cliffburton
-
Compteur de contenus
59 -
Inscription
-
Dernière visite
cliffburton's Achievements
Member (4/12)
0
Réputation sur la communauté
-
Virus ramnit et autres infections
cliffburton a répondu à un(e) sujet de cliffburton dans Analyses et éradication malwares
Bonjour, Je me permets de relancer le sujet car je n'ai pas eu de réponse concernant le rapport Dr.Web . Je crois que mon pc va mieux mais je voudrais en être sûr. Merci d'avance et désolé pour le dérangement. -
Virus ramnit et autres infections
cliffburton a répondu à un(e) sujet de cliffburton dans Analyses et éradication malwares
D'abord merci à pear de prendre le temps de m'aider. Pour ma part c'est arrivé quand j'ai lancé une vidéo en streaming... Voici mon rapport Dr.Web : Free - Envoyez vos documents Est-ce normal qu'il soit si lourd (46 Mo !!) ? -
Virus ramnit et autres infections
cliffburton a posté un sujet dans Analyses et éradication malwares
Bonjour, Mon PC portable vient d'attraper un méchant virus pendant que je naviguais sur le net. Antivir l'a détecté sous le nom de Ramnit. J'ai passé immédiatement mon PC au crible avec MBAM, il a détecté une infection qu'il semble avoir supprimée, mais ce n'était pas Ramnit. J'ai sans arrêt des alertes d'Antivir pour diverses infections, et aléatoirement des demandes de Vista qui me demande l'autorisation d'exécuter command.exe, ce que je ne fais évidemment pas. Pourriez-vous s'il vous plait m'aider à nettoyer mon PC ? Voici mon rapport Hijackthis, merci d'avance. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:37:28, on 08/12/2011 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18639) Boot mode: Normal Running processes: C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Windows\SysWOW64\conime.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell | MSN R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files (x86)\Orange\Connexion Internet Orange\SearchURLHook\SearchPageURL.dll (file missing) F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.7\pdfforgeToolbarIE.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [ORAHSSSessionManager] "C:\Program Files (x86)\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" O4 - HKCU\..\Run: [bycCmudl] C:\Users\adi\AppData\Local\sskpcutu\byccmudl.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: HP Network Devices Support (HPSLPSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (file missing) O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing) -- End of file - 25749 bytes -
[Résolu] Gros ralentissements, impossible de lancer les applicati
cliffburton a répondu à un(e) sujet de cliffburton dans Analyses et éradication malwares
Apparemment tout va pour le mieux. Merci mille fois pour ton aide, même le problème de surchauffe semble être résolu ! Reste une ou erreur au démarrage propre à Vista (problème de compatibilité de pilote StarForce), mais le problème est courant, j'ai donc trouvé la solution. Voilà les deux derniers rapports : # DelFix v8.5 - Rapport créé le 28/09/2011 à 18:56:19 # Mis à jour le 25/09/11 à 11h par Xplode # Système d'exploitation : Windows Vista Home Premium Service Pack 1 (32 bits) # Nom d'utilisateur : Léa - PC-DE-LÉA (Administrateur) # Exécuté depuis : C:\Users\Léa\Desktop\delfix0.exe # Option [Recherche] ~~~~~~ Dossiers(s) ~~~~~~ Présent : C:\ZHP Présent : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP Présent : C:\Users\Léa\Desktop\RK_Quarantine Présent : C:\Program Files\Ad-Remover Présent : C:\Program Files\ZHPDiag ~~~~~~ Fichier(s) ~~~~~~ Présent : C:\Ad-Report-CLEAN[1].txt Présent : C:\PhysicalDisk0_MBR.bin Présent : C:\Users\Léa\Desktop\AD-R.exe Présent : C:\Users\Léa\Desktop\Ad-Remover.lnk Présent : C:\Users\Léa\Desktop\Ad-Report-CLEAN[1].txt Présent : C:\Users\Léa\Desktop\HiJackThis.exe Présent : C:\Users\Léa\Desktop\hijackthis.log Présent : C:\Users\Léa\Desktop\RKreport[1].txt Présent : C:\Users\Léa\Desktop\RKreport[2].txt Présent : C:\Users\Léa\Desktop\RogueKiller.exe Présent : C:\Users\Léa\Desktop\TFC.exe Présent : C:\Users\Léa\Desktop\ZHPDiag.txt Présent : C:\Users\Léa\Desktop\ZHPFixReport.txt Présent : C:\Users\Public\Desktop\ZHPDiag.lnk Présent : C:\Users\Public\Desktop\ZHPFix.lnk Présent : C:\Users\Public\Desktop\MBRCheck.lnk ~~~~~~ Registre ~~~~~~ Clé Présente : HKCU\Software\Ad-Remover Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Remover Clé Présente : HKLM\SOFTWARE\OldTimer Tools Clé Présente : HKLM\SOFTWARE\TrendMicro\Hijackthis Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hijackthis Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe ~~~~~~ Autres ~~~~~~ ************************* DelFix[R1].txt - [1876 octets] - [28/09/2011 18:56:19] ########## EOF - C:\DelFix[R1].txt - [2000 octets] ########## # DelFix v8.5 - Rapport créé le 28/09/2011 à 18:58:39 # Mis à jour le 25/09/11 à 11h par Xplode # Système d'exploitation : Windows Vista Home Premium Service Pack 1 (32 bits) # Nom d'utilisateur : Léa - PC-DE-LÉA (Administrateur) # Exécuté depuis : C:\Users\Léa\Desktop\delfix0.exe # Option [suppression] ~~~~~~ Dossiers(s) ~~~~~~ Supprimé : C:\ZHP Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP Supprimé : C:\Users\Léa\Desktop\RK_Quarantine Supprimé : C:\Program Files\Ad-Remover Supprimé : C:\Program Files\ZHPDiag ~~~~~~ Fichier(s) ~~~~~~ Supprimé : C:\Ad-Report-CLEAN[1].txt Supprimé : C:\PhysicalDisk0_MBR.bin Supprimé : C:\Users\Léa\Desktop\AD-R.exe Supprimé : C:\Users\Léa\Desktop\Ad-Remover.lnk Supprimé : C:\Users\Léa\Desktop\Ad-Report-CLEAN[1].txt Supprimé : C:\Users\Léa\Desktop\HiJackThis.exe Supprimé : C:\Users\Léa\Desktop\hijackthis.log Supprimé : C:\Users\Léa\Desktop\RKreport[1].txt Supprimé : C:\Users\Léa\Desktop\RKreport[2].txt Supprimé : C:\Users\Léa\Desktop\RogueKiller.exe Supprimé : C:\Users\Léa\Desktop\TFC.exe Supprimé : C:\Users\Léa\Desktop\ZHPDiag.txt Supprimé : C:\Users\Léa\Desktop\ZHPFixReport.txt Supprimé : C:\Users\Public\Desktop\ZHPDiag.lnk Supprimé : C:\Users\Public\Desktop\ZHPFix.lnk Supprimé : C:\Users\Public\Desktop\MBRCheck.lnk ~~~~~~ Registre ~~~~~~ Clé Supprimée : HKCU\Software\Ad-Remover Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Remover Clé Supprimée : HKLM\SOFTWARE\OldTimer Tools Clé Supprimée : HKLM\SOFTWARE\TrendMicro\Hijackthis Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hijackthis Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\HijackThis.exe ~~~~~~ Autres ~~~~~~ -> Prefetch Vidé ************************* DelFix[R1].txt - [1997 octets] - [28/09/2011 18:56:19] DelFix[s1].txt - [1980 octets] - [28/09/2011 18:58:39] ########## EOF - C:\DelFix[s1].txt - [2104 octets] ########## Bonne soirée et merci encore -
[Résolu] Gros ralentissements, impossible de lancer les applicati
cliffburton a répondu à un(e) sujet de cliffburton dans Analyses et éradication malwares
J'ai tout suivi à la lettre, mais ça ne marche toujours pas. Cela dit ma soeur affirme qu'Internet marche très bien chez elle (en wifi, comme chez moi), je ne vais donc pas t'embêter plus longtemps là-dessus. Le son marche à nouveau. Pour le reste, ça te paraît ok ? -
[Résolu] Gros ralentissements, impossible de lancer les applicati
cliffburton a répondu à un(e) sujet de cliffburton dans Analyses et éradication malwares
Bonsoir, Je ne peux toujours pas me connecter. Le problème exact est le suivant : un message me confirme que la connexion est réussie, mais lorsque je lance un navigateur (mozilla ou IE), il est indiqué "adresse introuvable". Voici toujours le rapport ZHPFix : Rapport de ZHPFix 1.12.3362 par Nicolas Coolman, Update du 23/09/2011 Fichier d'export Registre : Run by Léa at 27/09/2011 20:13:49 Windows Vista Home Premium Edition, 32-bit Service Pack 1 (Build 6001) Web site : ZHPFix Fix de rapport ========== Logiciel(s) ========== SUPPRIME O42 - Logiciel: LiveUpdate Notice (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- {DBA4DB9D-EE51-4944-A419-98AB1F1249C8} ABSENT Uninstall Process: c:\progra~1\mybaby~1\unwise.exe ========== Clé(s) du Registre ========== SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\myBabylon_English Toolbar] SUPPRIME Key: Service: CLTNetCnService ABSENT Key: Service: LiveUpdate Notice Ex ABSENT Key: Service: LiveUpdate Notice ServiceFSvc.exe ABSENT Key: HKCU\Software\Symantec SUPPRIME Key: HKLM\Software\Norton SUPPRIME Key: HKLM\Software\Symantec ABSENT Key: Service Legacy: LEGACY_EECTRL ABSENT Key: Service Legacy: LEGACY_ERASERUTILREBOOTDRV ABSENT Key: Service: CLTNetCnService ABSENT Key: Service: LiveUpdate Notice Service ========== Valeur(s) du Registre ========== SUPPRIME RunValue: Acer Tour ABSENT RunValue: Symantec PIF AlertEng SUPPRIME RunValue: Acer Tour Reminder ========== Dossier(s) ========== SUPPRIME Folder: C:\Program Files\Common Files\Symantec Shared SUPPRIME Folder: C:\ProgramData\Norton SUPPRIME Folder: C:\ProgramData\Symantec SUPPRIME Temporaires Windows: : 5 SUPPRIME Flash Cookies: 0 ========== Fichier(s) ========== ABSENT Folder/File: c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe ABSENT File: c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exeteng.dll ABSENT File: c:\program files\common files\symantec shared\ccsvchst.exe ABSENT File: c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe ABSENT File: c:\users\all users\symantec\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pollmanager\pollmanager_job.dat ABSENT File: c:\users\all users\symantec\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pollmanager\pollmanager_current.dat ABSENT File: c:\users\all users\symantec\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pepcollectors\pep2_{bc8d3eaf-f864-4d4b-ab4d-b3d0c32e2840}.dat ABSENT File: c:\users\all users\symantec\liveupdate\product.inventory.liveupdate ABSENT File: c:\users\all users\symantec\liveupdate\settings.liveupdate SUPPRIME Temporaires Windows: : 5 SUPPRIME Flash Cookies: 0 ========== Récapitulatif ========== 11 : Clé(s) du Registre 3 : Valeur(s) du Registre 5 : Dossier(s) 11 : Fichier(s) 2 : Logiciel(s) End of clean in 00mn 46s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 26/09/2011 12:32:34 [4393] C:\ZHP\ZHPFix[R2].txt - 27/09/2011 20:13:49 [2834] -
[Résolu] Gros ralentissements, impossible de lancer les applicati
cliffburton a répondu à un(e) sujet de cliffburton dans Analyses et éradication malwares
Je ne voudrais pas mettre la charrue avant les boeufs, mais j'ai aussi un problème de connexion, il m'est impossible de me connecter à Internet. Cela dit je ne suis pas sûr que ce soit lié au reste. Si tu as également une idée sur la question... -
[Résolu] Gros ralentissements, impossible de lancer les applicati
cliffburton a répondu à un(e) sujet de cliffburton dans Analyses et éradication malwares
voilà la lien pour le rapport ZHP : Lien CJoint.com 0IAwG33fAP0 et voilà le rapport rogueKiller : RogueKiller V6.1.0 [22/09/2011] par Tigzy contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT) mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/34) Systeme d'exploitation: Windows Vista (6.0.6001 Service Pack 1) 32 bits version Demarrage : Mode normal Utilisateur: Léa [Droits d'admin] Mode: Suppression -- Date : 26/09/2011 22:08:22 Processus malicieux: 0 Entrees de registre: 4 [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) [HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0) [HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0) Fichiers / Dossiers particuliers: Driver: [LOADED] SSDT[358] : NtWriteVirtualMemory @ 0x82A16723 -> HOOKED (Unknown @ 0xA1AF6092) SSDT[334] : NtTerminateProcess @ 0x82A31519 -> HOOKED (Unknown @ 0xA1AF6097) SSDT[324] : NtSetValueKey @ 0x829E4477 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA91706) SSDT[301] : NtSetInformationFile @ 0x82A41179 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA87042) SSDT[280] : NtRestoreKey @ 0x82A61762 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA92650) SSDT[276] : NtRequestWaitReplyPort @ 0x82A35F21 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA88FF0) SSDT[268] : NtReplaceKey @ 0x82A627AA -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA92246) SSDT[267] : NtRenameKey @ 0x82A63137 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA92810) SSDT[201] : NtOpenThread @ 0x82A357E1 -> HOOKED (Unknown @ 0xA1AF608D) SSDT[194] : NtOpenProcess @ 0x829E0AEC -> HOOKED (Unknown @ 0xA1AF6088) SSDT[186] : NtOpenFile @ 0x82A39C78 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA86CEC) SSDT[166] : NtLoadKey @ 0x829A3B4C -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA91E34) SSDT[126] : NtDeleteValueKey @ 0x829BC6E4 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA91A00) SSDT[123] : NtDeleteKey @ 0x829C33BC -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA91C84) SSDT[122] : NtDeleteFile @ 0x8297E433 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA86E54) SSDT[115] : NtCreateWaitablePort @ 0x8296E643 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA89ACE) SSDT[78] : NtCreateThread @ 0x82AA0676 -> HOOKED (Unknown @ 0xA1AF609C) SSDT[71] : NtCreatePort @ 0x8298BC48 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA89A3E) SSDT[64] : NtCreateKey @ 0x829E4425 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA91388) SSDT[60] : NtCreateFile @ 0x82A2C5B6 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA86974) SSDT[54] : NtConnectPort @ 0x82A4A813 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA89366) SSDT[21] : NtAlpcConnectPort @ 0x829DA4D1 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA89706) Fichier HOSTS: ::1 localhost Termine : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt -
[Résolu] Gros ralentissements, impossible de lancer les applicati
cliffburton a répondu à un(e) sujet de cliffburton dans Analyses et éradication malwares
Voici le rapport de RogueKiller : RogueKiller V6.1.0 [22/09/2011] par Tigzy contact sur Forum Sciences / Forum Informatique - Sur la Toile (SLT) mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/34) Systeme d'exploitation: Windows Vista (6.0.6001 Service Pack 1) 32 bits version Demarrage : Mode normal Utilisateur: Léa [Droits d'admin] Mode: Recherche -- Date : 26/09/2011 20:21:39 Processus malicieux: 0 Entrees de registre: 4 [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND [HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND Fichiers / Dossiers particuliers: Driver: [LOADED] SSDT[358] : NtWriteVirtualMemory @ 0x82A16723 -> HOOKED (Unknown @ 0xA1AF6092) SSDT[334] : NtTerminateProcess @ 0x82A31519 -> HOOKED (Unknown @ 0xA1AF6097) SSDT[324] : NtSetValueKey @ 0x829E4477 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA91706) SSDT[301] : NtSetInformationFile @ 0x82A41179 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA87042) SSDT[280] : NtRestoreKey @ 0x82A61762 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA92650) SSDT[276] : NtRequestWaitReplyPort @ 0x82A35F21 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA88FF0) SSDT[268] : NtReplaceKey @ 0x82A627AA -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA92246) SSDT[267] : NtRenameKey @ 0x82A63137 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA92810) SSDT[201] : NtOpenThread @ 0x82A357E1 -> HOOKED (Unknown @ 0xA1AF608D) SSDT[194] : NtOpenProcess @ 0x829E0AEC -> HOOKED (Unknown @ 0xA1AF6088) SSDT[186] : NtOpenFile @ 0x82A39C78 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA86CEC) SSDT[166] : NtLoadKey @ 0x829A3B4C -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA91E34) SSDT[126] : NtDeleteValueKey @ 0x829BC6E4 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA91A00) SSDT[123] : NtDeleteKey @ 0x829C33BC -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA91C84) SSDT[122] : NtDeleteFile @ 0x8297E433 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA86E54) SSDT[115] : NtCreateWaitablePort @ 0x8296E643 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA89ACE) SSDT[78] : NtCreateThread @ 0x82AA0676 -> HOOKED (Unknown @ 0xA1AF609C) SSDT[71] : NtCreatePort @ 0x8298BC48 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA89A3E) SSDT[64] : NtCreateKey @ 0x829E4425 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA91388) SSDT[60] : NtCreateFile @ 0x82A2C5B6 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA86974) SSDT[54] : NtConnectPort @ 0x82A4A813 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA89366) SSDT[21] : NtAlpcConnectPort @ 0x829DA4D1 -> HOOKED (\SystemRoot\system32\DRIVERS\vsdatant.sys @ 0x8EA89706) Fichier HOSTS: ::1 localhost Termine : << RKreport[1].txt >> RKreport[1].txt -
[Résolu] Gros ralentissements, impossible de lancer les applicati
cliffburton a répondu à un(e) sujet de cliffburton dans Analyses et éradication malwares
Il se porte déjà mieux... Déjà plus rapide au démarrage et dans l'éxécution des programmes. Mais je n'ai toujours pas de son (problème d'incompatibilité du pilote, d'après le message au démarrage). Et de toute façon il me restera à voir quels programmes peuvent être désinstallés car c'est un vrai bazar. J'execute Roguekiller dans quelques minutes... -
[Résolu] Gros ralentissements, impossible de lancer les applicati
cliffburton a répondu à un(e) sujet de cliffburton dans Analyses et éradication malwares
J'ai effectué toutes ces opérations. Il ne reste qu'Antivir, Norton est désinstallé. Pour TFC, le chiffre en rouge est 1109 Le rapport ZHPFix ci-dessous : Rapport de ZHPFix 1.12.3362 par Nicolas Coolman, Update du 23/09/2011 Fichier d'export Registre : Run by Léa at 26/09/2011 13:32:34 Windows Vista Home Premium Edition, 32-bit Service Pack 1 (Build 6001) Web site : ZHPFix Fix de rapport ========== Module(s) mémoire ========== SUPPRIME Memory Module: C:\Users\Léa\AppData\Local\idezuculenelana.dll ========== Clé(s) du Registre ========== SUPPRIME Key: CLSID BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} SUPPRIME Key: CLSID BHO: {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} SUPPRIME Key: Menu Contextuel: Compare Prices with &Dealio SUPPRIME Key: HKLM\Software\mcafeeupdater SUPPRIME CLSID MPSK: {2fa55ff8-5e34-11dd-bdeb-c74b1aea5ebc} SUPPRIME CLSID MPSK: {a8c7d587-2ab0-11de-a32c-fca13fc7ee89} SUPPRIME Key: HKLM\Software\Classes\TypeLib\{21234BEA-125E-40DB-95EA-6B322E21F59B} SUPPRIME Key: HKLM\Software\Classes\Interface\{3EDDA953-1C3B-4823-8F25-D075FBB2D2B5} SUPPRIME Key: HKLM\Software\Classes\TypeLib\{4C1E5902-FE99-4591-8582-2A2605462857} SUPPRIME Key: HKLM\Software\Classes\CLSID\{5C00A371-2011-4AF3-97C8-6CE66AA744CB} SUPPRIME Key: HKLM\Software\Classes\Interface\{5F5A840B-359D-46F2-81BF-52470CE866A2} SUPPRIME Key: HKLM\Software\Classes\CLSID\{9F038672-0425-4792-BC9C-36DE3308E8AA} SUPPRIME Key: HKLM\Software\Classes\Interface\{B67A4CBA-520A-43DB-B03F-414E539F90EC} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} SUPPRIME Key: HKLM\Software\Classes\CLSID\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e908b145-c847-4e85-b315-07e2e70decf8} SUPPRIME Key: HKLM\Software\Classes\Interface\{F9C4F914-CB58-4272-8A3F-F732A1D1E91D} SUPPRIME Key: HKLM\Software\Classes\Installer\Features\C8465016C3C0D184C811F194256DBF35 ABSENT Key: HKCU\Software\Microsoft\Internet Explorer\MenuExt\compare prices with &dealio ========== Valeur(s) du Registre ========== SUPPRIME URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} SUPPRIME MWPE Value: HideSCAHealth ABSENT Valeur Standard Profile: FirewallRaz : ABSENT Valeur Domain Profile: FirewallRaz : SUPPRIME FirewallRaz (Private) : TCP Query User{226ADF5F-E887-4EFC-922A-AAD423B56667}C:\program files\konami\pro evolution soccer 2009\pes2009.exe SUPPRIME FirewallRaz (Private) : UDP Query User{FB36B07F-BAA0-45EF-88D3-0F5A0295A633}C:\program files\konami\pro evolution soccer 2009\pes2009.exe SUPPRIME FirewallRaz (Public) : TCP Query User{2D07681B-F47F-430F-B7B5-47186E15C2A3}D:\electronic arts\eadm\core.exe SUPPRIME FirewallRaz (Public) : UDP Query User{8994FFED-53F3-47BD-A15B-2E4520831747}D:\electronic arts\eadm\core.exe SUPPRIME FirewallRaz (None) : {3E3E0BC8-8DFB-43A2-8108-5721FE7470B4} ========== Elément(s) de donnée du Registre ========== REMPLACE Value UacDisableNotify : Good (0) - Bad (1) ========== Dossier(s) ========== SUPPRIME Folder: C:\Program Files\Babylon SUPPRIME Folder: C:\ProgramData\McAfee SUPPRIME Folder: C:\Users\Léa\AppData\Local\{36A0949C-2D38-4B3D-A73A-1C046E99DD3C} SUPPRIME Temporaires Windows: : 72 SUPPRIME Flash Cookies: 0 ========== Fichier(s) ========== SUPPRIME File: c:\windows\system32\activetoolband.dll SUPPRIME File: c:\users\léa\desktop\corbeille.lnk ABSENT File: c:\users\léa\appdata\locallow\dealio\kb127\res\dealiosearch.html SUPPRIME File: c:\windows\tasks\{28c185e6-41d2-4a01-b91d-09564f7505c4}.job SUPPRIME File: c:\windows\tasks\{8f14964c-7533-4930-a836-08b6f6df7ada}.job SUPPRIME File: c:\windows\tasks\{fa0665fa-7d68-4553-9f14-3652c133945d}.job SUPPRIME File: c:\users\léa\appdata\local\assembly\tmp\c4rf0l8v\networker.exe SUPPRIME File: C:\Users\Léa\AppData\Local\Dduja.bin SUPPRIME File: c:\users\léa\appdata\local\idezuculenelana.dll ABSENT Folder/File: c:\users\léa\appdata\local\temp\securityscan_release.exe SUPPRIME Temporaires Windows: : 5 SUPPRIME Flash Cookies: 0 ========== Récapitulatif ========== 1 : Module(s) mémoire 20 : Clé(s) du Registre 9 : Valeur(s) du Registre 1 : Elément(s) de donnée du Registre 5 : Dossier(s) 12 : Fichier(s) End of clean in 00mn 02s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 26/09/2011 13:32:34 [4341] -
[Résolu] Gros ralentissements, impossible de lancer les applicati
cliffburton a répondu à un(e) sujet de cliffburton dans Analyses et éradication malwares
Je viens de supprimer les éléments en quarantaine. Vraiment désolé pour les rapports... j'en tiendrai compte la prochaine fois. J'attends ton avis. Merci encore -
[Résolu] Gros ralentissements, impossible de lancer les applicati
cliffburton a répondu à un(e) sujet de cliffburton dans Analyses et éradication malwares
le rapport MalwareBytes's : Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 6385 Windows 6.0.6001 Service Pack 1 (Safe Mode) Internet Explorer 8.0.6001.19048 24/09/2011 19:35:28 mbam-log-2011-09-24 (19-35-21).txt Type d'examen: Examen complet (C:\|D:\|E:\|) Elément(s) analysé(s): 343137 Temps écoulé: 1 heure(s), 5 minute(s), 6 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 1 Fichier(s) infecté(s): 92 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Uyeferirifejela (Trojan.Agent.U) -> Value: Uyeferirifejela -> No action taken. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): c:\Recycle.Bin (Trojan.Spyeyes) -> No action taken. Fichier(s) infecté(s): c:\program files\ad-remover\quarantine\C\program files\installer\networker.exe.vir (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\01679bf5_3024cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\03b0f31b_2203cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\040929a8_cb25cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\075f4a18_b326cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\09f2c910_1707cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\0e452b44_a115cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\0e7e8996_6724cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\1043714f_760ecc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\1092e006_7727cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\136ba43e_df29cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\151f58a0_fa20cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\1e8816bb_b008cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\21e8054e_6919cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\26836773_5327cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\2ef87cb8_d412cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\31f0a06e_4b19cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\33fff149_6609cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\3a3fba80_e905cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\3fc1f31a_e7fdcb01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\3ff6995c_4b15cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\40f2c867_0b14cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\44bc776f_ef29cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\4587b551_2826cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\4d43ac71_3528cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\53fa6b2f_a710cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\545cf849_ed24cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\55de9c4a_791fcc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\576a40d8_c804cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\5b7ceeef_3607cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\5c16c231_e519cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\5db13f88_690ecc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\64857498_910ccc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\66ba3657_37fdcb01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\6ac55ff6_c705cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\6dbc3fe5_492bcc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\6e227277_8b01cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\6eb6fa09_fe0bcc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\6f5b0546_abfecb01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\70b1af5c_de07cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\70b1d819_4e0acc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\7165531f_9426cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\73eb8369_3724cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\73ebc722_c90fcc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\7bdeca25_75fecb01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\7c5837f6_9c09cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\7fa2e862_bf13cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\834232a4_76ffcb01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\84ae3f21_e60ecc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\8da179ac_480ecc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\8efbb6b7_7f15cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\8f8b4ddc_5902cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\93a142d6_330bcc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\9460c949_c816cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\96d7f23b_7714cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\9732cb44_190fcc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\9969e4ec_ea28cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\9e5eed9c_680acc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\a2398b55_0d12cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\a5bc49bb_3019cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\a5f459b1_9b0dcc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\a7b8e8f7_2c25cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\a832a7fa_49ffcb01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\b3f1748d_300ecc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\bd643261_6602cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\bd7e2951_9f22cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\bdff44ea_e60fcc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\bece27a7_8d0acc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\c399d2d0_9c0ccc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\c3a04943_ea10cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\d2f4ae5c_780dcc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\d7b83222_3508cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\d91a07f6_1328cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\dc71528d_5d15cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\dd0673c2_2d2ccc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\e072cf1d_a618cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\e2c70a12_6a18cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\e7790799_8403cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\e8de84f5_9f06cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\e916d69a_e304cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\e9f756b0_c023cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\eaadc7d0_1b22cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\edc0546f_6523cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\ef108f49_4320cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\f34b842e_8c17cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\f52a8a4b_f021cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\f7de41ad_aa29cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\f8a7903d_142ccc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\f921699d_1126cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\assembly\dl3\92JGBP2K.37E\X92GK1VL.LQA\e5fded8e\ff3ffa48_cc00cc01\networker.exe (Trojan.Agent) -> No action taken. c:\Users\Léa\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\12NAXEQ6\calc[1].exe (Heuristics.Shuriken) -> No action taken. c:\Recycle.Bin\config.bin (Trojan.Spyeyes) -> No action taken. et enfin le rapport ZHP : Rapport de ZHPDiag v1.28.1353 par Nicolas Coolman, Update du 24/09/2011 Run by Léa at 25/09/2011 21:48:07 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.19048 MFIE: Mozilla Firefox 6.0.2 v6.0.2 (Defaut) GCIE: Google Chrome ---\\ Windows Product Information Windows Vista Home Premium Edition, 32-bit Service Pack 1 (Build 6001) Windows Server License Manager Script : OK ~ Vista, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 6CJ97 Windows License : OK Windows Automatic Updates : OK ---\\ System Information ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2045 MB (53% free) System Restore: Activé (Enable) System drive C: has 6 GB (8%) free of 70 GB ---\\ Logged in mode ~ Computer Name: PC-DE-LÉA ~ User Name: Léa ~ All Users Names: Léa, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Léa\AppData\Roaming\ ~ %Desktop% : C:\Users\Léa\Desktop\ ~ %Favorites% : C:\Users\Léa\Favorites\ ~ %LocalAppData% : C:\Users\Léa\AppData\Local\ ~ %StartMenu% : C:\Users\Léa\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 6 Go of 70 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 42 Go of 70 Go) E:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - (.Microsoft Corporation - Explorateur Windows.) (.12/12/2008 - 07:29:41.) -- C:\Windows\Explorer.exe [2927104] [MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.23/12/2010 - 23:33:38.) -- C:\Windows\system32\Wininit.exe [96768] [MD5.047CDEFF94B63F0A4791372B47427B60] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/04/2011 - 07:21:28.) -- C:\Windows\system32\wininet.dll [916480] [MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.23/12/2010 - 23:33:38.) -- C:\Windows\system32\Winlogon.exe [314880] [MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.23/12/2010 - 23:41:32.) -- C:\Windows\system32\drivers\atapi.sys [21560] [MD5.B4EFFE29EB4F15538FD8A9681108492D] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.23/12/2010 - 23:43:42.) -- C:\Windows\system32\drivers\ntfs.sys [1081912] [MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.23/12/2010 - 23:34:12.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 28/1747 ~ Mes musiques (My Musics) : 1230/4463 ~ Mes Videos (My Videos) : 1/2 ~ Mes Favoris (My Favorites) : 2/23 ~ Mes Documents (My Documents) : 17/973 ~ Mon Bureau (My Desktop) : 4/30 ~ Menu demarrer (Programs) : 7/25 ~ Scan Hidden Files in 00mn 27s ---\\ Processus lancés [MD5.A659F31AC25418738351E5BDF4C85780] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4669440] [PID.2468] [MD5.E090EE780714E376062198C6625D5B51] - (.HiTRUST - eDataSecurity System Loader( Load and prepa.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe [457216] [PID.2480] [MD5.D12509C433C20D2818E8C03C401A256F] - (.Symantec Corporation - Symantec User Session.) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe [107112] [PID.2504] [MD5.4297C3FC97F9FD96CC5BDC471A045882] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files\Launch Manager\LManager.exe [752136] [PID.4008] [MD5.F79723565C57374BB8F057E03FC33B50] - (.CyberLink Corp. - CyberLink PlayMovie Resident Program.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe [206952] [PID.1592] [MD5.F371C6DF9A810EF2E6E4FA60ACBB5C33] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [174872] [PID.1576] [MD5.B150D1BCB625600479EEBA51811E33CB] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe [159744] [PID.1636] [MD5.F514CD896583E6C18D011116E3725074] - (.CyberLink - Notification tool for RealTek audio chip.) -- C:\Acer\Empowering Technology\eAudio\eAudio.exe [1286144] [PID.3800] [MD5.A8CF3F60099EAA123DB72611CE7BE271] - (.Apple Computer, Inc. - iTunesHelper Module.) -- C:\Program Files\iTunes\iTunesHelper.exe [278528] [PID.3860] [MD5.6E812818306D460D62B4ABEA9FDC6679] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [266497] [PID.1892] [MD5.E8B180646BAE9E688D2E6D7EA8DED794] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [959976] [PID.] [MD5.5E4C9C25D603AE46DEDCBD9674F86E21] - (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe [149280] [PID.2436] [MD5.9ACE8ECDB1EBC519F48AA65DE5875573] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe [202256] [PID.1304] [MD5.2240A1A5973B31F9D050C137BD5794EA] - (.Matsushita Electric Industrial Co., Ltd. - PHOTOfunSTUDIO.) -- C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe [40960] [PID.4216] [MD5.5B1A52A2F4573A1CA947A3AF859CF6F7] - (.Acer Inc. - Acer eNet Tray.) -- C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE [753664] [PID.4412] [MD5.83170B8E03213093B065A9638E146499] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [7424000] [PID.4616] [MD5.3C268663253DC2B6EC8A8C2E8EDB67E5] - (.Acer Inc. - Acer ePower Management DMC.) -- C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE [454656] [PID.4748] [MD5.39CBE2E778299F468BBD5B45CFB90A70] - (.Acer Inc. - Acer Empowering Techonology Framework Launc.) -- C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE [323584] [PID.4988] [MD5.5EF87457AB8A58694EBE35E55D093D04] - (.Realtek Semiconductor Corp. - Realtek HD Audio Data Rerouter.) -- C:\Users\LA4770~1\AppData\Local\Temp\RtkBtMnt.exe [208896] [PID.5080] [MD5.4F779AD993A2975D945EE6985CAC0FEA] - (.Acer Inc. - eRecovery agent.) -- C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE [397312] [PID.5108] [MD5.42370C1DE2B83844B253478DB8A907D5] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\Apoint2K\ApMsgFwd.exe [50736] [PID.5308] [MD5.873867A02F0E83F18CF871E776B651DC] - (.OpenOffice.org - OpenOffice.org 3.1.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [7418368] [PID.5416] [MD5.8D78BE3690DB07A2FD03D2A6B61E3DCD] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\Apoint2K\Apntex.exe [49152] [PID.5604] [MD5.F96EBC5A624349D81DCC7600A3C5DC43] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.6140] [MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472] [PID.5168] [MD5.30FFBC8CB80938E19B73022FCB5EFB2A] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2122240] [PID.2804] [MD5.05ACAE276B57DDA3E4BDDEA4BAEC3EEA] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 186.0.) -- C:\Windows\system32\nvvsvc.exe [211488] [PID.] [MD5.0BA91E1358AD25236863039BB2609A2E] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [2623488] [PID.] [MD5.0238690AB96AD9E08C643D7A7AD8B293] - (.Check Point Software Technologies LTD - TrueVector Service.) -- C:\Windows\System32\ZoneLabs\vsmon.exe [79400] [PID.] [MD5.E7AAB1A32AC2EEA4C4B735B8D034C802] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [107624] [PID.] [MD5.2FE779B1A07747FED8074C433C3C4604] - (.Symantec Corporation - Symantec Application Core Service.) -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [46736] [PID.] [MD5.D6C8942BEA3698A2E7559BD423BFA5D7] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [68865] [PID.] [MD5.3845B6555DE995F6C0C07AE2ABCC0532] - (.Pas de propriétaire - ALaunchSvc Image.) -- C:\Acer\ALaunch\ALaunchSvc.exe [50688] [PID.] [MD5.335A142923FE7F97E8C8388ACD067568] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [151297] [PID.] [MD5.F54907AA07F60AFF81E1E09E97AF98B0] - (.HiTRSUT - eDataSecurity Service.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [457512] [PID.] [MD5.FB5383BFD4DEC6792AAEF76C9343ECFF] - (.Acer Inc. - Acer eLock Management.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [24576] [PID.] [MD5.9316C26F089CF2CEA2BD1496AC9F38A4] - (.Acer Inc. - acer eNet Management Service.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe [135168] [PID.] [MD5.AE38A12F79A4980DDB88F36514F8A1DA] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [355096] [PID.] [MD5.793FF718477345CD5D232C50BED1E452] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440] [PID.] [MD5.842684E0DF20A59E293DA1C6F0DFE261] - (...) -- C:\Acer\Mobility Center\MobilityService.exe [107008] [PID.] [MD5.B5D974C1FD078A68C7536C561B031D39] - (.Symantec Corporation - Automatic LiveUpdate Scheduler Service.) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554352] [PID.] [MD5.0A468612A19FEB657D127E7C4810F6FC] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe [266343] [PID.] [MD5.F82FC2C30A19442B95AE554215837C46] - (.Conexant Systems, Inc. - Modem Audio Service.) -- C:\Windows\system32\DRIVERS\xaudio.exe [386560] [PID.] [MD5.3D184410EF5EE017E186AC96181B3FF8] - (.Acer Inc. - eRecoveryService.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [53248] [PID.] [MD5.CF2584CDF90DA24D3044021AAAD5DBAB] - (.Pas de propriétaire - Service.) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576] [PID.] [MD5.7641B16BD15A392DE305D2B1C76AA42A] - (.acer - WMIServi Application.) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [167936] [PID.] [MD5.EDA049739349F0E837D4F55E8879D665] - (.Apple Computer, Inc. - iPodService Module.) -- C:\Program Files\iPod\bin\iPodService.exe [323584] [PID.] [MD5.FA2F6A8849219B16460BF44F9D1F3AA7] - (...) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [1251720] [PID.] ~ Scan Processes Running in 00mn 02s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Léa\AppData\Roaming\Mozilla\Firefox\Profiles\vysc5e9x.default\prefs.js C:\Users\Léa\AppData\Roaming\Mozilla\Firefox\Profiles\vysc5e9x.default\user.js (.not file.) M3 - MFPP: Plugins - [Léa] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Léa] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml M3 - MFPP: Plugins - [Léa] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [Léa] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Léa] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Léa] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Léa] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Léa] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M0 - MFSP: prefs.js [Léa - vysc5e9x.default] Google P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.775.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16291.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60310.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@nosltd.com/getPlus+®,version=1.6.2.91] - (.NOS Microsystems Ltd. - getplusplusadobe16291.) -- C:\Program Files\NOS\bin\np_gp.dll P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.775] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll P2 - FPN: [HKLM] [@real.com/nprjplug;version=1.0.3.775] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=1.0.0.0] - (.RealNetworks, Inc. - RealPlayer HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.775] - (.RealNetworks, Inc. - 6.0.12.775.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll P2 - FPN: [HKLM] [@veetle.com/veetleCorePlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, Copyright 2006-2009 Veetle Inc<br><a href="http://www..'>http://www..'>http://www..) -- C:\Program Files\Veetle\plugins\npVeetle.dll P2 - FPN: [HKLM] [@veetle.com/veetlePlayerPlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, copyright 2006-2010 Veetle Inc<br><a href="http://www..) -- C:\Program Files\Veetle\Player\npvlc.dll P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) -- C:\Users\Léa\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ~ Scan Firefox Browser in 00mn 01s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKUS\S-1-5-21-2152794718-1122633630-1261851648-1000\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (...) (No version) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: (no name) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} . (...) (No version) -- (.not file.) ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} . (.Symantec Corporation - NcoBHO.) -- C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} . (.HiTRUST - ActiveToolBand Module.) -- C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} . (.HiTRUST - eDStoolbar Module.) -- C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} . (.Symantec Corporation - UIBhoImpl.) -- C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (...) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe (.not file.) O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe (.not file.) O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe (.not file.) O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe (.not file.) O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe O4 - HKLM\..\Run: [eDataSecurity Loader] . (.HiTRUST - eDataSecurity System Loader( Load and prepa.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [Acer Tour] Clé orpheline O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [ccApp] . (.Symantec Corporation - Symantec User Session.) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe O4 - HKLM\..\Run: [iS CfgWiz] . (.Symantec Corporation - cltUIStub.) -- C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe O4 - HKLM\..\Run: [osCheck] . (.Symantec Corporation - osCheck.) -- C:\Program Files\Norton Internet Security\osCheck.exe O4 - HKLM\..\Run: [PLFSetL] . (.sonix - DefaultSettingEXE.) -- C:\Windows\PLFSetL.exe O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [PlayMovie] . (.CyberLink Corp. - CyberLink PlayMovie Resident Program.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe O4 - HKLM\..\Run: [iAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [eRecoveryService] Clé orpheline O4 - HKLM\..\Run: [Acer Tour Reminder] . (.Acer Inc. - Acer Tour Reminder.) -- C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [WarReg_PopUp] . (.Acer Inc. - WR_PopUp.) -- C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [setPanel] C:\Acer\APanel\APanel.cmd (.not file.) O4 - HKLM\..\Run: [eAudio] . (.CyberLink - Notification tool for RealTek audio chip.) -- C:\Acer\Empowering Technology\eAudio\eAudio.exe O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Computer, Inc. - iTunesHelper Module.) -- C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe O4 - HKLM\..\Run: [symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exetEng.dll (.not file.) O4 - HKLM\..\Run: [NWEReboot] Clé orpheline O4 - HKLM\..\Run: [skytel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\Skytel.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKCU\..\Run: [Acer Tour Reminder] Clé orpheline O4 - HKCU\..\Run: [EA Core] D:\Electronic Arts\EADM\Core.exe (.not file.) O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [AdobeUpdater] . (.Adobe Systems Incorporated - Adobe Updater.) -- C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-21-2152794718-1122633630-1261851648-1000\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-21-2152794718-1122633630-1261851648-1000\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-21-2152794718-1122633630-1261851648-1000\..\Run: [Acer Tour Reminder] Clé orpheline O4 - HKUS\S-1-5-21-2152794718-1122633630-1261851648-1000\..\Run: [EA Core] D:\Electronic Arts\EADM\Core.exe (.not file.) O4 - HKUS\S-1-5-21-2152794718-1122633630-1261851648-1000\..\Run: [ctfmon.exe] . (.Microsoft Corporation - Chargeur CTF.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-2152794718-1122633630-1261851648-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-21-2152794718-1122633630-1261851648-1000\..\Run: [AdobeUpdater] . (.Adobe Systems Incorporated - Adobe Updater.) -- C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\Léa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Léa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\Léa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\Léa\Desktop\Ad-Remover.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe O4 - Global Startup: C:\Users\Léa\Desktop\Corbeille.lnk - Clé orpheline O4 - Global Startup: C:\Users\Léa\Desktop\Free Video Converter.lnk . (.Koyote Soft.) -- C:\Program Files\Free Video Converter\FreeVideoConverter.exe O4 - Global Startup: C:\Users\Léa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk . (.Apple Computer, Inc..) -- C:\Program Files\iTunes\iTunes.exe O4 - Global Startup: C:\Users\Léa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Léa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe ~ Scan Global Startup in 00mn 01s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Compare Prices with &Dealio - (.not file.) - C:\Users\Léa\AppData\LocalLow\Dealio\kb127\res\DealioSearch.html O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ~ Scan Winsock in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{16B8C993-FC52-4DB8-BC23-BCB4264B97BC}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CCS\Services\Tcpip\..\{20AAC3F6-BAC4-43E1-967F-CEC739BC51A5}: DhcpNameServer = 109.0.66.10 109.0.66.20 O17 - HKLM\System\CS1\Services\Tcpip\..\{16B8C993-FC52-4DB8-BC23-BCB4264B97BC}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS1\Services\Tcpip\..\{20AAC3F6-BAC4-43E1-967F-CEC739BC51A5}: DhcpNameServer = 109.0.66.10 109.0.66.20 O17 - HKLM\System\CS3\Services\Tcpip\..\{16B8C993-FC52-4DB8-BC23-BCB4264B97BC}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS3\Services\Tcpip\..\{20AAC3F6-BAC4-43E1-967F-CEC739BC51A5}: DhcpNameServer = 109.0.66.10 109.0.66.20 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) -- C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 01s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (...) -- igfxdev.dll ~ Scan Winlogon in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (.acer - eNMSwWatcher Dynamic Link Library.) - C:\Windows\system32\eNetHook.dll ~ Scan AppInit DLL in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: ALaunch Service (ALaunchService) . (.Pas de propriétaire - ALaunchSvc Image.) - C:\Acer\ALaunch\ALaunchSvc.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: eDSService.exe (eDataSecurity Service) . (.HiTRSUT - eDataSecurity Service.) - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) . (.Acer Inc. - Acer eLock Management.) - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service (eNet Service) . (.Acer Inc. - acer eNet Management Service.) - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) . (.Acer Inc. - eRecoveryService.) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) . (.Pas de propriétaire - Service.) - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service (LiveUpdate Notice Service) . (.Symantec Corporation - LiveUpdate Notice Service.) - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: MobilityService (MobilityService) . (...) - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 186.0.) - C:\Windows\system32\nvvsvc.exe O23 - Service: Planificateur LiveUpdate automatique (Planificateur LiveUpdate automatique) . (.Symantec Corporation - Automatic LiveUpdate Scheduler Service.) - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec AppCore Service (SymAppCore) . (.Symantec Corporation - Symantec Application Core Service.) - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: ePower Service (WMIService) . (.acer - WMIServi Application.) - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe O23 - Service: {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) . (.Cyberlink Corp. - FCL Driver.) - C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe ~ Scan Desktop Component in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{28C185E6-41D2-4A01-B91D-09564F7505C4}.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{8F14964C-7533-4930-A836-08B6F6DF7ADA}.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\{FA0665FA-7D68-4553-9F14-3652C133945D}.job [MD5.2C1A1F91D3288E7C02B584C2553967B6] [APT] [RealUpgradeLogonTaskS-1-5-21-2152794718-1122633630-1261851648-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [MD5.2C1A1F91D3288E7C02B584C2553967B6] [APT] [RealUpgradeScheduledTaskS-1-5-21-2152794718-1122633630-1261851648-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe ~ Scan Scheduled Task in 00mn 03s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: (DritekPortIO) . (.Dritek System Inc. - General Port I/O.) - C:\PROGRA~1\LAUNCH~1\DPortIO.sys O41 - Driver: (eeCtrl) . (. - .) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (.not file.) O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys O41 - Driver: (IDSvix86) . (.Symantec Corporation - IDS Core Driver.) - C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20101202.001\IDSvix86.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\system32\DRIVERS\kbdhid.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\Drivers\SRTSPX.sys O41 - Driver: (ssmdrv) . (.AVIRA GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys O41 - Driver: (SYMTDI) . (.Symantec Corporation - Network Dispatch Driver.) - C:\Windows\system32\Drivers\SYMTDI.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\Windows\system32\DRIVERS\vsdatant.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys ~ Scan Drivers in 00mn 01s ---\\ Logiciels installés (O42) O42 - Logiciel: 4shared Desktop - (.Pas de propriétaire.) [HKLM] -- 4shared Desktop O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip O42 - Logiciel: ALPS Touch Pad Driver - (.Alps Electric.) [HKLM] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} O42 - Logiciel: AV - (.Symantec Corporation.) [HKLM] -- {F4DB525F-A986-4249-B98B-42A8066251CA} O42 - Logiciel: AVS Audio Converter version 6.3 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Audio Converter 6.3_is1 O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1 O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Software Navigator_is1 O42 - Logiciel: Acer Arcade Deluxe - (.CyberLink Corporation.) [HKLM] -- {EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37} O42 - Logiciel: Acer Crystal Eye Webcam Video Class Camera - (.Suyin.) [HKLM] -- {399C37FB-08AF-493B-BFED-20FBD85EDF7F} O42 - Logiciel: Acer Crystal Eye webcam - (.SUYIN.) [HKLM] -- {AA047D7C-5E7C-4878-B75C-77589151B563} O42 - Logiciel: Acer Empowering Technology - (.Acer Inc..) [HKLM] -- {AB6097D9-D722-4987-BD9E-A076E2848EE2} O42 - Logiciel: Acer GridVista - (.Pas de propriétaire.) [HKLM] -- GridVista O42 - Logiciel: Acer Mobility Center Plug-In - (.Acer Inc..) [HKLM] -- {11316260-6666-467B-AC34-183FCB5D4335} O42 - Logiciel: Acer ScreenSaver - (.Acer Inc..) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC} O42 - Logiciel: Acer Tour - (.Acer Inc..) [HKLM] -- {94389919-B0AA-4882-9BE8-9F0B004ECA35} O42 - Logiciel: Acer eAudio Management - (.Pas de propriétaire.) [HKLM] -- {57265292-228A-41FA-9AEC-4620CBCC2739} O42 - Logiciel: Acer eDataSecurity Management - (.HiTRUST Inc..) [HKLM] -- {AEEAE013-92F1-4515-B278-139F1A692A36} O42 - Logiciel: Acer eLock Management - (.Acer Inc..) [HKLM] -- {116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3} O42 - Logiciel: Acer eNet Management - (.Acer Inc..) [HKLM] -- {C06554A1-2C1E-4D20-B613-EE62C79927CC} O42 - Logiciel: Acer ePower Management - (.Acer Inc..) [HKLM] -- {58E5844B-7CE2-413D-83D1-99294BF6C74F} O42 - Logiciel: Acer ePresentation Management - (.Acer Inc..) [HKLM] -- {BF839132-BD43-4056-ACBF-4377F4A88E2A} O42 - Logiciel: Acer eSettings Management - (.Acer Inc..) [HKLM] -- {CE65A9A0-9686-45C6-9098-3C9543A412F0} O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7} O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Flash Player ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Reader 8.1.0 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A81000000003} O42 - Logiciel: AppCore - (.Symantec Corporation.) [HKLM] -- {EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033} O42 - Logiciel: ArcGIS Desktop Evaluation Edition - (.Environmental Systems Research Institute, Inc..) [HKLM] -- ArcGIS Desktop Evaluation Edition O42 - Logiciel: ArcGIS Tutorial Data - (.Environmental Systems Research Institute, Inc..) [HKLM] -- ArcGIS Tutorial Data O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {D3116CC7-24DC-4CA3-9CE1-23FED836E9F2} O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- AntiVir PersonalEdition Classic O42 - Logiciel: Big Kahuna Reef 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111310630} O42 - Logiciel: Cake Mania - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750} O42 - Logiciel: Dynasty - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353} O42 - Logiciel: Facebook Plug-In - (.Facebook, Inc..) [HKCU] -- Facebook Plug-In O42 - Logiciel: FileHunter - (.Pas de propriétaire.) [HKCU] -- FileHunter O42 - Logiciel: Free Video Converter V 2.9 - (.Koyote Soft.) [HKLM] -- Free Video Converter_is1 O42 - Logiciel: Galapago - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457} O42 - Logiciel: HDAUDIO Soft Data Fax Modem with SmartCP - (.Pas de propriétaire.) [HKLM] -- CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8} O42 - Logiciel: Intel® Matrix Storage Manager - (.Pas de propriétaire.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: Java 6 Update 16 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216016FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619} O42 - Logiciel: K-Lite Codec Pack 4.6.2 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1 O42 - Logiciel: Launch Manager - (.Pas de propriétaire.) [HKLM] -- LManager O42 - Logiciel: LiveUpdate 3.2 (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- LiveUpdate O42 - Logiciel: LiveUpdate Notice (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- {DBA4DB9D-EE51-4944-A419-98AB1F1249C8} O42 - Logiciel: Luxor 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417} O42 - Logiciel: MSRedist - (.Symantec Corporation.) [HKLM] -- {B7C61755-DB48-4003-948F-3D34DB8EAF69} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E} O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {a0fe116e-9a8a-466f-aee0-625cb7c207e3} O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C} O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Mozilla Firefox 6.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 6.0.2 (x86 fr) O42 - Logiciel: Mystery Case Files - Prime Suspects - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111271497} O42 - Logiciel: Mystery Case Files Ravenhearst - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112179547} O42 - Logiciel: NTI Backup NOW! 4.7 - (.NewTech Infosystems.) [HKLM] -- {67ADE9AF-5CD9-4089-8825-55DE4B366799} O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {DD1865F0-AD73-40FB-B23E-1822E02396FF} O42 - Logiciel: Norton AntiVirus - (.Symantec Corporation.) [HKLM] -- {830D8CBD-C668-49e2-A969-C2C2106332E0} O42 - Logiciel: Norton Confidential Browser Component - (.Symantec Corporation.) [HKLM] -- {4843B611-8FCB-4428-8C23-31D0A5EAE164} O42 - Logiciel: Norton Confidential Web Protection Component - (.Symantec Corporation.) [HKLM] -- {D353CC51-430D-4C6F-9B7E-52003DA1E05A} O42 - Logiciel: Norton Internet Security (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B} O42 - Logiciel: Norton Internet Security - (.Symantec Corp..) [HKLM] -- {E3EFA461-EB83-4C3B-9C47-2C1D58A01555} O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- {3672B097-EA69-4bfe-B92F-29AE6D9D2B34} O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- {48185814-A224-447A-81DA-71BD20580E1B} O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- {5AA2CD16-706F-41f3-87C5-2B5A031F2B3B} O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- {E5EE9939-259F-4DE2-8023-5C49E16A4F43} O42 - Logiciel: Norton Protection Center - (.Symantec Corporation.) [HKLM] -- {9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8} O42 - Logiciel: OpenOffice.org 3.1 - (.OpenOffice.org.) [HKLM] -- {0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6} O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} O42 - Logiciel: PHOTOfunSTUDIO -viewer- - (.Panasonic.) [HKLM] -- {9A9DBEBC-C800-4776-A970-D76D6AA405B1} O42 - Logiciel: PowerProducer 3.72 - (.CyberLink Corporation.) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861} O42 - Logiciel: Python 2.5 numpy-1.0.3 - (.Pas de propriétaire.) [HKLM] -- Python 2.5 numpy-1.0.3 O42 - Logiciel: Python 2.5.1 - (.Pas de propriétaire.) [HKLM] -- Python 2.5.1 O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {216AB108-2AE1-4130-B3D5-20B2C4C80F8F} O42 - Logiciel: RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 - (.Pas de propriétaire.) [HKLM] -- {59F6A514-9813-47A3-948C-8A155460CC2A} O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0 O42 - Logiciel: RealUpgrade 1.0 - (.RealNetworks, Inc..) [HKLM] -- {F4F4F84E-804F-4E9A-84D7-C34283F0088F} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: SPBBC 32bit - (.Symantec Corporation.) [HKLM] -- {77772678-817F-4401-9301-ED1D01A8DA56} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2466156) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CEF209AB-F96D-404F-B5CC-44057C057CA3} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2464583) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{151E2FEA-C3A6-4CB6-BE6B-16651FDF04BE} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870 O42 - Logiciel: Skype™ 5.1 - (.Skype Technologies S.A..) [HKLM] -- {E633D396-5188-4E9D-8F6B-BFB8BF3467E8} O42 - Logiciel: Star Defender 3 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111730193} O42 - Logiciel: Treasures of the Deep - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111263673} O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF} O42 - Logiciel: Veetle TV 0.9.18 - (.Veetle, Inc.) [HKLM] -- Veetle TV O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B} O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- Windows Live OneCare safety scanner O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- {FE0646A7-19D0-41B4-A2BB-2C35D644270D} O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} O42 - Logiciel: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm O42 - Logiciel: Zuma Deluxe - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700} O42 - Logiciel: ccCommon - (.Symantec.) [HKLM] -- {3CCAD2EF-CFF2-4637-82AA-AABF370282D3} O42 - Logiciel: iPod for Windows 2006-01-10 - (.Nom de votre société.) [HKLM] -- InstallShield_{3D047C15-C859-45F7-81CE-F2681778069B} O42 - Logiciel: iTunes - (.Apple Computer, Inc..) [HKLM] -- InstallShield_{501BADCD-F8F7-44CB-AC3F-6ED25C1A28B5} O42 - Logiciel: myBabylon_English Toolbar - (.Pas de propriétaire.) [HKLM] -- myBabylon_English Toolbar ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\AVS4YOU] [HKCU\Software\Acer] [HKCU\Software\Adobe] [HKCU\Software\Alps] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Monitored] [HKCU\Software\AppDataLow\Software\Musicnotes] [HKCU\Software\AppDataLow\Software\Yahoo] [HKCU\Software\AppDataLow\Software\myBabylon_English] [HKCU\Software\AppDataLow\Software\settings] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Aureal] [HKCU\Software\Avira] [HKCU\Software\Binary Noise] [HKCU\Software\CDDB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Compal] [HKCU\Software\Cyberlink] [HKCU\Software\DivXNetworks] [HKCU\Software\ESRI] [HKCU\Software\Earth Resource Mapping] [HKCU\Software\GNU] [HKCU\Software\GSpot Appliance Corp] [HKCU\Software\Gabest] [HKCU\Software\Haali] [HKCU\Software\IM Providers] [HKCU\Software\JavaSoft] [HKCU\Software\Lake] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MediaInfo] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Musicnotes] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Nadeo] [HKCU\Software\Netscape] [HKCU\Software\NewTech Infosystems] [HKCU\Software\ODBC] [HKCU\Software\OpenOffice.org] [HKCU\Software\Opendisc] [HKCU\Software\PDFCreator] [HKCU\Software\Panasonic] [HKCU\Software\Policies] [HKCU\Software\RealNetworks] [HKCU\Software\Realtek] [HKCU\Software\SecuROM] [HKCU\Software\SkypeApps] [HKCU\Software\Skype] [HKCU\Software\Softonic] [HKCU\Software\Symantec] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\Veetle] [HKCU\Software\Yahoo] [HKCU\Software\ZjSoft] [HKCU\Software\Zone Labs] [HKLM\Software\AGEIA Technologies] [HKLM\Software\AVS4YOU] [HKLM\Software\Acer Inc.] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\Alps] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Avira] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\CXT] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\Compal] [HKLM\Software\Conexant Systems Inc ] [HKLM\Software\Conexant] [HKLM\Software\CyberLink] [HKLM\Software\DivXNetworks] [HKLM\Software\EA DICE] [HKLM\Software\ESRI] [HKLM\Software\Electronic Arts] [HKLM\Software\Forge of Games] [HKLM\Software\GNU] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\KLCodecPack] [HKLM\Software\LightScribe] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Maxis] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NOS] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\NewTech Infosystems] [HKLM\Software\Nico Mak Computing] [HKLM\Software\Norton] [HKLM\Software\ODBC] [HKLM\Software\Oberon Media] [HKLM\Software\OpenOffice.org] [HKLM\Software\PDFCreator] [HKLM\Software\Panasonic] [HKLM\Software\Policies] [HKLM\Software\Python] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\Reflexive Entertainment] [HKLM\Software\RegisteredApplications] [HKLM\Software\RichFX] [HKLM\Software\S3R521] [HKLM\Software\SONIX] [HKLM\Software\SRS Labs] [HKLM\Software\Safe Software Inc.] [HKLM\Software\Skype] [HKLM\Software\SoftAssist] [HKLM\Software\Sonic] [HKLM\Software\Suyin] [HKLM\Software\SymDebug] [HKLM\Software\Symantec] [HKLM\Software\Trad-FR] [HKLM\Software\TrendMicro] [HKLM\Software\Vantage Software Technologies] [HKLM\Software\Veetle] [HKLM\Software\Volatile] [HKLM\Software\Waves Audio] [HKLM\Software\X-AVCSD] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\Yahoo] [HKLM\Software\Zone Labs] [HKLM\Software\acer] [HKLM\Software\mcafeeupdater] [HKLM\Software\mozilla.org] [HKLM\Software\muvee Technologies] [HKLM\Software\myBabylon_English] [HKLM\Software\nSplitter] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 26/03/2010 - 15:34:44 - [4500816] ----D- C:\Program Files\4shared Desktop O43 - CFD: 23/12/2010 - 19:13:54 - [3094515] ----D- C:\Program Files\7-Zip O43 - CFD: 21/12/2007 - 23:42:08 - [547041848] ----D- C:\Program Files\Acer Arcade Deluxe O43 - CFD: 21/12/2007 - 23:35:02 - [1316014] ----D- C:\Program Files\ACER Crystal Eye webcam O43 - CFD: 10/08/2007 - 10:05:36 - [371953624] ----D- C:\Program Files\Acer GameZone O43 - CFD: 21/12/2007 - 23:46:36 - [1360873] ----D- C:\Program Files\Acer Inc O43 - CFD: 10/08/2007 - 09:59:44 - [12683094] ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites O43 - CFD: 24/09/2011 - 15:41:10 - [179623984] ----D- C:\Program Files\Ad-Remover O43 - CFD: 10/08/2007 - 09:51:16 - [184554895] ----D- C:\Program Files\Adobe O43 - CFD: 02/09/2009 - 23:12:00 - [123222710] ----D- C:\Program Files\AGEIA Technologies O43 - CFD: 21/12/2007 - 23:45:16 - [11413487] ----D- C:\Program Files\Apoint2K O43 - CFD: 12/02/2009 - 00:36:12 - [2221118] ----D- C:\Program Files\Apple Software Update O43 - CFD: 21/10/2010 - 22:05:18 - [2322133344] ----D- C:\Program Files\ArcGIS O43 - CFD: 13/02/2009 - 20:36:16 - [113328725] ----D- C:\Program Files\Avira O43 - CFD: 23/12/2010 - 18:30:52 - [42487271] ----D- C:\Program Files\AVS4YOU O43 - CFD: 11/06/2011 - 12:05:26 - [0] ----D- C:\Program Files\Babylon O43 - CFD: 23/12/2010 - 18:29:38 - [1244221852] ----D- C:\Program Files\Common Files O43 - CFD: 10/08/2007 - 08:40:30 - [1065440] ----D- C:\Program Files\CONEXANT O43 - CFD: 10/08/2007 - 09:43:52 - [172409416] ----D- C:\Program Files\CyberLink O43 - CFD: 21/10/2010 - 22:17:48 - [174] ----D- C:\Program Files\ESRI O43 - CFD: 30/07/2008 - 17:27:42 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 10/10/2010 - 18:58:50 - [11611047] ----D- C:\Program Files\Free Video Converter O43 - CFD: 29/08/2009 - 21:36:44 - [117589829] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 21/12/2007 - 23:34:10 - [8167472] ----D- C:\Program Files\Intel O43 - CFD: 14/04/2011 - 13:29:28 - [6154617] ----D- C:\Program Files\Internet Explorer O43 - CFD: 30/07/2008 - 13:02:48 - [55950134] ----D- C:\Program Files\iPod O43 - CFD: 30/07/2008 - 13:06:02 - [34463223] ----D- C:\Program Files\iTunes O43 - CFD: 20/12/2009 - 23:12:26 - [90442324] ----D- C:\Program Files\Java O43 - CFD: 20/12/2009 - 23:15:06 - [16664352] ----D- C:\Program Files\JRE O43 - CFD: 14/02/2009 - 00:00:20 - [36204918] ----D- C:\Program Files\K-Lite Codec Pack O43 - CFD: 21/12/2007 - 23:40:40 - [2272070] ----D- C:\Program Files\Launch Manager O43 - CFD: 21/10/2010 - 22:03:00 - [1160840] ----D- C:\Program Files\Leica Geosystems O43 - CFD: 17/04/2011 - 19:35:46 - [4921884] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 18/11/2009 - 00:34:44 - [226432] ----D- C:\Program Files\Microsoft O43 - CFD: 27/11/2008 - 17:03:12 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 02/11/2006 - 14:37:36 - [92807095] ----D- C:\Program Files\Microsoft Games O43 - CFD: 01/02/2009 - 14:00:16 - [647733776] ----D- C:\Program Files\Microsoft Office O43 - CFD: 20/06/2011 - 14:29:08 - [38388859] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 19/11/2009 - 02:24:02 - [151889282] ----D- C:\Program Files\Microsoft Works O43 - CFD: 29/01/2011 - 12:01:36 - [8352099] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 02/01/2011 - 13:26:16 - [99168366] ----D- C:\Program Files\Movie Maker O43 - CFD: 08/09/2011 - 23:26:28 - [36737111] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 27/11/2008 - 16:46:18 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 10/08/2007 - 09:19:00 - [49022275] ----D- C:\Program Files\NewTech Infosystems O43 - CFD: 14/12/2010 - 16:51:30 - [34538246] ----D- C:\Program Files\Norton Internet Security O43 - CFD: 20/10/2010 - 16:15:00 - [494512] ----D- C:\Program Files\NOS O43 - CFD: 20/12/2009 - 23:15:04 - [383829676] ----D- C:\Program Files\OpenOffice.org 3 O43 - CFD: 30/07/2008 - 13:16:10 - [50346124] ----D- C:\Program Files\Panasonic O43 - CFD: 03/04/2011 - 10:50:18 - [26926656] ----D- C:\Program Files\PDFCreator O43 - CFD: 12/02/2009 - 00:38:26 - [77199116] ----D- C:\Program Files\QuickTime O43 - CFD: 13/07/2010 - 12:59:18 - [90895313] ----D- C:\Program Files\Real O43 - CFD: 10/08/2007 - 08:31:22 - [15921159] ----D- C:\Program Files\Realtek O43 - CFD: 02/11/2006 - 14:37:36 - [38686465] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 12/12/2010 - 13:24:32 - [15026140] R---D- C:\Program Files\Skype O43 - CFD: 21/12/2007 - 23:35:02 - [0] ----D- C:\Program Files\SUYIN O43 - CFD: 14/12/2010 - 14:10:12 - [20312142] ----D- C:\Program Files\Symantec O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 24/10/2010 - 21:12:10 - [10428379] ----D- C:\Program Files\Veetle O43 - CFD: 31/12/2010 - 15:40:32 - [1016832] ----D- C:\Program Files\Windows Calendar O43 - CFD: 31/12/2010 - 15:40:24 - [2760704] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 31/12/2010 - 15:40:06 - [4492240] ----D- C:\Program Files\Windows Defender O43 - CFD: 31/12/2010 - 15:40:22 - [7084664] ----D- C:\Program Files\Windows Journal O43 - CFD: 03/05/2009 - 19:37:34 - [81920151] ----D- C:\Program Files\Windows Live O43 - CFD: 20/12/2009 - 22:56:38 - [40403742] ----D- C:\Program Files\Windows Live Safety Center O43 - CFD: 03/05/2009 - 19:36:40 - [245112] ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD: 11/05/2011 - 14:55:08 - [9116344] ----D- C:\Program Files\Windows Mail O43 - CFD: 02/01/2011 - 13:26:20 - [4499178] ----D- C:\Program Files\Windows Media Player O43 - CFD: 30/07/2008 - 17:27:42 - [7945486] ----D- C:\Program Files\Windows NT O43 - CFD: 31/12/2010 - 15:40:20 - [13464738] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 31/12/2010 - 15:40:26 - [6511482] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 17/04/2011 - 19:31:20 - [0] ----D- C:\Program Files\WinZip O43 - CFD: 25/09/2011 - 21:49:06 - [6395507] ----D- C:\Program Files\ZHPDiag O43 - CFD: 04/06/2009 - 13:19:22 - [11079326] ----D- C:\Program Files\Zone Labs O43 - CFD: 10/08/2007 - 09:51:24 - [6778798] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 21/10/2010 - 22:05:08 - [5133227] ----D- C:\Program Files\Common Files\AnswerWorks 4.0 O43 - CFD: 21/10/2010 - 22:05:48 - [4759552] ----D- C:\Program Files\Common Files\ArcGIS O43 - CFD: 23/12/2010 - 18:30:58 - [64616906] ----D- C:\Program Files\Common Files\AVSMedia O43 - CFD: 10/08/2007 - 09:55:58 - [92976] ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD: 21/10/2010 - 22:02:04 - [47467662] ----D- C:\Program Files\Common Files\ESRI O43 - CFD: 10/08/2007 - 09:30:54 - [15915643] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 10/08/2007 - 09:18:38 - [7178034] ----D- C:\Program Files\Common Files\LightScribe O43 - CFD: 20/06/2011 - 14:29:04 - [519085512] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 10/08/2007 - 09:18:14 - [9706600] ----D- C:\Program Files\Common Files\muvee Technologies O43 - CFD: 10/08/2007 - 09:19:02 - [2290478] ----D- C:\Program Files\Common Files\NewTech Infosystems O43 - CFD: 10/08/2007 - 10:01:54 - [114688] ----D- C:\Program Files\Common Files\Oberon Media O43 - CFD: 13/07/2010 - 12:59:40 - [20931937] ----D- C:\Program Files\Common Files\Real O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 21/12/2007 - 23:34:24 - [4820842] ----D- C:\Program Files\Common Files\snp2uvc O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 20/06/2011 - 16:12:42 - [98648083] ----D- C:\Program Files\Common Files\Symantec Shared O43 - CFD: 31/12/2010 - 15:40:08 - [50407440] ----D- C:\Program Files\Common Files\System O43 - CFD: 03/05/2009 - 19:32:56 - [291631813] ----D- C:\Program Files\Common Files\Windows Live O43 - CFD: 26/11/2008 - 22:50:34 - [19061704] -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller O43 - CFD: 02/09/2009 - 23:11:18 - [34123264] ----D- C:\Program Files\Common Files\Wise Installation Wizard O43 - CFD: 13/07/2010 - 12:59:06 - [352256] ----D- C:\Program Files\Common Files\xing shared O43 - CFD: 10/08/2007 - 09:51:38 - [752] ----D- C:\ProgramData\Adobe O43 - CFD: 12/02/2009 - 00:36:12 - [2083840] ----D- C:\ProgramData\Apple O43 - CFD: 12/02/2009 - 00:38:00 - [27963304] ----D- C:\ProgramData\Apple Computer O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 13/02/2009 - 20:36:16 - [100793777] ----D- C:\ProgramData\Avira O43 - CFD: 23/12/2010 - 18:31:42 - [0] ----D- C:\ProgramData\AVS4YOU O43 - CFD: 30/07/2008 - 17:27:42 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 04/06/2009 - 13:19:20 - [4212] ----D- C:\ProgramData\CheckPoint O43 - CFD: 21/12/2007 - 23:42:22 - [3680] ----D- C:\ProgramData\CyberLink O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 29/08/2009 - 21:22:08 - [70] ----D- C:\ProgramData\EA Logs O43 - CFD: 20/04/2009 - 17:52:12 - [65564] ----D- C:\ProgramData\Electronic Arts O43 - CFD: 21/10/2010 - 21:56:42 - [605] ----D- C:\ProgramData\ESRI O43 - CFD: 30/07/2008 - 17:27:42 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 28/08/2009 - 18:43:02 - [721] ----D- C:\ProgramData\Forge of Games O43 - CFD: 21/02/2010 - 18:51:20 - [2243376] ----D- C:\ProgramData\Google O43 - CFD: 17/04/2011 - 19:35:32 - [6602691] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 20/10/2010 - 16:15:34 - [64004] ----D- C:\ProgramData\McAfee O43 - CFD: 30/07/2008 - 17:27:42 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 04/06/2010 - 16:56:10 - [576566776] -S--D- C:\ProgramData\Microsoft O43 - CFD: 16/06/2011 - 19:14:32 - [57040] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 30/07/2008 - 17:27:42 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 08/05/2010 - 13:18:14 - [0] ----D- C:\ProgramData\Musicnotes O43 - CFD: 14/12/2010 - 14:08:22 - [157] ----D- C:\ProgramData\Norton O43 - CFD: 20/10/2010 - 16:18:52 - [318650] ----D- C:\ProgramData\NOS O43 - CFD: 02/09/2009 - 23:26:46 - [126601] ----D- C:\ProgramData\NVIDIA O43 - CFD: 19/12/2010 - 00:27:08 - [974406] ----D- C:\ProgramData\Real O43 - CFD: 23/08/2011 - 23:47:42 - [70138368] ----D- C:\ProgramData\Skype O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 14/12/2010 - 14:09:52 - [865318271] ----D- C:\ProgramData\Symantec O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 02/01/2011 - 14:21:40 - [0] ----D- C:\ProgramData\WindowsSearch O43 - CFD: 17/04/2011 - 19:31:20 - [0] ----D- C:\ProgramData\WinZip O43 - CFD: 26/11/2008 - 22:41:10 - [217800] ----D- C:\ProgramData\WLInstaller O43 - CFD: 27/11/2008 - 16:41:38 - [105979] ----D- C:\ProgramData\Yahoo! Companion O43 - CFD: 10/08/2007 - 09:59:46 - [6904815] ----D- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} O43 - CFD: 12/01/2009 - 14:08:18 - [5527720] ----D- C:\Users\Léa\AppData\Roaming\Adobe O43 - CFD: 01/08/2008 - 19:06:28 - [166449] ----D- C:\Users\Léa\AppData\Roaming\Apple Computer O43 - CFD: 23/12/2010 - 18:31:30 - [228] ----D- C:\Users\Léa\AppData\Roaming\AVS4YOU O43 - CFD: 17/09/2009 - 17:34:32 - [0] ----D- C:\Users\Léa\AppData\Roaming\CyberLink O43 - CFD: 23/10/2010 - 12:28:28 - [1322430] ----D- C:\Users\Léa\AppData\Roaming\ESRI O43 - CFD: 27/06/2010 - 19:37:16 - [5719763] ----D- C:\Users\Léa\AppData\Roaming\Facebook O43 - CFD: 11/06/2011 - 12:04:52 - [4739829] ----D- C:\Users\Léa\AppData\Roaming\FileHunter O43 - CFD: 23/12/2010 - 18:41:22 - [86] ----D- C:\Users\Léa\AppData\Roaming\FreeAudioPack O43 - CFD: 23/12/2010 - 18:54:14 - [790] ----D- C:\Users\Léa\AppData\Roaming\FreeVideoConverter O43 - CFD: 30/07/2008 - 17:32:26 - [0] ----D- C:\Users\Léa\AppData\Roaming\Identities O43 - CFD: 30/07/2008 - 13:15:44 - [0] ----D- C:\Users\Léa\AppData\Roaming\InstallShield O43 - CFD: 30/07/2008 - 17:31:04 - [3877464] ----D- C:\Users\Léa\AppData\Roaming\Macromedia O43 - CFD: 17/04/2011 - 19:35:56 - [19062635] ----D- C:\Users\Léa\AppData\Roaming\Malwarebytes O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\Léa\AppData\Roaming\Media Center Programs O43 - CFD: 14/02/2009 - 00:25:06 - [154] ----D- C:\Users\Léa\AppData\Roaming\Media Player Classic O43 - CFD: 25/01/2011 - 13:27:56 - [7673378] -S--D- C:\Users\Léa\AppData\Roaming\Microsoft O43 - CFD: 13/02/2009 - 15:45:46 - [31388698] ----D- C:\Users\Léa\AppData\Roaming\Mozilla O43 - CFD: 20/12/2009 - 23:18:12 - [2394851] ----D- C:\Users\Léa\AppData\Roaming\OpenOffice.org O43 - CFD: 30/07/2008 - 13:17:58 - [18382848] ----D- C:\Users\Léa\AppData\Roaming\Panasonic O43 - CFD: 06/12/2010 - 19:41:14 - [2400656] ----D- C:\Users\Léa\AppData\Roaming\Real O43 - CFD: 20/04/2009 - 17:53:18 - [10583] R-H-D- C:\Users\Léa\AppData\Roaming\SecuROM O43 - CFD: 22/09/2011 - 23:41:10 - [12072479] ----D- C:\Users\Léa\AppData\Roaming\Skype O43 - CFD: 17/09/2009 - 18:06:02 - [7392] ----D- C:\Users\Léa\AppData\Local\Acer Arcade Deluxe O43 - CFD: 30/07/2008 - 17:33:26 - [11904] --H-D- C:\Users\Léa\AppData\Local\acer eNM O43 - CFD: 13/02/2009 - 20:33:54 - [51768077] ----D- C:\Users\Léa\AppData\Local\Adobe O43 - CFD: 12/02/2009 - 00:36:14 - [0] ----D- C:\Users\Léa\AppData\Local\Apple O43 - CFD: 01/08/2008 - 19:05:04 - [476657] ----D- C:\Users\Léa\AppData\Local\Apple Computer O43 - CFD: 30/07/2008 - 17:31:02 - [0] -SH-D- C:\Users\Léa\AppData\Local\Application Data O43 - CFD: 23/12/2010 - 19:19:30 - [2465860] ----D- C:\Users\Léa\AppData\Local\assembly O43 - CFD: 21/02/2010 - 18:51:20 - [0] ----D- C:\Users\Léa\AppData\Local\Google O43 - CFD: 30/07/2008 - 17:31:02 - [0] -SH-D- C:\Users\Léa\AppData\Local\Historique O43 - CFD: 03/01/2010 - 23:55:52 - [1695734138] ----D- C:\Users\Léa\AppData\Local\Microsoft O43 - CFD: 24/12/2008 - 18:23:36 - [1928757] ----D- C:\Users\Léa\AppData\Local\Microsoft Games O43 - CFD: 29/11/2008 - 20:26:12 - [96764] ----D- C:\Users\Léa\AppData\Local\Microsoft Help O43 - CFD: 13/02/2009 - 15:45:36 - [315359845] ----D- C:\Users\Léa\AppData\Local\Mozilla O43 - CFD: 18/09/2009 - 00:09:18 - [9306] ----D- C:\Users\Léa\AppData\Local\PlayMovie O43 - CFD: 17/09/2009 - 18:05:52 - [0] ----D- C:\Users\Léa\AppData\Local\PowerCinema O43 - CFD: 25/09/2011 - 21:43:38 - [1057836776] ----D- C:\Users\Léa\AppData\Local\Temp O43 - CFD: 30/07/2008 - 17:31:02 - [0] -SH-D- C:\Users\Léa\AppData\Local\Temporary Internet Files O43 - CFD: 02/08/2008 - 13:59:50 - [35792541] ----D- C:\Users\Léa\AppData\Local\VirtualStore O43 - CFD: 04/04/2011 - 12:44:26 - [8960] ----D- C:\Users\Léa\AppData\Local\{36A0949C-2D38-4B3D-A73A-1C046E99DD3C} ~ Scan Program Folder in 01mn 27s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.5A2596203E1B3BEAF9FFC628676A82C8] - 25/09/2011 - 20:49:36 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1272758] O44 - LFC:[MD5.E98CD5886C290374F80ED9B85E42A52C] - 25/09/2011 - 20:43:30 ---A- . (...) -- C:\Windows\system32\perfc009.dat [104070] O44 - LFC:[MD5.03FC8ACBC3778A49C3DA5EEB9635FCC5] - 25/09/2011 - 20:43:30 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [126626] O44 - LFC:[MD5.6787B207D72621EEFA429038DF5DE4A0] - 25/09/2011 - 20:43:30 ---A- . (...) -- C:\Windows\system32\perfh009.dat [595996] O44 - LFC:[MD5.AF8C941362288A61C06F05B3A504DF65] - 25/09/2011 - 20:43:30 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [679042] O44 - LFC:[MD5.6DC2100130EAEB94F190852E3071BC2A] - 25/09/2011 - 20:43:29 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1495948] O44 - LFC:[MD5.D33433723BB5E31665170E0D5877403E] - 25/09/2011 - 20:36:53 --HA- . (...) -- C:\Windows\system32\drivers\vsconfig.xml [352615] O44 - LFC:[MD5.16F748CC537074B7EE702F6CD33578A8] - 25/09/2011 - 20:36:44 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.0068D92511EFD959F72A4E62718699CF] - 24/09/2011 - 17:17:26 ---A- . (...) -- C:\Windows\ntbtlog.txt [15338170] O44 - LFC:[MD5.7BA97CA42288B3A2451DA2A77B0E49E7] - 24/09/2011 - 14:46:16 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [9786] ~ Scan Files in 02mn 01s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.CA4B53136357FFBF2F21116CF1DF6AC4] - 04/01/2011 - 20:40:19 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf O45 - LFCP:[MD5.0E06D48D5A95C47A2416A38DA5B94C45] - 04/01/2011 - 20:42:52 ---A- - C:\Windows\Prefetch\AUPDATE.EXE-F14A3D51.pf O45 - LFCP:[MD5.F12B2EF373AFCF4D19D76C479387738D] - 04/01/2011 - 20:51:15 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf O45 - LFCP:[MD5.A4422E3FCF7210248492D6530C5067AC] - 05/06/2011 - 00:10:58 ---A- - C:\Windows\Prefetch\PIFCRAWL.EXE-BFC87315.pf O45 - LFCP:[MD5.8AF06F365D11238B89E28793E84EEA00] - 05/06/2011 - 10:21:52 ---A- - C:\Windows\Prefetch\RTKBTMNT.EXE-6D69A9A5.pf O45 - LFCP:[MD5.72A46CF0140DA33C97FAAE49702DFE1E] - 05/06/2011 - 10:23:25 ---A- - C:\Windows\Prefetch\WINWORD.EXE-71DAFA5C.pf O45 - LFCP:[MD5.B6930569ABE41761982C9F90CBAD3264] - 05/06/2011 - 10:24:19 ---A- - C:\Windows\Prefetch\ITUNES.EXE-2A42B776.pf O45 - LFCP:[MD5.C5DF0F63CBB9A2745196056F97616681] - 05/06/2011 - 14:26:19 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-FD126C57.pf O45 - LFCP:[MD5.5459FDA3894F0FC5449F1E610F00028E] - 05/06/2011 - 14:54:05 ---A- - C:\Windows\Prefetch\WRITEACERADAPTERKEY.EXE-C47871BB.pf O45 - LFCP:[MD5.DB31CA3451E5C5F99018C0A99CB9BE06] - 05/06/2011 - 20:38:46 ---A- - C:\Windows\Prefetch\IPODSERVICE.EXE-37C43D64.pf O45 - LFCP:[MD5.49ADA3A2BEF6518D7C84A26FD49DC314] - 05/06/2011 - 20:39:12 ---A- - C:\Windows\Prefetch\PREUPD.EXE-A30DA2EC.pf O45 - LFCP:[MD5.E0EBA1A3CBA75914E6C88B8762230BD6] - 05/06/2011 - 20:39:21 ---A- - C:\Windows\Prefetch\SOFFICE.BIN-FFFF76B3.pf O45 - LFCP:[MD5.A9CC0D2D5B27A644376C49D437C96C6B] - 05/06/2011 - 20:39:22 ---A- - C:\Windows\Prefetch\EPOWER_DMC.EXE-F199D292.pf O45 - LFCP:[MD5.AEC18F7F1217E4CE1FE11FD799B93CCF] - 05/06/2011 - 20:39:25 ---A- - C:\Windows\Prefetch\UPDATE.EXE-6CE0A11B.pf O45 - LFCP:[MD5.30C77F2E9C0F04CB53DAE96C33909AFC] - 05/06/2011 - 20:39:27 ---A- - C:\Windows\Prefetch\ACER.EMPOWERING.FRAMEWORK.SUP-54963495.pf O45 - LFCP:[MD5.06F827DB898C485CB12561ABED8F3A62] - 05/06/2011 - 20:39:31 ---A- - C:\Windows\Prefetch\EAUDIO.EXE-EE0A24DD.pf O45 - LFCP:[MD5.172749EB94B983D2362276339064063C] - 05/06/2011 - 20:39:47 ---A- - C:\Windows\Prefetch\SYMLCSVC.EXE-6FCCB913.pf O45 - LFCP:[MD5.651000824319F0AFC4D869E0F044687A] - 05/06/2011 - 20:39:50 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf O45 - LFCP:[MD5.FA5D0580D3FE8DB5011C35AA1427C49C] - 05/06/2011 - 20:43:09 ---A- - C:\Windows\Prefetch\JAVA.EXE-E27B75C2.pf O45 - LFCP:[MD5.88AF6B0AB355E082124F8C3235DC3AD2] - 05/06/2011 - 20:48:17 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf O45 - LFCP:[MD5.E3A58524BAABBC45A70C3CB62E0B49D6] - 05/06/2011 - 23:52:26 ---A- - C:\Windows\Prefetch\LMANAGER.EXE-9D025777.pf O45 - LFCP:[MD5.49FB319159823DC5AC2BAC0F48571448] - 05/06/2011 - 23:53:42 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf O45 - LFCP:[MD5.88F564B885B155B476D61C59961DFDBB] - 06/06/2011 - 14:30:35 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf O45 - LFCP:[MD5.9714D49E52CCC42D917137077F3D1E4E] - 06/06/2011 - 14:31:47 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf O45 - LFCP:[MD5.3063E0329A3E19643734BA45DBF30A9B] - 06/06/2011 - 14:58:50 ---A- - C:\Windows\Prefetch\ACRORD32INFO.EXE-500FD695.pf O45 - LFCP:[MD5.CFD6AF0F88A4D0E87C0DB039FAE53CBF] - 06/06/2011 - 15:01:23 ---A- - C:\Windows\Prefetch\SSVAGENT.EXE-D0A26E22.pf O45 - LFCP:[MD5.CBC54C7A67E9616711BE476D409A01E3] - 06/06/2011 - 20:38:30 ---A- - C:\Windows\Prefetch\ALUSCHEDULERSVC.EXE-46534E5E.pf O45 - LFCP:[MD5.E35A1B83024D5B4FB81868244895DE52] - 06/06/2011 - 20:38:30 ---A- - C:\Windows\Prefetch\COMPILEMOF.EXE-C7D0092F.pf O45 - LFCP:[MD5.D374B4CB591B92018401EABA0115F79B] - 06/06/2011 - 20:38:30 ---A- - C:\Windows\Prefetch\MOBILITYSERVICE.EXE-A96C1E22.pf O45 - LFCP:[MD5.79330D011F60CC6CB359B6731C19AB25] - 06/06/2011 - 20:38:30 ---A- - C:\Windows\Prefetch\RICHVIDEO.EXE-4FA35CCC.pf O45 - LFCP:[MD5.0C58F3925D05435F0479EC21FCDC5B02] - 06/06/2011 - 20:38:30 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-3AB35CA7.pf O45 - LFCP:[MD5.98B4D6C68AC364C3E3D555825E0AD409] - 06/06/2011 - 20:39:29 ---A- - C:\Windows\Prefetch\CONIME.EXE-9781FD5F.pf O45 - LFCP:[MD5.A2F36F24D220236FE85E6154DD98056D] - 07/06/2011 - 14:53:48 ---A- - C:\Windows\Prefetch\ENMTRAY.EXE-19B3589B.pf O45 - LFCP:[MD5.2371FA9AE8C0060E524B468999670130] - 07/06/2011 - 15:35:46 ---A- - C:\Windows\Prefetch\FLASHUTIL10P_PLUGIN.EXE-DCE6AF7D.pf O45 - LFCP:[MD5.6CE1D4F1432E7981F037BD89B0411872] - 07/06/2011 - 20:39:22 ---A- - C:\Windows\Prefetch\APNTEX.EXE-2802497E.pf O45 - LFCP:[MD5.B049BD0165F861558CA24E95DF4D3D75] - 07/06/2011 - 23:51:59 ---A- - C:\Windows\Prefetch\PRESENTATIONSETTINGS.EXE-2F4708C9.pf O45 - LFCP:[MD5.97C4C2D4D41D75488C4084369A9983B7] - 08/06/2011 - 14:54:00 ---A- - C:\Windows\Prefetch\APMSGFWD.EXE-B9B76B4B.pf O45 - LFCP:[MD5.73C88CEC809956CDC89BF7545DF4797D] - 08/06/2011 - 20:39:36 ---A- - C:\Windows\Prefetch\SYMLCSV1.EXE-1D262141.pf O45 - LFCP:[MD5.7854AE2E70832BDEE41D165C187F3DBC] - 08/06/2011 - 23:51:59 ---A- - C:\Windows\Prefetch\MBRWRWIN.EXE-2144233B.pf O45 - LFCP:[MD5.B817DDE9828127E96632F72A699B2272] - 09/06/2011 - 10:20:58 ---A- - C:\Windows\Prefetch\SERVICE.EXE-281751EE.pf O45 - LFCP:[MD5.92C7F303A43F389577329C952D5F3DFC] - 09/06/2011 - 14:51:55 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-4A6353B9.pf O45 - LFCP:[MD5.70C0228A744D2A73C8BD1E8F8D3AB961] - 09/06/2011 - 14:51:55 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-61AE5AB6.pf O45 - LFCP:[MD5.1826D4A43EE462BC94164B6B69F3D915] - 09/06/2011 - 14:51:55 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf O45 - LFCP:[MD5.7437A286C917106828A8654746498C1A] - 09/06/2011 - 14:51:55 ---A- - C:\Windows\Prefetch\XAUDIO.EXE-D92946E9.pf O45 - LFCP:[MD5.965CAA3D8B8FD3208B402D95721D25F1] - 10/06/2011 - 20:42:38 ---A- - C:\Windows\Prefetch\AVGNT.EXE-562035F4.pf O45 - LFCP:[MD5.18EC759B64DC5CEB55A1CF7F00DE943E] - 11/02/2011 - 20:42:49 ---A- - C:\Windows\Prefetch\REALPLAY.EXE-A09C7945.pf O45 - LFCP:[MD5.4E72F7C5E314DA12D8132A87667A1FA7] - 12/02/2011 - 15:01:31 ---A- - C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf O45 - LFCP:[MD5.C0117C50703DE7B15BADA38BECDC2D8C] - 12/10/2010 - 20:39:22 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-8EF34503.pf O45 - LFCP:[MD5.8CF8D4790D0E0912144D8E35DA996386] - 14/12/2010 - 20:42:51 ---A- - C:\Windows\Prefetch\LUCOMS~1.EXE-F2E330F7.pf O45 - LFCP:[MD5.2CD9E540E3E0A4BE8DE7A01944C7A32E] - 14/12/2010 - 20:42:53 ---A- - C:\Windows\Prefetch\LUCALLBACKPROXY.EXE-63F065B5.pf O45 - LFCP:[MD5.49B10388B107F344263BC4F9F71B5EA1] - 15/02/2009 - 14:41:54 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf O45 - LFCP:[MD5.D2F0A3D47BAEDCBF2DAFBF547CC001BF] - 15/02/2009 - 20:41:11 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf O45 - LFCP:[MD5.99F542DCCCAC2ABD8D59F60C7F754D8A] - 15/04/2009 - 20:40:16 ---A- - C:\Windows\Prefetch\PCAUI.EXE-3E82C312.pf O45 - LFCP:[MD5.ADAD5BF8C56426234BE686F20CAE1FDF] - 19/07/2010 - 15:01:44 ---A- - C:\Windows\Prefetch\REALUPGRADE.EXE-015CF2E6.pf O45 - LFCP:[MD5.A73A7F870EB90AEB47F9B41CD0B3F21E] - 20/01/2010 - 20:44:52 ---A- - C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf O45 - LFCP:[MD5.DCBEFCE65F057050587071E62A47277A] - 20/06/2011 - 00:38:11 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf O45 - LFCP:[MD5.003A943DF5EB7380E336AB6F5CD9A48D] - 21/07/2009 - 20:45:37 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf O45 - LFCP:[MD5.6E0FD39A4D0FF03178FC381D6A7FCB18] - 28/04/2010 - 20:39:43 ---A- - C:\Windows\Prefetch\IPCONFIG.EXE-912F3D5B.pf O45 - LFCP:[MD5.E3C3D0B4ACBA253CFA1D3D76A67345BE] - 28/11/2009 - 20:45:32 ---A- - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf O45 - LFCP:[MD5.98687DEE35186AAF356C5C5FD406ECD9] - 29/01/2010 - 20:52:11 ---A- - C:\Windows\Prefetch\AVWSC.EXE-18A3FCA0.pf O45 - LFCP:[MD5.65AD4CBC359F807FCACCA65483DEFDC1] - 30/07/2008 - 00:10:59 ---A- - C:\Windows\Prefetch\SSAUTORN.EXE-E6E36F94.pf O45 - LFCP:[MD5.4C351C403F56A1CC5FADECD9D0256150] - 30/07/2008 - 00:38:19 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2152794718-1122633630-1261851648-1000.db O45 - LFCP:[MD5.29F416343D79C666903D8EDEF8C48F84] - 30/07/2008 - 00:38:19 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2152794718-1122633630-1261851648-1000.db O45 - LFCP:[MD5.FAA3FB9DE75E0BB8D80BD0C516732297] - 30/07/2008 - 00:38:23 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin O45 - LFCP:[MD5.6EB72E3919C3EF1FC4218ACEECB0FF76] - 30/07/2008 - 00:38:25 ---A- - C:\Windows\Prefetch\AgRobust.db O45 - LFCP:[MD5.8B7D816DF26A558F0A476F1EA04FB920] - 30/07/2008 - 00:38:35 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db O45 - LFCP:[MD5.D6118936E86CD3B8E23E81468C83C2C1] - 30/07/2008 - 00:38:35 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db O45 - LFCP:[MD5.21029583F39DB2C3D39B51D54208262D] - 30/07/2008 - 00:38:35 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db O45 - LFCP:[MD5.9A177C7928C6B0ECFA3E8AAB56C77DAC] - 30/07/2008 - 20:38:30 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf O45 - LFCP:[MD5.3E69BD6E8529CFD3789C98A4866A1425] - 30/07/2008 - 20:41:43 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf O45 - LFCP:[MD5.051EAB1C22EAEC5FF8910911D65117B4] - 30/07/2008 - 20:41:46 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf O45 - LFCP:[MD5.D2EAEF69EE760571D289EE087179A632] - 30/07/2008 - 20:45:23 ---A- - C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf O45 - LFCP:[MD5.1E3E9D63F79515EECFB176B202C8F71A] - 30/07/2008 - 20:49:35 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf O45 - LFCP:[MD5.E483971EC4D8E47DB10AA02A20950686] - 30/07/2008 - 20:49:59 ---A- - C:\Windows\Prefetch\WERCON.EXE-E36BD04E.pf O45 - LFCP:[MD5.C74A17BCCE3A22749D0E2191A67D41EF] - 30/07/2008 - 20:52:07 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf ~ Scan Prefetcher in 00mn 02s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - WDF dynamique.) -- C:\Windows\system32\Drivers\Wdf01000.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - WDF dynamique.) -- C:\Windows\system32\Drivers\Wdf01000.sys ~ Scan CSB in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{2fa55ff8-5e34-11dd-bdeb-c74b1aea5ebc}\AutoRun\command. (...) -- F:\LaunchU3.exe (.not file.) O51 - MPSK:{a8c7d587-2ab0-11de-a32c-fca13fc7ee89}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.) ~ Scan Keys in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll O52 - TDSD: \Drivers32\"VIDC.DIVX"="divx.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\system32\divx.dll O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (...) -- C:\Windows\system32\xvidvfw.dll O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\Windows\system32\yv12vfw.dll O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\system32\ac3acm.acm O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\system32\lameACM.acm O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (...) -- C:\Windows\system32\ff_vfw.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\PROGRA~1\ACERAR~1\VIDEOM~1\Kernel\Burner\MKDMP3Enc.ACM"="MP3 PowerEncoder" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"C:\PROGRA~1\ACERAR~1\DVWIZA~1\Kernel\Burner\MKDMP3Enc.ACM"="MP3 PowerEncoder" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"divx.dll"="DivX 6.8.5" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec 1.2.1" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.98" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\system32\ac3acm.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\Windows\system32\ff_vfw.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "HideSCAHealth"=1 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [420968] O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297576] O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [98408] O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [147048] O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14952] O58 - SDL:[MD5.DB8EA68E5864ADF61B73516788659E71] - 22/12/2007 - 03:33:26 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\system32\drivers\Apfiltr.sys [154624] O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [67688] O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [67688] O58 - SDL:[MD5.B0C272DEF210B149C0BFA0D85600CE4B] - 10/08/2007 - 11:03:32 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [737280] O58 - SDL:[MD5.7334E72F94C59F7699936E182B278DC3] - 13/02/2009 - 14:39:22 ---A- . (.Avira GmbH - Avira Driver for RootKit Detection.) -- C:\Windows\system32\drivers\avipbb.sys [75096] O58 - SDL:[MD5.C7EA0E3E37FF1CD2BB65636448322572] - 10/08/2007 - 09:57:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.0 Driver..) -- C:\Windows\system32\drivers\b57nd60x.sys [179712] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 10:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [16488] O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272] O58 - SDL:[MD5.73BAF270D24FE726B9CD7F80BB17A23D] - 10/08/2007 - 14:29:38 ---A- . (.Dritek System Inc. - Dritek PS2 Keyboard Filter Driver.) -- C:\Windows\system32\drivers\DKbFltr.sys [21264] O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys [117760] O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [316520] O58 - SDL:[MD5.29DCAEB81DDE6F154AA4D36B18ECBB1F] - 10/08/2007 - 09:26:50 ---A- . (.ENE TECHNOLOGY INC. - ENE Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\enecir.sys [32256] O58 - SDL:[MD5.32A73A8952580B284A47290ADB62032A] - 30/07/2008 - 00:21:04 ---A- . (.GEAR Software Inc. - CDRom Class Filter Driver.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [14408] O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [37480] O58 - SDL:[MD5.194BC52FC0F53E540FAF9DE8A9C05255] - 10/08/2007 - 10:18:04 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\HSXHWAZL.sys [208384] O58 - SDL:[MD5.C9C63410D8CF98F621B9CC62243FB877] - 10/08/2007 - 10:17:54 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\HSX_CNXT.sys [660480] O58 - SDL:[MD5.3F53B4AF98F8FD83B7F0B8B65D2D90A7] - 10/08/2007 - 10:19:26 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\HSX_DPV.sys [984064] O58 - SDL:[MD5.997E8F5939F2D12CD9F2E6B395724C16] - 21/12/2007 - 12:58:56 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [304920] O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [232040] O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576] O58 - SDL:[MD5.9D64201C9E5AC8D1F088762BA00FF3AB] - 10/08/2007 - 17:19:34 ---A- . (...) -- C:\Windows\system32\drivers\int15.sys [76584] O58 - SDL:[MD5.91B61589BB2915E81D436EFE07548507] - 10/08/2007 - 17:19:34 ---A- . (...) -- C:\Windows\system32\drivers\int15_64.sys [15656] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944] O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [65640] O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [65640] O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [65640] O58 - SDL:[MD5.836E0E09CA9869BE7EB39EF2CF3602C7] - 17/04/2011 - 17:08:40 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20952] O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 17/04/2011 - 17:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224] O58 - SDL:[MD5.0CEA2D0D3FA284B85ED5B68365114F76] - 10/08/2007 - 07:26:58 ---A- . (.Conexant - Diagnostic Interface x86 Driver.) -- C:\Windows\system32\drivers\mdmxsdk.sys [12672] O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [28776] O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384] O58 - SDL:[MD5.A15F219208843A5A210C8CB391384453] - 02/11/2006 - 08:30:54 ---A- . (.Intel® Corporation - Intel® Wireless LAN Driver.) -- C:\Windows\system32\drivers\NETw3v32.sys [1781760] O58 - SDL:[MD5.CB3AF516A6797B27725E3F1E73F3496C] - 10/08/2007 - 23:45:18 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\system32\drivers\NETw4v32.sys [2219520] O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160] O58 - SDL:[MD5.7F1C1F78D709C4A54CBB46EDE7E0B48D] - 10/08/2007 - 08:17:50 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\system32\drivers\NTIDrvr.sys [6144] O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608] O58 - SDL:[MD5.99C0A0DF332A5B28E8A3D08CC8D879F3] - 02/09/2009 - 15:04:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 186.03.) -- C:\Windows\system32\drivers\nvlddmkm.sys [9850240] O58 - SDL:[MD5.E69E946F80C1C31C53003BFBF50CBB7C] - 02/11/2006 - 10:50:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [88680] O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [40040] O58 - SDL:[MD5.E801D5CC24E1CF18FA87D24D7074B876] - 10/08/2007 - 15:34:38 ---A- . (.HiTRUST - PSD Filter Driver.) -- C:\Windows\system32\drivers\psdfilter.sys [20776] O58 - SDL:[MD5.24B5E3429F7F0E779FC2E6E36A0A5F73] - 10/08/2007 - 15:34:44 ---A- . (.HiTRUST - PSD Named Pipe Driver.) -- C:\Windows\system32\drivers\PSDNServ.sys [16680] O58 - SDL:[MD5.01CBFD08C0E8A6106BB26FCDA297154E] - 10/08/2007 - 15:34:40 ---A- . (.HiTRUST - PSD Virtual Disk Driver.) -- C:\Windows\system32\drivers\psdvdisk.sys [60712] O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [900712] O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088] O58 - SDL:[MD5.355AAC141B214BEF1DBC1483AFD9BD50] - 10/08/2007 - 13:42:22 ---A- . (.REDC - RICOH SD Driver.) -- C:\Windows\system32\drivers\rimmptsk.sys [39936] O58 - SDL:[MD5.A4216C71DD4F60B26418CCFD99CD0815] - 10/08/2007 - 15:40:20 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\system32\drivers\rimsptsk.sys [42496] O58 - SDL:[MD5.D231B577024AA324AF13A42F3A807D10] - 10/08/2007 - 21:02:04 ---A- . (.REDC - RICOH XD SM Driver.) -- C:\Windows\system32\drivers\rixdptsk.sys [37376] O58 - SDL:[MD5.90A10B39896040B3154613C11C932AEB] - 10/08/2007 - 02:59:00 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [1792792] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.4C0D673281178CB496011A2E28571FC8] - 10/08/2005 - 13:44:04 ---A- . (.Protection Technology - StarForce Protection Environment Driver.) -- C:\Windows\system32\drivers\sfdrv01.sys [50688] O58 - SDL:[MD5.15BE2B5E4DC5B8623CF167720682ABC9] - 16/05/2005 - 14:20:39 ---A- . (.Protection Technology - StarForce Protection Helper Driver.) -- C:\Windows\system32\drivers\sfhlp02.sys [6656] O58 - SDL:[MD5.D5A7E09D2C6A702809E49190D52ADC9F] - 03/11/2005 - 15:40:07 ---A- . (.Protection Technology - StarForce Protection VFS Driver.) -- C:\Windows\system32\drivers\sfvfs02.sys [63488] O58 - SDL:[MD5.CEDD6F4E7D84E9F98B34B3FE988373AA] - 02/11/2006 - 10:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [38504] O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [71784] O58 - SDL:[MD5.A10AB556379FE56A37BAA43C3E7DF23E] - 21/12/2007 - 14:04:38 ---A- . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\Windows\system32\drivers\sncduvc.sys [28032] O58 - SDL:[MD5.EF1F141A83C61503333569D2862F3999] - 21/12/2007 - 15:17:26 ---A- . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\system32\drivers\snp2uvc.sys [1749376] O58 - SDL:[MD5.655773F2F1A3730C6CF20280A49F4EE1] - 14/12/2010 - 23:57:12 ---A- . (.Symantec Corporation - Symantec AutoProtect.) -- C:\Windows\system32\drivers\srtsp.sys [279088] O58 - SDL:[MD5.2A0AAF370D4C6574A34AE2F4A0709CAE] - 14/12/2010 - 23:57:12 ---A- . (.Symantec Corporation - Symantec AutoProtect.) -- C:\Windows\system32\drivers\srtspl.sys [317616] O58 - SDL:[MD5.3104BDCEACE2D5710776DD05E6A286C1] - 14/12/2010 - 23:57:12 ---A- . (.Symantec Corporation - Symantec AutoProtect.) -- C:\Windows\system32\drivers\srtspx.sys [43696] O58 - SDL:[MD5.71D609C5DFF067906D930BDE031C4CFE] - 13/02/2009 - 18:03:26 ---A- . (.AVIRA GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [21248] O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944] O58 - SDL:[MD5.51B57CDA977170AC608D839DBFA1D3EE] - 14/12/2010 - 19:07:10 ---A- . (.Symantec Corporation - DNS Filter Driver.) -- C:\Windows\system32\drivers\symdns.sys [12720] O58 - SDL:[MD5.06B95820DF51502099A8A15C93E87986] - 10/08/2007 - 13:10:11 ---A- . (.Symantec Corporation - Symantec Event Library.) -- C:\Windows\system32\drivers\SYMEVENT.SYS [124464] O58 - SDL:[MD5.A131D8360B01044517AA44529E2137D6] - 14/12/2010 - 19:07:10 ---A- . (.Symantec Corporation - Firewall Filter Driver.) -- C:\Windows\system32\drivers\symfw.sys [145968] O58 - SDL:[MD5.2B77868F02DAE02103380B824431B798] - 14/12/2010 - 19:07:10 ---A- . (.Symantec Corporation - IDS Filter Driver.) -- C:\Windows\system32\drivers\symids.sys [39856] O58 - SDL:[MD5.7D3ADDFE63E5227BD2DBD5692BAFB688] - 14/12/2010 - 19:07:12 ---A- . (.Symantec Corporation - NDIS Filter Driver.) -- C:\Windows\system32\drivers\symndisv.sys [38448] O58 - SDL:[MD5.394B2368212114D538316812AF60FDDD] - 14/12/2010 - 19:07:10 ---A- . (.Symantec Corporation - Redirector Filter Driver.) -- C:\Windows\system32\drivers\symredrv.sys [26416] O58 - SDL:[MD5.D46676BB414C7531BDFFE637A33F5033] - 14/12/2010 - 19:07:10 ---A- . (.Symantec Corporation - Network Dispatch Driver.) -- C:\Windows\system32\drivers\symtdi.sys [188080] O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848] O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920] O58 - SDL:[MD5.97DD70FECA64FB4F63DE7BB7E66A80B1] - 10/08/2007 - 17:19:34 ---A- . (.EnTech Taiwan - TVicPort Driver for Windows NT/2000/XP.) -- C:\Windows\system32\drivers\TVicPort.sys [14544] O58 - SDL:[MD5.4E104EBC164231D2272CC9BDD1EF5C40] - 10/08/2007 - 17:19:34 ---A- . (.EnTech Taiwan - TVicPort Driver for Windows NT/2000/XP.) -- C:\Windows\system32\drivers\TVicPort64.sys [8704] O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [235112] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816] O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 10:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17512] O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys [112232] O58 - SDL:[MD5.46D67209550973257601A533E2AC5785] - 02/11/2006 - 08:41:49 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL3.SYS [200704] O58 - SDL:[MD5.5C7BDCF5864DB00323FE2D90FA26A8A2] - 02/11/2006 - 08:41:48 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT3.SYS [654336] O58 - SDL:[MD5.EC36F1D542ED4252390D446BF6D4DFD0] - 02/11/2006 - 08:41:50 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV3.SYS [987648] O58 - SDL:[MD5.2E579520E114A9CA309F13BF40AD8292] - 10/08/2007 - 06:23:30 ---A- . (.Conexant Systems, Inc. - Modem Audio Device Driver.) -- C:\Windows\system32\drivers\XAudio.sys [8704] O58 - SDL:[MD5.40AC8590CC9006DBB99FFCB37879D4C6] - 10/08/2007 - 17:19:34 ---A- . (.Zeal SoftStudio - zntport.) -- C:\Windows\system32\drivers\zntport.sys [6080] O58 - SDL:[MD5.C32ACB6D3FB23EBF528B676F7B8197B7] - 10/08/2007 - 15:30:12 ---A- . (.Zeal SoftStudio - NTPort Library kernel driver.) -- C:\Windows\system32\drivers\zntport64.sys [13096] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] O58 - SDL:[MD5.354585D8E53F2FF9B8AD5E1E2EF68CEF] - 30/07/2008 - 18:44:16 ---A- . (.Matsushita Electric Industrial Co., Ltd. - Phoebe Photo Distribution Manager.) -- C:\Windows\system32\PhDi2.sys [45056] O58 - SDL:[MD5.A10AB556379FE56A37BAA43C3E7DF23E] - 21/12/2007 - 14:04:38 ---A- . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\Windows\system32\sncduvc.sys [28032] O58 - SDL:[MD5.EF1F141A83C61503333569D2862F3999] - 21/12/2007 - 15:17:26 ---A- . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\system32\snp2uvc.sys [1749376] ~ Scan Drivers in 00mn 44s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC:Last File Created 01/02/2009 - 10:23:58 ---A- C:\Users\Léa\AppData\Roaming\Microsoft\Office\Word11.pip [1856] O61 - LFC:Last File Created 01/02/2009 - 11:36:22 --H-- C:\Users\Léa\AppData\Roaming\Microsoft\Office\Récent\index.dat [1318] O61 - LFC:Last File Created 01/08/2008 - 19:46:25 ---A- C:\Users\Léa\AppData\Roaming\Microsoft\Office\PowerP12.pip [1468] O61 - LFC:Last File Created 02/09/2009 - 20:37:00 ---A- C:\Users\All Users\nvModes.dat [31681] O61 - LFC:Last File Created 02/09/2009 - 20:44:52 ---A- C:\Users\All Users\nvModes.001 [31681] O61 - LFC:Last File Created 02/09/2010 - 22:23:10 ---A- C:\Users\Léa\AppData\Roaming\Skype\shared_dynco\dc.db [1183744] O61 - LFC:Last File Created 02/09/2010 - 22:40:53 ---A- C:\Users\Léa\AppData\Roaming\Skype\lea.borel\dc.db [45056] O61 - LFC:Last File Created 02/09/2010 - 22:41:08 ---A- C:\Users\Léa\AppData\Roaming\Skype\lea.borel\bistats.db [77824] O61 - LFC:Last File Created 02/09/2010 - 22:41:09 ---A- C:\Users\Léa\AppData\Roaming\Skype\lea.borel\main.db [4382720] O61 - LFC:Last File Created 03/05/2009 - 19:26:56 ---A- C:\Users\Léa\AppData\Roaming\Microsoft\IdentityCRL\Production\MetaConfig.xml [163] O61 - LFC:Last File Created 10/08/2007 - 00:38:41 ---A- C:\Users\All Users\Symantec\Common Client\settings.dat [13643244] O61 - LFC:Last File Created 10/08/2007 - 20:42:22 ---A- C:\Users\All Users\Symantec\Definitions\VirusDefs\usage.dat [108] O61 - LFC:Last File Created 10/08/2007 - 20:43:58 ---A- C:\Users\All Users\Symantec\LiveUpdate\Log.LiveUpdate [4291110] O61 - LFC:Last File Created 12/12/2010 - 22:23:20 ---A- C:\Users\Léa\AppData\Roaming\Skype\lea.borel\keyval.db [40960] O61 - LFC:Last File Created 13/02/2009 - 20:42:38 ---A- C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\EVENTDB\avevtdb.dbe [12288] O61 - LFC:Last File Created 13/02/2009 - 20:42:38 ---A- C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\JOBS\updjob.avj [1298] O61 - LFC:Last File Created 13/07/2010 - 20:38:54 ---A- C:\Users\All Users\Real\RealUpgrade\RealUpgrade_1_1.xml [623] O61 - LFC:Last File Created 14/12/2010 - 00:25:56 ---A- C:\Users\All Users\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PollManager\PollManager_Job.dat [22] O61 - LFC:Last File Created 14/12/2010 - 20:42:22 ---A- C:\Users\Public\Documents\ccErrDspLog.txt [523182] O61 - LFC:Last File Created 14/12/2010 - 20:43:26 R---- C:\Users\All Users\Symantec\nppw.zip [1186986] O61 - LFC:Last File Created 14/12/2010 - 20:43:41 R---- C:\Users\All Users\Symantec\LiveUpdate\Product.Inventory.LastGood.LiveUpdate [18352] O61 - LFC:Last File Created 15/12/2010 - 00:26:42 ---A- C:\Users\All Users\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PollManager\PollManager_Current.dat [22] O61 - LFC:Last File Created 22/09/2011 - 14:11:33 ---A- C:\Users\Léa\AppData\Roaming\Microsoft\Office\Récent\Apap.lnk [382] O61 - LFC:Last File Created 22/09/2011 - 14:11:33 ---A- C:\Users\Léa\AppData\Roaming\Microsoft\Office\Récent\chanson + anecdote.lnk [565] O61 - LFC:Last File Created 22/09/2011 - 14:11:48 ---A- C:\Users\Léa\Music\iTunes\iTunes Library.itl [2402964] O61 - LFC:Last File Created 22/09/2011 - 14:11:48 ---A- C:\Users\Léa\Music\iTunes\iTunes Music Library.xml [3526964] O61 - LFC:Last File Created 22/09/2011 - 20:05:11 ---A- C:\Users\Léa\AppData\Roaming\Skype\lea.borel\chatsync\c8\c8980d6313fed4ba.dat [3094] O61 - LFC:Last File Created 22/09/2011 - 21:33:01 ---A- C:\Users\Léa\Tracing\WindowsLiveMessenger-uccapi-0.uccapilog [0] O61 - LFC:Last File Created 22/09/2011 - 22:16:19 ---A- C:\Users\Léa\AppData\Roaming\Microsoft\Office\Récent\De tout.lnk [401] O61 - LFC:Last File Created 22/09/2011 - 22:16:19 ---A- C:\Users\Léa\AppData\Roaming\Microsoft\Office\Récent\viel zu tun!.lnk [554] O61 - LFC:Last File Created 22/09/2011 - 22:41:09 ---A- C:\Users\Léa\AppData\Roaming\Skype\lea.borel\config.xml [11177] O61 - LFC:Last File Created 22/09/2011 - 22:41:09 ---A- C:\Users\Léa\AppData\Roaming\Skype\shared.xml [57645] O61 - LFC:Last File Created 23/09/2011 - 10:23:12 ---A- C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\UPDATE\AVUPDATE_4e7c4fc1\idx\master.idx [31963] O61 - LFC:Last File Created 23/09/2011 - 10:48:08 ---A- C:\Users\Léa\AppData\Local\d3d9caps.dat [1356] O61 - LFC:Last File Created 23/09/2011 - 11:00:38 ---A- C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\INFECTED\4edf592b.qua [162594] O61 - LFC:Last File Created 23/09/2011 - 11:36:19 --HA- C:\Users\Léa\Documents\Job\~$V 2011.doc [162] O61 - LFC:Last File Created 23/09/2011 - 11:36:22 ---A- C:\Users\Léa\AppData\Roaming\Microsoft\Office\Récent\CV 2011.lnk [906] O61 - LFC:Last File Created 23/09/2011 - 11:36:22 ---A- C:\Users\Léa\AppData\Roaming\Microsoft\Office\Récent\Job.lnk [778] O61 - LFC:Last File Created 23/09/2011 - 11:53:52 ---A- C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\INFECTED\4cae7462.qua [10028] O61 - LFC:Last File Created 23/09/2011 - 11:53:52 ---A- C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\INFECTED\4eee65a1.qua [162148] O61 - LFC:Last File Created 23/09/2011 - 11:56:30 ---A- C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\INFECTED\4eac6613.qua [9689] O61 - LFC:Last File Created 23/09/2011 - 11:56:30 ---A- C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\INFECTED\4edf6612.qua [10595] O61 - LFC:Last File Created 23/09/2011 - 11:56:31 ---A- C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\INFECTED\4ead6612.qua [6386] O61 - LFC:Last File Created 23/09/2011 - 12:08:00 ---A- C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\INFECTED\4eee68f5.qua [8484] O61 - LFC:Last File Created 23/09/2011 - 12:57:03 ---A- C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\LOGFILES\AVSCAN-20110923-120010-00CA94CC.LOG [16712] O61 - LFC:Last File Created 23/09/2011 - 13:00:54 ---A- C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\TEMP\AVSCAN-20110923-120010-00C28C64\0000001E-26CC5061.av$ [2618813] O61 - LFC:Last File Created 23/09/2011 - 15:33:44 ---A- C:\Users\All Users\Symantec\LiveUpdate\2011-09-23_Log.ALUSchedulerSvc.LiveUpdate [1836] O61 - LFC:Last File Created 23/09/2011 - 15:35:50 ---A- C:\Users\Léa\AppData\Local\assembly\tmp\C4RF0L8V\networker.EXE [0] O61 - LFC:Last File Created 23/09/2011 - 23:00:21 ---A- C:\Users\Léa\AppData\Roaming\Microsoft\MSN Messenger\sqmnoopt01.sqm [944] O61 - LFC:Last File Created 23/09/2011 - 23:00:21 ---A- C:\Users\Léa\AppData\Roaming\Microsoft\MSN Messenger\sqmnoopt02.sqm [284] O61 - LFC:Last File Created 24/09/2011 - 14:29:22 ---A- C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\REPORTS\28c61637.avl [1450] O61 - LFC:Last File Created 24/09/2011 - 14:30:49 ---A- C:\Users\All Users\Symantec\LiveUpdate\10.Product.Inventory.LiveUpdate [17080] O61 - LFC:Last File Created 24/09/2011 - 14:30:49 R--A- C:\Users\All Users\Symantec\LiveUpdate\10.Settings.LiveUpdate [20054] O61 - LFC:Last File Created 24/09/2011 - 14:34:49 ---A- C:\Users\All Users\Symantec\LiveUpdate\Downloads\livetri.zip [0] O61 - LFC:Last File Created 24/09/2011 - 14:35:04 ---A- C:\Users\All Users\Symantec\LiveUpdate\9.Product.Inventory.LiveUpdate [18352] O61 - LFC:Last File Created 24/09/2011 - 14:35:04 R--A- C:\Users\All Users\Symantec\LiveUpdate\9.Settings.LiveUpdate [20343] O61 - LFC:Last File Created 24/09/2011 - 14:56:05 ---A- C:\Users\All Users\Symantec\LiveUpdate\8.Product.Inventory.LiveUpdate [17080] O61 - LFC:Last File Created 24/09/2011 - 14:56:05 R--A- C:\Users\All Users\Symantec\LiveUpdate\8.Settings.LiveUpdate [20343] O61 - LFC:Last File Created 24/09/2011 - 14:56:07 ---A- C:\Users\All Users\Symantec\LiveUpdate\7.Product.Inventory.LiveUpdate [17080] O61 - LFC:Last File Created 24/09/2011 - 14:56:07 R--A- C:\Users\All Users\Symantec\LiveUpdate\7.Settings.LiveUpdate [20343] O61 - LFC:Last File Created 24/09/2011 - 14:57:25 R--A- C:\Users\All Users\Symantec\LiveUpdate\6.Settings.LiveUpdate [20342] O61 - LFC:Last File Created 24/09/2011 - 15:04:15 ---A- C:\Users\All Users\Symantec\LiveUpdate\2011-09-24_Log.ALUSchedulerSvc.LiveUpdate [4622] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.23615 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.30625 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.43967 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.47373 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.49522 [131] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.52644 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.56992 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.57774 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.66161 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.79260 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.81730 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.86118 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.23615 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.30625 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.43967 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.47373 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.49522 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.52644 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.56992 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.57774 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.66161 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.79260 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.81730 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:48 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.86118 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.12073 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.16433 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.24928 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.27897 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.29990 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.30444 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.38594 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.40316 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.43242 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.43970 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.45083 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.49978 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.57961 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.59328 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.59698 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.59973 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.65658 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.72680 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.85738 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.86004 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.93533 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.96990 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.12073 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.16433 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.24928 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.27897 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.29990 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.30444 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.38594 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.40316 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.43242 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.43970 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.45083 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.49978 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.57961 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.59328 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.59698 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.59973 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.65658 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.72680 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.85738 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.86004 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.93533 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:49 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.96990 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.21305 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.21456 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.23182 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.25090 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.25100 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.26538 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.28692 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.44966 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.52270 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.52979 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.57096 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.60327 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.60634 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.61002 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.64095 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.72025 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.72386 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.75387 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.76896 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.77925 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.89703 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.93388 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.21305 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.21456 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.23182 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.25090 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.25100 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.26538 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.28692 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.44966 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.52270 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.52979 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.57096 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.60327 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.60634 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.61002 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.64095 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.72025 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.72386 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.75387 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.76896 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.77925 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.89703 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:50 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.93388 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.11165 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.13833 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.15270 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.17809 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.18098 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.19825 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.19919 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.21559 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.29247 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.41104 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.42237 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.47547 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.48559 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.51080 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.56150 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.69677 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.70936 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.71734 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.73842 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.80088 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.80491 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.80770 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.87389 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.11165 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.13833 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.15270 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.17809 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.18098 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.19825 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.19919 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.21559 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.29247 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.41104 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.42237 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.47547 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.48559 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.51080 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.56150 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.69677 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.70936 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.71734 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.73842 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.80088 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.80491 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.80770 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:51 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.87389 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.14257 [76] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.14939 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.17429 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.19569 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.46129 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.53345 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.57521 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.64731 [158] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.73955 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.78075 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.85903 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.87997 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.88152 [155] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP2.83569 [67] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.18677 [213] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.14257 [26018] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.14939 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.17429 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.19569 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.46129 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.53345 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.57521 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.64731 [256000] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.73955 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.78075 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.85903 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.87997 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:35:52 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.88152 [14848] O61 - LFC:Last File Created 24/09/2011 - 18:36:38 ---A- C:\Users\Léa\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2011-09-24 (19-36-38).txt [16219] O61 - LFC:Last File Created 24/09/2011 - 18:40:32 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\5057193 [10702] O61 - LFC:Last File Created 24/09/2011 - 20:38:40 ---A- C:\Users\Léa\AppData\Local\Temp\Léa.bmp [31832] O61 - LFC:Last File Created 24/09/2011 - 20:39:31 ---A- C:\Users\Léa\AppData\Local\Temp\symlcsv1.exe [58760] O61 - LFC:Last File Created 25/09/2011 - 00:10:57 ---A- C:\Users\All Users\Symantec\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PEPCollectors\Pep2_{BC8D3EAF-F864-4D4B-AB4D-B3D0C32E2840}.dat [1262] O61 - LFC:Last File Created 25/09/2011 - 00:37:59 --HA- C:\Users\Léa\AppData\Local\IconCache.db [2221755] O61 - LFC:Last File Created 25/09/2011 - 00:38:41 ---A- C:\Users\All Users\Symantec\Common Client\settings.bak [13643244] O61 - LFC:Last File Created 25/09/2011 - 14:57:25 ---A- C:\Users\All Users\Symantec\LiveUpdate\6.Product.Inventory.LiveUpdate [18352] O61 - LFC:Last File Created 25/09/2011 - 20:39:12 ---A- C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\update.conf [1522] O61 - LFC:Last File Created 25/09/2011 - 20:39:45 ---A- C:\Users\Léa\AppData\Roaming\OpenOffice.org\3\.lock [137] O61 - LFC:Last File Created 25/09/2011 - 20:39:45 ---A- C:\Users\Léa\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Common.xcu [692] O61 - LFC:Last File Created 25/09/2011 - 20:42:38 ---A- C:\Users\All Users\Avira\AntiVir PersonalEdition Classic\REPORTS\04327e26.avl [1450] O61 - LFC:Last File Created 25/09/2011 - 20:42:41 ---A- C:\Users\All Users\Symantec\LiveUpdate\2.Product.Inventory.LiveUpdate [17080] O61 - LFC:Last File Created 25/09/2011 - 20:42:41 R--A- C:\Users\All Users\Symantec\LiveUpdate\2.Settings.LiveUpdate [20342] O61 - LFC:Last File Created 25/09/2011 - 20:42:42 ---A- C:\Users\All Users\Symantec\LiveUpdate\1.Product.Inventory.LiveUpdate [17080] O61 - LFC:Last File Created 25/09/2011 - 20:42:42 R--A- C:\Users\All Users\Symantec\LiveUpdate\1.Settings.LiveUpdate [20342] O61 - LFC:Last File Created 25/09/2011 - 20:43:26 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.001\Identifiers.xml.bin [3543871] O61 - LFC:Last File Created 25/09/2011 - 20:43:26 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.001\Indicators.xml.bin [76998] O61 - LFC:Last File Created 25/09/2011 - 20:43:26 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.001\PopularSites.xml.bin [10898] O61 - LFC:Last File Created 25/09/2011 - 20:43:26 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.001\Redirectors.xml.bin [93580] O61 - LFC:Last File Created 25/09/2011 - 20:43:26 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.001\Resources.xml.bin [548] O61 - LFC:Last File Created 25/09/2011 - 20:43:26 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.002\nppw.zip [1186986] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.001\SafeList.xml.bin [855943] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.001\SearchServices.xml.bin [27383] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.001\Throttle.xml.bin [454] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.001\TrustedDomains.xml.bin [254625] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.001\URLAnalysis.xml.bin [985008] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.001\WebHostingSites.xml.bin [35338] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.002\Identifiers.xml.bin [3518613] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.002\Indicators.xml.bin [76998] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.002\PopularSites.xml.bin [10898] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.002\Redirectors.xml.bin [93580] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.002\Resources.xml.bin [548] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.002\SafeList.xml.bin [855943] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.002\SearchServices.xml.bin [27383] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.002\Throttle.xml.bin [454] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.002\TrustedDomains.xml.bin [254625] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.002\URLAnalysis.xml.bin [985008] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.002\WebHostingSites.xml.bin [35338] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\BinHub\Identifiers.xml.bin [5354708] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\BinHub\Indicators.xml.bin [76998] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\BinHub\PopularSites.xml.bin [10857] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\BinHub\Redirectors.xml.bin [93580] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\BinHub\Resources.xml.bin [548] O61 - LFC:Last File Created 25/09/2011 - 20:43:27 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\BinHub\SafeList.xml.bin [855695] O61 - LFC:Last File Created 25/09/2011 - 20:43:28 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\BinHub\SearchServices.xml.bin [27383] O61 - LFC:Last File Created 25/09/2011 - 20:43:28 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\BinHub\Throttle.xml.bin [454] O61 - LFC:Last File Created 25/09/2011 - 20:43:28 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\BinHub\TrustedDomains.xml.bin [254625] O61 - LFC:Last File Created 25/09/2011 - 20:43:28 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\BinHub\URLAnalysis.xml.bin [985008] O61 - LFC:Last File Created 25/09/2011 - 20:43:28 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\BinHub\WebHostingSites.xml.bin [35338] O61 - LFC:Last File Created 25/09/2011 - 20:43:29 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.001\full-webauth.sql.bin [7587403] O61 - LFC:Last File Created 25/09/2011 - 20:43:29 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\latest-hub-webauth.sql.bin [19023154] O61 - LFC:Last File Created 25/09/2011 - 20:43:30 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\nco1.0defs\20101214.002\full-webauth.sql.bin [7587403] O61 - LFC:Last File Created 25/09/2011 - 20:43:39 ---A- C:\Users\All Users\Symantec\LiveUpdate\Downloads\minitri.flg [0] O61 - LFC:Last File Created 25/09/2011 - 20:43:46 ---A- C:\Users\All Users\Symantec\LiveUpdate\Product.Inventory.LiveUpdate [18352] O61 - LFC:Last File Created 25/09/2011 - 20:43:46 R---- C:\Users\All Users\Symantec\LiveUpdate\Settings.LiveUpdate [20342] O61 - LFC:Last File Created 25/09/2011 - 20:43:54 ---A- C:\Users\All Users\Symantec\LiveUpdate\2011-09-25_Log.ALUSchedulerSvc.LiveUpdate [3190] O61 - LFC:Last File Created 25/09/2011 - 20:45:30 ---A- C:\Users\Léa\AppData\Local\Temp\eDatasecurity\FileList.txt [74] O61 - LFC:Last File Created 25/09/2011 - 23:56:08 ---A- C:\Users\All Users\Symantec\LiveUpdate\5.Product.Inventory.LiveUpdate [17080] O61 - LFC:Last File Created 25/09/2011 - 23:56:08 R--A- C:\Users\All Users\Symantec\LiveUpdate\5.Settings.LiveUpdate [20342] O61 - LFC:Last File Created 25/09/2011 - 23:56:09 ---A- C:\Users\All Users\Symantec\LiveUpdate\4.Product.Inventory.LiveUpdate [17080] O61 - LFC:Last File Created 25/09/2011 - 23:56:09 R--A- C:\Users\All Users\Symantec\LiveUpdate\4.Settings.LiveUpdate [20342] O61 - LFC:Last File Created 25/09/2011 - 23:57:10 ---A- C:\Users\All Users\Symantec\LiveUpdate\3.Product.Inventory.LiveUpdate [18352] O61 - LFC:Last File Created 25/09/2011 - 23:57:10 R--A- C:\Users\All Users\Symantec\LiveUpdate\3.Settings.LiveUpdate [20342] O61 - LFC:Last File Created 30/07/2008 - 14:11:48 ---A- C:\Users\Léa\AppData\Local\Apple Computer\iTunes\iTunes.pref [10943] O61 - LFC:Last File Created 30/07/2008 - 14:11:48 ---A- C:\Users\Léa\AppData\Roaming\Apple Computer\iTunes\iTunes.pref [106594] O61 - LFC:Last File Created 30/08/2011 - 19:56:39 ---A- C:\Users\Léa\AppData\Roaming\Skype\lea.borel\chatsync\ea\ea6403e6d9701a49.dat [1751] ~ Scan Files in 04mn 41s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 O63 - Logiciel: Ad-Remover - (.Pas de propriétaire.) [HKCU] -- Ad-Remover ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 02/06/2009 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys - avgio(avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - 02/06/2009 - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 02/06/2009 - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - 21/11/2006 - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe - comHost(comHost) .(.Symantec Corporation - COM Aggregation Host.) - LEGACY_COMHOST O64 - Services: CurCS - 02/11/2006 - C:\PROGRA~1\LAUNCH~1\DPortIO.sys - Dritek General Port I/O(DritekPortIO) .(.Dritek System Inc. - General Port I/O.) - LEGACY_DRITEKPORTIO O64 - Services: CurCS - ??/??/???? - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (.not file.) - Symantec Eraser Control driver (eeCtrl) .(...) - LEGACY_EECTRL O64 - Services: CurCS - ??/??/???? - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (.not file.) - EraserUtilRebootDrv (EraserUtilRebootDrv) .(...) - LEGACY_ERASERUTILREBOOTDRV O64 - Services: CurCS - 02/11/2006 - C:\Windows\system32\drivers\iastorv.sys - Intel RAID Controller Vista(iaStorV) .(.Intel Corporation - Intel Matrix Storage Manager driver (base).) - LEGACY_IASTORV O64 - Services: CurCS - 13/11/2010 - C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20101202.001\IDSvix86.sys - Symantec Intrusion Prevention Driver(IDSvix86) .(.Symantec Corporation - IDS Core Driver.) - LEGACY_IDSVIX86 O64 - Services: CurCS - 07/12/2006 - C:\Acer\Empowering Technology\eRecovery\int15.sys - int15 (int15) .(...) - LEGACY_INT15 O64 - Services: CurCS - ??/??/???? - C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20101214.001\NAVENG.sys (.not file.) - NAVENG (NAVENG) .(...) - LEGACY_NAVENG O64 - Services: CurCS - ??/??/???? - C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20101214.001\NAVEX15.sys (.not file.) - NAVEX15 (NAVEX15) .(...) - LEGACY_NAVEX15 O64 - Services: CurCS - 25/04/2007 - C:\Windows\system32\DRIVERS\psdfilter.sys - PSDFilter(PSDFilter) .(.HiTRUST - PSD Filter Driver.) - LEGACY_PSDFILTER O64 - Services: CurCS - 25/04/2007 - C:\Windows\system32\drivers\PSDNServ.sys - PSDNSERVER(PSDNServ) .(.HiTRUST - PSD Named Pipe Driver.) - LEGACY_PSDNSERV O64 - Services: CurCS - 25/04/2007 - C:\Windows\system32\drivers\psdvdisk.sys - psdvdisk(psdvdisk) .(.HiTRUST - PSD Virtual Disk Driver.) - LEGACY_PSDVDISK O64 - Services: CurCS - 16/05/2005 - C:\Windows\system32\drivers\sfhlp02.sys - StarForce Protection Helper Driver (version 2.x)(sfhlp02) .(.Protection Technology - StarForce Protection Helper Driver.) - LEGACY_SFHLP02 O64 - Services: CurCS - 30/11/2007 - C:\Windows\system32\Drivers\SRTSP.sys - SRTSP(SRTSP) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSP O64 - Services: CurCS - 30/11/2007 - C:\Windows\system32\Drivers\SRTSPX.sys - SRTSPX(SRTSPX) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSPX O64 - Services: CurCS - 08/11/2007 - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv) .(.AVIRA GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - 14/12/2010 - C:\Windows\system32\Drivers\SYMEVENT.sys - SymEvent(SymEvent) .(.Symantec Corporation - Symantec Event Library.) - LEGACY_SYMEVENT O64 - Services: CurCS - 03/08/2009 - C:\Windows\system32\Drivers\SYMREDRV.sys - SYMREDRV(SYMREDRV) .(.Symantec Corporation - Redirector Filter Driver.) - LEGACY_SYMREDRV O64 - Services: CurCS - 03/08/2009 - C:\Windows\system32\Drivers\SYMTDI.sys - SYMTDI(SYMTDI) .(.Symantec Corporation - Network Dispatch Driver.) - LEGACY_SYMTDI O64 - Services: CurCS - 03/03/2008 - C:\Windows\system32\DRIVERS\vsdatant.sys - Zone Alarm Firewall Driver(Vsdatant) .(.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - LEGACY_VSDATANT O64 - Services: CurCS - 30/01/2007 - C:\Windows\system32\DRIVERS\xaudio.sys - XAudio(XAudio) .(.Conexant Systems, Inc. - Modem Audio Device Driver.) - LEGACY_XAUDIO O64 - Services: CurCS - 02/11/2006 - C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl - {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) .(.Cyberlink Corp. - FCL Driver.) - LEGACY_{49DE1C67-83F8-4102-99E0-C16DCC7EEC ~ Scan Services in 00mn 02s ---\\ Liste des fichiers non signés (O65) O65 - LUF:09/12/2005 (. - .) (1.0.2169.16560) - c:\windows\system32\ClearEvent.exe O65 - LUF:14/04/2007 (. - Assembly imported from type library 'Shell32'..) (1.0.0.0) - c:\windows\system32\Interop.Shell32.dll ~ Scan Sigcheck in 07mn 28s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.exe> <exefile>[HKCU\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing O69 - SBI: SearchScopes [HKCU] {B6574168-A6E6-4302-91C0-497D0C8738A8} [DefaultScope] - (Yahoo! Search) - Yahoo! Search - Web Search ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.D41D8CD98F00B204E9800998ECF8427E] [sPRF][17/04/2011] (...) -- C:\Users\Léa\AppData\Local\Dduja.bin [0] [MD5.2EE80908A5AFF62DAD11B164BB611DF8] [sPRF][03/04/2011] (...) -- C:\Users\Léa\AppData\Local\idezuculenelana.dll [377350] [MD5.5EF87457AB8A58694EBE35E55D093D04] [sPRF][30/07/2008] (.Realtek Semiconductor Corp. - Realtek HD Audio Data Rerouter.) -- C:\Users\Léa\AppData\Local\Temp\RtkBtMnt.exe [208896] [MD5.B2C46C7064C867F4722A0F51CF18FB62] [sPRF][26/10/2010] (.McAfee, Inc. - McAfee Security Scan Plus Installer.) -- C:\Users\Léa\AppData\Local\Temp\SecurityScan_Release.exe [3598224] [MD5.D488C889BE33BE513E0F8C8AF29ECB17] [sPRF][23/08/2011] (.Skype Technologies S.A. - Skype.) -- C:\Users\Léa\AppData\Local\Temp\SkypeSetup.exe [24415368] [MD5.6FD1FA8D176DF4EF157071BD12C02C00] [sPRF][25/09/2011] (...) -- C:\Users\Léa\AppData\Local\Temp\symlcsv1.exe [58760] [MD5.D7D9445362AEE97FAA2214CB21B28C2F] [sPRF][07/05/2010] (.Microsoft Corporation - Windows Live Installer.) -- C:\Users\Léa\AppData\Local\Temp\wlsetup-cvr.exe [84621672] [MD5.20CC99523920B950E1FADDA863D032EB] [sPRF][06/12/2006] (...) -- C:\Users\Léa\AppData\Local\Temp\ycomp_setup.exe [918552] [MD5.1108B166160D6023AF76435B074052B6] [sPRF][05/04/2007] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Léa\AppData\Local\Temp\_is9A0.exe [455600] [MD5.FBAB280D0CAC5E21C72F0A1A7B5B9608] [sPRF][22/06/2007] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Léa\AppData\Local\Temp\_isFB6E.exe [455600] [MD5.37802DC23540941D3D5FFC0CFB97D9F0] [sPRF][24/09/2011] (...) -- C:\Users\Léa\Desktop\AD-R.exe [1563105] [MD5.7B7ECF9E3EEC3141A95396F9274E2FF8] [sPRF][13/02/2009] (.Mozilla - Firefox.) -- C:\Users\Léa\Desktop\Firefox Setup 3.0.6.exe [7620336] [MD5.E8269245566BE948F6A219135B434160] [sPRF][23/09/2011] (.Trend Micro Inc. - HijackThis.) -- C:\Users\Léa\Desktop\HiJackThis.exe [401720] [MD5.CACDEE7C8483CF39FDF372159F9A64FE] [sPRF][13/02/2009] (.Check Point Software Technologies LTD - ZoneAlarm® Downloader.) -- C:\Users\Léa\Desktop\zaSetup_fr.exe [210416] ~ Scan Files in 00mn 07s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{1ACDC690-E812-4BF4-8277-CADB310BB196}" | In - None - P6 - TRUE | .(.Acer Incorporated - Acer Arcade Deluxe.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe O87 - FAEL: "{975C10A6-89E7-450F-8386-9F6BEC5992B5}" | In - None - P6 - TRUE | .(.Acer Incorporated - VideoMagician.) -- C:\Program Files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe O87 - FAEL: "{4B2A96AC-90BB-469D-96F2-1E462E2F2103}" | In - None - P6 - TRUE | .(.Acer Incorporated - HomeMedia.) -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe O87 - FAEL: "{CB0A5015-2744-4511-8C92-B47FF3948EAF}" | In - None - P6 - TRUE | .(.Acer Incorporated - DV Wizard.) -- C:\Program Files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe O87 - FAEL: "{BFF14675-8909-4519-A5FC-309A2808F833}" | In - None - P17 - TRUE | .(.Acer Incorporated - DVDivine.) -- C:\Program Files\Acer Arcade Deluxe\DVDivine\DVDivine.exe O87 - FAEL: "{35E228C2-194B-4680-B6E6-216B230F43AD}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PlayMovie.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe O87 - FAEL: "{9B115FCE-670A-4282-B3E5-A1A4B970FC7E}" | In - None - P17 - TRUE | .(.CyberLink Corp. - CyberLink PlayMovie Resident Program.) -- C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe O87 - FAEL: "{93A27942-68FA-49B9-8CFE-E9B9E96CCC92}" | In - Public - P6 - TRUE | .(.Apple Computer, Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe O87 - FAEL: "{996BC56C-1871-440C-BDE8-23F8EC304988}" | In - Public - P17 - TRUE | .(.Apple Computer, Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe O87 - FAEL: "TCP Query User{FA93ABB0-7337-4EFF-93E0-4FC308A2F8E8}C:\program files\itunes\itunes.exe" | In - Private - P6 - TRUE | .(.Apple Computer, Inc. - iTunes.) -- C:\program files\itunes\itunes.exe O87 - FAEL: "UDP Query User{A4291E33-E49B-48D7-B880-496E1D7F3D20}C:\program files\itunes\itunes.exe" | In - Private - P17 - TRUE | .(.Apple Computer, Inc. - iTunes.) -- C:\program files\itunes\itunes.exe O87 - FAEL: "TCP Query User{226ADF5F-E887-4EFC-922A-AAD423B56667}C:\program files\konami\pro evolution soccer 2009\pes2009.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\konami\pro evolution soccer 2009\pes2009.exe (.not file.) O87 - FAEL: "UDP Query User{FB36B07F-BAA0-45EF-88D3-0F5A0295A633}C:\program files\konami\pro evolution soccer 2009\pes2009.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\konami\pro evolution soccer 2009\pes2009.exe (.not file.) O87 - FAEL: "TCP Query User{2D07681B-F47F-430F-B7B5-47186E15C2A3}D:\electronic arts\eadm\core.exe" |In - Public - P6 - TRUE | .(...) -- D:\electronic arts\eadm\core.exe (.not file.) O87 - FAEL: "UDP Query User{8994FFED-53F3-47BD-A15B-2E4520831747}D:\electronic arts\eadm\core.exe" |In - Public - P17 - TRUE | .(...) -- D:\electronic arts\eadm\core.exe (.not file.) O87 - FAEL: "{66C0CFBA-2539-42BE-86C8-083F58545238}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe ~ Scan Firewall in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 8636 - (24/09/2011) Clés trouvées (Keys found) : 14 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\TypeLib\{21234BEA-125E-40DB-95EA-6B322E21F59B}] =>PUP.Dealio [HKLM\Software\Classes\Interface\{3EDDA953-1C3B-4823-8F25-D075FBB2D2B5}] =>PUP.Dealio [HKLM\Software\Classes\TypeLib\{4C1E5902-FE99-4591-8582-2A2605462857}] =>PUP.Dealio [HKLM\Software\Classes\CLSID\{5C00A371-2011-4AF3-97C8-6CE66AA744CB}] =>PUP.Dealio [HKLM\Software\Classes\Interface\{5F5A840B-359D-46F2-81BF-52470CE866A2}] =>PUP.Dealio [HKLM\Software\Classes\CLSID\{9F038672-0425-4792-BC9C-36DE3308E8AA}] =>PUP.Dealio [HKLM\Software\Classes\Interface\{B67A4CBA-520A-43DB-B03F-414E539F90EC}] =>PUP.Dealio [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}] =>PUP.Dealio [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}] =>PUP.Dealio [HKLM\Software\Classes\CLSID\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}] =>PUP.Dealio [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e908b145-c847-4e85-b315-07e2e70decf8}] =>PUP.Dealio [HKLM\Software\Classes\Interface\{F9C4F914-CB58-4272-8A3F-F732A1D1E91D}] =>PUP.Dealio [HKLM\Software\Classes\Installer\Features\C8465016C3C0D184C811F194256DBF35] =>PUP.Dealio [HKCU\Software\Microsoft\Internet Explorer\MenuExt\compare prices with &dealio] =>Adware.BHO C:\Program Files\Babylon =>Toolbar.Babylon ~ Scan Additionnel in 00mn 11s ---\\ Recherche détournement de DNS routeur (O89) DNS request timed out. timeout was 2 seconds. Serveur : UnKnown Address: 109.0.66.10 DNS request timed out. timeout was 2 seconds. DNS request timed out. timeout was 2 seconds. DNS request timed out. timeout was 2 seconds. DNS request timed out. timeout was 2 seconds. ~ Scan DNS in 00mn 12s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 50688 | (ALaunchService) . (...) - C:\Acer\ALaunch\ALaunchSvc.exe SR - | Auto 13/02/2009 68865 | (AntiVirScheduler) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe SR - | Auto 13/02/2009 151297 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe SR - | Auto 10/08/2007 107624 | (ccEvtMgr) . (.Symantec Corporation.) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe SR - | Auto 10/08/2007 107624 | (ccSetMgr) . (.Symantec Corporation.) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe SR - | Auto 10/08/2007 107624 | (CLTNetCnService) . (.Symantec Corporation.) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe SS - | Demand 10/08/2007 49296 | (comHost) . (.Symantec Corporation.) - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe SR - | Auto 10/08/2007 457512 | eDSService.exe (eDataSecurity Service) . (.HiTRSUT.) - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe SR - | Auto 10/08/2007 24576 | (eLockService) . (.Acer Inc..) - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe SR - | Auto 10/08/2007 135168 | (eNet Service) . (.Acer Inc..) - C:\Acer\Empowering Technology\eNet\eNet Service.exe SR - | Auto 21/12/2007 53248 | (eRecoveryService) . (.Acer Inc..) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe SR - | Auto 24576 | (eSettingsService) . (...) - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe SR - | Auto 21/12/2007 355096 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe SS - | Demand 30/07/2008 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe SR - | Demand 30/07/2008 323584 | (iPodService) . (.Apple Computer, Inc..) - C:\Program Files\iPod\bin\iPodService.exe SS - | Demand 10/08/2007 80552 | (ISPwdSvc) . (.Symantec Corporation.) - C:\Program Files\Norton Internet Security\isPwdSvc.exe SR - | Auto 10/08/2007 61440 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe SS - | Demand 10/08/2007 2999664 | (LiveUpdate) . (.Symantec Corporation.) - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.exe SR - | Auto 10/08/2007 107624 | (LiveUpdate Notice Ex) . (.Symantec Corporation.) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe SS - | Auto 14/12/2010 583048 | (LiveUpdate Notice Service) . (.Symantec Corporation.) - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe SR - | Auto 107008 | (MobilityService) . (...) - C:\Acer\Mobility Center\MobilityService.exe SR - | Auto 02/09/2009 211488 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 10/08/2007 554352 | (Planificateur LiveUpdate automatique) . (.Symantec Corporation.) - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe SR - | Auto 266343 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe SR - | Demand 1251720 | (Symantec Core LC) . (...) - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe SR - | Auto 10/08/2007 46736 | (SymAppCore) . (.Symantec Corporation.) - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe SR - | Auto 04/06/2009 79400 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\Windows\System32\ZoneLabs\vsmon.exe SR - | Auto 30/07/2008 167936 | (WMIService) . (.acer.) - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe SR - | Auto 23/12/2010 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe SR - | Auto 10/08/2007 386560 | (XAudioService) . (.Conexant Systems, Inc..) - C:\Windows\system32\DRIVERS\xaudio.exe SR - | Auto 21/12/2007 13560 | ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) . (.Cyberlink Corp..) - C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl ~ Scan Services in 00mn 15s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by Léa at 25/09/2011 22:08:27 device: opened successfully user: MBR read successfully Disk trace: called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys C:\Windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver 1 nt!IofCallDriver[0x8287A18D] -> \Device\Harddisk0\DR0[0x8692AAC8] 3 CLASSPNP[0x88EEF745] -> nt!IofCallDriver[0x8287A18D] -> [0x85211260] 5 acpi[0x886406A0] -> nt!IofCallDriver[0x8287A18D] -> \Device\Ide\IAAStorageDevice-0[0x85264030] kernel: MBR read successfully user & kernel MBR OK ~ Scan MBR in 00mn 17s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Léa at 25/09/2011 22:08:29 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 19s End of the scan (1850 lines in 20mn 22s)(0) -
[Résolu] Gros ralentissements, impossible de lancer les applicati
cliffburton a répondu à un(e) sujet de cliffburton dans Analyses et éradication malwares
Bonjour tomtom95, et d'abord merci d'avoir pris le temps de me répondre. Voici les 3 rapports sur 3 posts différents, sachant que je n'ai pas pu mettre à jour les logiciels en question car la connexion est impossible avec toutes ces infections. Par exemple, MalwareByte's était déjà installé, et a donc fonctionné avec une mise à jour datant d'il y a 3 mois. D'abord le rapport AD-R : ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: TeamXscript : AD-Remover - FindyKill - UsbFix - SEAF C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 15:41:09 le 24/09/2011, Mode normal Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 (X86) Léa@PC-DE-LÉA (Acer Aspire 7720Z) ============== ACTION(S) ============== Service: "sdmBackupIP" Stoppé et supprimé Dossier supprimé: C:\Program Files\Installer Fichier supprimé: C:\Windows\system32\Utils.dll Dossier supprimé: C:\Windows\BackupIP Dossier supprimé: C:\Users\Léa\AppData\Roaming\Mozilla\FireFox\Profiles\vysc5e9x.default\conduit Dossier supprimé: C:\Users\Léa\AppData\LocalLow\Conduit Dossier supprimé: C:\Program Files\Conduit Dossier supprimé: C:\Users\Léa\AppData\LocalLow\Dealio Dossier supprimé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dealio Dossier supprimé: C:\Program Files\Dealio Dossier supprimé: C:\Users\Léa\AppData\Roaming\EoRezo Dossier supprimé: C:\Users\Léa\AppData\Local\networker (!) -- Fichiers temporaires supprimés. -- Fichier ouvert: C:\Users\Léa\AppData\Roaming\Mozilla\FireFox\Profiles\vysc5e9x.default\Prefs.js -- Ligne supprimée: user_pref("CT1460988.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER... Ligne supprimée: user_pref("CT1460988.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT146... Ligne supprimée: user_pref("CT1460988.ct1670222.SearchEngine", "Recherche||hxxp://search.conduit.com/Results.aspx?q=U... Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr... Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT1460988"); Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT1460988"); Ligne supprimée: user_pref("[email protected]", false); -- Fichier Fermé -- Clé supprimée: HKLM\Software\Classes\CLSID\{6A87B991-A31F-4130-AE72-6D0C294BF082} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A87B991-A31F-4130-AE72-6D0C294BF082} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6A87B991-A31F-4130-AE72-6D0C294BF082} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6A87B991-A31F-4130-AE72-6D0C294BF082} Clé supprimée: HKLM\Software\Classes\Interface\{03C390E8-B836-4B82-8D56-1BFDDC06AE8A} Clé supprimée: HKLM\Software\Classes\Interface\{144940B1-F191-11D0-A8E2-00A0C90F29FC} Clé supprimée: HKLM\Software\Classes\Interface\{2A6B0172-4ED2-11D0-98BE-00805F7CED21} Clé supprimée: HKLM\Software\Classes\Interface\{2C4470A2-E099-4B9E-ABFE-BBA56D046AFD} Clé supprimée: HKLM\Software\Classes\Interface\{391769AE-D8EC-45EC-967D-F5120456E514} Clé supprimée: HKLM\Software\Classes\Interface\{39AEF150-C270-4690-AE7D-955E51BC8960} Clé supprimée: HKLM\Software\Classes\Interface\{7C7B253C-967B-4385-901B-06873371B3CF} Clé supprimée: HKLM\Software\Classes\Interface\{9F598C4D-E2FB-455C-9486-6AD3405620F2} Clé supprimée: HKLM\Software\Classes\Interface\{CD73B1AB-3403-4E47-B196-517C57BE76A2} Clé supprimée: HKLM\Software\Classes\Dealio.DealioBHO Clé supprimée: HKLM\Software\Classes\Dealio.DealioBHO.1 Clé supprimée: HKLM\Software\Classes\Dealio.DealioSearch Clé supprimée: HKLM\Software\Classes\Dealio.DealioSearch.1 Clé supprimée: HKLM\Software\Classes\Dealio.DealioToolbar Clé supprimée: HKLM\Software\Classes\Dealio.DealioToolbar.1 Clé supprimée: HKLM\Software\Classes\Dealio.DealioToolbarHelper Clé supprimée: HKLM\Software\Classes\Dealio.DealioToolbarHelper.1 Clé supprimée: HKLM\Software\Classes\Toolbar.CT1460988 Clé supprimée: HKLM\Software\Classes\AppID\EoRezoBHO.DLL Clé supprimée: HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9} Clé supprimée: HKLM\Software\Conduit Clé supprimée: HKLM\Software\Dealio Clé supprimée: HKLM\Software\Install Pedia Limited Clé supprimée: HKCU\Software\AppDataLow\Toolbar Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit Clé supprimée: HKLM\Software\Classes\Installer\Products\C8465016C3C0D184C811F194256DBF35 Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\C8465016C3C0D184C811F194256DBF35 Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6F7140D8-616F-4A09-BDA1-DFB45C3BE132} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{6105648C-0C3C-481D-8C11-1F4952D6FB53} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\EoEngine_is1 Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1 Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6105648C-0C3C-481D-8C11-1F4952D6FB53} Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1 Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Dealio Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{E908B145-C847-4e85-B315-07E2E70DECF8} Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|installer Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|au Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [6.0.2 (fr)] **** Searchplugins\babylon.xml (hxxp://search.babylon.com/web/{searchTerms}) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Components\browsercomps.dll (Mozilla Foundation) HKCU_Extensions|{36A0949C-2D38-4B3D-A73A-1C046E99DD3C} - C:\Users\Léa\AppData\Local\{36A0949C-2D38-4B3D-A73A-1C046E99DD3C} -- C:\Users\Léa\AppData\Roaming\Mozilla\FireFox\Profiles\vysc5e9x.default -- Extensions\nostmp (?) Prefs.js - browser.download.dir, C:\\Users\\Léa\\Desktop Prefs.js - browser.download.lastDir, C:\\Users\\Léa\\Desktop Prefs.js - browser.search.defaultenginename, Google Prefs.js - browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= Prefs.js - browser.search.selectedEngine, Google Prefs.js - browser.startup.homepage, hxxp://www.google.fr/ Prefs.js - browser.startup.homepage_override.buildID, 20110902133214 Prefs.js - browser.startup.homepage_override.mstone, rv:6.0.2 ======================================== **** Internet Explorer Version [8.0.6001.19048] **** IEXPLORE.EXE\Shell\Open\Command - iexplore.exe HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} (x) HKCU_Toolbar\ShellBrowser|{5CBE3B7C-1E47-477E-A7DD-396DB0476E29} (C:\Windows\system32\eDStoolbar.dll) HKLM_Toolbar|{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} (C:\Windows\system32\eDStoolbar.dll) HKLM_Toolbar|{90222687-F593-4738-B738-FBEE9C7B26DF} (C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll) HKCU_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?) HKCU_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?) HKCU_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?) HKLM_ElevationPolicy\59a3fb21-9e5c-47f8-aecd-d372e6a8f0cd - C:\Program Files\myBabylon_English\myBabylon_EnglishToolbarHelper.exe (x) HKLM_ElevationPolicy\{6052BF20-EA23-4A04-B3C1-A20EFE01A95A} - C:\Program Files\Veetle\Player\vtl_hfs.exe (?) HKLM_ElevationPolicy\{680FA47E-AB59-46BE-B594-7358726E108B} - C:\Program Files\Veetle\Player\player.exe (?) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{E8BC6C2B-DD90-4397-96EB-2AAF0E48ABE6} - C:\Program Files\Veetle\Player\vtl_hfax.exe (?) BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Adobe PDF Reader Link Helper" (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll) BHO\{1E8A6170-7264-4D0F-BEAE-D42A53123C75} - "?" (C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll) BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?) BHO\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - "ShowBarObj Class" (C:\Windows\system32\ActiveToolBand.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 596 Fichier(s) C:\Program Files\Ad-Remover\Backup: 14 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 24/09/2011 15:41:25 (9647 Octet(s)) Fin à: 15:46:15, 24/09/2011 ============== E.O.F ============== -
Bonjour, Je me suis attelé à la "réparation" du PC portable de ma soeur qui rencontre de gros problèmes. Seulement c'est bien plus ardu que je ne le pensais. Les symptômes sont les suivants : -longue attente au démarrage et au lancement du peu d'applications qui marchent -la majorité des logiciels et application ne peut pas être lancée (un message d'erreur provenant de Symantec s'affiche, Symantec n'ayant jamais été installé, ou alors à son insu) -plus de son -surchauffe régulière du PC, qui s'éteint brusquement, avec ou sans batterie. Il se peut cependant que ce ne soit pas liés aux autres symptômes Pour le moment, j'ai tenté de lancé un scan d'AntiVir : impossible de faire une mise à jour sans Internet + scan interrompu par la surchauffe. J'ai uniquement pu exécuter le rapport Hijackthis ci-dessous, en mode sans échec. Auriez-vous s'il vous plait une idée pour résoudre ce problème ? D'avance merci. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:48:50, on 23/09/2011 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.19048) Boot mode: Safe mode Running processes: C:\Windows\Explorer.EXE C:\Users\Léa\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo! France R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! France R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo! France R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll R3 - URLSearchHook: (no name) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing) O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [iS CfgWiz] "C:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [setPanel] C:\Acer\APanel\APanel.cmd O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [installer] C:\Program Files\Installer\lnetworker.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [EA Core] "D:\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [uyeferirifejela] rundll32.exe "C:\Users\Léa\AppData\Local\inivikiyitej.dll",Startup O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10p_Plugin.exe -update plugin O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\Léa\AppData\LocalLow\Dealio\kb127\res\DealioSearch.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O13 - Gopher Prefix: O20 - AppInit_DLLs: eNetHook.dll O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Backup IP Network (sdmBackupIP) - Unknown owner - C:\Windows\BackupIP\service.exe (file missing) O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 12732 bytes