656 3396 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:04:58.0671 3396 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
10:04:58.0671 3396 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
10:04:58.0687 3396 [ 7DC7ACA4E775E9D823F5773A2F47A2AC ] qkbfiltr C:\WINDOWS\system32\drivers\qkbfiltr.sys
10:04:58.0734 3396 qkbfiltr ( UnsignedFile.Multi.Generic ) - warning
10:04:58.0734 3396 qkbfiltr - detected UnsignedFile.Multi.Generic (1)
10:04:58.0734 3396 ql1080 - ok
10:04:58.0750 3396 Ql10wnt - ok
10:04:58.0750 3396 ql12160 - ok
10:04:58.0765 3396 ql1240 - ok
10:04:58.0765 3396 ql1280 - ok
10:04:58.0796 3396 [ 8652B9E134C3478BE948BF089DF8ED5E ] qmofiltr C:\WINDOWS\system32\drivers\qmofiltr.sys
10:04:58.0812 3396 qmofiltr ( UnsignedFile.Multi.Generic ) - warning
10:04:58.0812 3396 qmofiltr - detected UnsignedFile.Multi.Generic (1)
10:04:58.0828 3396 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:04:58.0968 3396 RasAcd - ok
10:04:59.0015 3396 [ 78DA9CCDAC683EF5AA87D1C919F6D221 ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:04:59.0156 3396 RasAuto - ok
10:04:59.0171 3396 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:04:59.0296 3396 Rasl2tp - ok
10:04:59.0343 3396 [ 0A48DF90B4784F9B90A2671AF992C914 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:04:59.0468 3396 RasMan - ok
10:04:59.0468 3396 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:04:59.0609 3396 RasPppoe - ok
10:04:59.0656 3396 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:04:59.0781 3396 Raspti - ok
10:04:59.0812 3396 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:04:59.0921 3396 Rdbss - ok
10:04:59.0921 3396 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:05:00.0062 3396 RDPCDD - ok
10:05:00.0125 3396 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:05:00.0171 3396 RDPWD - ok
10:05:00.0218 3396 [ 9F63D9C5B238ED1C375D417EFF3D5BE7 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:05:00.0375 3396 RDSessMgr - ok
10:05:00.0421 3396 [ D8EB2A7904DB6C916EB5361878DDCBAE ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:05:00.0546 3396 redbook - ok
10:05:00.0671 3396 [ 6987DC1DD7A7159752DFB1F6AABAE062 ] RegSrvc C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
10:05:00.0703 3396 RegSrvc - ok
10:05:00.0750 3396 [ 7DA370C31673C99497BD07068EE6E354 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:05:00.0890 3396 RemoteAccess - ok
10:05:00.0921 3396 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
10:05:00.0953 3396 rpcapd - ok
10:05:00.0968 3396 [ 499C59A2584F6D4EA41E944DA571D993 ] RpcLocator C:\WINDOWS\system32\locator.exe
10:05:01.0156 3396 RpcLocator - ok
10:05:01.0187 3396 [ 0203B1AAD358F206CB0A3C1F93CCE17A ] RpcSs C:\WINDOWS\System32\rpcss.dll
10:05:01.0234 3396 RpcSs - ok
10:05:01.0296 3396 [ 414964844F4793ACB868D057E8ED997E ] RSVP C:\WINDOWS\system32\rsvp.exe
10:05:01.0437 3396 RSVP - ok
10:05:01.0531 3396 [ 662973C942738D4B2FE8147E63DE66B3 ] S24EventMonitor C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
10:05:01.0578 3396 S24EventMonitor - ok
10:05:01.0671 3396 [ 27FC71DA659305E260ACBDA15A318399 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
10:05:01.0687 3396 s24trans - ok
10:05:01.0703 3396 [ 91E6024D6D4DCDECDB36C43ECF9BBECB ] SamSs C:\WINDOWS\system32\lsass.exe
10:05:01.0890 3396 SamSs - ok
10:05:01.0937 3396 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
10:05:01.0953 3396 SASDIFSV - ok
10:05:01.0953 3396 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
10:05:01.0968 3396 SASKUTIL - ok
10:05:02.0015 3396 [ 67949CC8A865296C1333C96A4E1A2D66 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:05:02.0156 3396 SCardSvr - ok
10:05:02.0203 3396 [ 55F5C5C1BE1A78E285033E432BA01597 ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:05:02.0328 3396 Schedule - ok
10:05:02.0390 3396 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
10:05:02.0515 3396 sdbus - ok
10:05:02.0562 3396 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:05:02.0640 3396 Secdrv - ok
10:05:02.0656 3396 [ 5AC311C0AF2AF5EC221670BB8DC479D3 ] seclogon C:\WINDOWS\System32\seclogon.dll
10:05:02.0796 3396 seclogon - ok
10:05:02.0937 3396 [ 5B66DB4877BBAC9F7493AA8D84421E49 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
10:05:02.0984 3396 Secunia PSI Agent - ok
10:05:03.0062 3396 [ 0E88FDF474F2CDD370A4A6CE77D018F0 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
10:05:03.0093 3396 Secunia Update Agent - ok
10:05:03.0156 3396 [ 3531366F38F453D08FE72E7B32DFE786 ] SENS C:\WINDOWS\system32\sens.dll
10:05:03.0312 3396 SENS - ok
10:05:03.0359 3396 [ 93D313C31F7AD9EA2B75F26075413C7C ] Serial C:\WINDOWS\system32\drivers\Serial.sys
10:05:03.0562 3396 Serial - ok
10:05:03.0609 3396 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
10:05:03.0734 3396 sffdisk - ok
10:05:03.0750 3396 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
10:05:03.0875 3396 sffp_sd - ok
10:05:03.0890 3396 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
10:05:04.0015 3396 Sfloppy - ok
10:05:04.0078 3396 [ F4CE708A7D17A625DE6C0FD746D50E88 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:05:04.0234 3396 SharedAccess - ok
10:05:04.0281 3396 [ 1B8542F338CDD86929A084A455837158 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:05:04.0312 3396 ShellHWDetection - ok
10:05:04.0312 3396 Simbad - ok
10:05:04.0328 3396 Sparrow - ok
10:05:04.0343 3396 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:05:04.0468 3396 splitter - ok
10:05:04.0500 3396 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:05:04.0546 3396 Spooler - ok
10:05:04.0593 3396 [ B52181023B827ACDA36C1B76751EBFFD ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:05:04.0687 3396 sr - ok
10:05:04.0718 3396 [ 6469C53F4D16FA6055CCA265BC03DB66 ] srservice C:\WINDOWS\system32\srsvc.dll
10:05:04.0828 3396 srservice - ok
10:05:04.0890 3396 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:05:04.0968 3396 Srv - ok
10:05:05.0015 3396 [ EA9E0DB8684CEF2FD3BADD671DF5A112 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:05:05.0109 3396 SSDPSRV - ok
10:05:05.0171 3396 [ D76B0E8A4ECAD1ADCC75FD14A7ACC54C ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:05:05.0328 3396 stisvc - ok
10:05:05.0375 3396 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:05:05.0562 3396 swenum - ok
10:05:05.0609 3396 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:05:05.0734 3396 swmidi - ok
10:05:05.0734 3396 SwPrv - ok
10:05:05.0750 3396 symc810 - ok
10:05:05.0750 3396 symc8xx - ok
10:05:05.0765 3396 sym_hi - ok
10:05:05.0765 3396 sym_u3 - ok
10:05:05.0828 3396 [ E295FFFFF3AAF9A6A40B29497901908F ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
10:05:05.0859 3396 SynTP - ok
10:05:05.0875 3396 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:05:05.0984 3396 sysaudio - ok
10:05:06.0015 3396 [ 0899061318A6B1D9596AABFC77F45E44 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:05:06.0406 3396 SysmonLog - ok
10:05:06.0453 3396 [ 8E5231171AD6595FF002E848CC54FCD7 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:05:06.0593 3396 TapiSrv - ok
10:05:06.0640 3396 [ 1F26D86828039C0B594399F7F2FFEF09 ] TBiosDrv C:\WINDOWS\system32\Drivers\Tbiosdrv.sys
10:05:06.0671 3396 TBiosDrv ( UnsignedFile.Multi.Generic ) - warning
10:05:06.0671 3396 TBiosDrv - detected UnsignedFile.Multi.Generic (1)
10:05:06.0734 3396 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:05:06.0781 3396 Tcpip - ok
10:05:06.0812 3396 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:05:07.0031 3396 TDPIPE - ok
10:05:07.0046 3396 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:05:07.0171 3396 TDTCP - ok
10:05:07.0203 3396 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:05:07.0328 3396 TermDD - ok
10:05:07.0359 3396 [ 710BC85A8C22626EE094439E3EA0D38C ] TermService C:\WINDOWS\System32\termsrv.dll
10:05:07.0500 3396 TermService - ok
10:05:07.0515 3396 [ 1B8542F338CDD86929A084A455837158 ] Themes C:\WINDOWS\System32\shsvcs.dll
10:05:07.0546 3396 Themes - ok
10:05:07.0609 3396 [ 244CFBFFDEFB77F3DF571A8CD108FC06 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
10:05:07.0625 3396 tifm21 - ok
10:05:07.0640 3396 TosIde - ok
10:05:07.0703 3396 [ E1A84A5067627407A53C2C4F8D8A1D2E ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:05:07.0828 3396 TrkWks - ok
10:05:07.0843 3396 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:05:07.0968 3396 Udfs - ok
10:05:07.0984 3396 UIUSys - ok
10:05:07.0984 3396 ultra - ok
10:05:08.0046 3396 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:05:08.0187 3396 Update - ok
10:05:08.0234 3396 [ BD8166A495B02308F364B36249475F22 ] upnphost C:\WINDOWS\System32\upnphost.dll
10:05:08.0328 3396 upnphost - ok
10:05:08.0359 3396 [ 1EDC93D7BD731B5CA6248AE245099B60 ] UPS C:\WINDOWS\System32\ups.exe
10:05:08.0500 3396 UPS - ok
10:05:08.0546 3396 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:05:08.0671 3396 usbccgp - ok
10:05:08.0703 3396 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:05:08.0875 3396 usbehci - ok
10:05:08.0921 3396 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:05:09.0046 3396 usbhub - ok
10:05:09.0062 3396 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:05:09.0218 3396 usbprint - ok
10:05:09.0265 3396 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:05:09.0437 3396 usbscan - ok
10:05:09.0437 3396 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:05:09.0546 3396 USBSTOR - ok
10:05:09.0562 3396 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:05:09.0687 3396 usbuhci - ok
10:05:09.0703 3396 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:05:09.0828 3396 VgaSave - ok
10:05:09.0828 3396 ViaIde - ok
10:05:09.0843 3396 [ 46DE1126684369BACE4849E4FC8C43CA ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:05:09.0968 3396 VolSnap - ok
10:05:10.0031 3396 [ 5A4DA252B2C0550AB83D129C02CF6C19 ] VSS C:\WINDOWS\System32\vssvc.exe
10:05:10.0109 3396 VSS - ok
10:05:10.0156 3396 [ C1F726EE0B043B074A68992BC4AEF8FD ] W32Time C:\WINDOWS\system32\w32time.dll
10:05:10.0296 3396 W32Time - ok
10:05:10.0406 3396 [ B1F126E7E28877106D60E6FF3998D033 ] w39n51 C:\WINDOWS\system32\DRIVERS\w39n51.sys
10:05:10.0453 3396 w39n51 - ok
10:05:10.0531 3396 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:05:10.0671 3396 Wanarp - ok
10:05:10.0671 3396 WDICA - ok
10:05:10.0718 3396 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
 
(continues)


10:05:10.0843 3396 wdmaud - ok
10:05:10.0890 3396 [ 714670E64FBE6D28D99871ED9A52A334 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:05:11.0015 3396 WebClient - ok
10:05:11.0078 3396 [ E0A00B06EA067C84E124B407DFFA1AF1 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
10:05:11.0156 3396 winachsf - ok
10:05:11.0312 3396 [ 5E9DEAE9980FF34BCD6DDE2E9E2BF911 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:05:11.0437 3396 winmgmt - ok
10:05:11.0484 3396 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
10:05:11.0500 3396 WmdmPmSN - ok
10:05:11.0531 3396 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
10:05:11.0640 3396 WmiAcpi - ok
10:05:11.0671 3396 [ 4E8E8A58F56B25D0795F484E5EB7F898 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:05:11.0796 3396 WmiApSrv - ok
10:05:11.0937 3396 [ C9BEA742CE225CC993C9465FDDAE4656 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
10:05:11.0968 3396 WMPNetworkSvc - ok
10:05:12.0062 3396 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:05:12.0109 3396 WPFFontCache_v0400 - ok
10:05:12.0140 3396 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
10:05:12.0265 3396 WS2IFSL - ok
10:05:12.0328 3396 [ C1FD85DB4A80A98D60ECB7A828E77FE0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:05:12.0546 3396 wscsvc - ok
10:05:12.0562 3396 [ 75D6C5C3D2C93B1F9931E5DFB693AE2A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
10:05:12.0687 3396 wuauserv - ok
10:05:12.0718 3396 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:05:12.0781 3396 WudfPf - ok
10:05:12.0812 3396 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
10:05:12.0859 3396 WudfSvc - ok
10:05:12.0921 3396 [ C336E54EE0C291A02F004667DB1E66CB ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:05:13.0062 3396 WZCSVC - ok
10:05:13.0093 3396 [ F92A87FDDA0C11C8604FBC2B864FA726 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:05:13.0250 3396 xmlprov - ok
10:05:13.0250 3396 ================ Scan global ===============================
10:05:13.0312 3396 [ 61013AB2E38550619637AA6CC02383D4 ] C:\WINDOWS\system32\basesrv.dll
10:05:13.0359 3396 [ 8FB644D08037BB9CF532F697CCC0A8E6 ] C:\WINDOWS\system32\winsrv.dll
10:05:13.0390 3396 [ 8FB644D08037BB9CF532F697CCC0A8E6 ] C:\WINDOWS\system32\winsrv.dll
10:05:13.0421 3396 [ C3FB1D70CB88722267949694BA51759E ] C:\WINDOWS\system32\services.exe
10:05:13.0437 3396 [Global] - ok
10:05:13.0437 3396 ================ Scan MBR ==================================
10:05:13.0453 3396 [ 09CE7397AF23D4C0B331B89D0297CC7E ] \Device\Harddisk0\DR0
10:05:14.0015 3396 \Device\Harddisk0\DR0 - ok
10:05:14.0015 3396 ================ Scan VBR ==================================
10:05:14.0015 3396 [ 73C6E5BE10F2BCBD84990E5B2BC86CB9 ] \Device\Harddisk0\DR0\Partition1
10:05:14.0015 3396 \Device\Harddisk0\DR0\Partition1 - ok
10:05:14.0015 3396 ============================================================
10:05:14.0015 3396 Scan finished
10:05:14.0015 3396 ============================================================
10:05:14.0156 3772 Detected object count: 22
10:05:14.0156 3772 Actual detected object count: 22
10:05:23.0703 3772 CFSvcs ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0703 3772 CFSvcs ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0703 3772 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0703 3772 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0703 3772 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0703 3772 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0703 3772 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0703 3772 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0718 3772 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0718 3772 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0718 3772 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0718 3772 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0718 3772 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0718 3772 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0718 3772 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0718 3772 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0718 3772 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0718 3772 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0718 3772 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0718 3772 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0734 3772 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0734 3772 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0734 3772 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0734 3772 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0734 3772 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0734 3772 DVD-RAM_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0734 3772 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0734 3772 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0734 3772 Iviaspi ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0734 3772 Iviaspi ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0734 3772 meiudf ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0734 3772 meiudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0750 3772 Netdevio ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0750 3772 Netdevio ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0750 3772 Pfc ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0750 3772 Pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0750 3772 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0750 3772 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0750 3772 qkbfiltr ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0750 3772 qkbfiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0750 3772 qmofiltr ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0750 3772 qmofiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:05:23.0750 3772 TBiosDrv ( UnsignedFile.Multi.Generic ) - skipped by user
10:05:23.0750 3772 TBiosDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:06:01.0562 1808 Deinitialize success
 
Hello, here is OTL quick scan:

OTL logfile created on: 2013-01-26 09:01:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Toshiba\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 83,53% Memory free
4,88 Gb Paging File | 4,43 Gb Available in Paging File | 90,94% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,79 Gb Total Space | 24,14 Gb Free Space | 21,59% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA-29519BD | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-01-26 08:47:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
PRC - [2012-11-27 21:50:02 | 003,085,736 | ---- | M] (Emsisoft GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe
PRC - [2012-11-07 18:37:37 | 001,990,464 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012-11-07 18:37:11 | 006,756,048 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2012-10-30 18:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012-10-30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012-09-22 15:19:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2012-09-17 11:41:54 | 000,254,896 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2011-10-24 18:58:52 | 001,407,248 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2011-10-24 18:58:46 | 000,882,960 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2011-10-24 17:53:14 | 000,870,672 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2011-10-24 17:37:18 | 001,210,640 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2011-10-24 17:34:56 | 000,481,552 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
PRC - [2011-10-14 01:01:50 | 000,994,360 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2011-10-14 01:01:48 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\sua.exe
PRC - [2011-10-14 01:01:46 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2010-02-04 00:28:07 | 000,107,176 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe
PRC - [2010-02-04 00:27:55 | 000,672,424 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
PRC - [2009-10-16 12:10:34 | 000,589,824 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdxcoms.exe
PRC - [2008-04-13 21:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-01-05 17:00:06 | 001,589,248 | ---- | M] (TOSHIBA Inc.) -- C:\Program Files\TOSHIBA\Windows Utilities\Hotkey.exe
PRC - [2005-12-15 13:21:00 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe
PRC - [2005-10-05 23:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005-05-17 03:24:50 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
PRC - [2005-04-11 10:08:00 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2005-01-17 12:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2004-08-27 20:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2004-08-27 20:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe


========== Modules (No Company Name) ==========

MOD - [2013-01-26 03:50:01 | 002,048,512 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13012600\algo.dll
MOD - [2012-12-18 09:28:24 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
MOD - [2010-02-04 00:27:55 | 000,672,424 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe
MOD - [2010-02-03 23:41:38 | 000,081,920 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxcaps.dll
MOD - [2010-02-03 23:41:23 | 000,380,928 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxscw.dll
MOD - [2010-02-03 23:41:20 | 000,782,336 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxdrs.dll
MOD - [2010-02-03 23:39:11 | 000,364,544 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\iptk.dll
MOD - [2010-02-03 23:28:27 | 000,589,824 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxdatr.dll
MOD - [2010-02-03 23:28:15 | 000,069,632 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxcnv4.dll
MOD - [2009-10-16 18:12:46 | 000,147,968 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdxdrpp.dll
MOD - [2007-09-06 04:11:34 | 000,151,552 | ---- | M] () -- C:\Program Files\Lexmark 3600-4600 Series\lxdxptp.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013-01-12 09:29:11 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-01-04 22:45:32 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012-11-27 21:50:02 | 003,085,736 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012-11-07 18:37:37 | 001,990,464 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2012-10-30 18:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012-09-22 15:19:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011-10-24 18:58:46 | 000,882,960 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2011-10-24 17:53:14 | 000,870,672 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2011-10-24 17:34:56 | 000,481,552 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2011-10-14 01:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011-10-14 01:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010-06-25 12:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009-10-16 18:00:52 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe -- (lxdxCATSCustConnectService)
SRV - [2009-10-16 12:10:34 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lxdxcoms.exe -- (lxdx_device)
SRV - [2005-04-03 18:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005-01-17 12:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004-08-27 20:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\PROCEXP151.SYS -- (PROCEXP151)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2012-11-07 18:38:17 | 000,099,080 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2012-11-07 18:38:16 | 000,032,640 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012-11-07 18:38:14 | 000,497,952 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2012-10-30 18:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012-10-30 18:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012-10-30 18:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012-10-30 18:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012-10-30 18:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012-10-30 18:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012-10-30 18:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012-06-29 21:18:16 | 000,054,072 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2011-07-22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011-07-12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011-05-19 13:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
DRV - [2010-10-07 07:11:38 | 006,609,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETwLx32.sys -- (NETwLx32)
DRV - [2010-09-01 03:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psi_mf.sys -- (PSI)
DRV - [2010-06-25 12:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2010-05-19 22:15:04 | 000,013,952 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2008-04-13 13:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2006-01-12 10:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2005-12-28 18:20:38 | 000,561,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2005-12-04 14:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51)
DRV - [2005-11-29 14:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005-11-07 19:12:00 | 000,997,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005-11-07 19:11:00 | 000,723,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005-11-07 19:11:00 | 000,202,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005-10-05 23:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005-10-05 23:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005-10-05 23:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005-10-05 23:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005-10-05 23:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005-10-05 23:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005-10-05 23:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005-08-25 06:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005-08-25 06:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005-06-11 00:42:00 | 000,005,504 | ---- | M] (Quanta Computer Corp) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BoiHwSetup.sys -- (BoiHwsetup)
DRV - [2005-06-01 23:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005-05-05 08:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qmofiltr.sys -- (qmofiltr)
DRV - [2003-09-18 19:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003-01-29 10:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2002-01-24 14:43:40 | 000,006,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tbiosdrv.sys -- (TBiosDrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-04 12:15:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-01-12 09:26:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012-08-19 11:00:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Toshiba\Application Data\Mozilla\Extensions
[2012-10-24 20:00:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Toshiba\Application Data\Mozilla\Firefox\Profiles\34z1afo4.default\extensions
[2013-01-12 09:26:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012-12-05 22:02:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013-01-26 00:22:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions
[2013-01-26 00:23:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013-01-26 00:22:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013-01-04 22:45:48 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013-01-04 22:45:12 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2013-01-04 22:45:12 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012-10-27 18:48:47 | 000,443,910 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15273 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 3600-4600 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [LaunchApp] launchapp File not found
O4 - HKLM..\Run: [lxdxmon.exe] C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Toshiba Hotkey Utility] C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe (TOSHIBA Inc.)
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} http://209.50.106.51:8181/kxhcm10.ocx (KXHCM10 Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/...ls/en/x86/client/wuweb_site.cab?1325644805328 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1349558900881 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB (Reg Error: Key error.)
O18 - Protocol\Handler\intu-ir2011 - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-01-18 05:32:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013-01-26 08:47:45 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
[2013-01-26 08:47:15 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Toshiba\Bureau\tdsskiller.exe
[2013-01-25 20:19:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013-01-25 20:19:08 | 000,000,000 | ---D | C] -- C:\JRT
[2013-01-25 20:09:00 | 000,499,147 | ---- | C] (Oleg N. Scherbakov) -- C:\Documents and Settings\Toshiba\Bureau\JRT.exe
[2013-01-25 17:38:07 | 000,688,992 | R--- | C] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\dds.com
[2013-01-25 17:37:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Bureau\fab
[2013-01-23 21:03:14 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Toshiba\Recent
[2013-01-12 09:31:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
[888 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013-01-26 09:05:00 | 000,001,002 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-01-26 08:55:24 | 000,043,758 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013-01-26 08:53:20 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013-01-26 08:51:56 | 000,001,054 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013-01-26 08:51:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-01-26 08:51:40 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
[2013-01-26 08:47:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
[2013-01-26 08:47:15 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Toshiba\Bureau\tdsskiller.exe
[2013-01-26 08:46:00 | 000,001,058 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013-01-26 00:12:50 | 004,069,512 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\03 - Paul Daraiche - A Mia madre.wma
[2013-01-26 00:11:56 | 002,490,932 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\02 - Francis Lalanne - On se retrouvera.mp3
[2013-01-26 00:05:32 | 003,477,656 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\01 - Eric Charen - Bienvenue.wma
[2013-01-25 20:09:03 | 000,499,147 | ---- | M] (Oleg N. Scherbakov) -- C:\Documents and Settings\Toshiba\Bureau\JRT.exe
[2013-01-25 20:08:43 | 000,578,255 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\adwcleaner.exe
[2013-01-25 17:38:12 | 000,688,992 | R--- | M] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\dds.com
[2013-01-25 17:23:26 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-01-24 17:18:43 | 000,143,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-01-23 21:57:20 | 000,075,089 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\RRQ_releve_de_participation - 2013-01-23 21h54.pdf
[2013-01-23 16:26:08 | 003,104,339 | ---- | M] () -- C:\Documents and Settings\Toshiba\Mes documents\J'ai besoin de toi, j'ai besoin de lui ( Nicole Croisille ).wmv.mp3
[2013-01-19 13:56:29 | 000,057,888 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\Odalric 2013-01-11.jpg
[2013-01-12 09:31:04 | 000,000,730 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2013-01-12 09:26:37 | 000,000,735 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Mozilla Firefox.lnk
[2013-01-11 22:07:09 | 000,555,754 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2013-01-11 22:07:09 | 000,484,084 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013-01-11 22:07:09 | 000,096,390 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2013-01-11 22:07:09 | 000,081,296 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013-01-10 18:22:30 | 004,191,035 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\Hotmail.zip
[2013-01-07 20:10:41 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013-01-05 19:27:38 | 000,363,875 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\capture.zip
[2013-01-05 18:07:27 | 000,182,105 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\reno.jpg
[2013-01-05 15:13:16 | 000,059,698 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\Screenshot - 2013-01-05 , 15_13_10.jpg
[2013-01-05 11:44:26 | 000,033,507 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\laid3.jpg
[2013-01-05 11:43:55 | 000,038,405 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\laid2.jpg
[2013-01-05 11:42:43 | 000,054,506 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\laid1.jpg
[2013-01-05 11:26:03 | 000,082,127 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\422244_3780298943966_1651047337_n.jpg
[2013-01-05 11:07:02 | 000,028,026 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\283290_157664880977951_7366182_n.jpg
[2013-01-05 11:06:44 | 000,018,715 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\392725_194743810603391_400390879_n.jpg
[2013-01-05 11:06:13 | 000,011,791 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\60926_400601533350950_487906773_n.jpg
[2013-01-01 12:34:49 | 000,045,815 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\Calcul gril.pdf
[2013-01-01 12:26:02 | 000,014,788 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\Calcul gril.ods
[2012-12-27 21:37:04 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
[888 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013-01-26 00:09:47 | 004,069,512 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\03 - Paul Daraiche - A Mia madre.wma
[2013-01-26 00:09:39 | 002,490,932 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\02 - Francis Lalanne - On se retrouvera.mp3
[2013-01-26 00:03:51 | 003,477,656 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\01 - Eric Charen - Bienvenue.wma
[2013-01-25 20:08:39 | 000,578,255 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\adwcleaner.exe
[2013-01-24 17:18:43 | 000,143,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-01-23 21:57:20 | 000,075,089 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\RRQ_releve_de_participation - 2013-01-23 21h54.pdf
[2013-01-23 16:26:08 | 003,104,339 | ---- | C] () -- C:\Documents and Settings\Toshiba\Mes documents\J'ai besoin de toi, j'ai besoin de lui ( Nicole Croisille ).wmv.mp3
[2013-01-19 13:56:53 | 000,057,888 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\Odalric 2013-01-11.jpg
[2013-01-12 09:31:04 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\VLC media player.lnk
[2013-01-10 18:22:30 | 004,191,035 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\Hotmail.zip
[2013-01-05 19:27:36 | 000,363,875 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\capture.zip
[2013-01-05 18:07:27 | 000,182,105 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\reno.jpg
[2013-01-05 15:13:16 | 000,059,698 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\Screenshot - 2013-01-05 , 15_13_10.jpg
[2013-01-05 11:44:26 | 000,033,507 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\laid3.jpg
[2013-01-05 11:43:55 | 000,038,405 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\laid2.jpg
[2013-01-05 11:42:57 | 000,054,506 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\laid1.jpg
[2013-01-05 11:26:19 | 000,082,127 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\422244_3780298943966_1651047337_n.jpg
[2013-01-05 11:07:15 | 000,028,026 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\283290_157664880977951_7366182_n.jpg
[2013-01-05 11:06:49 | 000,018,715 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\392725_194743810603391_400390879_n.jpg
[2013-01-05 11:06:40 | 000,011,791 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\60926_400601533350950_487906773_n.jpg
[2013-01-01 12:34:48 | 000,045,815 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\Calcul gril.pdf
[2013-01-01 12:26:02 | 000,014,788 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\Calcul gril.ods
[2013-01-01 12:11:07 | 000,431,104 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\SCAN0001.JPG
[2012-04-02 06:10:06 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012-03-31 15:44:26 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2012-03-31 15:44:26 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2012-03-27 19:08:06 | 000,004,520 | ---- | C] () -- C:\WINDOWS\gwpreset.ini
[2012-03-27 19:08:06 | 000,000,042 | ---- | C] () -- C:\WINDOWS\goldwave.ini
[2012-03-14 20:18:03 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\LXDXhcp.dll
[2012-03-14 20:18:03 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\LXDXinst.dll
[2012-03-07 21:36:36 | 000,003,712 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2012-02-29 23:33:12 | 001,105,920 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxserv.dll
[2012-02-29 23:33:12 | 000,843,776 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxusb1.dll
[2012-02-29 23:33:12 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxpmui.dll
[2012-02-29 23:33:12 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxprox.dll
[2012-02-29 23:33:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdxvs.dll
[2012-02-29 23:33:11 | 000,851,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcomc.dll
[2012-02-29 23:33:11 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxhbn3.dll
[2012-02-29 23:33:11 | 000,589,824 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcoms.exe
[2012-02-29 23:33:11 | 000,376,832 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcomm.dll
[2012-02-29 23:33:11 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxinpa.dll
[2012-02-29 23:33:11 | 000,360,448 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxcfg.exe
[2012-02-29 23:33:11 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxiesc.dll
[2012-02-29 23:33:11 | 000,315,392 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxih.exe
[2012-02-29 23:33:11 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdxgrd.dll
[2012-02-29 23:33:10 | 000,569,344 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdxlmpm.dll
[2012-02-14 19:03:43 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012-02-08 04:16:24 | 000,616,414 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\census.cache
[2012-02-08 04:15:20 | 000,175,661 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\ars.cache
[2012-02-07 21:54:33 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\housecall.guid.cache
[2012-01-17 19:03:13 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2012-01-17 19:03:13 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2012-01-07 22:11:56 | 000,068,608 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-01-03 20:39:24 | 000,000,038 | ---- | C] () -- C:\Documents and Settings\Toshiba\null
[2012-01-03 20:38:44 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\fusioncache.dat
[2012-01-03 20:34:54 | 000,006,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\Tbiosdrv.sys
[2012-01-03 20:34:50 | 000,000,037 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2012-01-03 20:34:44 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI

========== ZeroAccess Check ==========

[2006-01-18 07:00:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010-04-16 11:07:57 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 05:53:55 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-13 21:33:48 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012-10-03 18:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012-07-02 10:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CPA_VA
[2012-03-31 15:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DonationCoder
[2012-06-28 18:18:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
[2012-05-28 17:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2012-09-23 10:17:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lexmark 3600-4600 Series
[2012-03-18 15:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Paessler
[2012-09-15 15:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\Audacity
[2012-03-31 15:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\DonationCoder
[2012-01-04 19:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\ElevatedDiagnostics
[2012-08-01 17:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\freac
[2012-05-26 19:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\Garmin
[2012-02-09 19:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\GetRightToGo
[2012-05-28 17:08:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\ICQ
[2012-05-28 17:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\ICQ Search
[2012-03-24 16:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\InterVideo
[2012-01-07 11:20:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\OpenOffice.org
[2012-01-14 13:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\toshiba
[2012-01-14 10:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\WinPatrol

========== Purity Check ==========



< End of report >
 
Hello, here is OTL "Extras" log:

OTL Extras logfile created on: 2013-01-26 09:01:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Toshiba\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 83,53% Memory free
4,88 Gb Paging File | 4,43 Gb Available in Paging File | 90,94% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,79 Gb Total Space | 24,14 Gb Free Space | 21,59% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA-29519BD | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\WINDOWS\system32\lxdxcoms.exe" = C:\WINDOWS\system32\lxdxcoms.exe:*:Enabled:3600-4600 Series Server -- ( )
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxpswx.exe:*:Enabled:printer Status Window Interface -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxjswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxjswx.exe:*:Enabled:Job Status Window Interface -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxtime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdxtime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.)
"C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe" = C:\Program Files\Lexmark 3600-4600 Series\lxdxmon.exe:*:Enabled:printer Device Monitor -- ()
"C:\Program Files\Lexmark 3600-4600 Series\Wireless\lxdxwpss.exe" = C:\Program Files\Lexmark 3600-4600 Series\Wireless\lxdxwpss.exe:*:Enabled: -- (Lexmark International, Inc.)
"C:\Program Files\Lexmark 3600-4600 Series\Diagnostics\LXDXdiag.exe" = C:\Program Files\Lexmark 3600-4600 Series\Diagnostics\LXDXdiag.exe:*:Enabled: -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{099D12EC-0321-4CAC-A0CC-33D020156FCD}" = Toshiba Utility
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = Assist TOSHIBA
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216037FF}" = Java(TM) 6 Update 37
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5A1A9AB2-2F68-462D-A67D-7C855DFF5EEB}" = Microsoft Network Monitor: NetworkMonitor Parsers 3.4
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = Utilitaire de zoom TOSHIBA
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}" = OpenOffice.org 3.4.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9A08615A-6113-46F9-8819-5BA66B6600FD}" = Toshiba Hotkey Utility
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = Pilote du DVD-RAM
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Réducteur de bruit lect. CD/DVD
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2F2C44A-869E-4C32-9CEC-E22B1CC91F06}" = Microsoft Network Monitor 3.4
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Français
"{ACA1086B-9B62-4F80-B4B9-5659395E4F25}" = Toshiba Controls Utility
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0DA129B-1E45-494D-A362-5CD0109C306B}" = WOT pour Internet Explorer
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{C8005A7B-9638-41DD-B83B-AF277754E211}" = Logiciel Intel(R) PROSet/Wireless WiFi
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{F06AB18D-6F98-48E8-9441-E3290244143D}" = inSSIDer
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F77890F3-774A-4CBE-A2E3-7BB0DC71D1FA}" = Toshiba Touchpad Utility
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity_is1" = Audacity 2.0
"avast" = avast! Free Antivirus
"Canon Digital Camera USB WIA Driver" = Canon Digital Camera USB WIA Driver
"CCleaner" = CCleaner
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5047&SUBSYS_1179FF31" = HDAUDIO Soft Data Fax Modem with SmartCP
"Dorgem_is1" = Dorgem 2.1.0
"File Shredder_is1" = File Shredder 2.5
"ie8" = Windows Internet Explorer 8
"InstallShield_{099D12EC-0321-4CAC-A0CC-33D020156FCD}" = Toshiba Utility
"InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{ACA1086B-9B62-4F80-B4B9-5659395E4F25}" = Toshiba Controls Utility
"InstallShield_{F77890F3-774A-4CBE-A2E3-7BB0DC71D1FA}" = Toshiba Touchpad Utility
"IrfanView" = IrfanView (remove only)
"LAME_is1" = LAME v3.99.3 (for Windows)
"Lexmark 3600-4600 Series" = Lexmark 3600-4600 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"mIRC" = mIRC
"Mozilla Firefox 18.0 (x86 en-US)" = Mozilla Firefox 18.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"Outil de diagnostic PC" = Outil de diagnostic PC TOSHIBA
"ProInst" = Intel PROSet Wireless
"PROSet" = Intel(R) PRO Network Connections Drivers
"ScreenshotCaptor_is1" = Screenshot Captor 3.03.01
"Secunia PSI" = Secunia PSI (2.0.0.4003)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Toshiba Tbiosdrv Driver" = Toshiba Tbiosdrv Driver
"VLC media player" = VLC media player 2.0.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media 11
"Windows XP Service" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Installation Windows Live
"WinPcapInst" = WinPcap 4.1.2
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2013-01-20 14:28:49 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1002
Description = Application bloquée explorer.exe, version 6.0.2900.5512, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 2013-01-20 22:17:23 | Computer Name = TOSHIBA-29519BD | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 8.0.6001.18702, module
défaillant msxml3.dll, version 8.100.1053.0, adresse de défaillance 0x000a1465.

Error - 2013-01-21 18:17:27 | Computer Name = TOSHIBA-29519BD | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 2013-01-22 21:17:31 | Computer Name = TOSHIBA-29519BD | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 2013-01-23 17:19:40 | Computer Name = TOSHIBA-29519BD | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 2013-01-24 18:19:07 | Computer Name = TOSHIBA-29519BD | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 2013-01-25 18:23:39 | Computer Name = TOSHIBA-29519BD | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 2013-01-25 21:13:55 | Computer Name = TOSHIBA-29519BD | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 2013-01-26 09:43:17 | Computer Name = TOSHIBA-29519BD | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

Error - 2013-01-26 09:52:09 | Computer Name = TOSHIBA-29519BD | Source = PerfNet | ID = 2004
Description = Impossible d'ouvrir le Service serveur. Les données de performance
du serveur ne seront pas renvoyées. Le code d'erreur renvoyé est la donnée DWORD
0.

[ System Events ]
Error - 2013-01-24 18:19:03 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7000
Description = Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison
de l'erreur : %%1053

Error - 2013-01-24 18:19:46 | Computer Name = TOSHIBA-29519BD | Source = DCOM | ID = 10010
Description = Le serveur {4EB61BAC-A3B6-4760-9581-655041EF4D69} ne s'est pas enregistré
sur DCOM avant la fin du temps imparti.

Error - 2013-01-25 18:23:31 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
lxdxCATSCustConnectService.

Error - 2013-01-25 18:23:31 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7000
Description = Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison
de l'erreur : %%1053

Error - 2013-01-25 21:13:48 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
lxdxCATSCustConnectService.

Error - 2013-01-25 21:13:48 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7000
Description = Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison
de l'erreur : %%1053

Error - 2013-01-26 09:43:10 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
lxdxCATSCustConnectService.

Error - 2013-01-26 09:43:10 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7000
Description = Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison
de l'erreur : %%1053

Error - 2013-01-26 09:52:06 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7009
Description = Délai (30000 millisecondes) d'attente pour une connexion du service
lxdxCATSCustConnectService.

Error - 2013-01-26 09:52:06 | Computer Name = TOSHIBA-29519BD | Source = Service Control Manager | ID = 7000
Description = Le service lxdxCATSCustConnectService n'a pas pu démarrer en raison
de l'erreur : %%1053


< End of report >
 
Hi there. It all appears to be good, so we will finish up to make sure your computer is protected from malware in the future.

Clean up System Restore

Now, to get you off to a clean start, we will be creating a new Restore Point, then clearing the old ones to make sure you do not get reinfected, in case you need to "restore back."
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE

Remove tools, temp files, old Restore Points

Please run OTL
  • Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

    :files
    ipconfig /flushdns /c

    :commands
    [CREATERESTOREPOINT]
    [CLEARALLRESTOREPOINTS]
    [emptyflash]
    [emptytemp]
    [emptyjava]
    [reboot]
    Click to expand...
  • Then click the Run Fix button at the top.
  • Note: The fix for OTL sometimes hides your Desktop and Start menu so the cleanup can be completed. Do not be alerted, as this is normal.
  • It may open a log for you, but I don't need that.

To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.
  • Click the CleanUp button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.
Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

Security Check

Please download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
 
Hello, here is the security check log:

Results of screen317's Security Check version 0.99.57
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
avast! Free Antivirus
COMODO Internet Security
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Spybot - Search & Destroy
SUPERAntiSpyware
Secunia PSI (2.0.0.4003)
Malwarebytes Anti-Malware version 1.70.0.1100
CCleaner
Java(TM) 6 Update 37
Java version out of Date!
Adobe Flash Player 11.5.502.146
Adobe Reader 10.1.5 Adobe Reader out of Date!
Mozilla Firefox (18.0.1)
````````Process Check: objlist.exe by Laurent````````
Comodo Firewall cmdagent.exe
Comodo Firewall cfp.exe
Emsisoft Anti-Malware a2service.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 0%
````````````````````End of Log``````````````````````
 
Java Update!

Please download the newest version of Java from Java.com.

Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment). Please uninstall/remove each of them.

Once old versions are gone, please install the newest version.

Read more about Java exploit problems


Adobe Reader Update!

Please download the newest version of Adobe Acrobat Reader from Adobe.com

Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.


Personal Tips on Preventing Malware

See this page for more info about malware and prevention.


Any other questions before I mark this topic solved?
 
Yes I do have one last question, a software I have called Secunia PSI usually takes care of updating Java and Adobe Reader automatically and removing old versions when a scan is performed. It usually works fine however I did not perform the scan in a while. Can I update through Secunia in the future or should I always perform the update manually by removing old versions first?
 
Status
Not open for further replies.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
797
uber_beetle
uber_beetle
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
R
Solved Data Hijacking, Help Please
2
Replies
37
Views
5K
Broni
Broni

Latest posts

Back