Solved Slow computer, high CPU, got and cleaned trojan, but...

Wow, OTL scan is very fast, so it's laready done. OTL gave out two logs: OTL.txt and Extra.txt:

OTL logfile created on: 2012-02-11 17:38:41 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Toshiba\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 77,30% Memory free
4,84 Gb Paging File | 4,20 Gb Available in Paging File | 86,74% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,79 Gb Total Space | 55,05 Gb Free Space | 49,24% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA-29519BD | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-02-11 17:29:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
PRC - [2012-02-09 22:12:26 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2012-02-09 22:12:23 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2012-02-04 09:56:00 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012-01-23 22:41:59 | 003,025,112 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe
PRC - [2011-12-19 18:59:00 | 001,960,584 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
PRC - [2011-11-28 13:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-11-28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-11-23 05:27:04 | 001,052,472 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe
PRC - [2011-08-11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011-01-17 16:37:42 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011-01-17 16:37:42 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2008-04-13 21:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-01-05 17:00:06 | 001,589,248 | ---- | M] (TOSHIBA Inc.) -- C:\Program Files\TOSHIBA\Windows Utilities\Hotkey.exe
PRC - [2005-12-15 13:21:00 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe
PRC - [2005-12-05 12:37:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2005-11-28 11:41:50 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2005-11-28 11:37:52 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2005-10-05 23:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005-05-17 03:24:50 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
PRC - [2005-04-11 10:08:00 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2005-01-17 12:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2004-08-27 20:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2004-08-27 20:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe


========== Modules (No Company Name) ==========

MOD - [2012-02-11 16:00:55 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012-02-11 16:00:52 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012-02-11 13:21:35 | 001,691,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12021101\algo.dll
MOD - [2012-02-09 22:13:00 | 000,430,568 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\VipreBridge.dll
MOD - [2012-02-09 22:12:51 | 000,591,232 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll
MOD - [2012-02-09 21:58:03 | 000,508,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\thorax.aaw
MOD - [2012-02-05 12:41:50 | 000,181,616 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll
MOD - [2012-02-05 12:41:48 | 000,210,288 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll
MOD - [2012-01-07 11:19:36 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2012-01-04 22:09:49 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012-01-04 22:09:49 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2012-01-03 08:10:46 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
MOD - [2011-12-23 07:12:12 | 000,308,560 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\Vipre.dll
MOD - [2005-11-28 11:59:16 | 000,876,544 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
MOD - [2005-11-28 11:59:16 | 000,208,965 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2005-11-28 11:59:16 | 000,053,322 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
MOD - [2005-11-03 11:37:58 | 000,970,862 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2012-02-09 22:12:23 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2012-01-23 22:41:59 | 003,025,112 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2011-12-19 18:59:00 | 001,960,584 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011-11-28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011-11-23 05:27:04 | 001,052,472 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS)
SRV - [2011-08-11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2005-04-03 18:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005-01-17 12:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004-08-27 20:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2012-01-17 16:00:48 | 000,494,968 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011-12-23 07:12:10 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011-12-19 18:59:24 | 000,097,760 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2011-12-19 18:59:22 | 000,031,704 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011-11-28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-11-28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-11-28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-11-28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-11-28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011-11-28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011-11-28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011-11-02 10:13:12 | 000,051,632 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2011-07-22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011-07-12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011-05-19 13:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
DRV - [2010-10-07 07:11:38 | 006,609,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETwLx32.sys -- (NETwLx32) Pilote de carte de la série Intel(R)
DRV - [2006-01-12 10:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2005-12-28 18:20:38 | 000,561,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2005-12-04 14:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2005-11-29 14:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005-11-28 12:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005-11-07 19:12:00 | 000,997,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005-11-07 19:11:00 | 000,723,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005-11-07 19:11:00 | 000,202,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005-10-05 23:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005-10-05 23:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005-10-05 23:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005-10-05 23:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005-10-05 23:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005-10-05 23:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005-10-05 23:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005-08-25 06:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005-08-25 06:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005-06-11 00:42:00 | 000,005,504 | ---- | M] (Quanta Computer Corp) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BoiHwSetup.sys -- (BoiHwsetup)
DRV - [2005-06-01 23:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005-05-05 08:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qmofiltr.sys -- (qmofiltr)
DRV - [2003-09-18 19:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003-01-29 10:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2002-01-24 14:43:40 | 000,006,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tbiosdrv.sys -- (TBiosDrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



O1 HOSTS File: ([2012-02-11 15:58:14 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CFSServ.exe] CFSServ.exe -NoClient File not found
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [LaunchApp] launchapp File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Toshiba Hotkey Utility] C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe (TOSHIBA Inc.)
O4 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O4 - Startup: C:\Documents and Settings\Toshiba\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\__aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\NPJPI150_04.dll (Sun Microsystems, Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/...ls/en/x86/client/wuweb_site.cab?1325644805328 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1325984729437 (MUWebControl Class)
O18 - Protocol\Handler\intu-ir2011 - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) -C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-01-18 05:32:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012-02-11 17:29:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
[2012-02-11 16:33:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Toshiba\Recent
[2012-02-11 16:33:44 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012-02-11 16:12:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012-02-11 15:28:46 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012-02-11 14:02:04 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012-02-11 13:41:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012-02-11 13:41:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012-02-11 13:41:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012-02-11 13:41:02 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012-02-11 13:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012-02-11 13:38:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012-02-11 13:34:37 | 004,401,300 | R--- | C] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\ComboFix.exe
[2012-02-11 10:18:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Bureau\bootkit_remover
[2012-02-11 09:20:05 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Toshiba\Bureau\aswMBR.exe
[2012-02-09 23:03:20 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\dds.scr
[2012-02-09 21:56:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Lavasoft
[2012-02-09 20:21:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012-02-09 19:47:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Menu Démarrer\Programmes\HiJackThis
[2012-02-09 19:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012-02-09 19:43:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Application Data\GetRightToGo
[2012-02-09 19:38:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SpywareBlaster
[2012-02-08 21:05:58 | 000,000,000 | ---D | C] -- C:\VritualRoot
[2012-02-07 21:53:27 | 002,002,320 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Toshiba\Bureau\HousecallLauncher.exe
[2012-02-07 21:46:31 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Toshiba\Bureau\mbam--setup-1.60.1.1000.exe
[2012-02-05 09:45:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\Comodo
[2012-02-04 20:46:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\Temp
[2012-02-04 16:32:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Mes documents\ImpôtRapide
[2012-02-04 14:40:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\7-Zip
[2012-02-04 14:40:03 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012-02-04 12:10:06 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe
[2012-02-04 12:09:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012-02-04 09:51:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Application Data\Intuit Canada
[2012-02-04 09:51:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intuit Canada
[2012-01-30 21:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Application Data\Sonic
[2012-01-22 21:05:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Bureau\Photos décembre 2011 - Janvier 2012
[2012-01-22 21:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Bureau\Nouveau dossier
[2012-01-16 23:41:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\MetaGeek,_LLC
[2012-01-15 19:12:12 | 000,000,000 | ---D | C] -- C:\Program Files\MetaGeek
[2012-01-15 19:12:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Menu Démarrer\Programmes\MetaGeek
[2012-01-15 19:09:48 | 002,056,228 | ---- | C] (MetaGeek, LLC) -- C:\Documents and Settings\Toshiba\Bureau\inSSIDer-Installer-2.0.7.0126.exe
[2012-01-14 10:57:16 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2012-01-14 10:50:10 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2012-01-14 10:50:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2012-01-14 10:01:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Application Data\WinPatrol
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-02-11 17:29:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
[2012-02-11 16:31:18 | 000,002,465 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\inSSIDer 2.0.lnk
[2012-02-11 15:58:31 | 000,043,758 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012-02-11 15:58:14 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012-02-11 15:52:42 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012-02-11 15:51:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-02-11 15:51:31 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
[2012-02-11 14:02:30 | 000,000,456 | RHS- | M] () -- C:\BOOT.INI
[2012-02-11 13:34:39 | 004,401,300 | R--- | M] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\ComboFix.exe
[2012-02-11 12:01:10 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\MBR.dat
[2012-02-11 09:20:34 | 000,044,607 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\bootkit_remover.zip
[2012-02-11 09:20:07 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Toshiba\Bureau\aswMBR.exe
[2012-02-09 23:08:58 | 119,172,784 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\setup_11.0.0.1245.x01_2012_02_10_06_53.exe
[2012-02-09 23:03:24 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\dds.scr
[2012-02-09 22:29:35 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-02-09 21:57:44 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2012-02-09 21:57:44 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2012-02-09 21:56:59 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
[2012-02-09 19:51:43 | 000,002,451 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\HiJackThis.lnk
[2012-02-08 21:10:39 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\k9it3vi3.exe
[2012-02-08 19:01:25 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-02-08 04:16:24 | 000,302,152 | ---- | M] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\census.cache
[2012-02-08 04:15:20 | 000,175,661 | ---- | M] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\ars.cache
[2012-02-07 21:54:33 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\housecall.guid.cache
[2012-02-07 21:53:27 | 002,002,320 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Toshiba\Bureau\HousecallLauncher.exe
[2012-02-07 21:48:38 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
[2012-02-07 21:46:31 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Toshiba\Bureau\mbam--setup-1.60.1.1000.exe
[2012-02-07 18:59:09 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\restauration.reg
[2012-02-07 17:19:45 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-02-04 21:10:02 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2012-02-04 12:11:30 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2012-01-21 13:59:50 | 000,553,636 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2012-01-21 13:59:50 | 000,482,174 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-01-21 13:59:50 | 000,094,952 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2012-01-21 13:59:50 | 000,080,056 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-01-17 16:00:48 | 000,494,968 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[2012-01-15 19:09:49 | 002,056,228 | ---- | M] (MetaGeek, LLC) -- C:\Documents and Settings\Toshiba\Bureau\inSSIDer-Installer-2.0.7.0126.exe
[2012-01-14 10:57:03 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2012-01-14 10:48:00 | 012,410,880 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\Ad-Aware96Install.msi
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-02-11 14:02:29 | 000,000,340 | ---- | C] () -- C:\Boot.bak
[2012-02-11 14:02:22 | 000,263,488 | RHS- | C] () -- C:\cmldr
[2012-02-11 13:41:03 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012-02-11 13:41:03 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012-02-11 13:41:02 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012-02-11 13:41:02 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012-02-11 13:41:02 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012-02-11 12:01:10 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\MBR.dat
[2012-02-11 09:20:34 | 000,044,607 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\bootkit_remover.zip
[2012-02-09 23:07:20 | 119,172,784 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\setup_11.0.0.1245.x01_2012_02_10_06_53.exe
[2012-02-09 21:56:59 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
[2012-02-09 19:47:17 | 000,002,451 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\HiJackThis.lnk
[2012-02-08 21:10:37 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\k9it3vi3.exe
[2012-02-08 04:16:24 | 000,302,152 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\census.cache
[2012-02-08 04:15:20 | 000,175,661 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\ars.cache
[2012-02-07 21:54:33 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\housecall.guid.cache
[2012-02-07 18:59:09 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\restauration.reg
[2012-02-07 18:54:58 | 3219,312,640 | -HS- | C] () -- C:\hiberfil.sys
[2012-02-04 12:11:30 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk
[2012-02-04 12:11:30 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2012-01-17 19:03:13 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2012-01-17 19:03:13 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2012-01-15 19:12:12 | 000,002,465 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\inSSIDer 2.0.lnk
[2012-01-14 10:50:36 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012-01-14 10:47:58 | 012,410,880 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\Ad-Aware96Install.msi
[2012-01-07 22:11:56 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-01-03 20:38:44 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\fusioncache.dat
[2012-01-03 20:34:54 | 000,006,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\Tbiosdrv.sys
[2012-01-03 20:34:50 | 000,000,037 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2012-01-03 20:34:44 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006-01-19 16:40:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006-01-18 14:28:02 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006-01-18 14:28:02 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006-01-18 14:28:02 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006-01-18 14:28:02 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006-01-18 14:28:02 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006-01-18 14:28:02 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006-01-18 07:34:09 | 000,012,060 | ---- | C] () -- C:\WINDOWS\HWSetupStr.ini
[2006-01-18 07:34:09 | 000,002,226 | R--- | C] () -- C:\WINDOWS\SVPW32Str.ini
[2006-01-18 06:23:57 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006-01-18 06:22:57 | 000,134,872 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006-01-18 06:07:12 | 000,028,672 | ---- | C] () -- C:\WINDOWS\WHideCmd.exe
[2006-01-18 06:06:23 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2006-01-18 06:06:23 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2006-01-18 06:06:23 | 000,009,378 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2006-01-18 06:06:23 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2006-01-18 06:04:16 | 000,553,636 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2006-01-18 06:04:16 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2006-01-18 06:04:16 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2006-01-18 06:04:15 | 000,094,952 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2006-01-18 06:04:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006-01-18 06:03:59 | 000,482,174 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006-01-18 06:03:59 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006-01-18 06:03:59 | 000,080,056 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006-01-18 06:03:59 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006-01-18 06:03:57 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006-01-18 06:03:57 | 000,004,688 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006-01-18 06:03:56 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006-01-18 06:03:51 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006-01-18 06:03:51 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006-01-18 06:03:45 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006-01-18 06:03:39 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006-01-18 05:56:34 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006-01-18 05:52:58 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006-01-18 05:50:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2006-01-18 05:50:36 | 000,022,529 | ---- | C] () -- C:\WINDOWS\System32\ortag32.dll
[2006-01-18 05:36:37 | 000,002,368 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006-01-18 05:35:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006-01-18 05:33:29 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006-01-18 05:33:27 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-01-18 05:33:27 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-01-18 05:33:26 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-01-18 05:33:24 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-01-18 05:33:24 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006-01-18 05:33:24 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-01-18 05:33:21 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006-01-18 05:33:21 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006-01-18 05:33:20 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006-01-18 05:29:54 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005-12-16 12:35:12 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
[2005-12-08 14:56:50 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\tsbwls.dll
[2005-11-28 16:33:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

========== LOP Check ==========

[2012-01-04 23:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012-01-03 23:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CPA_VA
[2006-01-18 07:17:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\toshiba
[2012-01-04 19:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\ElevatedDiagnostics
[2012-02-09 19:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\GetRightToGo
[2012-01-07 11:20:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\OpenOffice.org
[2012-01-14 13:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\toshiba
[2012-01-14 10:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\WinPatrol
[2012-02-11 15:52:42 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2012-02-09 20:20:41 | 000,006,541 | ---- | M] () -- C:\aaw7boot.log
[2006-01-18 05:32:30 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012-01-09 21:15:13 | 000,000,340 | ---- | M] () -- C:\Boot.bak
[2012-02-11 14:02:30 | 000,000,456 | RHS- | M] () -- C:\BOOT.INI
[2004-08-05 00:00:00 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2004-08-03 23:00:08 | 000,263,488 | RHS- | M] () -- C:\cmldr
[2012-02-11 16:12:49 | 000,014,679 | ---- | M] () -- C:\ComboFix.txt
[2006-01-18 05:32:30 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2006-01-04 15:06:00 | 001,447,841 | ---- | M] () -- C:\EULA.pdf
[2012-02-11 15:51:31 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
[2006-01-18 05:32:30 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2006-01-17 21:39:26 | 000,009,173 | ---- | M] () -- C:\Lisez Moi.htm
[2003-10-20 15:36:42 | 000,000,034 | RH-- | M] () -- C:\loados.bat
[2006-01-18 05:32:30 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004-08-05 00:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2012-01-03 22:36:13 | 000,252,240 | RHS- | M] () -- C:\ntldr
[2012-02-11 15:51:13 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\Fonts\*.com >
[2006-04-18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006-06-29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006-04-18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006-06-29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006-01-18 05:31:47 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008-07-06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2008-07-06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2011-11-28 13:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2004-12-07 20:04:46 | 000,045,056 | ---- | M] (TOSHIBA) -- C:\WINDOWS\cfdemo.scr
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2006-01-18 06:15:28 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2006-01-18 06:15:28 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2006-01-18 06:15:28 | 000,430,080 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2006-01-18 05:39:15 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\Bureau.scf
[2012-01-03 22:50:53 | 000,000,107 | -HS- | M] () -- C:\Documents and Settings\Toshiba\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >
 
COntinuing OTl.txt and then Extra.txt

< %USERPROFILE%\Cookies\*.txt /x >
[2012-02-11 17:28:22 | 000,098,304 | ---- | M] () -- C:\Documents and Settings\Toshiba\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2007-06-29 11:59:14 | 000,318,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >
[2005-12-04 05:14:58 | 000,552,960 | ---- | M] (Intel Corporation) -- C:\WINDOWS\Installer\iProInst.exe
[6 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008-04-13 21:33:22 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004-08-03 19:07:10 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004-08-03 19:07:10 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008-05-02 09:01:52 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008-04-13 12:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008-04-13 21:34:13 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004-08-03 19:07:10 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2004-08-03 19:07:10 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2004-08-03 19:07:10 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004-08-03 19:07:10 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004-08-03 19:07:10 | 000,127,843 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< End of report >

OTL Extras logfile created on: 2012-02-11 17:38:41 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Toshiba\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,32 Gb Available Physical Memory | 77,30% Memory free
4,84 Gb Paging File | 4,20 Gb Available in Paging File | 86,74% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,79 Gb Total Space | 55,05 Gb Free Space | 49,24% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA-29519BD | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{099D12EC-0321-4CAC-A0CC-33D020156FCD}" = Toshiba Utility
"{0BD83598-C2EF-3343-847B-7D2E84599128}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}" = Microsoft .NET Framework 4 Client Profile FRA Language Pack
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = Assist TOSHIBA
"{133742BA-6F46-4D3E-85AF-78631D9AD8B8}" = Installation Windows Live
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0150040}" = J2SE Runtime Environment 5.0 Update 4
"{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{445B183D-F4F1-45C8-B9DB-F11355CA657B}" = Windows Live Messenger
"{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = Utilitaire de zoom TOSHIBA
"{72AD53CC-CCC0-3757-8480-9EE176866A7C}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA
"{7E0610A2-E336-40B3-B685-C4905E97EC9A}" = OpenOffice.org 3.3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8E9976D2-E563-43DE-A51F-5AEBC38D1F08}" = Ad-Aware
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9A08615A-6113-46F9-8819-5BA66B6600FD}" = Toshiba Hotkey Utility
"{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = Pilote du DVD-RAM
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Réducteur de bruit lect. CD/DVD
"{A12EA295-32EA-42BB-8442-2C2BE852D4AA}" = inSSIDer 2.0
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1036-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Français
"{ACA1086B-9B62-4F80-B4B9-5659395E4F25}" = Toshiba Controls Utility
"{B3B487E7-6171-4376-9074-B28082CEB504}" = Windows Live Call
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F77890F3-774A-4CBE-A2E3-7BB0DC71D1FA}" = Toshiba Touchpad Utility
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5047&SUBSYS_1179FF31" = HDAUDIO Soft Data Fax Modem with SmartCP
"Comodo Dragon" = Comodo Dragon
"COMODO GeekBuddy" = COMODO GeekBuddy
"ie8" = Windows Internet Explorer 8
"InstallShield_{099D12EC-0321-4CAC-A0CC-33D020156FCD}" = Toshiba Utility
"InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{ACA1086B-9B62-4F80-B4B9-5659395E4F25}" = Toshiba Controls Utility
"InstallShield_{F77890F3-774A-4CBE-A2E3-7BB0DC71D1FA}" = Toshiba Touchpad Utility
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile FRA Language Pack" = Module linguistique Microsoft .NET Framework 4 Client Profile FRA
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"Outil de diagnostic PC" = Outil de diagnostic PC TOSHIBA
"ProInst" = Logiciel Intel(R) PROSet/Wireless
"PROSet" = Intel(R) PRO Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Toshiba Tbiosdrv Driver" = Toshiba Tbiosdrv Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Lecteur Windows Media*11
"Windows XP Service" = Windows XP Service Pack*3
"WinLiveSuite_Wave3" = Installation Windows Live
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2012-02-04 20:22:43 | Computer Name = TOSHIBA-29519BD | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 2012-02-05 16:59:29 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 2012-02-05 16:59:47 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 2012-02-05 17:00:12 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 2012-02-06 00:13:09 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 2012-02-06 00:13:28 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1002
Description = Application bloquée iexplore.exe, version 8.0.6001.18702, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 2012-02-08 22:07:53 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1002
Description = Application bloquée k1qzcch4.exe, version 1.0.15.15641, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 2012-02-08 22:08:16 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1002
Description = Application bloquée k1qzcch4.exe, version 1.0.15.15641, module bloqué
hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Error - 2012-02-08 22:08:21 | Computer Name = TOSHIBA-29519BD | Source = Application Hang | ID = 1001
Description = Détecteur d'erreurs -1467729550.

Error - 2012-02-09 00:10:34 | Computer Name = TOSHIBA-29519BD | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

[ System Events ]
Error - 2012-02-10 21:35:07 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.

Error - 2012-02-10 21:35:52 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.

Error - 2012-02-10 21:40:22 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.

Error - 2012-02-10 22:23:11 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.

Error - 2012-02-11 10:40:44 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.

Error - 2012-02-11 10:41:28 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.

Error - 2012-02-11 10:41:40 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.

Error - 2012-02-11 12:56:28 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.

Error - 2012-02-11 16:44:58 | Computer Name = TOSHIBA-29519BD | Source = PlugPlayManager | ID = 11
Description = Le périphérique Root\LEGACY_PXXDQKOB\0000 a disparu du système sans
que sa suppression ait tout d'abord été préparée.

Error - 2012-02-11 17:01:41 | Computer Name = TOSHIBA-29519BD | Source = atapi | ID = 262153
Description = Le périphérique \Device\Ide\IdePort0 n'a pas répondu dans le délai
imparti.


< End of report >
 
Good news :)

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O4 - HKLM..\Run: [CFSServ.exe] CFSServ.exe -NoClient File not found

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

============================================================

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


3. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


4. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
Here is second OTL scan as requested:

OTL logfile created on: 2012-02-11 19:02:15 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Toshiba\Bureau
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C0C | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

3,00 Gb Total Physical Memory | 2,21 Gb Available Physical Memory | 73,85% Memory free
4,84 Gb Paging File | 4,09 Gb Available in Paging File | 84,51% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,79 Gb Total Space | 55,03 Gb Free Space | 49,23% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA-29519BD | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-02-11 17:29:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
PRC - [2012-02-09 22:12:26 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2012-02-09 22:12:23 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2012-02-04 09:56:00 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012-01-23 22:41:59 | 003,025,112 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe
PRC - [2011-12-19 18:59:00 | 001,960,584 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
PRC - [2011-11-28 13:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011-11-28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011-11-23 05:27:04 | 001,052,472 | ---- | M] (COMODO) -- C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe
PRC - [2011-08-11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011-01-17 16:37:42 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011-01-17 16:37:42 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2008-04-13 21:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-01-05 17:00:06 | 001,589,248 | ---- | M] (TOSHIBA Inc.) -- C:\Program Files\TOSHIBA\Windows Utilities\Hotkey.exe
PRC - [2005-12-15 13:21:00 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe
PRC - [2005-12-05 12:37:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2005-11-28 11:41:50 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2005-11-28 11:37:52 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2005-10-05 23:20:00 | 000,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005-05-17 03:24:50 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
PRC - [2005-04-11 10:08:00 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2005-01-17 12:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2004-08-27 20:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2004-08-27 20:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe


========== Modules (No Company Name) ==========

MOD - [2012-02-11 16:00:55 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012-02-11 16:00:52 | 000,063,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012-02-11 13:21:35 | 001,691,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12021101\algo.dll
MOD - [2012-02-09 22:13:00 | 000,430,568 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\VipreBridge.dll
MOD - [2012-02-09 22:12:51 | 000,591,232 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll
MOD - [2012-02-09 21:58:03 | 000,508,776 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\thorax.aaw
MOD - [2012-02-05 12:41:50 | 000,181,616 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll
MOD - [2012-02-05 12:41:48 | 000,210,288 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll
MOD - [2012-01-07 11:19:36 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2012-01-04 22:09:49 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012-01-04 22:09:49 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2012-01-03 08:10:46 | 000,301,056 | ---- | M] () -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
MOD - [2011-12-23 07:12:12 | 000,308,560 | ---- | M] () -- C:\Program Files\Lavasoft\Ad-Aware\Vipre.dll
MOD - [2005-11-28 11:59:16 | 000,876,544 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
MOD - [2005-11-28 11:59:16 | 000,208,965 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2005-11-28 11:59:16 | 000,053,322 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
MOD - [2005-11-03 11:37:58 | 000,970,862 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2012-02-09 22:12:23 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2012-01-23 22:41:59 | 003,025,112 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2011-12-19 18:59:00 | 001,960,584 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011-11-28 13:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011-11-23 05:27:04 | 001,052,472 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\Comodo\COMODO GeekBuddy\CLPSLS.exe -- (CLPSLS)
SRV - [2011-08-11 18:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2005-04-03 18:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005-01-17 12:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004-08-27 20:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2012-01-17 16:00:48 | 000,494,968 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011-12-23 07:12:10 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011-12-19 18:59:24 | 000,097,760 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2011-12-19 18:59:22 | 000,031,704 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011-11-28 12:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011-11-28 12:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011-11-28 12:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011-11-28 12:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011-11-28 12:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011-11-28 12:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011-11-28 12:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011-11-02 10:13:12 | 000,051,632 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2011-07-22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011-07-12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011-05-19 13:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
DRV - [2010-10-07 07:11:38 | 006,609,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETwLx32.sys -- (NETwLx32) Pilote de carte de la série Intel(R)
DRV - [2006-01-12 10:21:18 | 000,031,872 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qkbfiltr.sys -- (qkbfiltr)
DRV - [2005-12-28 18:20:38 | 000,561,664 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2005-12-04 14:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel(R)
DRV - [2005-11-29 14:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005-11-28 12:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005-11-07 19:12:00 | 000,997,376 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005-11-07 19:11:00 | 000,723,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005-11-07 19:11:00 | 000,202,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005-10-05 23:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005-10-05 23:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005-10-05 23:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005-10-05 23:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005-10-05 23:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005-10-05 23:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005-10-05 23:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005-08-25 06:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005-08-25 06:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005-06-11 00:42:00 | 000,005,504 | ---- | M] (Quanta Computer Corp) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BoiHwSetup.sys -- (BoiHwsetup)
DRV - [2005-06-01 23:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005-05-05 08:27:38 | 000,007,936 | ---- | M] (Quanta Computer, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\qmofiltr.sys -- (qmofiltr)
DRV - [2003-09-18 19:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003-01-29 10:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2002-01-24 14:43:40 | 000,006,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tbiosdrv.sys -- (TBiosDrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========




IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



O1 HOSTS File: ([2012-02-11 15:58:14 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CFSServ.exe] CFSServ.exe -NoClient File not found
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [LaunchApp] launchapp File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Toshiba Hotkey Utility] C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe (TOSHIBA Inc.)
O4 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O4 - Startup: C:\Documents and Settings\Toshiba\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\##aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\NPJPI150_04.dll (Sun Microsystems, Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/...ls/en/x86/client/wuweb_site.cab?1325644805328 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1325984729437 (MUWebControl Class)
O18 - Protocol\Handler\intu-ir2011 - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) -C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Colline verdoyante.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-01-18 05:32:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012-02-11 18:25:00 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\TFC.exe
[2012-02-11 17:29:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
[2012-02-11 16:33:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Toshiba\Recent
[2012-02-11 16:33:44 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012-02-11 16:12:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012-02-11 15:28:46 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012-02-11 14:02:04 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012-02-11 13:41:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012-02-11 13:41:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012-02-11 13:41:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012-02-11 13:41:02 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012-02-11 13:39:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012-02-11 13:38:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012-02-11 13:34:37 | 004,401,300 | R--- | C] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\ComboFix.exe
[2012-02-11 10:18:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Bureau\bootkit_remover
[2012-02-11 09:20:05 | 004,733,440 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Toshiba\Bureau\aswMBR.exe
[2012-02-09 23:03:20 | 000,607,260 | R--- | C] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\dds.scr
[2012-02-09 21:56:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Lavasoft
[2012-02-09 20:21:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012-02-09 19:47:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Menu Démarrer\Programmes\HiJackThis
[2012-02-09 19:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012-02-09 19:43:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Application Data\GetRightToGo
[2012-02-09 19:38:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\SpywareBlaster
[2012-02-08 21:05:58 | 000,000,000 | ---D | C] -- C:\VritualRoot
[2012-02-07 21:53:27 | 002,002,320 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Toshiba\Bureau\HousecallLauncher.exe
[2012-02-07 21:46:31 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Toshiba\Bureau\mbam--setup-1.60.1.1000.exe
[2012-02-05 09:45:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\Comodo
[2012-02-04 20:46:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\Temp
[2012-02-04 16:32:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Mes documents\ImpôtRapide
[2012-02-04 14:40:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\7-Zip
[2012-02-04 14:40:03 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012-02-04 12:10:06 | 000,000,000 | ---D | C] -- C:\Program Files\Fichiers communs\Adobe
[2012-02-04 12:09:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2012-02-04 09:51:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Application Data\Intuit Canada
[2012-02-04 09:51:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Intuit Canada
[2012-01-30 21:55:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Application Data\Sonic
[2012-01-22 21:05:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Bureau\Photos décembre 2011 - Janvier 2012
[2012-01-22 21:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Bureau\Nouveau dossier
[2012-01-16 23:41:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\MetaGeek,_LLC
[2012-01-15 19:12:12 | 000,000,000 | ---D | C] -- C:\Program Files\MetaGeek
[2012-01-15 19:12:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Menu Démarrer\Programmes\MetaGeek
[2012-01-15 19:09:48 | 002,056,228 | ---- | C] (MetaGeek, LLC) -- C:\Documents and Settings\Toshiba\Bureau\inSSIDer-Installer-2.0.7.0126.exe
[2012-01-14 10:57:16 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2012-01-14 10:50:10 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2012-01-14 10:50:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2012-01-14 10:01:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Toshiba\Application Data\WinPatrol
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-02-11 18:25:09 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\TFC.exe
[2012-02-11 18:24:49 | 000,336,319 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\FSS.exe
[2012-02-11 18:24:28 | 000,869,194 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\SecurityCheck.exe
[2012-02-11 17:29:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Toshiba\Bureau\OTL.exe
[2012-02-11 16:31:18 | 000,002,465 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\inSSIDer 2.0.lnk
[2012-02-11 15:58:31 | 000,043,758 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012-02-11 15:58:14 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012-02-11 15:52:42 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012-02-11 15:51:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012-02-11 15:51:31 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
[2012-02-11 14:02:30 | 000,000,456 | RHS- | M] () -- C:\BOOT.INI
[2012-02-11 13:34:39 | 004,401,300 | R--- | M] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\ComboFix.exe
[2012-02-11 12:01:10 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\MBR.dat
[2012-02-11 09:20:34 | 000,044,607 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\bootkit_remover.zip
[2012-02-11 09:20:07 | 004,733,440 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Toshiba\Bureau\aswMBR.exe
[2012-02-09 23:08:58 | 119,172,784 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\setup_11.0.0.1245.x01_2012_02_10_06_53.exe
[2012-02-09 23:03:24 | 000,607,260 | R--- | M] (Swearware) -- C:\Documents and Settings\Toshiba\Bureau\dds.scr
[2012-02-09 22:29:35 | 000,003,120 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012-02-09 21:57:44 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2012-02-09 21:57:44 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2012-02-09 21:56:59 | 000,000,808 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
[2012-02-09 19:51:43 | 000,002,451 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\HiJackThis.lnk
[2012-02-08 21:10:39 | 000,302,592 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\k9it3vi3.exe
[2012-02-08 19:01:25 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012-02-08 04:16:24 | 000,302,152 | ---- | M] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\census.cache
[2012-02-08 04:15:20 | 000,175,661 | ---- | M] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\ars.cache
[2012-02-07 21:54:33 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\housecall.guid.cache
[2012-02-07 21:53:27 | 002,002,320 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Toshiba\Bureau\HousecallLauncher.exe
[2012-02-07 21:48:38 | 000,000,795 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Malwarebytes Anti-Malware.lnk
[2012-02-07 21:46:31 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Toshiba\Bureau\mbam--setup-1.60.1.1000.exe
[2012-02-07 18:59:09 | 000,000,661 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\restauration.reg
[2012-02-07 17:19:45 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012-02-04 21:10:02 | 000,000,693 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\CCleaner.lnk
[2012-02-04 12:11:30 | 000,001,745 | ---- | M] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2012-01-21 13:59:50 | 000,553,636 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2012-01-21 13:59:50 | 000,482,174 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012-01-21 13:59:50 | 000,094,952 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2012-01-21 13:59:50 | 000,080,056 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012-01-17 16:00:48 | 000,494,968 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[2012-01-15 19:09:49 | 002,056,228 | ---- | M] (MetaGeek, LLC) -- C:\Documents and Settings\Toshiba\Bureau\inSSIDer-Installer-2.0.7.0126.exe
[2012-01-14 10:57:03 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2012-01-14 10:48:00 | 012,410,880 | ---- | M] () -- C:\Documents and Settings\Toshiba\Bureau\Ad-Aware96Install.msi
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-02-11 18:24:47 | 000,336,319 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\FSS.exe
[2012-02-11 18:24:19 | 000,869,194 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\SecurityCheck.exe
[2012-02-11 14:02:29 | 000,000,340 | ---- | C] () -- C:\Boot.bak
[2012-02-11 14:02:22 | 000,263,488 | RHS- | C] () -- C:\cmldr
[2012-02-11 13:41:03 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012-02-11 13:41:03 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012-02-11 13:41:02 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012-02-11 13:41:02 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012-02-11 13:41:02 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012-02-11 12:01:10 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\MBR.dat
[2012-02-11 09:20:34 | 000,044,607 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\bootkit_remover.zip
[2012-02-09 23:07:20 | 119,172,784 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\setup_11.0.0.1245.x01_2012_02_10_06_53.exe
[2012-02-09 21:56:59 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
[2012-02-09 19:47:17 | 000,002,451 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\HiJackThis.lnk
[2012-02-08 21:10:37 | 000,302,592 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\k9it3vi3.exe
[2012-02-08 04:16:24 | 000,302,152 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\census.cache
[2012-02-08 04:15:20 | 000,175,661 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\ars.cache
[2012-02-07 21:54:33 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\housecall.guid.cache
[2012-02-07 18:59:09 | 000,000,661 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\restauration.reg
[2012-02-07 18:54:58 | 3219,312,640 | -HS- | C] () -- C:\hiberfil.sys
[2012-02-04 12:11:30 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk
[2012-02-04 12:11:30 | 000,001,745 | ---- | C] () -- C:\Documents and Settings\All Users\Bureau\Adobe Reader X.lnk
[2012-01-17 19:03:13 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2012-01-17 19:03:13 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2012-01-15 19:12:12 | 000,002,465 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\inSSIDer 2.0.lnk
[2012-01-14 10:50:36 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012-01-14 10:47:58 | 012,410,880 | ---- | C] () -- C:\Documents and Settings\Toshiba\Bureau\Ad-Aware96Install.msi
[2012-01-07 22:11:56 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-01-03 20:38:44 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Toshiba\Local Settings\Application Data\fusioncache.dat
[2012-01-03 20:34:54 | 000,006,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\Tbiosdrv.sys
[2012-01-03 20:34:50 | 000,000,037 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2012-01-03 20:34:44 | 000,000,385 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006-01-19 16:40:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006-01-18 14:28:02 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006-01-18 14:28:02 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006-01-18 14:28:02 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006-01-18 14:28:02 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006-01-18 14:28:02 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006-01-18 14:28:02 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006-01-18 07:34:09 | 000,012,060 | ---- | C] () -- C:\WINDOWS\HWSetupStr.ini
[2006-01-18 07:34:09 | 000,002,226 | R--- | C] () -- C:\WINDOWS\SVPW32Str.ini
[2006-01-18 06:23:57 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006-01-18 06:22:57 | 000,134,872 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006-01-18 06:07:12 | 000,028,672 | ---- | C] () -- C:\WINDOWS\WHideCmd.exe
[2006-01-18 06:06:23 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2006-01-18 06:06:23 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2006-01-18 06:06:23 | 000,009,378 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2006-01-18 06:06:23 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2006-01-18 06:04:16 | 000,553,636 | ---- | C] () -- C:\WINDOWS\System32\perfh00C.dat
[2006-01-18 06:04:16 | 000,322,810 | ---- | C] () -- C:\WINDOWS\System32\perfi00C.dat
[2006-01-18 06:04:16 | 000,034,108 | ---- | C] () -- C:\WINDOWS\System32\perfd00C.dat
[2006-01-18 06:04:15 | 000,094,952 | ---- | C] () -- C:\WINDOWS\System32\perfc00C.dat
[2006-01-18 06:04:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006-01-18 06:03:59 | 000,482,174 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006-01-18 06:03:59 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006-01-18 06:03:59 | 000,080,056 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006-01-18 06:03:59 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006-01-18 06:03:57 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006-01-18 06:03:57 | 000,004,688 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006-01-18 06:03:56 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006-01-18 06:03:51 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006-01-18 06:03:51 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006-01-18 06:03:45 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006-01-18 06:03:39 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006-01-18 05:56:34 | 000,000,829 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006-01-18 05:52:58 | 000,000,222 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006-01-18 05:50:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2006-01-18 05:50:36 | 000,022,529 | ---- | C] () -- C:\WINDOWS\System32\ortag32.dll
[2006-01-18 05:36:37 | 000,002,368 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006-01-18 05:35:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006-01-18 05:33:29 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006-01-18 05:33:27 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006-01-18 05:33:27 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006-01-18 05:33:26 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006-01-18 05:33:24 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006-01-18 05:33:24 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006-01-18 05:33:24 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006-01-18 05:33:21 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006-01-18 05:33:21 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006-01-18 05:33:20 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006-01-18 05:29:54 | 000,021,892 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005-12-16 12:35:12 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
[2005-12-08 14:56:50 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\tsbwls.dll
[2005-11-28 16:33:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini

========== LOP Check ==========

[2012-01-04 19:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\ElevatedDiagnostics
[2012-02-09 19:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\GetRightToGo
[2012-01-07 11:20:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\OpenOffice.org
[2012-01-14 13:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\toshiba
[2012-01-14 10:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Toshiba\Application Data\WinPatrol
[2012-01-04 23:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012-01-03 23:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CPA_VA
[2006-01-18 07:17:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\toshiba
[2012-02-11 15:52:42 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========



========== Custom Scans ==========


< :OTL >

< O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. >

< O3 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. >

< O3 - HKU\S-1-5-21-2094576669-3068703796-1105417404-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. >

< O4 - HKLM..\Run: [CFSServ.exe] CFSServ.exe -NoClient File not found >

< >

< :Commands >

< [purity] >

< [emptytemp] >

< [emptyjava] >

< [emptyflash] >

< [Reboot] >

< End of report >
 
Security Check scan as requested:

Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
avast! Free Antivirus
COMODO Internet Security
```````````````````````````````
Anti-malware/Other Utilities Check:
Ad-Aware
Spybot - Search & Destroy
SUPERAntiSpyware
CCleaner
Adobe Reader X (10.1.2)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Ad-Aware AAWService.exe
Ad-Aware AAWTray.exe
Comodo Firewall cmdagent.exe
Emsisoft Anti-Malware a2service.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastUI.exe
``````````End of Log````````````
 
FSS Scan as requested:

Farbar Service Scanner Version: 10-02-2012
Ran by Toshiba (administrator) on 11-02-2012 at 19:23:39
Running from "C:\Documents and Settings\Toshiba\Bureau"
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================
 
OTL log is incorrect.
You clicked on "scan" button instead of "Fix" button.
Redo after Eset.
 
OTL redone with "fix" and custom elements requested... Here is the log.

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_USERS\S-1-5-21-2094576669-3068703796-1105417404-1006\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.
Registry value HKEY_USERS\S-1-5-21-2094576669-3068703796-1105417404-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\CFSServ.exe deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 602 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Toshiba
->Temp folder emptied: 74719 bytes
->Temporary Internet Files folder emptied: 47539350 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 558 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 43928 bytes
RecycleBin emptied: 113 bytes

Total Files Cleaned = 46,00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Toshiba
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Toshiba
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 02112012_224727

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
 
Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

Code: 
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[CLEARALLRESTOREPOINTS]
[Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. (Windows XP only) Run defrag at your convenience.

11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

13. Please, let me know, how your computer is doing.
 
Hello here is the requested log from step 1.

I will complete other steps.

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Toshiba
->Temp folder emptied: 17241 bytes
->Temporary Internet Files folder emptied: 4452877 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 4,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Toshiba
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Toshiba
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.31.0 log created on 02112012_232348

Files\Folders moved on Reboot...
C:\Documents and Settings\Toshiba\Local Settings\Temporary Internet Files\Content.IE5\OK4ZFKXY\partner[2].htm moved successfully.
C:\Documents and Settings\Toshiba\Local Settings\Temporary Internet Files\Content.IE5\OK4ZFKXY\search[1].htm moved successfully.
C:\Documents and Settings\Toshiba\Local Settings\Temporary Internet Files\Content.IE5\OK4ZFKXY\showthread[1].php moved successfully.
C:\Documents and Settings\Toshiba\Local Settings\Temporary Internet Files\Content.IE5\5YF1S1BT\partner[1].htm moved successfully.
C:\Documents and Settings\Toshiba\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

Registry entries deleted on Reboot...
 
Thank you !

I believe everything is complete now.

Thank you very much for your help, I deeply deeply appreciate the advice you have given me. My computer seems much more healthy now.

Just for my own interest: what virus / rootkit / other did I have? One or two? Lots?
 
There was a trojan, which we removed through Combofix.

Way to go!!
p4193510.gif

Good luck and stay safe :)
 
Computer works great this morning, thanks to you, and thanks for the explanation also.

I think I'll have my girlfriend's computer checked next, same cpu behavior... Probably the same virus. Possible here or shall I start a new thread?
 
Hello. Tonight, my computer fell again in very high CPU. Something blocks my avast from starting at boot-up. I suspect something came back. ONly things I did since this morning was to isntall WOT and PSIsetup and follow PSIsetup recommndations about updating java and intel pro card. I did create a restore point this morning after all was fine. Even after recovering that point, avast does want to start.

Have I done something wrong ? :(
 
You may need to reinstall Avast since you used restore point.

Download Process Explorer: http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
Unzip ProcessExplorer.zip, and double click on procexp.exe to run the program.
Click on View > Select Colunms.
In addition to already pre-selected options, make sure, the Command Line is selected, and press OK.
Go File>Save As, and save the report as Procexp.txt.
Attach the file to your next reply.
 
Procexp log:

Process PID CPU Private Bytes Working Set Description Company Name Command Line
System Idle Process 0 98.44 0 K 16 K
System 4 0 K 240 K
Interrupts n/a 0.78 0 K 0 K Hardware Interrupts and DPCs
smss.exe 900 172 K 940 K Gestionnaire de session Windows NT Microsoft Corporation \SystemRoot\System32\smss.exe
csrss.exe 984 1 816 K 8 136 K Client Server Runtime Process Microsoft Corporation C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe 1028 7 124 K 1 280 K Application d'ouverture de session Windows NT Microsoft Corporation winlogon.exe
services.exe 1072 2 240 K 9 480 K Applications Services et Contrôleur Microsoft Corporation C:\WINDOWS\system32\services.exe
a2service.exe 1244 37 684 K 1 184 K Emsisoft Anti-Malware Service Emsi Software GmbH "C:\Program Files\Emsisoft Anti-Malware\a2service.exe"
CLPSLS.exe 1304 976 K 8 044 K COMODO livePCsupport Service COMODO "C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe"
svchost.exe 1424 3 500 K 30 912 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k DcomLaunch
unsecapp.exe 696 2 636 K 27 896 K WMI Microsoft Corporation C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
wmiprvse.exe 2380 2 728 K 31 824 K WMI Microsoft Corporation C:\WINDOWS\system32\wbem\wmiprvse.exe
Dot1XCfg.exe 732 4 496 K 35 224 K Intel 802.1x Server Intel Corporation C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe -Embedding
svchost.exe 1492 2 464 K 28 260 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k rpcss
cmdagent.exe 1532 37 440 K 4 684 K COMODO Internet Security COMODO "C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
svchost.exe 1560 25 320 K 78 052 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k netsvcs
EvtEng.exe 1640 3 756 K 33 388 K Intel(R) PROSet/Wireless Event Log Intel Corporation "C:\Program Files\Intel\Wireless\Bin\EvtEng.exe"
S24EvMon.exe 1732 3 316 K 28 564 K Wireless Management Service Intel Corporation "C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe"
svchost.exe 1908 1 824 K 23 048 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k NetworkService
svchost.exe 168 5 080 K 29 976 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k LocalService
AAWService.exe 284 67 340 K 89 128 K Ad-Aware Service Application Lavasoft Limited "C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe"
AAWTray.exe 2648 3 400 K 22 764 K Ad-Aware Tray Application Lavasoft Limited "C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe"
spoolsv.exe 452 3 672 K 29 920 K Spooler SubSystem App Microsoft Corporation C:\WINDOWS\system32\spoolsv.exe
svchost.exe 908 1 848 K 29 368 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k LocalService
SASCore.exe 1396 1 116 K 18 240 K Core Service SUPERAntiSpyware.com "C:\Program Files\SUPERAntiSpyware\SASCORE.EXE"
CFSvcs.exe 1448 2 072 K 27 144 K Service of ConfigFree. TOSHIBA CORPORATION "C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe"
DVDRAMSV.exe 1620 988 K 6 900 K DVD-RAM Utility Helper Service Matsushita Electric Industrial Co., Ltd. C:\WINDOWS\system32\DVDRAMSV.exe
nvsvc32.exe 1696 3 836 K 19 880 K NVIDIA Driver Helper Service, Version 83.20 NVIDIA Corporation C:\WINDOWS\system32\nvsvc32.exe
RegSrvc.exe 1768 1 360 K 24 504 K Intel(R) PROSet/Wireless Registry Service Intel Corporation "C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe"
svchost.exe 1844 2 908 K 29 232 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k imgsvc
alg.exe 2364 1 628 K 26 808 K Application Layer Gateway Service Microsoft Corporation C:\WINDOWS\System32\alg.exe
svchost.exe 3988 2 048 K 26 140 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k HTTPFilter
lsass.exe 1084 4 436 K 30 228 K LSA Shell (Export Version) Microsoft Corporation C:\WINDOWS\system32\lsass.exe
explorer.exe 200 0.78 23 508 K 19 400 K Explorateur Windows Microsoft Corporation C:\WINDOWS\Explorer.EXE
DLACTRLW.EXE 2940 1 720 K 25 752 K Drive Letter Access Component Sonic Solutions "C:\WINDOWS\System32\DLA\DLACTRLW.EXE"
SmoothView.exe 2948 1 080 K 18 240 K SmoothView TOSHIBA Corporation "C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe"
Hotkey.exe 2956 5 600 K 38 524 K TOSHIBA Hotkey Filter Application TOSHIBA Inc. "C:\Program Files\Toshiba\Windows Utilities\Hotkey.exe" /lang FR
SynTPEnh.exe 2964 2 328 K 23 468 K Synaptics TouchPad Enhancements Synaptics, Inc. "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
Toshiba.exe 3332 1 576 K 21 120 K Toshiba Custom PlugIn Application Synaptics, Inc. "C:\Program Files\Synaptics\SynTP\Toshiba" /RegPlugIn
ZCfgSvc.exe 2992 2 900 K 34 140 K ZeroCfgSvc MFC Application Intel Corporation "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
iFrmewrk.exe 3000 5 700 K 42 304 K Intel Framework MFC Application Intel Corporation "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
cfp.exe 3008 17 304 K 6 288 K COMODO Internet Security COMODO "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
AvastUI.exe 3016 4 808 K 39 176 K avast! Antivirus AVAST Software "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
TOSCDSPD.exe 3032 1 132 K 18 508 K CD/DVD Drive Acoustic Silencer TOSHIBA "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe"
SUPERANTISPYWARE.EXE 3056 176 600 K 820 K SUPERAntiSpyware Application SUPERAntiSpyware.com "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
ctfmon.exe 3108 1 408 K 22 448 K CTF Loader Microsoft Corporation "C:\WINDOWS\system32\ctfmon.exe"
RAMASST.exe 3436 1 216 K 18 828 K CD Burning of Windows XP disabling tool for DVD MULTI Drive Matsushita Electric Industrial Co., Ltd. "C:\WINDOWS\system32\RAMASST.exe"
iexplore.exe 2360 13 500 K 4 668 K Internet Explorer Microsoft Corporation "C:\Program Files\internet explorer\iexplore.exe"
iexplore.exe 1516 59 196 K 66 728 K Internet Explorer Microsoft Corporation "C:\Program Files\internet explorer\iexplore.exe" SCODEF:2360 CREDAT:79873
iexplore.exe 368 46 124 K 56 072 K Internet Explorer Microsoft Corporation "C:\Program Files\internet explorer\iexplore.exe" SCODEF:2360 CREDAT:145409
procexp.exe 1520 11 860 K 17 784 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com "C:\Documents and Settings\Toshiba\Bureau\ProcessExplorer\procexp.exe"
soffice.exe 3832 12 480 K 28 364 K OpenOffice.org 3.3 OpenOffice.org "C:\Program Files\OpenOffice.org 3\program\soffice.exe" -quickstart
soffice.bin 1656 43 872 K 107 676 K OpenOffice.org 3.3 OpenOffice.org "C:\Program Files\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files\\OpenOffice.org 3\\program"
 
I don't see any high CPU usage.
System Idle Process (CPU NOT used) is listed at 98.44%.
 
CPU was 100% at boot-up and many minutes after, better now indeed, but avast out of order. SHould I go ahead uninstalling and installing it again?
 
Yes, reinstall it.

If you're able to catch high CPU usage with Process Explorer I'll gladly take another look.
 
You must log in or register to reply here.

Similar threads

H
Freezes after BSOD
Replies
10
Views
1K
bazz2004
B
midian182
DeepMind co-founder predicts "third wave" of AI: machines talking to machines and people
Replies
3
Views
449
Wye43
W
I
Solved Possible infection?
2
Replies
38
Views
7K
Broni
Broni

Latest posts

Back