Aller au contenu

maykiki

Membres
  • Compteur de contenus

    139
  • Inscription

  • Dernière visite

  • Jours gagnés

    1

Tout ce qui a été posté par maykiki

  1. Pas eu de nouveau message d alerte, la souris repond mieux... A voir par la suite!!! Merci a toi, comme toujours
  2. Salut Pear, Voila le rapport MBAM apres suppression des fichiers trouves! Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Version de la base de données: v2012.04.12.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Mayke :: CIMONE [administrateur] 13/04/2012 17:00:13 mbam-log-2012-04-13 (17-00-13).txt Type d'examen: Examen complet Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 331495 Temps écoulé: 49 minute(s), 3 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 2 C:\Users\Mayke\AppData\Local\Temp\01net\01NET.com.exe (PUP.Toolbar.Repacked) -> Mis en quarantaine et supprimé avec succès. C:\Users\Mayke\Downloads\hijackthis_telechargement_01net.exe (PUP.Toolbar.Repacked) -> Mis en quarantaine et supprimé avec succès. (fin)
  3. Bon ca a plante 4 fois mais voila enfin le rapport!! pjjoint.malekal.com - Submit a file
  4. merci!!! Scan en cours!
  5. Merci Pear!! Alors quand je le lance en mode administrateur, j ai le message "le serveur Zebulon n'est pas disponible" Quand je clique sur l icone options, je ne peux pas descendre jusqu a ce que "tous" apparait! Ca s arrete a recherche particuliere a la racine de certains dossiers. Et je n arrive pas a modifier la taille de la partie personnalisation ce qui m aurait permis de voir ce fameux bouton "Tous". Comment faire?
  6. Bonjour à tous, Voila en gros les problèmes que je rencontre actuellement avec mon pc Sony tournant sous Windows 7: - des messages d'alerte m indiquant par exemple que mon pc n est plus protege par tel ou tel logiciel et qu il me faut les reactiver. N ayuant jamais installe ces fameux logiciels, j ai bloque. (ex: penWes) - ma souris par moment met tres longtemps a aller ou je veux et bouge meme toute seule par moment. - Souvent, j ai une alerte antivir me disant que la protection guard a ete desactivee. - les fenetres que je veux lancer (bureautique ou net) mettent de plus en plus de temps a s ouvrir. Voila le rapport hijackthis, si qqun veut bien me venir en aide!!! Merci beaucoup d'avance;-) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:08:39, on 12/04/2012 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files (x86)\IpsosLSPService\Ipsos-WatchDog.exe C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Freecorder\FLVSrvc.exe C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe C:\Program Files (x86)\PenWes\penwes.exe C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10m_ActiveX.exe C:\Users\Mayke\Downloads\hijackthis_telechargement_01net.exe C:\Users\Mayke\AppData\Local\Temp\01net\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.eu/vaioportal R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10005’ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Actualité, Sport, People, Femmes - MSN France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10005’ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Freecorder - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll (file missing) O2 - BHO: Gacela2 - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\Digital Connections\Gacela2.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Complitly - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Users\Mayke\AppData\Roaming\Complitly\Complitly.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files (x86)\Freecorder\prxtbFree.dll O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [ipsos-WatchDog] "C:\Program Files (x86)\IpsosLSPService\Ipsos-WatchDog.exe" /Debug O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run O4 - HKLM\..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\Digital Connections\Gacela2.dll O9 - Extra 'Tools' menuitem: À propos de Digital Connections - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\Digital Connections\Gacela2.dll O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\ipsoslspservice.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\ipsoslspservice.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\ipsoslspservice.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\ipsoslspservice.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\ipsoslspservice.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Ipsos-Reporting-Service - Unknown owner - C:\Program Files (x86)\Digital Connections\Ipsos-Reporting.exe O23 - Service: Ipsos-Update-Service - Unknown owner - C:\Program Files (x86)\Digital Connections\Ipsos-Updater.exe O23 - Service: IpsosLSPService - Ipsos - C:\Program Files (x86)\IpsosLSPService\IpsosLSPService.exe O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13730 bytes
  7. Ben comment ca se fait que personne ne me réponde?! c est pas l habitude de ce site pourtant ;-(
  8. On m a oublié?!
  9. Pas moi, desolé lol
  10. Oh pas de réponse encore
  11. Salut à tous! J ai installé des petits programmes hier soir et probleme aujourd hui! Mon antivirus m a alerté d'une eventuelle infection à Crypted.Gen. J ai mis le fichier en quarantaine. Firefox avait une toolbar que j ai desinstalle mais qui est toujours la A savoir: freeonlineradioplayerrecorder community toolbar Je vous post un log hijackthis, le rapport antivir de l infection et celui apres modifications qui ne detecte plus rien. Si qqun peut y jeter un oeil et me dire! Merci Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:30:46, on 02/08/2011 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.19088) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\system32\igfxext.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Mayke\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vp32&d=1010&m=aspire_5735 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {f999a48b-1950-4d81-9971-79018f807b4b} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing) O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe -- End of file - 8518 bytes Avira AntiVir Personal Date de création du fichier de rapport : mardi 2 août 2011 18:25 La recherche porte sur 3306605 souches de virus. Le programme fonctionne en version intégrale illimitée. Les services en ligne sont disponibles. Détenteur de la licence : Avira AntiVir Personal - Free Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows Vista Version de Windows : (Service Pack 1) [6.0.6001] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur : PC-DE-MAYKE Informations de version : BUILD.DAT : 10.0.0.139 31824 Bytes 20/07/2011 16:52:00 AVSCAN.EXE : 10.0.4.2 442024 Bytes 29/04/2011 21:10:47 AVSCAN.DLL : 10.0.3.0 56168 Bytes 17/08/2010 11:39:10 LUKE.DLL : 10.0.3.2 104296 Bytes 15/12/2010 18:40:28 LUKERES.DLL : 10.0.0.0 13672 Bytes 17/08/2010 11:39:11 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 08:05:36 VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 18:40:04 VBASE002.VDF : 7.11.3.0 1950720 Bytes 09/02/2011 16:11:55 VBASE003.VDF : 7.11.5.225 1980416 Bytes 07/04/2011 20:14:16 VBASE004.VDF : 7.11.8.178 2354176 Bytes 31/05/2011 19:07:09 VBASE005.VDF : 7.11.10.251 1788416 Bytes 07/07/2011 20:57:59 VBASE006.VDF : 7.11.10.252 2048 Bytes 07/07/2011 20:57:59 VBASE007.VDF : 7.11.10.253 2048 Bytes 07/07/2011 20:57:59 VBASE008.VDF : 7.11.10.254 2048 Bytes 07/07/2011 20:57:59 VBASE009.VDF : 7.11.10.255 2048 Bytes 07/07/2011 20:57:59 VBASE010.VDF : 7.11.11.0 2048 Bytes 07/07/2011 20:57:59 VBASE011.VDF : 7.11.11.1 2048 Bytes 07/07/2011 20:57:59 VBASE012.VDF : 7.11.11.2 2048 Bytes 07/07/2011 20:57:59 VBASE013.VDF : 7.11.11.75 688128 Bytes 12/07/2011 19:57:21 VBASE014.VDF : 7.11.11.104 978944 Bytes 13/07/2011 19:57:24 VBASE015.VDF : 7.11.11.137 655360 Bytes 14/07/2011 19:57:25 VBASE016.VDF : 7.11.11.184 699392 Bytes 18/07/2011 18:32:16 VBASE017.VDF : 7.11.11.214 414208 Bytes 19/07/2011 18:32:17 VBASE018.VDF : 7.11.11.242 772096 Bytes 20/07/2011 18:32:18 VBASE019.VDF : 7.11.12.3 1291776 Bytes 20/07/2011 18:32:20 VBASE020.VDF : 7.11.12.30 844288 Bytes 21/07/2011 21:01:58 VBASE021.VDF : 7.11.12.67 149504 Bytes 24/07/2011 13:21:02 VBASE022.VDF : 7.11.12.93 195072 Bytes 25/07/2011 13:21:02 VBASE023.VDF : 7.11.12.113 150528 Bytes 26/07/2011 13:21:02 VBASE024.VDF : 7.11.12.152 182784 Bytes 28/07/2011 13:21:02 VBASE025.VDF : 7.11.12.153 2048 Bytes 28/07/2011 13:21:02 VBASE026.VDF : 7.11.12.154 2048 Bytes 28/07/2011 13:21:02 VBASE027.VDF : 7.11.12.155 2048 Bytes 28/07/2011 13:21:02 VBASE028.VDF : 7.11.12.156 2048 Bytes 28/07/2011 13:21:02 VBASE029.VDF : 7.11.12.157 2048 Bytes 28/07/2011 13:21:02 VBASE030.VDF : 7.11.12.158 2048 Bytes 28/07/2011 13:21:02 VBASE031.VDF : 7.11.12.168 53248 Bytes 31/07/2011 13:21:02 Version du moteur : 8.2.6.22 AEVDF.DLL : 8.1.2.1 106868 Bytes 17/08/2010 11:38:53 AESCRIPT.DLL : 8.1.3.73 1622395 Bytes 20/07/2011 18:32:25 AESCN.DLL : 8.1.7.2 127349 Bytes 25/11/2010 19:37:00 AESBX.DLL : 8.2.1.34 323957 Bytes 04/06/2011 19:07:24 AERDL.DLL : 8.1.9.13 639349 Bytes 14/07/2011 19:57:31 AEPACK.DLL : 8.2.9.5 676214 Bytes 14/07/2011 19:57:30 AEOFFICE.DLL : 8.1.2.13 201083 Bytes 31/07/2011 13:21:02 AEHEUR.DLL : 8.1.2.148 3576184 Bytes 31/07/2011 13:21:02 AEHELP.DLL : 8.1.17.7 254327 Bytes 31/07/2011 13:21:02 AEGEN.DLL : 8.1.5.6 401780 Bytes 19/05/2011 21:08:14 AEEMU.DLL : 8.1.3.0 393589 Bytes 25/11/2010 19:36:51 AECORE.DLL : 8.1.22.4 196983 Bytes 14/07/2011 19:57:27 AEBB.DLL : 8.1.1.0 53618 Bytes 17/08/2010 11:38:45 AVWINLL.DLL : 10.0.0.0 19304 Bytes 17/08/2010 11:38:56 AVPREF.DLL : 10.0.0.0 44904 Bytes 17/08/2010 11:38:55 AVREP.DLL : 10.0.0.10 174120 Bytes 17/05/2011 17:44:33 AVREG.DLL : 10.0.3.2 53096 Bytes 17/08/2010 11:38:56 AVSCPLR.DLL : 10.0.4.2 84840 Bytes 29/04/2011 21:10:47 AVARKT.DLL : 10.0.22.6 231784 Bytes 15/12/2010 18:40:14 AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 17/08/2010 11:38:55 SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 13:28:02 AVSMTP.DLL : 10.0.0.17 63848 Bytes 17/08/2010 11:38:56 NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 13:28:01 RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 10/02/2010 23:23:03 RCTEXT.DLL : 10.0.58.0 99688 Bytes 17/08/2010 11:39:11 Configuration pour la recherche actuelle : Nom de la tâche...............................: avguard_async_scan Fichier de configuration......................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_4f19d446\guard_slideup.avp Documentation.................................: bas Action principale.............................: interactif Action secondaire.............................: quarantaine Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: arrêt Recherche dans les programmes actifs..........: marche Recherche en cours sur l'enregistrement.......: arrêt Recherche de Rootkits.........................: arrêt Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Tous les fichiers Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: élevé Début de la recherche : mardi 2 août 2011 18:25 La recherche sur les processus démarrés commence : Processus de recherche 'plugin-container.exe' - '1' module(s) sont contrôlés Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'SearchFilterHost.exe' - '1' module(s) sont contrôlés Processus de recherche 'SearchProtocolHost.exe' - '1' module(s) sont contrôlés Processus de recherche 'firefox.exe' - '1' module(s) sont contrôlés Processus de recherche 'TrustedInstaller.exe' - '1' module(s) sont contrôlés Processus de recherche 'wuauclt.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmiprvse.exe' - '1' module(s) sont contrôlés Processus de recherche 'mbamservice.exe' - '1' module(s) sont contrôlés Processus de recherche 'IAStorDataMgrSvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmiprvse.exe' - '1' module(s) sont contrôlés Processus de recherche 'unsecapp.exe' - '1' module(s) sont contrôlés Processus de recherche 'msiexec.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmpnetwk.exe' - '1' module(s) sont contrôlés Processus de recherche 'SynTPHelper.exe' - '1' module(s) sont contrôlés Processus de recherche 'WLIDSvcM.exe' - '1' module(s) sont contrôlés Processus de recherche 'igfxext.exe' - '1' module(s) sont contrôlés Processus de recherche 'SearchIndexer.exe' - '1' module(s) sont contrôlés Processus de recherche 'WLIDSVC.EXE' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'SchedulerSvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'BackupSvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'NASvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'MobilityService.exe' - '1' module(s) sont contrôlés Processus de recherche 'LSSrvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'ETService.exe' - '1' module(s) sont contrôlés Processus de recherche 'eDSService.exe' - '1' module(s) sont contrôlés Processus de recherche 'Agentsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'mDNSResponder.exe' - '1' module(s) sont contrôlés Processus de recherche 'avshadow.exe' - '1' module(s) sont contrôlés Processus de recherche 'AppleMobileDeviceService.exe' - '1' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '1' module(s) sont contrôlés Processus de recherche 'agrsmsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'armsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'GoogleToolbarNotifier.exe' - '1' module(s) sont contrôlés Processus de recherche 'igfxsrvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'wmpnscfg.exe' - '1' module(s) sont contrôlés Processus de recherche 'SynTPEnh.exe' - '1' module(s) sont contrôlés Processus de recherche 'LManager.exe' - '1' module(s) sont contrôlés Processus de recherche 'IAStorIcon.exe' - '1' module(s) sont contrôlés Processus de recherche 'igfxpers.exe' - '1' module(s) sont contrôlés Processus de recherche 'hkcmd.exe' - '1' module(s) sont contrôlés Processus de recherche 'igfxtray.exe' - '1' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '1' module(s) sont contrôlés Processus de recherche 'taskeng.exe' - '1' module(s) sont contrôlés Processus de recherche 'Explorer.EXE' - '1' module(s) sont contrôlés Processus de recherche 'taskeng.exe' - '1' module(s) sont contrôlés Processus de recherche 'Dwm.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'sched.exe' - '1' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'SLsvc.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsm.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'wininit.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\Users\Mayke\AppData\Roaming\Mozilla\Firefox\Profiles\raz6ubhh.default\prefs.js' C:\Users\Mayke\AppData\Roaming\Mozilla\Firefox\Profiles\raz6ubhh.default\prefs.js [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Crypted.Gen Début de la désinfection : C:\Users\Mayke\AppData\Roaming\Mozilla\Firefox\Profiles\raz6ubhh.default\prefs.js [RESULTAT] Contient le modèle de détection du virus de script HTML HTML/Crypted.Gen [REMARQUE] Le fichier a été déplacé dans le répertoire de quarantaine sous le nom '4b008159.qua' ! Fin de la recherche : mardi 2 août 2011 18:27 Temps nécessaire: 00:00 Minute(s) La recherche a été effectuée intégralement 0 Les répertoires ont été contrôlés 72 Des fichiers ont été contrôlés 1 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 1 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 0 Impossible de scanner des fichiers 71 Fichiers non infectés 0 Les archives ont été contrôlées 0 Avertissements 1 Consignes Les résultats de la recherche sont transmis au Guard. Avira AntiVir Personal Date de création du fichier de rapport : mardi 2 août 2011 18:32 La recherche porte sur 3313686 souches de virus. Le programme fonctionne en version intégrale illimitée. Les services en ligne sont disponibles. Détenteur de la licence : Avira AntiVir Personal - Free Antivirus Numéro de série : 0000149996-ADJIE-0000001 Plateforme : Windows Vista Version de Windows : (Service Pack 1) [6.0.6001] Mode Boot : Démarré normalement Identifiant : SYSTEM Nom de l'ordinateur : PC-DE-MAYKE Informations de version : BUILD.DAT : 10.0.0.139 31824 Bytes 20/07/2011 16:52:00 AVSCAN.EXE : 10.0.4.2 442024 Bytes 29/04/2011 21:10:47 AVSCAN.DLL : 10.0.3.0 56168 Bytes 17/08/2010 11:39:10 LUKE.DLL : 10.0.3.2 104296 Bytes 15/12/2010 18:40:28 LUKERES.DLL : 10.0.0.0 13672 Bytes 17/08/2010 11:39:11 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 08:05:36 VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 18:40:04 VBASE002.VDF : 7.11.3.0 1950720 Bytes 09/02/2011 16:11:55 VBASE003.VDF : 7.11.5.225 1980416 Bytes 07/04/2011 20:14:16 VBASE004.VDF : 7.11.8.178 2354176 Bytes 31/05/2011 19:07:09 VBASE005.VDF : 7.11.10.251 1788416 Bytes 07/07/2011 20:57:59 VBASE006.VDF : 7.11.10.252 2048 Bytes 07/07/2011 20:57:59 VBASE007.VDF : 7.11.10.253 2048 Bytes 07/07/2011 20:57:59 VBASE008.VDF : 7.11.10.254 2048 Bytes 07/07/2011 20:57:59 VBASE009.VDF : 7.11.10.255 2048 Bytes 07/07/2011 20:57:59 VBASE010.VDF : 7.11.11.0 2048 Bytes 07/07/2011 20:57:59 VBASE011.VDF : 7.11.11.1 2048 Bytes 07/07/2011 20:57:59 VBASE012.VDF : 7.11.11.2 2048 Bytes 07/07/2011 20:57:59 VBASE013.VDF : 7.11.11.75 688128 Bytes 12/07/2011 19:57:21 VBASE014.VDF : 7.11.11.104 978944 Bytes 13/07/2011 19:57:24 VBASE015.VDF : 7.11.11.137 655360 Bytes 14/07/2011 19:57:25 VBASE016.VDF : 7.11.11.184 699392 Bytes 18/07/2011 18:32:16 VBASE017.VDF : 7.11.11.214 414208 Bytes 19/07/2011 18:32:17 VBASE018.VDF : 7.11.11.242 772096 Bytes 20/07/2011 18:32:18 VBASE019.VDF : 7.11.12.3 1291776 Bytes 20/07/2011 18:32:20 VBASE020.VDF : 7.11.12.30 844288 Bytes 21/07/2011 21:01:58 VBASE021.VDF : 7.11.12.67 149504 Bytes 24/07/2011 13:21:02 VBASE022.VDF : 7.11.12.93 195072 Bytes 25/07/2011 13:21:02 VBASE023.VDF : 7.11.12.113 150528 Bytes 26/07/2011 13:21:02 VBASE024.VDF : 7.11.12.152 182784 Bytes 28/07/2011 13:21:02 VBASE025.VDF : 7.11.12.181 117760 Bytes 01/08/2011 16:31:36 VBASE026.VDF : 7.11.12.182 2048 Bytes 01/08/2011 16:31:36 VBASE027.VDF : 7.11.12.183 2048 Bytes 01/08/2011 16:31:36 VBASE028.VDF : 7.11.12.184 2048 Bytes 01/08/2011 16:31:37 VBASE029.VDF : 7.11.12.185 2048 Bytes 01/08/2011 16:31:37 VBASE030.VDF : 7.11.12.186 2048 Bytes 01/08/2011 16:31:37 VBASE031.VDF : 7.11.12.196 35840 Bytes 02/08/2011 16:31:37 Version du moteur : 8.2.6.22 AEVDF.DLL : 8.1.2.1 106868 Bytes 17/08/2010 11:38:53 AESCRIPT.DLL : 8.1.3.73 1622395 Bytes 20/07/2011 18:32:25 AESCN.DLL : 8.1.7.2 127349 Bytes 25/11/2010 19:37:00 AESBX.DLL : 8.2.1.34 323957 Bytes 04/06/2011 19:07:24 AERDL.DLL : 8.1.9.13 639349 Bytes 14/07/2011 19:57:31 AEPACK.DLL : 8.2.9.5 676214 Bytes 14/07/2011 19:57:30 AEOFFICE.DLL : 8.1.2.13 201083 Bytes 31/07/2011 13:21:02 AEHEUR.DLL : 8.1.2.148 3576184 Bytes 31/07/2011 13:21:02 AEHELP.DLL : 8.1.17.7 254327 Bytes 31/07/2011 13:21:02 AEGEN.DLL : 8.1.5.6 401780 Bytes 19/05/2011 21:08:14 AEEMU.DLL : 8.1.3.0 393589 Bytes 25/11/2010 19:36:51 AECORE.DLL : 8.1.22.4 196983 Bytes 14/07/2011 19:57:27 AEBB.DLL : 8.1.1.0 53618 Bytes 17/08/2010 11:38:45 AVWINLL.DLL : 10.0.0.0 19304 Bytes 17/08/2010 11:38:56 AVPREF.DLL : 10.0.0.0 44904 Bytes 17/08/2010 11:38:55 AVREP.DLL : 10.0.0.10 174120 Bytes 17/05/2011 17:44:33 AVREG.DLL : 10.0.3.2 53096 Bytes 17/08/2010 11:38:56 AVSCPLR.DLL : 10.0.4.2 84840 Bytes 29/04/2011 21:10:47 AVARKT.DLL : 10.0.22.6 231784 Bytes 15/12/2010 18:40:14 AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 17/08/2010 11:38:55 SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 13:28:02 AVSMTP.DLL : 10.0.0.17 63848 Bytes 17/08/2010 11:38:56 NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 13:28:01 RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 10/02/2010 23:23:03 RCTEXT.DLL : 10.0.58.0 99688 Bytes 17/08/2010 11:39:11 Configuration pour la recherche actuelle : Nom de la tâche...............................: Contrôle intégral du système Fichier de configuration......................: C:\program files\avira\antivir desktop\sysscan.avp Documentation.................................: bas Action principale.............................: interactif Action secondaire.............................: ignorer Recherche sur les secteurs d'amorçage maître..: marche Recherche sur les secteurs d'amorçage.........: marche Secteurs d'amorçage...........................: C:, D:, Recherche dans les programmes actifs..........: marche Programmes en cours étendus...................: marche Recherche en cours sur l'enregistrement.......: marche Recherche de Rootkits.........................: marche Contrôle d'intégrité de fichiers système......: arrêt Fichier mode de recherche.....................: Tous les fichiers Recherche sur les archives....................: marche Limiter la profondeur de récursivité..........: 20 Archive Smart Extensions......................: marche Heuristique de macrovirus.....................: marche Heuristique fichier...........................: moyen Début de la recherche : mardi 2 août 2011 18:32 La recherche d'objets cachés commence. c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe [REMARQUE] Le processus n'est pas visible. La recherche sur les processus démarrés commence : Processus de recherche 'svchost.exe' - '30' module(s) sont contrôlés Processus de recherche 'vssvc.exe' - '49' module(s) sont contrôlés Processus de recherche 'avscan.exe' - '81' module(s) sont contrôlés Processus de recherche 'avscan.exe' - '29' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '65' module(s) sont contrôlés Processus de recherche 'wuauclt.exe' - '34' module(s) sont contrôlés Processus de recherche 'mbamservice.exe' - '37' module(s) sont contrôlés Processus de recherche 'IAStorDataMgrSvc.exe' - '45' module(s) sont contrôlés Processus de recherche 'wmiprvse.exe' - '34' module(s) sont contrôlés Processus de recherche 'unsecapp.exe' - '27' module(s) sont contrôlés Processus de recherche 'msiexec.exe' - '45' module(s) sont contrôlés Processus de recherche 'wmpnetwk.exe' - '96' module(s) sont contrôlés Processus de recherche 'SynTPHelper.exe' - '13' module(s) sont contrôlés Processus de recherche 'WLIDSvcM.exe' - '16' module(s) sont contrôlés Processus de recherche 'igfxext.exe' - '19' module(s) sont contrôlés Processus de recherche 'SearchIndexer.exe' - '62' module(s) sont contrôlés Processus de recherche 'WLIDSVC.EXE' - '52' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '7' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '55' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '40' module(s) sont contrôlés Processus de recherche 'SchedulerSvc.exe' - '39' module(s) sont contrôlés Processus de recherche 'BackupSvc.exe' - '44' module(s) sont contrôlés Processus de recherche 'MobilityService.exe' - '35' module(s) sont contrôlés Processus de recherche 'LSSrvc.exe' - '20' module(s) sont contrôlés Processus de recherche 'ETService.exe' - '74' module(s) sont contrôlés Processus de recherche 'eDSService.exe' - '25' module(s) sont contrôlés Processus de recherche 'Agentsvc.exe' - '38' module(s) sont contrôlés Processus de recherche 'mDNSResponder.exe' - '33' module(s) sont contrôlés Processus de recherche 'avshadow.exe' - '33' module(s) sont contrôlés Processus de recherche 'AppleMobileDeviceService.exe' - '48' module(s) sont contrôlés Processus de recherche 'avguard.exe' - '68' module(s) sont contrôlés Processus de recherche 'agrsmsvc.exe' - '16' module(s) sont contrôlés Processus de recherche 'armsvc.exe' - '25' module(s) sont contrôlés Processus de recherche 'GoogleToolbarNotifier.exe' - '59' module(s) sont contrôlés Processus de recherche 'igfxsrvc.exe' - '28' module(s) sont contrôlés Processus de recherche 'wmpnscfg.exe' - '29' module(s) sont contrôlés Processus de recherche 'SynTPEnh.exe' - '42' module(s) sont contrôlés Processus de recherche 'LManager.exe' - '66' module(s) sont contrôlés Processus de recherche 'IAStorIcon.exe' - '44' module(s) sont contrôlés Processus de recherche 'igfxpers.exe' - '36' module(s) sont contrôlés Processus de recherche 'hkcmd.exe' - '40' module(s) sont contrôlés Processus de recherche 'igfxtray.exe' - '24' module(s) sont contrôlés Processus de recherche 'avgnt.exe' - '62' module(s) sont contrôlés Processus de recherche 'taskeng.exe' - '49' module(s) sont contrôlés Processus de recherche 'Explorer.EXE' - '146' module(s) sont contrôlés Processus de recherche 'taskeng.exe' - '84' module(s) sont contrôlés Processus de recherche 'Dwm.exe' - '39' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '60' module(s) sont contrôlés Processus de recherche 'sched.exe' - '56' module(s) sont contrôlés Processus de recherche 'spoolsv.exe' - '94' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '94' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '89' module(s) sont contrôlés Processus de recherche 'SLsvc.exe' - '23' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '37' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '149' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '106' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '70' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '47' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '33' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '40' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '30' module(s) sont contrôlés Processus de recherche 'lsm.exe' - '22' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '60' module(s) sont contrôlés Processus de recherche 'services.exe' - '35' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '14' module(s) sont contrôlés Processus de recherche 'wininit.exe' - '26' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '14' module(s) sont contrôlés Processus de recherche 'smss.exe' - '2' module(s) sont contrôlés La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'D:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence : Le registre a été contrôlé ( '1776' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' <ACER> Recherche débutant dans 'D:\' Fin de la recherche : mardi 2 août 2011 19:43 Temps nécessaire: 1:11:31 Heure(s) La recherche a été effectuée intégralement 23658 Les répertoires ont été contrôlés 396224 Des fichiers ont été contrôlés 0 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 0 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 0 Impossible de scanner des fichiers 396224 Fichiers non infectés 2350 Les archives ont été contrôlées 0 Avertissements 1 Consignes 617759 Des objets ont été contrôlés lors du Rootkitscan 1 Des objets cachés ont été trouvés
  12. Si si j ai essaye mais sur les 3 testes, les 3 a reconfigurer!!! :outch:
  13. Oh trop galere!!! Il me faut tout reconfigurer genre itunes... Tant pis, je resterai avec une double session!!! Merci pour tout en tout cas et si une idee te venait par la suite, je suis preneur
  14. Salut, J aimerai pouvoir lire mes musiques sur ma tele via la freebox. J ai autoriser le partage en reseau des mes fichiers multimedias. Sur la freebox, apparait bien alors mon pc mais a chaque fois que je le lance, j ai pour message" l operation a echoue"! Je me suis dit, peut etre le Sone alarm mais rien n y change et je n y connais pas grand chose Je suis sous vista et j ai la freebox V5. merci a ceux qui pourront m aider!
  15. Alors, avec une 2EME session de créée, l probleme n esciste plus ni sur ette session ni sur celle posant probleme habituellement! Par contre, quand je supprime cette nouvelle session, le probleme réapparait!
  16. Fait! Mais ... probleme persistant
  17. ZA ou non: 0 changement :chpas: :chpas:
  18. j ai effectue la bonne restauration, voila le rapport de DelFix. j essaie a tout hasard de desinstaller ZA! # DelFix v8.1 - Rapport créé le 10/07/2011 à 13:38 # Mis à jour le 20/06/11 à 19h par Xplode # Système d'exploitation : Windows Vista Home Premium (32 bits) [version 6.0.6001] Service Pack 1 # Nom d'utilisateur : Mayke - PC-DE-MAYKE (Administrateur) # Exécuté depuis : C:\Users\Mayke\Downloads\delfix.exe # Option [suppression] ~~~~~~ Dossier(s) ~~~~~~ Supprimé : C:\MyHosts Supprimé : C:\Program Files\ZHPDiag Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP ~~~~~~ Fichier(s) ~~~~~~ Supprimé : C:\MyHosts.txt Supprimé : C:\PhysicalDisk0_MBR.bin Supprimé : C:\ZHPExportRegistry-06-07-2011-00-27-56.txt Supprimé : C:\Users\Mayke\Desktop\ZHPFixReport.txt Supprimé : C:\Users\Public\Desktop\MBRCheck.lnk Supprimé : C:\Users\Public\Desktop\ZHPDiag.lnk Supprimé : C:\Users\Public\Desktop\ZHPFix.lnk Supprimé : C:\Users\Mayke\Downloads\ZHPDiag2(1).zip Supprimé : C:\Users\Mayke\Downloads\ZHPDiag2.zip ~~~~~~ Registre ~~~~~~ Clé Supprimée : HKLM\Software\TrendMicro\Hijackthis Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1 ~~~~~~ Autre ~~~~~~ -> Prefetch vidé ########## EOF - "C:\DelFixSuppr.txt" - [1273 octets] ##########
  19. Salut, Drivers de la carte graphique a jour, y avait juste deux trois drivers genre ethernet, multi USB... Le probleme persiste mais c est pas si genant que ca, le reste est bien plus agreable desormais! si tu as une autre idee, sait on jamais, je suis preneur, sinon je classerai ce post en resolu! Merci a toi bernard53 et longue vie a Zebulon ))
  20. Salut bernard53! Alors y a du mieux en effet mais toujours certaines choses, rien a voir avec une eventuelle infection ca tombe! Le pc rame bcp moins, il s eteint meme tres vite Les deux seules choses que j ai remarquees en fait sont: 1/ a l allumage du pc, apres le logo windows, tout devient noir et il faut un bon moment pour que le bureau apparaisse sauf avec CTRL + ALT + SUPPR. 2/ Ma configuration de firefox a ete completement modifie apres le dernier nettoyage mais je pense que c est normal non?! Etais je infecte au fait?
  21. Super sympa de ta part bernard53!!! ) alors je viens de suivre tes consignes. La seule chose que je puisse dire pour le moment c que mon firefox a changé! Voila en tout cas le rapport et je te fais part des problemes si problemes persistants d ici peu! Rapport de ZHPFix 1.12.3335 par Nicolas Coolman, Update du 04/07/2011 Fichier d'export Registre : C:\ZHPExportRegistry-06-07-2011-00-27-56.txt Run by Mayke at 06/07/2011 00:27:56 Windows Vista Home Premium Edition, 32-bit Service Pack 1 (Build 6001) Web site : ZHPFix Fix de rapport ========== Clé(s) du Registre ========== SUPPRIME Key: CLSID BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} SUPPRIME Key: CLSID BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} SUPPRIME Key: HKCU\Software\AppDataLow\Software\Conduit SUPPRIME Key: HKCU\Software\Ask&Record SUPPRIME Key: HKCU\Software\Conduit SUPPRIME Key: HKCU\Software\Zugo SUPPRIME Key: SearchScopes :{1F096B29-E9DA-4D64-8D63-936BE7762CC5} SUPPRIME Key: SearchScopes :{afdbddaa-5d3f-42ee-b79c-185a7020515b} SUPPRIME Key: HKLM\Software\Classes\Toolbar.CT2611275 ABSENT Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} SUPPRIME Key: HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} ABSENT Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} SUPPRIME Key: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} ABSENT Key: HKCU\Software\Ask&Record ABSENT Key: HKCU\Software\Conduit ABSENT Key: HKCU\Software\AppDataLow\Software\Conduit SUPPRIME Key: HKLM\Software\Conduit ========== Valeur(s) du Registre ========== SUPPRIME Toolbar: {0BF43445-2F28-4351-9252-17FE6E806AA0} ABSENT Valeur Standard Profile: FirewallRaz : ABSENT Valeur Domain Profile: FirewallRaz : SUPPRIME FirewallRaz (None) : {E0025EC9-154E-4225-AD81-E6274D2A9539} SUPPRIME FirewallRaz (None) : {F1787AFA-A50D-408A-B6F9-E2286BB02F56} SUPPRIME FirewallRaz (Private) : {F38DC242-050D-47FD-98B4-24F264BE2626} SUPPRIME FirewallRaz (Private) : {C1A04BA2-F60D-49CA-AA3F-BA899967C5E7} SUPPRIME FirewallRaz (Private) : {48DAC28D-5FB8-4AF5-94DB-9DEAD9AB4675} SUPPRIME FirewallRaz (Private) : {6E4FC0F3-1C21-454B-9BAE-E88272F63667} ========== Elément(s) de donnée du Registre ========== SUPPRIME R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page SUPPRIME R0 - HKUS\S-1-5-21-3072727286-2981826037-1783307074-1000\Software\Microsoft\Internet Explorer\Main,Start Page SUPPRIME R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant ========== Préférences navigateur ========== SUPPRIME Mozilla Pref: user_pref("CT1060933.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?'>http://search.conduit.com/ResultsExt.aspx? SUPPRIME Mozilla Pref: user_pref("CT2611275.SearchEngine", "Search||http://search.conduit.com/Results.aspx? SUPPRIME Mozilla Pref: user_pref("CT2611275.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx? SUPPRIME Mozilla Pref: user_pref("CT2611275.ct2611275.SearchEngine", "Search||http://search.conduit.com/Results.aspx? SUPPRIME Mozilla Pref: user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933 ========== Dossier(s) ========== SUPPRIME Folder: C:\Users\Mayke\AppData\Roaming\Mozilla\Firefox\Profiles\raz6ubhh.default\extensions\engine@conduit.com SUPPRIME Folder*: C:\Program Files\Conduit SUPPRIME Folder: C:\Users\Mayke\AppData\Local\MediaGet2 ABSENT C:\Users\Mayke\AppData\Local\MediaGet2 SUPPRIME Folder: c:\users\mayke\appdata\locallow\babylontoolbar SUPPRIME Folder: c:\users\mayke\appdata\locallow\conduit SUPPRIME Folder: c:\users\mayke\appdata\roaming\mozilla\firefox\profiles\raz6ubhh.default\conduit SUPPRIME Folder: c:\users\mayke\appdata\roaming\mozilla\firefox\profiles\raz6ubhh.default\conduitengine SUPPRIME Flash Cookies: 289 SUPPRIME Temporaires Windows: : 108 ========== Fichier(s) ========== SUPPRIME c:\users\mayke\appdata\roaming\mozilla\firefox\profiles\raz6ubhh.default\searchplugins\conduit.xml ABSENT File: c:\users\mayke\appdata\roaming\mozilla\firefox\profiles\raz6ubhh.default\searchplugins\conduit.xml ABSENT Folder/File: c:\program files\conduit ABSENT Folder/File: c:\users\mayke\appdata\local\mediaget2 ABSENT Folder/File: c:\users\mayke\appdata\roaming\mozilla\firefox\profiles\raz6ubhh.default\extensions\engine@conduit.com ABSENT Folder/File: c:\users\mayke\appdata\roaming\mozilla\firefox\profiles\raz6ubhh.default\searchplugins\conduit.xml SUPPRIME Flash Cookies: 122 SUPPRIME Temporaires Windows: : 392 ========== Récapitulatif ========== 18 : Clé(s) du Registre 9 : Valeur(s) du Registre 3 : Elément(s) de donnée du Registre 10 : Dossier(s) 8 : Fichier(s) 5 : Préférences navigateur ========== Chemin du fichier rapport ========== C:\Program Files\ZHPDiag\ZHPFixReport.txt End of the scan in 01mn 20s
  22. Et voila le dernier rapport! Rapport de ZHPDiag v1.27.2364 par Nicolas Coolman, Update du 04/07/2011 Run by Mayke at 04/07/2011 22:55:34 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.19088 MFIE: Mozilla Firefox 5.0 v (Defaut) ---\\ System Information Windows Vista Home Premium Edition, 32-bit Service Pack 1 (Build 6001) Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3000 MB (56% free) System Restore: Activé (Enable) System drive C: has 17 GB (24%) free of 70 GB ---\\ Logged in mode Computer Name: PC-DE-MAYKE User Name: Mayke All Users Names: Mayke, Administrateur, Unselected Option: None Logged in as Administrator ---\\ Environnement Variables ~ %AppData%=C:\Users\Mayke\AppData\Roaming\ ~ %Desktop%=C:\Users\Mayke\Desktop\ ~ %Favorites%=C:\Users\Mayke\Favorites\ ~ %LocalAppData%=C:\Users\Mayke\AppData\Local\ ~ %StartMenu%=C:\Users\Mayke\AppData\Roaming\Microsoft\Windows\Start Menu\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 17 Go of 70 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 48 Go of 70 Go) E:\ CD-ROM drive (Not Inserted) F:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK ---\\ Recherche particulière de fichiers génériques [MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - (.Microsoft Corporation - Explorateur Windows.) (.19/10/2010 - 07:29:41.) -- C:\Windows\Explorer.exe [2927104] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\system32\Wininit.exe [96768] [MD5.DE4685DE5130039FA63DA66C0F72F787] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/06/2011 - 07:08:58.) -- C:\Windows\system32\wininet.dll [916480] [MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/01/2008 - 03:24:49.) -- C:\Windows\system32\Winlogon.exe [314880] [MD5.0D83C87A801A3DFCD1BF73893FE7518C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 08:24:56.) -- C:\Windows\system32\drivers\atapi.sys [21560] [MD5.B4EFFE29EB4F15538FD8A9681108492D] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\drivers\ntfs.sys [1081912] ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/3 ~ Mes musiques (My Musics) : 3/129 ~ Mes Videos (My Videos) : 1/10 ~ Mes Favoris (My Favorites) : 7/26 ~ Mon Bureau (My Desktop) : 4/253 ~ Menu demarrer (Programs) : 7/41 ---\\ Processus lancés [MD5.B9AA850CDA55097EB13E03698C8F5828] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [266776] [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [MD5.5C080C61235C74568C2978FC7E602AE0] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896] [MD5.86171114D84AFBD3DFCE930E320C1BBF] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6183456] [MD5.2AC7F8B8BF0D5D327A3A2A00453222C4] - (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe [200704] [MD5.2B8EDA2A4D0358A4DC52039676A2D5E5] - (.Dritek System Inc. - Acer Launch Manager Keyboard Application.) -- C:\Program Files\Launch Manager\LManager.exe [809480] [MD5.A9E634BBEDC2B41162767ED7F7DD9646] - (.Egis Incorporated - Acer eDataSecurity Management Loader.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe [526896] [MD5.A580E4309E636A93B89E89712FF0959D] - (.Acer Inc. - Acer ePower Management - DMC.) -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [409600] [MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [MD5.0D2F62C6E2E9BD508F7BF2E6C8BA176D] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [1043968] [MD5.1029B84ECBE4B95ACB8491A3FE63D70F] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [136216] [MD5.3CD5BBDA19A1AB4EBA359E0A14FDF0F0] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [171032] [MD5.3142195521FEE436088EE8A5748DE1B1] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [170520] [MD5.F06CA6475B7A538DB9DC3F7B896B97E4] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [449584] [MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [97680] [MD5.87558C6D3B8BE9F4724502E6DD1591CF] - (...) -- C:\Program Files\PdaNet for iPhone\PdaNetPC.exe [215568] [MD5.F2F3617C63B87AA2DE139DC9E37420B5] - (.Intel Corporation - igfxext Module.) -- C:\Windows\system32\igfxext.exe [179224] [MD5.B2994EC6452DBD04E57828EEFEDFB93C] - (.Realtek Semiconductor Corp. - Realtek HD Audio Data Rerouter.) -- C:\Users\Mayke\AppData\Local\Temp\RtkBtMnt.exe [204800] [MD5.D641DB524C3D9A1AB72F94BDC6FF27D7] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472] [MD5.F96EBC5A624349D81DCC7600A3C5DC43] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [MD5.4FC85445130425BAA9F0C48113EDFEC4] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [656896] ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Mayke\AppData\Roaming\Mozilla\Firefox\Profiles\raz6ubhh.default\prefs.js M3 - MFPP: Plugins - [Mayke] -- C:\Users\Mayke\AppData\Roaming\Mozilla\Firefox\Profiles\raz6ubhh.default\searchplugins\conduit.xml M3 - MFPP: Plugins - [Mayke] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Mayke] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml M3 - MFPP: Plugins - [Mayke] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [Mayke] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Mayke] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Mayke] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Mayke] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Mayke] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll P2 - FPN:Firefox Plugin Navigator . (.NOS Microsystems Ltd. - getplusplusadobe16291.) -- C:\Program Files\Mozilla Firefox\Plugins\np_gp.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@nosltd.com/getPlus+®,version=1.6.2.91] - (.NOS Microsystems Ltd. - getplusplusadobe16291.) -- C:\Program Files\NOS\bin\np_gp.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll M0 - MFSP: prefs.js [Mayke - raz6ubhh.default] Google M2 - MFEP: prefs.js [Mayke - raz6ubhh.default\engine@conduit.com] [] Conduit Engine v3.3.3.2 (.Conduit Ltd..) M2 - MFEP: prefs.js [Mayke - raz6ubhh.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.) M2 - MFEP: prefs.js [Mayke - raz6ubhh.default\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}] [] AddThis v3.1.1 (.AddThis.) ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Mayke\AppData\Local\Google\Chrome\User Data\Default\Preferences ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com R0 - HKUS\S-1-5-21-3072727286-2981826037-1783307074-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Babylon Search R1 - HKUS\S-1-5-21-3072727286-2981826037-1783307074-1000\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Clé orpheline O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} . (...) -- (.not file.) O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} . (.Egis Incorporated. - Acer eDataSecurity Management Explorer Tool.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll ---\\ ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe O4 - HKLM\..\Run: [PLFSetI] . (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Acer Launch Manager Keyboard Application.) -- C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [eDataSecurity Loader] . (.Egis Incorporated - Acer eDataSecurity Management Loader.) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe O4 - HKLM\..\Run: [ePower_DMC] . (.Acer Inc. - Acer ePower Management - DMC.) -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [WarReg_PopUp] . (.Acer Incorporated - WR_PopUp.) -- C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - Global Startup: C:\Users\Mayke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: C:\Users\Mayke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk . (...) -- C:\Program Files\PdaNet for iPhone\PdaNetPC.exe ---\\ ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\Mayke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Mayke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\Mayke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\Mayke\Desktop\jv16 PowerTools 2011.lnk . (.Macecraft Software.) -- C:\Program Files\jv16 PowerTools 2011\jv16PT.exe O4 - Global Startup: C:\Users\Mayke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\jv16 PowerTools 2011.lnk . (.Macecraft Software.) -- C:\Program Files\jv16 PowerTools 2011\jv16PT.exe O4 - Global Startup: C:\Users\Mayke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Mayke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE O4 - Global Startup: C:\Users\Mayke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\Mayke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files\uTorrent\uTorrent.exe ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico (.not file.) O9 - Extra button: Skype Plug-In - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{78C06080-D7C7-4FBA-9CFE-8AC34E178AE0}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS1\Services\Tcpip\..\{78C06080-D7C7-4FBA-9CFE-8AC34E178AE0}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 ---\\ Protocole additionnel et piratage de protocole (O18) O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems - Agere Soft Modem Call Progress Service.) - C:\Windows\system32\agrsmsvc.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) . (.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: eDataSecurity Service (eDataSecurity Service) . (.Egis Incorporated - Acer eDataSecurity Management Service.) - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) . (.Pas de propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: MobilityService (MobilityService) . (.Pas de propriétaire - app.) - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: C:\Program Files\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) . (.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) . (...) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\Windows\System32\ZoneLabs\vsmon.exe ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GlaryInitialize.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.8536F3768E1BFD2F8441C732EFE2DE2E] [APT] [GlaryInitialize] (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\initialize.exe [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.0EA8C1256AA9F68287CD8F06EB527238] [APT] [{8E59B718-424B-4749-A713-25612669871F}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\Windows\System32\DRIVERS\vsdatant.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys ---\\ Logiciels installés (O42) O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip O42 - Logiciel: Acer Crystal Eye Webcam 2.0.8 - (.SuYin.) [HKLM] -- {A77255C4-AFCB-44A3-BF0F-2091A71FFD9E} O42 - Logiciel: Acer Empowering Technology - (.Acer Incorporated.) [HKLM] -- {8F1B6239-FEA0-450A-A950-B05276CE177C} O42 - Logiciel: Acer GridVista - (.Pas de propriétaire.) [HKLM] -- GridVista O42 - Logiciel: Acer Mobility Center Plug-In - (.Acer Inc..) [HKLM] -- {11316260-6666-467B-AC34-183FCB5D4335} O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM] -- {79DD56FC-DB8B-47F5-9C80-78B62E05F9BC} O42 - Logiciel: Acer eDataSecurity Management - (.Egis Inc..) [HKLM] -- {A5633652-3795-4829-BB0B-644F0279E279} O42 - Logiciel: Acer ePower Management - (.Acer Incorporated.) [HKLM] -- {58E5844B-7CE2-413D-83D1-99294BF6C74F} O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9} O42 - Logiciel: Acer eSettings Management - (.Acer Incorporated.) [HKLM] -- {13D85C14-2B85-419F-AC41-C7F21E68B25D} O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites - (.Microsoft Corporation.) [HKLM] -- Activation Assistant for the 2007 Microsoft Office suites O42 - Logiciel: Adobe Download Manager - (.NOS Microsystems Ltd..) [HKLM] -- {E2883E8F-472F-4fb0-9522-AC9BF37916A7} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader X (10.1.0) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} O42 - Logiciel: Agere Systems HDA Modem - (.Agere Systems.) [HKLM] -- Agere Systems Soft Modem O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {853A4763-6643-4604-8D64-28BDD8925F4C} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CACAEB5F-174D-4C7C-AC56-A33289A807CA} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1} O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {C2E4B5BD-32DB-4817-A060-341AB17C3F90} O42 - Logiciel: CleanUp! - (.Pas de propriétaire.) [HKLM] -- CleanUp! O42 - Logiciel: FileZilla Client 3.3.5.1 - (.Pas de propriétaire.) [HKLM] -- FileZilla Client O42 - Logiciel: FormatFactory 2.60 - (.Free Time.) [HKLM] -- FormatFactory O42 - Logiciel: FoxTab AVI Converter - (.Pas de propriétaire.) [HKCU] -- FoxTab AVI Converter O42 - Logiciel: Freecorder - (.Applian Technologies Inc..) [HKLM] -- Freecorder4.1 O42 - Logiciel: Garmin USB Drivers - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E} O42 - Logiciel: Garmin WebUpdater - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {E394CC6D-9F54-41CC-9415-6FFF07885881} O42 - Logiciel: Glary Utilities 2.29.0.1032 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1 O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: HP Deskjet 3050 J610 series Aide - (.Hewlett Packard.) [HKLM] -- {F7632A9B-661E-4FD9-B1A4-3B86BC99847F} O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {787D1A33-A97B-4245-87C0-7174609A540C} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: ImgBurn 2.3.2.0 Fr - (.Pas de propriétaire.) [HKLM] -- {75ADEFA2-D4FF-4B37-9E93-4306E6AC176B}_is1 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8} O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI O42 - Logiciel: Java 6 Update 24 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216022FF} O42 - Logiciel: K-Lite Codec Pack 6.5.0 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1 O42 - Logiciel: Launch Manager - (.Pas de propriétaire.) [HKLM] -- LManager O42 - Logiciel: Logiciel de base du périphérique HP Deskjet 3050 J610 series - (.Hewlett-Packard Co..) [HKLM] -- {5E6A397B-DCEA-4B02-95A7-22383979E206} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {81E95872-8357-4363-A764-8F98B28340C5} O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.0.1200 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Marvell Miniport Driver - (.Marvell.) [HKLM] -- Marvell Miniport Driver O42 - Logiciel: MediaCoder 0.6.0 - (.Stanley Huang.) [HKLM] -- MediaCoder O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E} O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C} O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Mozilla Firefox 5.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 fr) O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403} O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM] -- InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC} O42 - Logiciel: Nero BurnRights 10 - (.Nero AG.) [HKLM] -- {943CFD7D-5336-47AF-9418-E02473A5A517} O42 - Logiciel: Nero BurnRights 10 Help (CHM) - (.Nero AG.) [HKLM] -- {555868C6-49FB-484F-BB43-8980651A1B00} O42 - Logiciel: Nero Burning ROM 10 - (.Nero AG.) [HKLM] -- {7A5D731D-B4B3-490E-B339-75685712BAAB} O42 - Logiciel: Nero Burning ROM 10 - (.Nero AG.) [HKLM] -- {FE83F463-7E61-4B18-9FA0-B94B90A0B6B9} O42 - Logiciel: Nero BurningROM 10 Help (CHM) - (.Nero AG.) [HKLM] -- {9B6B24BE-80E7-46C4-9FA5-B167D5E0F345} O42 - Logiciel: Nero Control Center 10 - (.Nero AG.) [HKLM] -- {6DFB899F-17A2-48F0-A533-ED8D6866CF38} O42 - Logiciel: Nero ControlCenter 10 Help (CHM) - (.Nero AG.) [HKLM] -- {523B2B1B-D8DB-4B41-90FF-C4D799E2758A} O42 - Logiciel: Nero Core Components 10 - (.Nero AG.) [HKLM] -- {2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F} O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A} O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: PC Inspector smart recovery - (.Pas de propriétaire.) [HKLM] -- {C9A87D86-FDFD-418B-BF96-EF09320973B3} O42 - Logiciel: PdaNet Desktop for iPhone 1.54 - (.June Fabrics Technology Inc.) [HKLM] -- PdaNet_is1 O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {DC24971E-1946-445D-8A82-CE685433FA7D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD0DE453-0804-4495-9C91-33D0F9AA5463} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD907315-705A-4475-A1A0-2A1245803E4D} O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD907315-705A-4475-A1A0-2A1245803E4D} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A0173254-F442-4D04-9154-43FA157B83D0} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0173254-F442-4D04-9154-43FA157B83D0} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261-AA5B-48D1-931F-425C9D767490} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870 O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {B6CF2967-C81E-40C0-9815-C05774FEF120} O42 - Logiciel: Skype™ 5.3 - (.Skype Technologies S.A..) [HKLM] -- {5335DADB-34BA-4AE8-A519-648D78498846} O42 - Logiciel: SpywareBlaster 4.4 - (.Javacool Software LLC.) [HKLM] -- SpywareBlaster_is1 O42 - Logiciel: Sweet Home 3D version 2.6 - (.eTeks.) [HKLM] -- Sweet Home 3D_is1 O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: Uninstall 1.0.0.1 - (.Pas de propriétaire.) [HKLM] -- Uninstall_is1 O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1365864D-4C58-489D-9982-844D75691CCC} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2536413) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{95DF5260-331D-4FFD-A2D5-C64164751945} O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: WBFS Manager 2.5 - (.WBFS.) [HKLM] -- {A5B5B6D8-DE44-44A3-90C4-8C07A1E0FAD4} O42 - Logiciel: WBFS Manager 3.0 - (.AlexDP.) [HKLM] -- WBFS Manager 3.0 O42 - Logiciel: WinSCP 4.2.9 - (.Martin Prikryl.) [HKLM] -- winscp3_is1 O42 - Logiciel: Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) - (.Garmin.) [HKLM] -- 49CF605F02C7954F4E139D18828DE298CD59217C O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {B3B487E7-6171-4376-9074-B28082CEB504} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1} O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {0840B4D6-7DD1-4187-8523-E6FC0007EFB7} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B} O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM] -- ZoneAlarm O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {353FE16B-30FE-469A-BF55-B978F4218003} O42 - Logiciel: jv16 PowerTools 1.3 - (.Pas de propriétaire.) [HKLM] -- jv16 PowerTools_is1 O42 - Logiciel: jv16 PowerTools 2011 - (.Macecraft Software.) [HKLM] -- jv16 PowerTools 2011 O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKCU] -- uTorrent O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM] -- uTorrent ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\AC3Filter] [HKCU\Software\Acer] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\ISWVolatile] [HKCU\Software\AppDataLow\Software\Conduit] [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Monitored] [HKCU\Software\AppDataLow\Software\settings] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\ApplianTechnologies] [HKCU\Software\Ask&Record] [HKCU\Software\Avira] [HKCU\Software\BitTorrent] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Conduit] [HKCU\Software\CyberLink] [HKCU\Software\DVDVideoSoft] [HKCU\Software\EasyBits] [HKCU\Software\FreeTime] [HKCU\Software\Freecorder] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Garmin] [HKCU\Software\GlarySoft] [HKCU\Software\Google] [HKCU\Software\HP] [HKCU\Software\Haali] [HKCU\Software\Hewlett-Packard] [HKCU\Software\HookNetwork] [HKCU\Software\IM Providers] [HKCU\Software\ImgBurn] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\MONOGRAM] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Martin Prikryl] [HKCU\Software\MediaInfo] [HKCU\Software\Mozilla] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\NewTech Infosystems] [HKCU\Software\ODBC] [HKCU\Software\PdaNetIPhone] [HKCU\Software\Policies] [HKCU\Software\RatioMaster.NET] [HKCU\Software\Realtek] [HKCU\Software\SimonTatham] [HKCU\Software\Skype] [HKCU\Software\Sonix] [HKCU\Software\Synaptics] [HKCU\Software\TeamViewer] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VirtualDub.org] [HKCU\Software\Visan] [HKCU\Software\WinRAR] [HKCU\Software\Wistron] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\Zone Labs] [HKCU\Software\Zugo] [HKCU\Software\cybelsoft] [HKCU\Software\ej-technologies] [HKCU\Software\madFlac] [HKCU\Software\stevengould.org] [HKLM\Software\Acer] [HKLM\Software\Adobe] [HKLM\Software\Agere] [HKLM\Software\America Online] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Applian Technologies] [HKLM\Software\AviSynth] [HKLM\Software\Avira] [HKLM\Software\CXT] [HKLM\Software\CheckPoint] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\Conduit] [HKLM\Software\Conexant] [HKLM\Software\CyberLink] [HKLM\Software\FileZilla 3] [HKLM\Software\Freecorder] [HKLM\Software\GEAR Software] [HKLM\Software\GNU] [HKLM\Software\Garmin] [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\HaaliMkx] [HKLM\Software\Hewlett-Packard] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KLCodecPack] [HKLM\Software\Licenses] [HKLM\Software\LightScribe] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\Martin Prikryl] [HKLM\Software\Marvell] [HKLM\Software\McAfee.com] [HKLM\Software\McAfee] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NOS] [HKLM\Software\Nero] [HKLM\Software\NewTech Infosystems] [HKLM\Software\ODBC] [HKLM\Software\OemSetup] [HKLM\Software\Policies] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek USB 2.0 Card Reader] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Skype] [HKLM\Software\Sonic] [HKLM\Software\SpywareBlaster] [HKLM\Software\Synaptics] [HKLM\Software\TeamViewer] [HKLM\Software\Trad-FR] [HKLM\Software\TrendMicro] [HKLM\Software\VideoLAN] [HKLM\Software\WOW6432Node] [HKLM\Software\WinRAR] [HKLM\Software\Wistron] [HKLM\Software\X-AVCSD] [HKLM\Software\Zone Labs] [HKLM\Software\cybelsoft] [HKLM\Software\instinno] [HKLM\Software\mcafeeupdater] [HKLM\Software\mozilla.org] [HKLM\Software\muvee Technologies] [HKLM\Software\nSplitter] ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 19/10/2010 - 01:15:28 - [3094515] ----D- C:\Program Files\7-Zip O43 - CFD: 19/10/2010 - 00:11:34 - [148439429] ----D- C:\Program Files\Acer O43 - CFD: 19/10/2010 - 00:08:38 - [1372369] ----D- C:\Program Files\Acer Inc O43 - CFD: 08/05/2008 - 08:02:56 - [0] ----D- C:\Program Files\Acer Incorporated O43 - CFD: 08/05/2008 - 08:15:14 - [12683094] ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites O43 - CFD: 18/06/2011 - 11:39:04 - [164206100] ----D- C:\Program Files\Adobe O43 - CFD: 19/10/2010 - 15:04:34 - [2306366] ----D- C:\Program Files\Apple Software Update O43 - CFD: 19/12/2010 - 02:02:50 - [5365305] ----D- C:\Program Files\ArtOfIllusion O43 - CFD: 19/10/2010 - 00:30:00 - [123472087] ----D- C:\Program Files\Avira O43 - CFD: 06/01/2011 - 02:05:30 - [144857] ----D- C:\Program Files\AviSynth 2.5 O43 - CFD: 21/04/2011 - 00:21:20 - [621129] ----D- C:\Program Files\Bonjour O43 - CFD: 03/07/2011 - 23:39:44 - [0] ----D- C:\Program Files\CheckPoint O43 - CFD: 14/03/2011 - 00:34:12 - [571183] ----D- C:\Program Files\CleanUp! O43 - CFD: 23/06/2011 - 23:46:00 - [705646916] ----D- C:\Program Files\Common Files O43 - CFD: 19/10/2010 - 01:27:26 - [521312] ----D- C:\Program Files\Conduit O43 - CFD: 19/06/2011 - 17:59:24 - [1232740] ----D- C:\Program Files\Convar O43 - CFD: 19/10/2010 - 00:58:24 - [0] ----D- C:\Program Files\Cyberlink O43 - CFD: 28/12/2010 - 23:27:18 - [5514190] ----D- C:\Program Files\DAEMON Tools Lite O43 - CFD: 21/06/2011 - 08:25:22 - [304608] ----D- C:\Program Files\DIFX O43 - CFD: 18/10/2010 - 23:48:28 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 08/02/2011 - 17:23:14 - [16451399] ----D- C:\Program Files\FileZilla FTP Client O43 - CFD: 24/06/2011 - 00:28:34 - [14719600] ----D- C:\Program Files\FoxTabAVIConverter O43 - CFD: 11/05/2011 - 22:00:40 - [11863795] ----D- C:\Program Files\Freecorder O43 - CFD: 27/02/2011 - 00:42:40 - [118070272] ----D- C:\Program Files\FreeTime O43 - CFD: 21/06/2011 - 08:26:56 - [16475956] ----D- C:\Program Files\Garmin O43 - CFD: 21/04/2011 - 13:04:04 - [18553508] ----D- C:\Program Files\Glary Utilities O43 - CFD: 27/05/2011 - 20:58:08 - [39616790] ----D- C:\Program Files\Google O43 - CFD: 16/03/2011 - 16:51:10 - [46912634] ----D- C:\Program Files\HP O43 - CFD: 31/01/2011 - 21:14:00 - [2268056] ----D- C:\Program Files\ImgBurn O43 - CFD: 19/06/2011 - 17:59:24 - [87385880] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 30/04/2008 - 09:21:36 - [51569] ----D- C:\Program Files\Intel O43 - CFD: 17/06/2011 - 13:39:06 - [5881276] ----D- C:\Program Files\Internet Explorer O43 - CFD: 21/04/2011 - 15:00:24 - [1856627] ----D- C:\Program Files\iPod O43 - CFD: 21/04/2011 - 15:01:42 - [128196056] ----D- C:\Program Files\iTunes O43 - CFD: 18/03/2011 - 11:37:46 - [89315919] ----D- C:\Program Files\Java O43 - CFD: 14/03/2011 - 00:45:20 - [2759359] ----D- C:\Program Files\jv16 PowerTools O43 - CFD: 03/07/2011 - 22:47:40 - [5458048905] ----D- C:\Program Files\jv16 PowerTools 2011 O43 - CFD: 24/10/2010 - 21:13:38 - [46774473] ----D- C:\Program Files\K-Lite Codec Pack O43 - CFD: 19/10/2010 - 00:00:34 - [2390037] ----D- C:\Program Files\Launch Manager O43 - CFD: 31/01/2011 - 20:34:20 - [5644596] ----D- C:\Program Files\ma-config.com O43 - CFD: 03/07/2011 - 23:35:20 - [7565365] ----D- C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 30/04/2008 - 09:24:00 - [2308232] ----D- C:\Program Files\Marvell O43 - CFD: 06/01/2011 - 19:55:48 - [38688739] ----D- C:\Program Files\MediaCoder O43 - CFD: 28/06/2011 - 00:28:38 - [226432] ----D- C:\Program Files\Microsoft O43 - CFD: 02/11/2006 - 14:37:36 - [92807095] ----D- C:\Program Files\Microsoft Games O43 - CFD: 28/12/2010 - 23:36:14 - [647041948] ----D- C:\Program Files\Microsoft Office O43 - CFD: 17/06/2011 - 00:53:12 - [38411899] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 28/12/2010 - 23:36:50 - [14904] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 28/12/2010 - 23:33:14 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 03/01/2011 - 20:24:22 - [151741826] ----D- C:\Program Files\Microsoft Works O43 - CFD: 19/01/2011 - 00:21:40 - [8167779] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 20/10/2010 - 14:21:04 - [99168366] ----D- C:\Program Files\Movie Maker O43 - CFD: 27/06/2011 - 20:54:50 - [39282230] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 28/12/2010 - 23:37:08 - [26521] ----D- C:\Program Files\MSBuild O43 - CFD: 19/10/2010 - 21:00:36 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 23/06/2011 - 23:48:00 - [3991480] ----D- C:\Program Files\Nero O43 - CFD: 08/05/2008 - 08:27:58 - [220066573] ----D- C:\Program Files\NewTech Infosystems O43 - CFD: 19/10/2010 - 14:06:28 - [494512] ----D- C:\Program Files\NOS O43 - CFD: 03/05/2011 - 01:51:44 - [1300469] ----D- C:\Program Files\PdaNet for iPhone O43 - CFD: 07/11/2010 - 22:01:24 - [3699431] ----D- C:\Program Files\PhotoFiltre O43 - CFD: 31/12/2010 - 21:41:46 - [76322555] ----D- C:\Program Files\QuickTime O43 - CFD: 30/11/2010 - 00:53:36 - [703857] ----D- C:\Program Files\Ratiomaster O43 - CFD: 15/02/2011 - 00:30:18 - [37992780] ----D- C:\Program Files\Realtek O43 - CFD: 02/11/2006 - 14:37:36 - [38686465] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 31/12/2010 - 08:48:46 - [209715200] ----D- C:\Program Files\Shabestar.net O43 - CFD: 03/07/2011 - 23:15:16 - [19052315] R---D- C:\Program Files\Skype O43 - CFD: 19/10/2010 - 01:12:16 - [5584757] ----D- C:\Program Files\SpywareBlaster O43 - CFD: 19/12/2010 - 00:25:10 - [101836734] ----D- C:\Program Files\Sweet Home 3D O43 - CFD: 30/04/2008 - 09:25:08 - [15083609] ----D- C:\Program Files\Synaptics O43 - CFD: 03/07/2011 - 23:17:36 - [0] ----D- C:\Program Files\TeamViewer O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 29/11/2010 - 23:36:18 - [328568] ----D- C:\Program Files\uTorrent O43 - CFD: 27/11/2010 - 21:58:18 - [80529230] ----D- C:\Program Files\VideoLAN O43 - CFD: 03/07/2011 - 23:17:02 - [0] ----D- C:\Program Files\VITSOFT O43 - CFD: 09/06/2011 - 23:10:50 - [5359012] ----D- C:\Program Files\WBFS O43 - CFD: 08/05/2008 - 19:02:28 - [1016832] ----D- C:\Program Files\Windows Calendar O43 - CFD: 08/05/2008 - 19:02:26 - [2760704] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 08/05/2008 - 19:02:26 - [4492240] ----D- C:\Program Files\Windows Defender O43 - CFD: 08/05/2008 - 19:02:26 - [7084664] ----D- C:\Program Files\Windows Journal O43 - CFD: 03/11/2010 - 02:30:34 - [45806173] ----D- C:\Program Files\Windows Live O43 - CFD: 03/11/2010 - 02:30:20 - [245112] ----D- C:\Program Files\Windows Live SkyDrive O43 - CFD: 17/06/2011 - 00:50:42 - [9116344] ----D- C:\Program Files\Windows Mail O43 - CFD: 20/10/2010 - 14:21:10 - [4499178] ----D- C:\Program Files\Windows Media Player O43 - CFD: 18/10/2010 - 23:48:28 - [7945486] ----D- C:\Program Files\Windows NT O43 - CFD: 08/05/2008 - 19:02:26 - [13464738] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 08/05/2008 - 19:02:28 - [6511530] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 30/12/2010 - 10:10:02 - [3525705] ----D- C:\Program Files\WinRAR O43 - CFD: 31/12/2010 - 23:35:10 - [9025647] ----D- C:\Program Files\WinSCP O43 - CFD: 04/07/2011 - 22:55:40 - [3924227] ----D- C:\Program Files\ZHPDiag O43 - CFD: 19/10/2010 - 00:37:50 - [19519198] ----D- C:\Program Files\Zone Labs O43 - CFD: 18/06/2011 - 11:39:18 - [3606170] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 21/04/2011 - 15:00:20 - [92238436] ----D- C:\Program Files\Common Files\Apple O43 - CFD: 08/05/2008 - 08:12:24 - [92976] ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD: 03/07/2011 - 23:09:18 - [10417223] ----D- C:\Program Files\Common Files\DVDVideoSoft O43 - CFD: 08/05/2008 - 08:30:34 - [4770822] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 18/03/2011 - 11:38:24 - [1247175] ----D- C:\Program Files\Common Files\Java O43 - CFD: 08/05/2008 - 08:27:40 - [7178034] ----D- C:\Program Files\Common Files\LightScribe O43 - CFD: 16/03/2011 - 16:52:24 - [448579866] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 08/05/2008 - 08:26:26 - [9706600] ----D- C:\Program Files\Common Files\muvee Technologies O43 - CFD: 23/06/2011 - 23:46:26 - [8652924] ----D- C:\Program Files\Common Files\Nero O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 27/05/2011 - 20:48:06 - [2254216] ----D- C:\Program Files\Common Files\Skype O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 29/12/2010 - 20:28:38 - [42750982] ----D- C:\Program Files\Common Files\System O43 - CFD: 03/11/2010 - 02:27:24 - [33047055] ----D- C:\Program Files\Common Files\Windows Live O43 - CFD: 18/06/2011 - 11:39:08 - [479] ----D- C:\ProgramData\Adobe O43 - CFD: 25/10/2010 - 18:46:44 - [84429552] ----D- C:\ProgramData\Apple O43 - CFD: 19/10/2010 - 15:06:10 - [770226400] ----D- C:\ProgramData\Apple Computer O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 19/10/2010 - 00:30:00 - [50583599] ----D- C:\ProgramData\Avira O43 - CFD: 18/10/2010 - 23:48:28 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 19/10/2010 - 00:37:50 - [4212] ----D- C:\ProgramData\CheckPoint O43 - CFD: 19/10/2010 - 01:00:04 - [0] ----D- C:\ProgramData\CyberLink O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 19/10/2010 - 00:08:22 - [420] ----D- C:\ProgramData\eSobi O43 - CFD: 18/10/2010 - 23:48:28 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 08/05/2008 - 08:16:02 - [0] ----D- C:\ProgramData\FloodLightGames O43 - CFD: 19/10/2010 - 00:22:50 - [539219] ----D- C:\ProgramData\Google O43 - CFD: 16/03/2011 - 16:43:28 - [59545621] ----D- C:\ProgramData\HP O43 - CFD: 23/06/2011 - 23:48:48 - [390] ----D- C:\ProgramData\LightScribe O43 - CFD: 31/01/2011 - 20:34:06 - [1224266] ----D- C:\ProgramData\ma-config.com O43 - CFD: 03/07/2011 - 23:35:18 - [6935071] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 19/10/2010 - 14:06:40 - [41316] ----D- C:\ProgramData\McAfee O43 - CFD: 18/10/2010 - 23:48:28 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 28/06/2011 - 00:28:38 - [153573821] ----D- C:\ProgramData\Microsoft O43 - CFD: 17/06/2011 - 00:59:48 - [64822] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 18/10/2010 - 23:48:28 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 23/06/2011 - 23:48:02 - [2541584] ----D- C:\ProgramData\Nero O43 - CFD: 30/11/2010 - 19:12:36 - [318654] ----D- C:\ProgramData\NOS O43 - CFD: 31/01/2011 - 20:14:16 - [0] ----D- C:\ProgramData\NtiDvdCopy O43 - CFD: 19/10/2010 - 00:40:30 - [36] ----D- C:\ProgramData\SiteAdvisor O43 - CFD: 27/05/2011 - 20:48:02 - [23206924] ----D- C:\ProgramData\Skype O43 - CFD: 27/05/2011 - 20:50:52 - [2304993] ----D- C:\ProgramData\Skype Extras O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 28/11/2010 - 16:23:26 - [189] ----D- C:\ProgramData\Sun O43 - CFD: 19/10/2010 - 01:11:24 - [0] ----D- C:\ProgramData\TEMP O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 16/03/2011 - 21:41:58 - [0] ----D- C:\ProgramData\Visan O43 - CFD: 27/01/2011 - 13:53:24 - [49972] ----D- C:\ProgramData\WindSolutions O43 - CFD: 08/05/2008 - 08:15:16 - [6904816] ----D- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} O43 - CFD: 19/10/2010 - 15:06:58 - [541235] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} O43 - CFD: 04/01/2011 - 17:48:10 - [3274] ----D- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD} O43 - CFD: 08/05/2008 - 08:25:58 - [16083] ----D- C:\Users\Mayke\AppData\Roaming\Acer GameZone Console O43 - CFD: 30/11/2010 - 19:22:00 - [4162234] ----D- C:\Users\Mayke\AppData\Roaming\Adobe O43 - CFD: 25/10/2010 - 18:47:02 - [3115562835] ----D- C:\Users\Mayke\AppData\Roaming\Apple Computer O43 - CFD: 11/05/2011 - 23:57:24 - [1202] ----D- C:\Users\Mayke\AppData\Roaming\Audacity O43 - CFD: 19/10/2010 - 00:40:26 - [0] ----D- C:\Users\Mayke\AppData\Roaming\Avira O43 - CFD: 19/10/2010 - 00:48:12 - [18596] ----D- C:\Users\Mayke\AppData\Roaming\CheckPoint O43 - CFD: 27/01/2011 - 14:11:20 - [22019] ----D- C:\Users\Mayke\AppData\Roaming\CopyTrans O43 - CFD: 28/12/2010 - 23:24:18 - [533] ----D- C:\Users\Mayke\AppData\Roaming\DAEMON Tools O43 - CFD: 19/12/2010 - 02:10:56 - [0] ----D- C:\Users\Mayke\AppData\Roaming\eTeks O43 - CFD: 07/03/2011 - 01:00:06 - [15563] ----D- C:\Users\Mayke\AppData\Roaming\FileZilla O43 - CFD: 27/02/2011 - 00:17:24 - [52310] ----D- C:\Users\Mayke\AppData\Roaming\FreeFLVConverter O43 - CFD: 03/07/2011 - 23:33:36 - [45999] ----D- C:\Users\Mayke\AppData\Roaming\GlarySoft O43 - CFD: 19/10/2010 - 00:23:22 - [1680] ----D- C:\Users\Mayke\AppData\Roaming\Google O43 - CFD: 16/03/2011 - 16:51:06 - [0] ----D- C:\Users\Mayke\AppData\Roaming\HpUpdate O43 - CFD: 18/10/2010 - 23:53:32 - [0] ----D- C:\Users\Mayke\AppData\Roaming\Identities O43 - CFD: 31/01/2011 - 21:57:42 - [9822] ----D- C:\Users\Mayke\AppData\Roaming\ImgBurn O43 - CFD: 18/10/2010 - 23:59:56 - [0] ----D- C:\Users\Mayke\AppData\Roaming\InstallShield O43 - CFD: 18/10/2010 - 23:54:02 - [60555] ----D- C:\Users\Mayke\AppData\Roaming\Macromedia O43 - CFD: 03/07/2011 - 23:35:28 - [4536] ----D- C:\Users\Mayke\AppData\Roaming\Malwarebytes O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\Mayke\AppData\Roaming\Media Center Programs O43 - CFD: 06/06/2011 - 21:38:06 - [2212215] -S--D- C:\Users\Mayke\AppData\Roaming\Microsoft O43 - CFD: 19/10/2010 - 00:24:32 - [18329004] ----D- C:\Users\Mayke\AppData\Roaming\Mozilla O43 - CFD: 23/06/2011 - 23:48:46 - [43302] ----D- C:\Users\Mayke\AppData\Roaming\Nero O43 - CFD: 07/11/2010 - 22:06:52 - [350] ----D- C:\Users\Mayke\AppData\Roaming\PhotoFiltre O43 - CFD: 03/07/2011 - 23:15:22 - [0] ----D- C:\Users\Mayke\AppData\Roaming\Skype O43 - CFD: 28/05/2011 - 22:16:10 - [47408] ----D- C:\Users\Mayke\AppData\Roaming\skypePM O43 - CFD: 03/07/2011 - 23:05:34 - [0] ----D- C:\Users\Mayke\AppData\Roaming\Smart PC Solutions O43 - CFD: 03/07/2011 - 23:17:36 - [0] ----D- C:\Users\Mayke\AppData\Roaming\TeamViewer O43 - CFD: 06/06/2011 - 21:38:04 - [8704] ----D- C:\Users\Mayke\AppData\Roaming\Template O43 - CFD: 19/06/2011 - 20:31:58 - [16918] ----D- C:\Users\Mayke\AppData\Roaming\uTorrent O43 - CFD: 16/03/2011 - 21:41:58 - [0] ----D- C:\Users\Mayke\AppData\Roaming\Visan O43 - CFD: 06/01/2011 - 03:02:38 - [1461244] ----D- C:\Users\Mayke\AppData\Roaming\vlc O43 - CFD: 27/01/2011 - 22:48:58 - [9004] ----D- C:\Users\Mayke\AppData\Roaming\WindSolutions O43 - CFD: 30/12/2010 - 10:10:14 - [0] ----D- C:\Users\Mayke\AppData\Roaming\WinRAR O43 - CFD: 27/01/2011 - 22:39:32 - [0] ----D- C:\Users\Mayke\AppData\Roaming\Xilisoft O43 - CFD: 19/10/2010 - 22:41:14 - [51378815] ----D- C:\Users\Mayke\AppData\Local\Adobe O43 - CFD: 19/10/2010 - 15:04:36 - [30074368] ----D- C:\Users\Mayke\AppData\Local\Apple O43 - CFD: 27/02/2011 - 00:49:18 - [73271509] ----D- C:\Users\Mayke\AppData\Local\Apple Computer O43 - CFD: 18/10/2010 - 23:51:36 - [0] -SH-D- C:\Users\Mayke\AppData\Local\Application Data O43 - CFD: 19/10/2010 - 00:02:04 - [52929024] ----D- C:\Users\Mayke\AppData\Local\Downloaded Installations O43 - CFD: 03/07/2011 - 22:48:12 - [521794515] ----D- C:\Users\Mayke\AppData\Local\FLVService O43 - CFD: 27/05/2011 - 20:59:06 - [58239926] ----D- C:\Users\Mayke\AppData\Local\Google O43 - CFD: 18/10/2010 - 23:51:36 - [0] -SH-D- C:\Users\Mayke\AppData\Local\Historique O43 - CFD: 16/03/2011 - 21:45:42 - [60422] ----D- C:\Users\Mayke\AppData\Local\HP O43 - CFD: 11/05/2011 - 16:34:50 - [270] ----D- C:\Users\Mayke\AppData\Local\MediaGet2 O43 - CFD: 28/06/2011 - 00:28:38 - [1658860777] ----D- C:\Users\Mayke\AppData\Local\Microsoft O43 - CFD: 28/12/2010 - 23:32:38 - [0] ----D- C:\Users\Mayke\AppData\Local\Microsoft Help O43 - CFD: 19/10/2010 - 00:24:24 - [80192785] ----D- C:\Users\Mayke\AppData\Local\Mozilla O43 - CFD: 11/05/2011 - 16:35:08 - [0] ----D- C:\Users\Mayke\AppData\Local\PackageAware O43 - CFD: 04/07/2011 - 22:54:56 - [313697818] ----D- C:\Users\Mayke\AppData\Local\Temp O43 - CFD: 18/10/2010 - 23:51:36 - [0] -SH-D- C:\Users\Mayke\AppData\Local\Temporary Internet Files O43 - CFD: 19/10/2010 - 01:01:28 - [14894] ----D- C:\Users\Mayke\AppData\Local\VirtualStore O43 - CFD: 09/06/2011 - 23:11:56 - [4364] ----D- C:\Users\Mayke\AppData\Local\WBFSManager O43 - CFD: 19/10/2010 - 22:41:14 - [51378815] ----D- C:\Users\Mayke\AppData\Local\Adobe O43 - CFD: 19/10/2010 - 15:04:36 - [30074368] ----D- C:\Users\Mayke\AppData\Local\Apple O43 - CFD: 27/02/2011 - 00:49:18 - [73271509] ----D- C:\Users\Mayke\AppData\Local\Apple Computer O43 - CFD: 18/10/2010 - 23:51:36 - [0] -SH-D- C:\Users\Mayke\AppData\Local\Application Data O43 - CFD: 19/10/2010 - 00:02:04 - [52929024] ----D- C:\Users\Mayke\AppData\Local\Downloaded Installations O43 - CFD: 03/07/2011 - 22:48:12 - [521794515] ----D- C:\Users\Mayke\AppData\Local\FLVService O43 - CFD: 27/05/2011 - 20:59:06 - [58239926] ----D- C:\Users\Mayke\AppData\Local\Google O43 - CFD: 18/10/2010 - 23:51:36 - [0] -SH-D- C:\Users\Mayke\AppData\Local\Historique O43 - CFD: 16/03/2011 - 21:45:42 - [60422] ----D- C:\Users\Mayke\AppData\Local\HP O43 - CFD: 11/05/2011 - 16:34:50 - [270] ----D- C:\Users\Mayke\AppData\Local\MediaGet2 O43 - CFD: 28/06/2011 - 00:28:38 - [1658860777] ----D- C:\Users\Mayke\AppData\Local\Microsoft O43 - CFD: 28/12/2010 - 23:32:38 - [0] ----D- C:\Users\Mayke\AppData\Local\Microsoft Help O43 - CFD: 19/10/2010 - 00:24:24 - [80192785] ----D- C:\Users\Mayke\AppData\Local\Mozilla O43 - CFD: 11/05/2011 - 16:35:08 - [0] ----D- C:\Users\Mayke\AppData\Local\PackageAware O43 - CFD: 04/07/2011 - 22:54:56 - [313697818] ----D- C:\Users\Mayke\AppData\Local\Temp O43 - CFD: 18/10/2010 - 23:51:36 - [0] -SH-D- C:\Users\Mayke\AppData\Local\Temporary Internet Files O43 - CFD: 19/10/2010 - 01:01:28 - [14894] ----D- C:\Users\Mayke\AppData\Local\VirtualStore O43 - CFD: 09/06/2011 - 23:11:56 - [4364] ----D- C:\Users\Mayke\AppData\Local\WBFSManager ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.9D8C480FE14F1D588E5FFAE246AF40A8] - 04/07/2011 - 20:30:44 ---A- . (...) -- C:\MyHosts.txt [230] O44 - LFC:[MD5.DCEE1200FEFFFFFF57494E444F577E31] - 04/07/2011 - 15:58:18 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1605217] O44 - LFC:[MD5.DCEE1200FEFFFFFF4C4F47434F4E7E31] - 04/07/2011 - 15:55:16 ---A- . (...) -- C:\Windows\System32\LogConfigTemp.xml [0] O44 - LFC:[MD5.DCEE1200FEFFFFFF00000000F8F11200] - 04/07/2011 - 15:53:30 ---A- . (...) -- C:\Windows\System32\agent.log [147] O44 - LFC:[MD5.1004617B97C66A339539FBB06A4FBEF0] - 04/07/2011 - 15:53:18 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.7721D760B096942AADA78BC2951F88E4] - 04/07/2011 - 15:53:14 ---A- . (...) -- C:\Windows\PFRO.log [2205710] O44 - LFC:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 03/07/2011 - 22:35:19 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [39984] O44 - LFC:[MD5.3D2C13377763EEAC0CA6FB46F57217ED] - 03/07/2011 - 22:35:14 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [22712] O44 - LFC:[MD5.F8EDC0F44BF504FE83251DC1C70F26E4] - 03/07/2011 - 21:32:35 -SHA- . (...) -- C:\Windows\System5537 Data.Repository [22] O44 - LFC:[MD5.95CD43F44FCB6C7919D1731010C06C26] - 03/07/2011 - 19:34:53 ---A- . (...) -- C:\Windows\IE9_main.log [4223] O44 - LFC:[MD5.00636B4F2CA6A3EADB633039210C8AA2] - 01/07/2011 - 20:43:05 ---A- . (...) -- C:\Windows\System32\perfc009.dat [104914] O44 - LFC:[MD5.B583581A9ED6067A21F592CB2D8CFB2C] - 01/07/2011 - 20:43:05 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [127504] O44 - LFC:[MD5.5E074A6B23E14F9B11F09EBC7836909D] - 01/07/2011 - 20:43:05 ---A- . (...) -- C:\Windows\System32\perfh009.dat [598900] O44 - LFC:[MD5.965303923CDE810D32E036F8CCD022D8] - 01/07/2011 - 20:43:05 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [681798] O44 - LFC:[MD5.E93BC262718AF53D060F49776AD5B645] - 01/07/2011 - 20:43:04 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1527530] O44 - LFC:[MD5.83EEB82E9ED7098EBC0C083C6BFD3116] - 19/06/2011 - 23:35:22 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [404640] O44 - LFC:[MD5.D6483E33D9C5D40FE1D9D057AD7A4159] - 19/06/2011 - 16:59:22 ---A- . (.Dart Communications - PowerTCP© HTTP Control.) -- C:\Windows\System32\DartWeb.dll [118784] O44 - LFC:[MD5.7E400D392EB35965251C2EA2450F91DF] - 19/06/2011 - 16:59:22 ---A- . (.Dart Communications - PowerTCP© Winsock Controls.) -- C:\Windows\System32\DartSock.dll [217088] O44 - LFC:[MD5.FB00273CF7CE639C136853F3FC04B10C] - 19/06/2011 - 16:59:22 ---A- . (.Pas de propriétaire - Gif89 Module.) -- C:\Windows\System32\Gif89.dll [44544] O44 - LFC:[MD5.668ECDD7CC364DAAB4D1C7E0BC33BB78] - 06/06/2011 - 20:35:48 ---A- . (...) -- C:\Windows\setupact.log [148786] O44 - LFC:[MD5.F26B3593589CED64F36B60E38FCE47E4] - 12/04/2002 - 12:19:34 ---A- . (...) -- C:\Windows\System32\DartWeb.oca [28672] ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.52BA13039C24B3F8368B1682E0380CEC] - 01/07/2011 - 18:10:09 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf O45 - LFCP:[MD5.9CB097E178C835B057976439FD3A7DED] - 01/07/2011 - 20:28:17 ---A- - C:\Windows\Prefetch\OUTLOOK.EXE-183FA0F0.pf O45 - LFCP:[MD5.02219FD0276E5C624989AA4A43086ABD] - 01/07/2011 - 22:04:32 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf O45 - LFCP:[MD5.08A51D6FA7F8F02C82BBF89736394A97] - 01/07/2011 - 22:04:32 ---A- - C:\Windows\Prefetch\DFRGNTFS.EXE-7E4077FE.pf O45 - LFCP:[MD5.DC85CF41E44DD87B0AFB83F015E27AC9] - 01/07/2011 - 22:33:14 ---A- - C:\Windows\Prefetch\WINWORD.EXE-C91725A1.pf O45 - LFCP:[MD5.48A229113D57D049ABD3CFC686F19190] - 02/05/2011 - 18:10:10 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf O45 - LFCP:[MD5.ACD34F09544A5E84C3A4B253FC353BA3] - 02/05/2011 - 18:10:10 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf O45 - LFCP:[MD5.E92C0EFBEE7B82FAD462D3BC8253A033] - 02/07/2011 - 10:32:37 ---A- - C:\Windows\Prefetch\HIDCHK.EXE-353BD79D.pf O45 - LFCP:[MD5.8E57745E5C27973CCED15830B9900E8D] - 02/07/2011 - 17:00:00 ---A- - C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf O45 - LFCP:[MD5.F9982D57015C1EFFD3687F77EE2B5E4D] - 02/07/2011 - 18:37:10 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf O45 - LFCP:[MD5.D1E4898042FF68E88563042C829E9BD9] - 02/07/2011 - 18:37:10 ---A- - C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf O45 - LFCP:[MD5.C9663AD22DA7F4B89B2FF2B1F799B0E4] - 02/07/2011 - 18:37:10 ---A- - C:\Windows\Prefetch\USERINIT.EXE-2257A3E7.pf O45 - LFCP:[MD5.F94534D29306DFBB001F2DB0900C570C] - 02/07/2011 - 18:38:13 ---A- - C:\Windows\Prefetch\PRESENTATIONFONTCACHE.EXE-74B3ADF6.pf O45 - LFCP:[MD5.112613AC043C6CD9006371B57AEB3A7F] - 02/07/2011 - 18:40:20 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-96A493A4.pf O45 - LFCP:[MD5.23AFCB7F3F97DF5022534ACC0509F726] - 02/07/2011 - 18:40:20 ---A- - C:\Windows\Prefetch\PRESENTATIONSETTINGS.EXE-2F4708C9.pf O45 - LFCP:[MD5.EFE8284020D413C0BEE66BE7E45E5F63] - 02/07/2011 - 18:54:52 ---A- - C:\Windows\Prefetch\MPCMDRUN.EXE-F401FBB4.pf O45 - LFCP:[MD5.FBCD7B2EFB1641D7C1AB511FFFC0ACBC] - 02/07/2011 - 18:57:21 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf O45 - LFCP:[MD5.FC750EBDE12B7B007EFD7B0749C1D0B1] - 02/07/2011 - 18:57:30 ---A- - C:\Windows\Prefetch\TASKMGR.EXE-5F5F473D.pf O45 - LFCP:[MD5.9300762A972EA5BA2BC800660D89C39A] - 02/07/2011 - 20:30:26 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf O45 - LFCP:[MD5.75E1AE7AE01944F1E61BC1E310E49C23] - 02/07/2011 - 20:30:53 ---A- - C:\Windows\Prefetch\CONIME.EXE-9781FD5F.pf O45 - LFCP:[MD5.BFF111287335737BFED5D7BCB0896932] - 02/07/2011 - 21:55:38 ---A- - C:\Windows\Prefetch\CMD.EXE-4A81B364.pf O45 - LFCP:[MD5.1B4FBB9D81EE96A81B010A359A571351] - 02/07/2011 - 22:20:22 ---A- - C:\Windows\Prefetch\SYNTPENH.EXE-E6DC1353.pf O45 - LFCP:[MD5.128644931A6668DC0844305FEAD60F8A] - 02/07/2011 - 22:21:56 ---A- - C:\Windows\Prefetch\GOOGLEUPDATERSERVICE.EXE-09540BCD.pf O45 - LFCP:[MD5.89CDE120597E5FAB218A8C5793DE1784] - 02/07/2011 - 22:25:24 ---A- - C:\Windows\Prefetch\JAUCHECK.EXE-7E60136B.pf O45 - LFCP:[MD5.6C78964CCCCD8F83DE9434262E9C0E96] - 02/07/2011 - 22:25:30 ---A- - C:\Windows\Prefetch\JAVAW.EXE-91B81925.pf O45 - LFCP:[MD5.11744E4D5F59DAEE5B4F472E19CA87C3] - 02/07/2011 - 22:25:30 ---A- - C:\Windows\Prefetch\JAVAWS.EXE-5FA6EB7C.pf O45 - LFCP:[MD5.F59ABC0BCE93D02B60DFBB61EF05CB54] - 02/07/2011 - 23:36:37 ---A- - C:\Windows\Prefetch\POQEXEC.EXE-F7DA341E.pf O45 - LFCP:[MD5.2E0D7F4FA1FA9C61DC25F6E56F37080A] - 03/07/2011 - 10:32:26 ---A- - C:\Windows\Prefetch\COMPILEMOF.EXE-B5FEBDEB.pf O45 - LFCP:[MD5.FCEC91D92E92C4995FA199B2C46D5EA1] - 03/07/2011 - 14:39:54 ---A- - C:\Windows\Prefetch\SWEETHOME3D.EXE-18BC1CBE.pf O45 - LFCP:[MD5.B7AB656FB80FDC7232C7940ECE3529BB] - 03/07/2011 - 14:40:07 ---A- - C:\Windows\Prefetch\SWEETHOME3D.EXE-4A2E45EC.pf O45 - LFCP:[MD5.11F07126E3A079A287F8DC2B8CB6EEA8] - 03/07/2011 - 15:57:21 ---A- - C:\Windows\Prefetch\MBAMSERVICE.EXE-447DC311.pf O45 - LFCP:[MD5.1F02B9788C5E0BB9C55C3FC5FD5EF533] - 03/07/2011 - 18:41:28 ---A- - C:\Windows\Prefetch\BKUPTRAY.EXE-5F69D960.pf O45 - LFCP:[MD5.520AE1C9D66B731CA5C7B8CF7283AD83] - 03/07/2011 - 19:34:47 ---A- - C:\Windows\Prefetch\IE9-WINDOWSVISTA-X86-ENU.EXE-4A61D725.pf O45 - LFCP:[MD5.8249838487412663109EF50EBC12C33F] - 03/07/2011 - 19:36:04 ---A- - C:\Windows\Prefetch\HIJACKTHIS.EXE-B4E5C839.pf O45 - LFCP:[MD5.B7B55A4E068E2E37DC540C36818C74F8] - 03/07/2011 - 19:47:11 ---A- - C:\Windows\Prefetch\AVCENTER.EXE-C4AEDCEC.pf O45 - LFCP:[MD5.AE8DEC3E4082DD415DCD6D13756C1492] - 03/07/2011 - 19:48:59 ---A- - C:\Windows\Prefetch\AVSCAN.EXE-E289CD20.pf O45 - LFCP:[MD5.972763BF7A2805A1A4A77BA2A32850D5] - 03/07/2011 - 20:32:22 ---A- - C:\Windows\Prefetch\MBAM.EXE-305FF92C.pf O45 - LFCP:[MD5.29322BB4E3ED56088EEC153E0475CF52] - 03/07/2011 - 21:09:34 ---A- - C:\Windows\Prefetch\ADOBEARM.EXE-719325FF.pf O45 - LFCP:[MD5.95CEEAC1E3A62BAB9809AD3D3D1C57DA] - 03/07/2011 - 21:23:39 ---A- - C:\Windows\Prefetch\VIT REGISTRY FIX PROFESSIONAL-331C55BC.pf O45 - LFCP:[MD5.95D68010D482B169967D626AA797DDB2] - 03/07/2011 - 21:24:13 ---A- - C:\Windows\Prefetch\VIT REGISTRY FIX.EXE-DB345703.pf O45 - LFCP:[MD5.54F4AEF463E7C05035329C5E0F7F7540] - 03/07/2011 - 21:31:38 ---A- - C:\Windows\Prefetch\CLEANREGISTRY.EXE-64236A2B.pf O45 - LFCP:[MD5.5C3D9D31D7999DBC9A839B2AB04FAAD8] - 03/07/2011 - 21:31:38 ---A- - C:\Windows\Prefetch\CLEANREGISTRY.TMP-ABD5EFDD.pf O45 - LFCP:[MD5.47EAB83019A5A2481D3BC8EF2161DE95] - 03/07/2011 - 21:31:50 ---A- - C:\Windows\Prefetch\CLEANMYREGISTRY.EXE-6C0C7A90.pf O45 - LFCP:[MD5.99B4FA368CEBA2663B97AB0030D07B8D] - 03/07/2011 - 21:32:01 ---A- - C:\Windows\Prefetch\REGEDIT.EXE-90FEEA06.pf O45 - LFCP:[MD5.B0ED7364AD7ED9C2618085923930AE75] - 03/07/2011 - 21:32:26 ---A- - C:\Windows\Prefetch\JV16PT_SETUP_HB.EXE-9007A323.pf O45 - LFCP:[MD5.2D68E89550B9D767465E58AFE2DCC8CD] - 03/07/2011 - 21:32:27 ---A- - C:\Windows\Prefetch\IRSETUP.EXE-7936E622.pf O45 - LFCP:[MD5.1184D69C3C6FBAFB8A182B566E275FDC] - 03/07/2011 - 21:34:18 ---A- - C:\Windows\Prefetch\JV16PT.EXE-FB92995A.pf O45 - LFCP:[MD5.440AC50035C78DEE60094F269E08FB36] - 03/07/2011 - 21:44:15 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf O45 - LFCP:[MD5.D77B3731A659FABCB8F256D379115B2D] - 03/07/2011 - 21:55:10 ---A- - C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf O45 - LFCP:[MD5.D6C5ADF6A270CAF32C19C362D01EAAD9] - 03/07/2011 - 22:02:20 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-7F10F9B7.pf O45 - LFCP:[MD5.8453E9E337B334AA335129451526ADFF] - 03/07/2011 - 22:02:24 ---A- - C:\Windows\Prefetch\_UNINSTALL5476-F9663C98.pf O45 - LFCP:[MD5.510F17CE3D149F9EBFE8FF3556741104] - 03/07/2011 - 22:02:31 ---A- - C:\Windows\Prefetch\GRPCONV.EXE-B823222B.pf O45 - LFCP:[MD5.EA5A3E0837FECB7D92F76FDA8EC36A26] - 03/07/2011 - 22:02:31 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-71E747D2.pf O45 - LFCP:[MD5.A20C9C6DC896B711F7F0EABA0FD6AB1D] - 03/07/2011 - 22:02:31 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-D0649312.pf O45 - LFCP:[MD5.325A8D2D6DA19877F3F450A9C6689B12] - 03/07/2011 - 22:03:12 ---A- - C:\Windows\Prefetch\UNINS000.EXE-69AE0AC1.pf O45 - LFCP:[MD5.506C2662DFCFB8E753EBCBEB084F2D96] - 03/07/2011 - 22:03:48 ---A- - C:\Windows\Prefetch\UNINS000.EXE-0AC87E9F.pf O45 - LFCP:[MD5.EE67A8FAA2F90E3E7AA0ED4AFA29582E] - 03/07/2011 - 22:05:37 ---A- - C:\Windows\Prefetch\UNINS000.EXE-860A6A5D.pf O45 - LFCP:[MD5.722C5BAF13070B929FC75070B8EA4E96] - 03/07/2011 - 22:06:14 ---A- - C:\Windows\Prefetch\UNINS000.EXE-3B863BD1.pf O45 - LFCP:[MD5.3974F46B2FAEA77F013906B226A11152] - 03/07/2011 - 22:06:15 ---A- - C:\Windows\Prefetch\_IU14D2O.TMP-19E28D32.pf O45 - LFCP:[MD5.09446F88DC72F305D44512134DE3F3CA] - 03/07/2011 - 22:06:49 ---A- - C:\Windows\Prefetch\TUBEFINDER.EXE-9FB05A98.pf O45 - LFCP:[MD5.49F7CBCE79FFCC5CC04531B46E6EC329] - 03/07/2011 - 22:06:54 ---A- - C:\Windows\Prefetch\UNINS000.EXE-27EB75AA.pf O45 - LFCP:[MD5.CB07F141374BE69980EDF9A967B162E4] - 03/07/2011 - 22:06:54 ---A- - C:\Windows\Prefetch\_IU14D2N.TMP-068CD2AD.pf O45 - LFCP:[MD5.2267977D3A4DC95FABD89D121D3BC616] - 03/07/2011 - 22:10:11 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-C15F7291.pf O45 - LFCP:[MD5.A2B74F43013ECCC634C47E21F60C8386] - 03/07/2011 - 22:10:37 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-91E1AAD6.pf O45 - LFCP:[MD5.9A6ABD1E890CAF3008F4F738B534E65B] - 03/07/2011 - 22:16:07 ---A- - C:\Windows\Prefetch\CLEAN_TOOL.EXE-804B89B8.pf O45 - LFCP:[MD5.6F4E73D29260D109E722A69A9548D0DD] - 03/07/2011 - 22:16:07 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-C417AA4E.pf O45 - LFCP:[MD5.ABC6AEB87CA7672A8A99917D713B5DB7] - 03/07/2011 - 22:16:13 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-444CCB35.pf O45 - LFCP:[MD5.07862F0B0E8DA8B2C000FB528A0A1ABE] - 03/07/2011 - 22:16:15 ---A- - C:\Windows\Prefetch\UNWISE.EXE-E57B5260.pf O45 - LFCP:[MD5.C90CAA492D71D420B764BCDD22A192C0] - 03/07/2011 - 22:16:16 ---A- - C:\Windows\Prefetch\GLB1A2B.EXE-E2A74BCB.pf O45 - LFCP:[MD5.D85BA52858512F74DC1CB501F0F03A5B] - 03/07/2011 - 22:16:50 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-F72EB15E.pf O45 - LFCP:[MD5.34B64083DE9C6024807BE090C09DFB5C] - 03/07/2011 - 22:17:25 ---A- - C:\Windows\Prefetch\UNINSTALL.EXE-9E8795C5.pf O45 - LFCP:[MD5.E77A2367BCD6BF0D93DE8E3E73306A62] - 03/07/2011 - 22:17:32 ---A- - C:\Windows\Prefetch\NS25A0.TMP-6B1FF760.pf O45 - LFCP:[MD5.C401721EEAFA2E02C218B237F46A3F79] - 03/07/2011 - 22:17:32 ---A- - C:\Windows\Prefetch\TEAMVIEWER_SERVICE.EXE-D5001318.pf O45 - LFCP:[MD5.51EA60E0F767FD7AF898F627A63B6B34] - 03/07/2011 - 22:17:33 ---A- - C:\Windows\Prefetch\NS26E8.TMP-1C971FB1.pf O45 - LFCP:[MD5.E5CF46E468F4506BB87041C7FE09AF7E] - 03/07/2011 - 22:17:35 ---A- - C:\Windows\Prefetch\AU_.EXE-090FBEE8.pf O45 - LFCP:[MD5.97168695D30BFE2110A2220A94A14FDE] - 03/07/2011 - 22:29:09 ---A- - C:\Windows\Prefetch\INTEGRATOR.EXE-84638148.pf O45 - LFCP:[MD5.7BA78322AE16FE73D17BEA02BC643E56] - 03/07/2011 - 22:34:28 ---A- - C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf O45 - LFCP:[MD5.8B5D67B9BC3E1D487AAA55C6CF76CD77] - 03/07/2011 - 22:35:08 ---A- - C:\Windows\Prefetch\MALWAREBYTES-ANTI-MALWARE_MAL-2189C69F.pf O45 - LFCP:[MD5.26DFEBA07D8C4C1EC80BD009646783BD] - 03/07/2011 - 22:35:08 ---A- - C:\Windows\Prefetch\MALWAREBYTES-ANTI-MALWARE_MAL-35160261.pf O45 - LFCP:[MD5.B2A061F3B1186A14B166BDB1646CE84F] - 03/07/2011 - 22:35:14 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf O45 - LFCP:[MD5.7158EAA4307C338D724E40C3D5B60AEF] - 03/07/2011 - 22:36:09 ---A- - C:\Windows\Prefetch\MBAMGUI.EXE-4FE652ED.pf O45 - LFCP:[MD5.97EEA2DA980831FF1ECE6418F26C2825] - 03/07/2011 - 22:42:09 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-4A6353B9.pf O45 - LFCP:[MD5.A980534ECDFCA7E830FCE434D0F6FD51] - 03/07/2011 - 22:42:58 ---A- - C:\Windows\Prefetch\EDSDTS.EXE-B5D9A1D2.pf O45 - LFCP:[MD5.EB963EC76C4EE73815CDED9FC1C9BBD8] - 04/07/2011 - 08:43:17 ---A- - C:\Windows\Prefetch\GOOGLEUPDATEB4451148.EXE-F2DB6508.pf O45 - LFCP:[MD5.2712576696838C05C2748F5D0E3A6D53] - 04/07/2011 - 10:24:43 ---A- - C:\Windows\Prefetch\PDANETPC.EXE-AEEA6E17.pf O45 - LFCP:[MD5.E34176F697DD999C560A8F4C5F7A10EC] - 04/07/2011 - 10:25:07 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-DE9673F9.pf O45 - LFCP:[MD5.02AB31F068261FC3AEB43B3EAD972942] - 04/07/2011 - 10:25:07 ---A- - C:\Windows\Prefetch\WPDSHEXTAUTOPLAY.EXE-BD31DDCE.pf O45 - LFCP:[MD5.E05E953E4A36E895E3925EA3AF64BD53] - 04/07/2011 - 10:25:10 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-BAD6BD53.pf O45 - LFCP:[MD5.6AE6E41CE38689AA1D1BD7E6A5B0EADD] - 04/07/2011 - 10:25:16 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf O45 - LFCP:[MD5.DB590E99D59430B5DAEF818CDB5C24E2] - 04/07/2011 - 18:31:28 ---A- - C:\Windows\Prefetch\SOFTWAREUPDATE.EXE-631B74E4.pf O45 - LFCP:[MD5.E5680280C8FDCB239466C9BECBF6839C] - 04/07/2011 - 18:31:32 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-7ED62AA2.pf O45 - LFCP:[MD5.C323B6AD8F20A542AC13D7B7334AC776] - 04/07/2011 - 18:33:48 ---A- - C:\Windows\Prefetch\ITUNES.EXE-2A42B776.pf O45 - LFCP:[MD5.257ECA7BC4FEA263AA768FBA9D77200A] - 04/07/2011 - 18:33:54 ---A- - C:\Windows\Prefetch\APPLEMOBILEDEVICEHELPER.EXE-96A367D7.pf O45 - LFCP:[MD5.C8363F432E06990737E8183D7E5E2E98] - 04/07/2011 - 18:33:54 ---A- - C:\Windows\Prefetch\DISTNOTED.EXE-BFFB20F1.pf O45 - LFCP:[MD5.75E7DDCBC1AB1AD9AC9BD8A90BC08E63] - 04/07/2011 - 20:30:44 ---A- - C:\Windows\Prefetch\NET.EXE-DF44F913.pf O45 - LFCP:[MD5.EAE6372A65366D31642EC19B86B9847C] - 04/07/2011 - 20:30:44 ---A- - C:\Windows\Prefetch\NET1.EXE-849DA590.pf O45 - LFCP:[MD5.B41FE2D1C1EC8E50C8DD2B2DF9C731E7] - 04/07/2011 - 21:29:58 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A6251510.pf O45 - LFCP:[MD5.E2A0C1D10386D7B6FAFA56C54246AA4E] - 05/11/2010 - 21:47:34 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-A606B53C.pf O45 - LFCP:[MD5.92F02B5B865EBE68FDFA286EA6CA7461] - 05/11/2010 - 21:47:45 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-7226D1F8.pf O45 - LFCP:[MD5.C6D00C32270BB6D6C8D621116259E477] - 06/11/2010 - 15:55:40 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf O45 - LFCP:[MD5.95BE4668BA9CAD4F781790392928D277] - 07/06/2011 - 19:43:00 ---A- - C:\Windows\Prefetch\GOOGLECRASHHANDLER.EXE-99650113.pf O45 - LFCP:[MD5.A041DC18CBD5D17309E1EB8F3AF8071E] - 16/03/2011 - 15:55:42 ---A- - C:\Windows\Prefetch\HPNETWORKCOMMUNICATOR.EXE-8654C260.pf O45 - LFCP:[MD5.AC38399C9C768D01C2A0CA1F3E99EF95] - 18/06/2011 - 18:37:55 ---A- - C:\Windows\Prefetch\READER_SL.EXE-E503013B.pf O45 - LFCP:[MD5.F938B59444B6991D574B977BD63FDE50] - 18/06/2011 - 20:30:16 ---A- - C:\Windows\Prefetch\MSASCUI.EXE-07E0123F.pf O45 - LFCP:[MD5.FC9E930AC15D2F30B603F58CC38FE6A8] - 18/10/2010 - 10:29:37 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin O45 - LFCP:[MD5.5B5B6189391DDFEA47B36F2A879CB584] - 18/10/2010 - 12:25:20 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf O45 - LFCP:[MD5.00DEBFE3D0047D0BCDFBC137C56CDF27] - 18/10/2010 - 15:55:42 ---A- - C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf O45 - LFCP:[MD5.159173D94655102E04053A24EF7D3EF5] - 18/10/2010 - 15:57:30 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf O45 - LFCP:[MD5.CD75CEF8F1E8C3CFAD32B5E474A4B771] - 18/10/2010 - 18:31:35 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf O45 - LFCP:[MD5.24E861ABDFB0B9BF4756183B1B4301CE] - 18/10/2010 - 20:54:15 ---A- - C:\Windows\Prefetch\AgRobust.db O45 - LFCP:[MD5.D845C3714C817DBFE45CCE115C0496BF] - 18/10/2010 - 20:54:27 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db O45 - LFCP:[MD5.733435A2619BC70C877602F396011719] - 18/10/2010 - 20:54:29 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db O45 - LFCP:[MD5.BEEFCC2863D6BFDB928BFAE42DE135AB] - 18/10/2010 - 20:54:35 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db O45 - LFCP:[MD5.138763DFE975BC9A26232D419B2D62A5] - 18/10/2010 - 21:08:40 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf O45 - LFCP:[MD5.61D52F6FA4FA6B4D252A0028DA1A7C2D] - 18/10/2010 - 21:47:47 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf O45 - LFCP:[MD5.9C397DFEA85B68655337779D7D053FAD] - 18/10/2010 - 21:47:47 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf O45 - LFCP:[MD5.5045426B17A39B6DE1A8CF04F39F6C90] - 18/10/2010 - 21:55:16 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf O45 - LFCP:[MD5.F40348BD0C2EB5B7CD1FCDEBB742D754] - 19/01/2011 - 15:57:09 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf O45 - LFCP:[MD5.F03C851D3564BF5A79DF0C59211EEB8E] - 19/10/2010 - 15:55:31 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf O45 - LFCP:[MD5.0502D29F6785C1EB6E2A964159C0F37D] - 19/10/2010 - 15:58:27 ---A- - C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf O45 - LFCP:[MD5.9324D8CE10F3EE558132E9AF66156F0D] - 19/10/2010 - 16:06:27 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf O45 - LFCP:[MD5.5C2921FD98A5D76268424331434B447A] - 19/10/2010 - 18:00:33 ---A- - C:\Windows\Prefetch\Layout.ini O45 - LFCP:[MD5.B76BFC4CBCBC43087FB3A6B554EE34A9] - 19/10/2010 - 18:31:29 ---A- - C:\Windows\Prefetch\IPODSERVICE.EXE-37C43D64.pf O45 - LFCP:[MD5.4773E27401974E318E8FBAF9EC8DE506] - 19/10/2010 - 18:58:29 ---A- - C:\Windows\Prefetch\ISWUPDE.EXE-FDB9B923.pf O45 - LFCP:[MD5.51D8A3425B21ACCA879DCF92451FA15B] - 19/10/2010 - 21:35:16 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3072727286-2981826037-1783307074-1000.db O45 - LFCP:[MD5.8F1CFFAE2712AC9D9B317124CFD90704] - 19/10/2010 - 21:35:16 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3072727286-2981826037-1783307074-1000.db O45 - LFCP:[MD5.B8291D3F0DCE183F22D758A152D83EE0] - 19/10/2010 - 21:43:00 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-FE771DDA.pf O45 - LFCP:[MD5.FF76E931B1D1296908244701FDDE5BF6] - 19/10/2010 - 21:47:52 ---A- - C:\Windows\Prefetch\AVWSC.EXE-4630B658.pf O45 - LFCP:[MD5.4858D7BAE1D8DFC5118DE86CD8EB83AD] - 20/10/2010 - 15:48:31 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx O45 - LFCP:[MD5.A449D50CE054242998E10CBFA005F225] - 20/10/2010 - 15:49:31 ---A- - C:\Windows\Prefetch\AgCx_SC1.db O45 - LFCP:[MD5.60E5F0A310EC533DDED60D66BD362AFC] - 21/06/2011 - 15:55:16 ---A- - C:\Windows\Prefetch\UNSECAPP.EXE-A02905A6.pf O45 - LFCP:[MD5.F4DDA0DF55B6857C4EABA9980B3E6F5C] - 21/06/2011 - 15:55:30 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf O45 - LFCP:[MD5.CC25BD19585358CC2DD49BF20FCF17BF] - 22/06/2011 - 15:55:38 ---A- - C:\Windows\Prefetch\IGFXEXT.EXE-D5F523DB.pf O45 - LFCP:[MD5.C49148109F682134E436ABE7A8D2B79F] - 22/06/2011 - 19:47:37 ---A- - C:\Windows\Prefetch\UPDATE.EXE-026DCA13.pf O45 - LFCP:[MD5.561F83DA81AF7B3D18F094603CA7CD78] - 22/06/2011 - 19:47:47 ---A- - C:\Windows\Prefetch\AVNOTIFY.EXE-FEC2FEC4.pf O45 - LFCP:[MD5.C52CE5DC0C58D77515EE44036F568C8C] - 23/10/2010 - 18:54:55 ---A- - C:\Windows\Prefetch\AgCx_SC2.db O45 - LFCP:[MD5.D43D36A7782001C3A16095832234C573] - 23/12/2010 - 22:16:00 ---A- - C:\Windows\Prefetch\FORCEFIELD.EXE-3271118F.pf O45 - LFCP:[MD5.BD70C5A228D24D57A5E7DCC4B43E066B] - 29/03/2011 - 15:56:29 ---A- - C:\Windows\Prefetch\SYNTPHELPER.EXE-0A20AAC4.pf ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{04e0f2a4-12c9-11e0-b08c-001d72d944ef}\AutoRun\command. (...) -- F:\SETUP.exe (.not file.) O51 - MPSK:{cda81c7b-3dc6-11e0-a70d-001d72d944ef}\AutoRun\command. (...) -- G:\APPInst.exe (.not file.) ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"vidc.i420"="i420vfw.dll" . (.www.helixcommunity.org - Helix I420 YUV Codec.) -- C:\Windows\System32\i420vfw.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\Windows\System32\yv12vfw.dll O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\lameACM.acm O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (...) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.98.2" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\AdobeARM.exe [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O53 - SMSR:HKLM\...\startupreg\BkupTray.exe [Key] . (.Pas de propriétaire - NTI Backup Now 5 Tray Module.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe O53 - SMSR:HKLM\...\startupreg\CheckUpdate.exe [Key] . (...) -- C:\Program Files\Xvid\CheckUpdate.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\FLVSrvc.exe [Key] . (.Applian Technologies, Inc. - FLV Service for Freecorder.) -- C:\Program Files\Freecorder\FLVSrvc.exe O53 - SMSR:HKLM\...\startupreg\GoogleToolbarNotifier.exe [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O53 - SMSR:HKLM\...\startupreg\HPWuSchd2.exe [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O53 - SMSR:HKLM\...\startupreg\iTunesHelper.exe [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe O53 - SMSR:HKLM\...\startupreg\jusched.exe [Key] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O53 - SMSR:HKLM\...\startupreg\QTTask.exe [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoSMHelp"=0 ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968] O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600] O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432] O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560] O58 - SDL:[MD5.38325C6AA8EAE011897D61CE48EC6435] - 19/10/2010 - 00:13:38 ---A- . (.Agere Systems - SoftModem Device Driver.) -- C:\Windows\system32\drivers\AGRSM.sys [1202560] O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416] O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928] O58 - SDL:[MD5.600EFE56F37ADBD65A0FB076B50D1B8D] - 19/10/2010 - 20:07:44 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [909824] O58 - SDL:[MD5.47B879406246FFDCED59E18D331A0E7D] - 19/10/2010 - 19:40:32 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [61960] O58 - SDL:[MD5.5FEDEF54757B34FB611B9EC8FB399364] - 19/10/2010 - 21:01:17 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [137656] O58 - SDL:[MD5.502F1C30BD50B32D00CE4DCAECC3D3C7] - 21/01/2008 - 03:23:20 ---A- . (.Broadcom Corporation - Pilote NDIS6.0 Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\system32\drivers\b57nd60x.sys [179712] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272] O58 - SDL:[MD5.73BAF270D24FE726B9CD7F80BB17A23D] - 19/10/2010 - 06:29:36 ---A- . (.Dritek System Inc. - Dritek PS2 Keyboard Filter Driver.) -- C:\Windows\system32\drivers\DKbFltr.sys [21264] O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784] O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584] O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 21/04/2011 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600] O58 - SDL:[MD5.9CFCD5DF1CEE66681AB2DF079A8FF3CA] - 17/04/2009 - 19:48:14 ---A- . (.GARMIN Corp. - Generic WDM Support Driver.) -- C:\Windows\system32\drivers\grmngen.sys [18304] O58 - SDL:[MD5.6003BC70F1A8307262BD3C941BDA0B7E] - 17/04/2009 - 19:48:14 ---A- . (.GARMIN Corp. - grmnusb.sys.) -- C:\Windows\system32\drivers\grmnusb.sys [9344] O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504] O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064] O58 - SDL:[MD5.8266AE06DF974E5BA047B3E9E9E70B3F] - 25/08/2010 - 19:31:30 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [9024512] O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576] O58 - SDL:[MD5.C6E5276C00EBDEB096BB5EF4B797D1B6] - 08/05/2008 - 09:48:24 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15.sys [15392] O58 - SDL:[MD5.8C7FA71CB1EBCD3EDE8958D27B1BF0B4] - 08/05/2008 - 09:48:24 ---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15_64.sys [17952] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944] O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312] O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656] O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312] O58 - SDL:[MD5.3D2C13377763EEAC0CA6FB46F57217ED] - 03/07/2011 - 08:11:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22712] O58 - SDL:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 03/07/2011 - 08:11:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [39984] O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288] O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616] O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384] O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160] O58 - SDL:[MD5.6D8D2E5652FC2442C810C5D8BE784148] - 21/01/2008 - 03:23:23 ---A- . (.National Semiconductor Corporation - NSC Fast Infrared Driver..) -- C:\Windows\system32\drivers\nscirda.sys [30720] O58 - SDL:[MD5.2757D2BA59AEE155209E24942AB127C9] - 08/05/2008 - 02:52:06 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\system32\drivers\NTIDrvr.sys [14848] O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608] O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968] O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112] O58 - SDL:[MD5.DA19E3401F39C10DF193BE029C7E7BBA] - 11/02/2011 - 14:32:14 ---A- . (.June Fabrics Technology - PdaNet Driver.) -- C:\Windows\system32\drivers\pnetmdm.sys [9472] O58 - SDL:[MD5.1DCBB35090CC4B2BD3D661E6089523C6] - 19/10/2010 - 16:05:42 ---A- . (.Egis Incorporated - Acer eDataSecurity Management PSD Filter Driver.) -- C:\Windows\system32\drivers\psdfilter.sys [18992] O58 - SDL:[MD5.E26E46D619469964AC3609620F443867] - 19/10/2010 - 16:05:42 ---A- . (.Egis Incorporated - Acer eDataSecurity Management PSD Named Pipe Driver.) -- C:\Windows\system32\drivers\PSDNServ.sys [16944] O58 - SDL:[MD5.3E1D134AF2806867D06047C4CC33CC65] - 19/10/2010 - 16:05:44 ---A- . (.Egis Incorporated - Acer eDataSecurity Management PSD Virtual Disk Driver.) -- C:\Windows\system32\drivers\PSDVdisk.sys [60464] O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360] O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088] O58 - SDL:[MD5.23EBCEE9AAA4D6C88728791FAB462456] - 18/10/2010 - 02:10:08 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2152344] O58 - SDL:[MD5.9EA88492B1DAB90DCE43A6F2C0E133BD] - 18/10/2010 - 12:33:38 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for Vista.) -- C:\Windows\system32\drivers\RTSTOR.sys [61440] O58 - SDL:[MD5.247B0A8164069CD4FE6F3094C581B13B] - 15/02/2011 - 16:11:08 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\system32\drivers\RtsUStor.sys [197224] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808] O58 - SDL:[MD5.DCEE1200FEFFFFFF000000008CF11200] - 28/12/2010 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [717296] O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 19/10/2010 - 14:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520] O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944] O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848] O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920] O58 - SDL:[MD5.4C9BB4B3B9EAC26211484C30B914C6DC] - 19/10/2010 - 19:08:42 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [199472] O58 - SDL:[MD5.97DD70FECA64FB4F63DE7BB7E66A80B1] - 19/10/2010 - 15:29:24 ---A- . (.EnTech Taiwan - TVicPort Driver for Windows NT/2000/XP.) -- C:\Windows\system32\drivers\TVicPort.sys [14544] O58 - SDL:[MD5.F763E070843EE2803DE1395002B42938] - 08/05/2008 - 02:51:50 ---A- . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -- C:\Windows\system32\drivers\UBHelper.sys [13824] O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816] O58 - SDL:[MD5.D4FB6ECC60A428564BA8768B0E23C0FC] - 21/04/2011 - 15:36:58 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys [41984] O58 - SDL:[MD5.6BE75CFCE25E42E79C0757C60D88FECB] - 19/10/2010 - 15:30:46 ---A- . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) -- C:\Windows\system32\drivers\vsdatant.sys [457304] O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616] O58 - SDL:[MD5.46D67209550973257601A533E2AC5785] - 21/01/2008 - 03:23:22 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\VSTAZL3.SYS [200704] O58 - SDL:[MD5.5C7BDCF5864DB00323FE2D90FA26A8A2] - 21/01/2008 - 03:23:23 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\VSTCNXT3.SYS [654336] O58 - SDL:[MD5.EC36F1D542ED4252390D446BF6D4DFD0] - 21/01/2008 - 03:23:22 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\VSTDPV3.SYS [987648] O58 - SDL:[MD5.3E1C915C6291AB5D1CFCA680E1BD6BAD] - 30/04/2008 - 10:55:00 ---A- . (.Marvell - Miniport Driver for Marvell Yukon Ethernet Controller..) -- C:\Windows\system32\drivers\yk60x86.sys [299008] O58 - SDL:[MD5.40AC8590CC9006DBB99FFCB37879D4C6] - 19/10/2010 - 15:29:24 ---A- . (.Zeal SoftStudio - zntport.) -- C:\Windows\system32\drivers\zntport.sys [6080] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC:Last File Created 01/07/2011 - 22:41:22 ---A- C:\Users\Mayke\AppData\Local\FLVService\Petit itinéraire pour visiter Florence en 3 jours - Le blog de Le Tout Moi.bin [456404] O61 - LFC:Last File Created 02/07/2011 - 18:38:11 ---A- C:\Users\Mayke\AppData\Local\Temp\bitrock_installer_3692.log [165] O61 - LFC:Last File Created 02/07/2011 - 18:38:14 ---A- C:\Users\Mayke\AppData\Local\Temp\~DF7797.tmp [98304] O61 - LFC:Last File Created 02/07/2011 - 18:39:34 ---A- C:\Users\Mayke\AppData\Local\Temp\347008.od [134] O61 - LFC:Last File Created 02/07/2011 - 18:39:34 ---A- C:\Users\Mayke\AppData\Local\Temp\CVR4B80.tmp.cvr [0] O61 - LFC:Last File Created 02/07/2011 - 19:56:50 ---A- C:\Users\Mayke\AppData\Local\Temp\4983873.od [134] O61 - LFC:Last File Created 02/07/2011 - 19:56:50 ---A- C:\Users\Mayke\AppData\Local\Temp\CVRC31.tmp.cvr [0] O61 - LFC:Last File Created 02/07/2011 - 22:21:15 ---A- C:\Users\Mayke\AppData\Local\Temp\bitrock_installer_2128.log [165] O61 - LFC:Last File Created 02/07/2011 - 22:21:22 ---A- C:\Users\Mayke\AppData\Local\Temp\~DFEC6F.tmp [98304] O61 - LFC:Last File Created 02/07/2011 - 22:56:17 ---A- C:\Users\Mayke\AppData\Local\Temp\2328112.od [134] O61 - LFC:Last File Created 02/07/2011 - 22:56:17 ---A- C:\Users\Mayke\AppData\Local\Temp\CVR8620.tmp.cvr [0] O61 - LFC:Last File Created 02/07/2011 - 23:33:08 ---A- C:\Users\Mayke\AppData\Local\Temp\11139344.od [134] O61 - LFC:Last File Created 02/07/2011 - 23:33:08 ---A- C:\Users\Mayke\AppData\Local\Temp\CVRF910.tmp.cvr [0] O61 - LFC:Last File Created 02/07/2011 - 23:34:32 ---A- C:\Users\Mayke\AppData\Local\Temp\11223679.od [134] O61 - LFC:Last File Created 02/07/2011 - 23:34:32 ---A- C:\Users\Mayke\AppData\Local\Temp\CVR426F.tmp.cvr [0] O61 - LFC:Last File Created 03/07/2011 - 16:36:00 ---A- C:\Users\Mayke\AppData\Local\Temp\BR1AD3.tmp [16384] O61 - LFC:Last File Created 03/07/2011 - 18:42:21 ---A- C:\Users\Mayke\AppData\Local\Temp\bitrock_installer_3048.log [165] O61 - LFC:Last File Created 03/07/2011 - 18:42:26 ---A- C:\Users\Mayke\AppData\Local\Temp\~DF5FCE.tmp [98304] O61 - LFC:Last File Created 03/07/2011 - 18:42:28 ---A- C:\Users\Mayke\AppData\Roaming\CheckPoint\ZoneAlarm Toolbar\sites [0] O61 - LFC:Last File Created 03/07/2011 - 19:30:21 ---A- C:\Users\Mayke\AppData\Local\Temp\3084779.od [134] O61 - LFC:Last File Created 03/07/2011 - 19:30:21 ---A- C:\Users\Mayke\AppData\Local\Temp\CVR11EB.tmp.cvr [0] O61 - LFC:Last File Created 03/07/2011 - 20:33:11 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\build.conf [261] O61 - LFC:Last File Created 03/07/2011 - 20:33:11 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref [6930185] O61 - LFC:Last File Created 03/07/2011 - 20:40:08 ---A- C:\Users\Mayke\AppData\Local\FLVService\Classical music and opera - classical concerts in Florence (Firenze) and Siena.bin [8023175] O61 - LFC:Last File Created 03/07/2011 - 20:55:09 ---A- C:\Users\Mayke\AppData\Local\Temp\open284762506936660486.sweethome3d [4471162] O61 - LFC:Last File Created 03/07/2011 - 20:57:22 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\local.conf [439] O61 - LFC:Last File Created 03/07/2011 - 21:32:35 -SHA- C:\Users\Mayke\AppData\Roaming\Sys2662.Config.Repository.bin [22] O61 - LFC:Last File Created 03/07/2011 - 21:51:45 ---A- C:\Users\Mayke\AppData\Local\FLVService\Peindre les murs et les plafonds - Fiche pratique.bin [1990196] O61 - LFC:Last File Created 03/07/2011 - 22:02:33 ---A- C:\Users\Mayke\AppData\Local\Temp\bitrock_installer.log [4453] O61 - LFC:Last File Created 03/07/2011 - 22:10:18 ---A- C:\Users\Mayke\AppData\Local\Temp\CFG84DC.tmp [123] O61 - LFC:Last File Created 03/07/2011 - 22:18:52 ---A- C:\Users\Mayke\AppData\Local\Temp\jv16PT_2011\exe.ico [1150] O61 - LFC:Last File Created 03/07/2011 - 22:28:59 ---A- C:\Users\Mayke\Downloads\malwarebytes-anti-malware_malwarebytes_anti-malware_1.51.0.1200_francais_215092.exe [9435312] O61 - LFC:Last File Created 03/07/2011 - 22:29:07 ---A- C:\Users\Mayke\AppData\Local\Temp\~gu-ver.dat [590] O61 - LFC:Last File Created 03/07/2011 - 22:33:35 ---A- C:\Users\Mayke\AppData\Roaming\GlarySoft\Glary Utilities\Backups\40727,9816552083 [45055] O61 - LFC:Last File Created 03/07/2011 - 22:33:39 ---A- C:\Users\Mayke\AppData\Roaming\GlarySoft\Glary Utilities\Backups\40727,9817081944 [864] O61 - LFC:Last File Created 03/07/2011 - 22:33:39 ---A- C:\Users\Mayke\AppData\Roaming\GlarySoft\Glary Utilities\Backups\index.ini [80] O61 - LFC:Last File Created 03/07/2011 - 22:35:29 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\config.conf [2399] O61 - LFC:Last File Created 03/07/2011 - 22:35:29 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\custom.conf [5] O61 - LFC:Last File Created 03/07/2011 - 22:35:29 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\news.conf [248] O61 - LFC:Last File Created 03/07/2011 - 22:35:43 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\ignore.dat [0] O61 - LFC:Last File Created 03/07/2011 - 22:38:05 ---A- C:\Users\Mayke\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP5.52299 [162] O61 - LFC:Last File Created 03/07/2011 - 22:38:07 ---A- C:\Users\Mayke\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2011-07-03 (23-38-07).txt [1189] O61 - LFC:Last File Created 03/07/2011 - 22:42:14 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\Logs\protection-log-2011-07-03.txt [460] O61 - LFC:Last File Created 03/07/2011 - 22:43:32 ---A- C:\Users\Mayke\AppData\Local\Temp\~DFBD0.tmp [98304] O61 - LFC:Last File Created 03/07/2011 - 22:44:40 ---A- C:\Users\Mayke\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2011-07-03 (23-44-40).txt [1054] O61 - LFC:Last File Created 03/07/2011 - 22:49:20 ---A- C:\Users\Mayke\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2011-07-03 (23-49-20).txt [1053] O61 - LFC:Last File Created 04/07/2011 - 08:27:55 ---A- C:\Users\Mayke\AppData\Local\Temp\~DFA0EE.tmp [98304] O61 - LFC:Last File Created 04/07/2011 - 10:33:31 ---A- C:\Users\Mayke\AppData\Local\Temp\~DF564A.tmp [98304] O61 - LFC:Last File Created 04/07/2011 - 10:50:32 ---A- C:\Users\Mayke\AppData\Local\Temp\IswTmp\Logs\FFApi.swl.old [1052] O61 - LFC:Last File Created 04/07/2011 - 14:40:02 ----- C:\Users\Mayke\AppData\Local\Temp\open3457030561786269177.sweethome3d [4471203] O61 - LFC:Last File Created 04/07/2011 - 15:56:19 ---A- C:\Users\Mayke\AppData\Local\Temp\~DF89BA.tmp [98304] O61 - LFC:Last File Created 04/07/2011 - 16:03:36 ---A- C:\Users\All Users\Nero\Agent\History.xml [200] O61 - LFC:Last File Created 04/07/2011 - 16:11:00 ---A- C:\Users\Mayke\AppData\Local\Temp\IswTmp\Logs\FFApi.swl [1052] O61 - LFC:Last File Created 04/07/2011 - 18:29:21 ---A- C:\Users\Mayke\AppData\Local\Temp\9396080.od [134] O61 - LFC:Last File Created 04/07/2011 - 18:29:21 ---A- C:\Users\Mayke\AppData\Local\Temp\CVR5F61.tmp.cvr [0] O61 - LFC:Last File Created 04/07/2011 - 18:31:39 ---A- C:\Users\Mayke\Music\iTunes\iTunes Library.itl [162449] O61 - LFC:Last File Created 04/07/2011 - 18:31:39 ---A- C:\Users\Mayke\Music\iTunes\iTunes Music Library.xml [936950] O61 - LFC:Last File Created 04/07/2011 - 18:33:44 ---A- C:\Users\Mayke\AppData\Roaming\Apple Computer\Logs\asl.165558_04Jul11.log [12698] O61 - LFC:Last File Created 04/07/2011 - 18:39:03 ---A- C:\Users\Mayke\AppData\Roaming\Apple Computer\iTunes\Cookies\Cookies.plist [3163] O61 - LFC:Last File Created 04/07/2011 - 18:39:09 ---A- C:\Users\Mayke\AppData\Local\Apple Computer\iTunes\iTunesPrefs.xml [817049] O61 - LFC:Last File Created 04/07/2011 - 18:39:09 ---A- C:\Users\Mayke\AppData\Roaming\Apple Computer\iTunes\iTunesPrefs.xml [208783] O61 - LFC:Last File Created 04/07/2011 - 18:39:41 ---A- C:\Users\Mayke\AppData\Local\Temp\10015544.od [134] O61 - LFC:Last File Created 04/07/2011 - 18:39:41 ---A- C:\Users\Mayke\AppData\Local\Temp\CVRD338.tmp.cvr [0] O61 - LFC:Last File Created 04/07/2011 - 18:57:41 ---A- C:\Users\Mayke\AppData\Local\Temp\11095883.od [134] O61 - LFC:Last File Created 04/07/2011 - 18:57:41 ---A- C:\Users\Mayke\AppData\Local\Temp\CVR4F4B.tmp.cvr [0] O61 - LFC:Last File Created 04/07/2011 - 20:28:07 ---A- C:\Users\Mayke\AppData\Local\Temp\16522128.od [134] O61 - LFC:Last File Created 04/07/2011 - 20:28:07 ---A- C:\Users\Mayke\AppData\Local\Temp\CVR1B90.tmp.cvr [0] O61 - LFC:Last File Created 04/07/2011 - 20:30:43 ---A- C:\Users\Mayke\AppData\Local\Temp\7C55.tmp\hosts [905] O61 - LFC:Last File Created 04/07/2011 - 20:33:17 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\Logs\protection-log-2011-07-04.txt [1074] O61 - LFC:Last File Created 04/07/2011 - 21:42:03 ---A- C:\Users\Mayke\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2011-07-04 (22-42-03).txt [1078] O61 - LFC:Last File Created 04/07/2011 - 21:44:44 ---A- C:\Users\Mayke\Downloads\ZHPDiag2.zip [2501413] O61 - LFC:Last File Created 07/06/2011 - 22:15:59 ---A- C:\Users\Mayke\AppData\Roaming\CheckPoint\ZoneAlarm Toolbar\.version [9] O61 - LFC:Last File Created 08/01/2011 - 20:30:21 ---A- C:\Users\Mayke\AppData\Roaming\Microsoft\Outlook\Outlook.xml [3605] O61 - LFC:Last File Created 08/01/2011 - 20:30:21 ---A- C:\Users\Mayke\AppData\Roaming\Microsoft\Outlook\outcmd.dat [1686] O61 - LFC:Last File Created 09/01/2011 - 23:36:00 ---A- C:\Users\Mayke\AppData\Roaming\Microsoft\Outlook\Outlook.NK2 [44310] O61 - LFC:Last File Created 09/11/2010 - 23:36:06 ---A- C:\Users\Mayke\AppData\Roaming\Microsoft\Office\Word12.pip [1696] O61 - LFC:Last File Created 14/03/2011 - 18:46:25 ---A- C:\Users\Mayke\AppData\Local\Temp\jusched.log [137419] O61 - LFC:Last File Created 14/03/2011 - 21:09:34 ---A- C:\Users\Mayke\AppData\Local\Temp\AdobeARM.log [206659] O61 - LFC:Last File Created 14/03/2011 - 21:31:08 ---A- C:\Users\Mayke\AppData\Local\Temp\Mayke.bmp [31832] O61 - LFC:Last File Created 15/03/2011 - 20:23:03 -SHA- C:\Users\Mayke\AppData\Local\Temp\Cookies\index.dat [16384] O61 - LFC:Last File Created 15/03/2011 - 20:23:03 -SHA- C:\Users\Mayke\AppData\Local\Temp\Fichiers Internet temporaires\Content.IE5\index.dat [262144] O61 - LFC:Last File Created 15/03/2011 - 20:23:03 -SHA- C:\Users\Mayke\AppData\Local\Temp\History\History.IE5\index.dat [16384] O61 - LFC:Last File Created 18/03/2011 - 22:25:24 ---A- C:\Users\Mayke\AppData\Local\Temp\AUCHECK_PARSER.txt [1367] O61 - LFC:Last File Created 19/10/2010 - 18:33:13 ---A- C:\Users\Mayke\AppData\Local\Apple Computer\iTunes\Cache.db [66358272] O61 - LFC:Last File Created 19/10/2010 - 22:49:36 --HA- C:\Users\Mayke\AppData\Local\IconCache.db [3114394] O61 - LFC:Last File Created 20/03/2011 - 22:25:24 ---A- C:\Users\Mayke\AppData\Local\Temp\AUCHECK_CORE.txt [4832] O61 - LFC:Last File Created 21/04/2011 - 18:33:42 ---A- C:\Users\Mayke\Music\iTunes\iTunes Library Extras.itdb [12288] O61 - LFC:Last File Created 21/04/2011 - 18:39:07 --HA- C:\Users\Mayke\Music\iTunes\sentinel [8] O61 - LFC:Last File Created 23/06/2011 - 16:03:36 ---A- C:\Users\All Users\Nero\Agent\Repository\State.md5 [32] O61 - LFC:Last File Created 23/06/2011 - 16:03:36 ---A- C:\Users\All Users\Nero\Agent\Repository\State.xml [181] O61 - LFC:Last File Created 24/06/2011 - 16:03:36 ---A- C:\Users\All Users\Nero\Agent\Agent.cfg [84] O61 - LFC:Last File Created 24/06/2011 - 16:03:36 ---A- C:\Users\All Users\Nero\Agent\History.md5 [32] O61 - LFC:Last File Created 26/11/2010 - 18:41:30 ---A- C:\Users\Mayke\AppData\Local\FLVService\lib\FLVSrvLib.dll [18432] O61 - LFC:Last File Created 30/11/2010 - 20:23:10 ---A- C:\Users\Mayke\AppData\Roaming\Adobe\Acrobat\10.0\Security\CRLCache\A9B8213768ADC68AF64FCC6409E8BE414726687F.crl [35534] O61 - LFC:Last File Created 30/11/2010 - 20:23:11 ---A- C:\Users\Mayke\AppData\Roaming\Adobe\Acrobat\10.0\Security\CRLCache\48B76449F3D5FEFA1133AA805E420F0FCA643651.crl [898] O61 - LFC:Last File Created 30/11/2010 - 20:24:41 ---A- C:\Users\Mayke\AppData\Roaming\Adobe\Acrobat\10.0\JavaScripts\glob.js [0] O61 - LFC:Last File Created 30/11/2010 - 20:24:41 ---A- C:\Users\Mayke\AppData\Roaming\Adobe\Acrobat\10.0\JavaScripts\glob.settings.js [10] ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 15/12/2010 - C:\Windows\System32\DRIVERS\avgntflt.sys - avgntflt(avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 03/04/2011 - C:\Windows\System32\DRIVERS\avipbb.sys - avipbb(avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - 30/08/2010 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys - driverhardwarev2(driverhardwarev2) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2 O64 - Services: CurCS - 21/03/2008 - C:\Windows\system32\drivers\int15.sys - int15(int15) .(.Acer, Inc. - int15.) - LEGACY_INT15 O64 - Services: CurCS - 29/05/2011 - C:\Windows\system32\drivers\mbam.sys - MBAMProtector(MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 14/05/2008 - C:\Windows\System32\DRIVERS\psdfilter.sys - PSDFilter(PSDFilter) .(.Egis Incorporated - Acer eDataSecurity Management PSD Filter Dr.) - LEGACY_PSDFILTER O64 - Services: CurCS - 14/05/2008 - C:\Windows\System32\DRIVERS\PSDNServ.sys - PSDNServ(PSDNServ) .(.Egis Incorporated - Acer eDataSecurity Management PSD Named Pip.) - LEGACY_PSDNSERV O64 - Services: CurCS - 14/05/2008 - C:\Windows\System32\DRIVERS\PSDVdisk.sys - PSDVdisk(psdvdisk) .(.Egis Incorporated - Acer eDataSecurity Management PSD Virtual D.) - LEGACY_PSDVDISK O64 - Services: CurCS - 28/12/2010 - C:\Windows\System32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD O64 - Services: CurCS - 17/06/2010 - C:\Windows\System32\DRIVERS\ssmdrv.sys - ssmdrv(ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - 15/05/2010 - C:\Windows\System32\DRIVERS\vsdatant.sys - Zone Alarm Firewall Driver(Vsdatant) .(.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - LEGACY_VSDATANT ---\\ Liste des fichiers non signés (O65) O65 - LUF:13/06/1998 (.Pas de propriétaire - Gif89 Module.) (1, 0, 0, 1) - c:\windows\system32\Gif89.dll ---\\ Observateur d'évènement d'application (O66) O66 - EventLog: ID=482 (ESENT) - (...) -- C:\ProgramData\Microsoft\Search\Data O66 - EventLog: ID=8193 (System Restore) - (...) -- C:\Users\Mayke\AppData\Local\Temp\NeroInstallFiles O66 - EventLog: ID=4118 (Avira AntiVir) - (...) -- C:\Users\Mayke\AppData\Roaming\Apple Computer\MobileSync\Backup ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ---\\ Search Browser Infection (O69) O69 - SBI: C:\Users\Mayke\AppData\Roaming\Mozilla\Firefox\Profiles\raz6ubhh.default\searchplugins\conduit.xml O69 - SBI: prefs.js [Mayke - raz6ubhh.default] user_pref("CT1060933.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?'>http://search.conduit.com/ResultsExt.aspx? O69 - SBI: prefs.js [Mayke - raz6ubhh.default] user_pref("CT2611275.SearchEngine", "Search||http://search.conduit.com/Results.aspx? O69 - SBI: prefs.js [Mayke - raz6ubhh.default] user_pref("CT2611275.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx? O69 - SBI: prefs.js [Mayke - raz6ubhh.default] user_pref("CT2611275.ct2611275.SearchEngine", "Search||http://search.conduit.com/Results.aspx? O69 - SBI: prefs.js [Mayke - raz6ubhh.default] user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT1060933 O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {1F096B29-E9DA-4D64-8D63-936BE7762CC5} - (Search the web (Babylon)) - Babylon Search O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - ( ) - http://search.conduit.com ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.B2994EC6452DBD04E57828EEFEDFB93C] [sPRF] (.Realtek Semiconductor Corp. - Realtek HD Audio Data Rerouter.) -- C:\Users\Mayke\AppData\Local\Temp\RtkBtMnt.exe [204800] [MD5.E7D4603CB71AA5CDE15A009AE2A34D04] [sPRF] (...) -- C:\Users\Mayke\Desktop\MyHosts.exe [124416] [MD5.12782199A66E126FDA49A6E3DB4D70EB] [sPRF] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Mayke\Desktop\ZHPDiag2.exe [2536154] [MD5.F8EDC0F44BF504FE83251DC1C70F26E4] [sPRF] (...) -- C:\Users\Mayke\AppData\Roaming\Sys2662.Config.Repository.bin [22] ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-In-UDP" | In - Domain - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe O87 - FAEL: "WinCollab-Out-UDP" | Out - Domain - P17 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-In-UDP" | In - Domain - P17 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Windows Meeting Space.) -- C:\Program Files\Windows Collaboration\WinCollab.exe O87 - FAEL: "WinCollab-DFSR-Out-TCP" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe O87 - FAEL: "WinCollab-DFSR-In-TCP" | In - Domain - P6 - TRUE | .(.Microsoft Corporation - Réplication DFS.) -- C:\Windows\system32\dfsr.exe O87 - FAEL: "{7B7DEEEB-D07C-4D91-9E38-F857C78E87AD}" | In - Public - P6 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O87 - FAEL: "{85FDDE5B-8CBC-4798-B06D-8EC8E0C59F70}" | In - Public - P17 - TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 Agent service..) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O87 - FAEL: "{700982FC-837F-4B5A-9A78-2CBD0B8EB989}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O87 - FAEL: "{1EC0BE30-C5C4-4D30-8DDA-FDFEE6BEFF0F}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O87 - FAEL: "{89DA007C-73BF-4DD5-92F4-A6479FA63BA8}" | In - Public - P6 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O87 - FAEL: "{54955791-5D79-4470-BEFE-6EECB7BB4EF4}" | In - Public - P17 - TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O87 - FAEL: "{E0025EC9-154E-4225-AD81-E6274D2A9539}" |In - None - P17 - TRUE | .(...) -- c:\Program Files\Cyberlink\PowerDirector\PDR.exe (.not file.) O87 - FAEL: "{8D5C8FEA-A4CE-4660-BBC8-6E84288DA6AA}" | In - Public - P6 - TRUE | .(.Check Point Software Technologies LTD - TrueVector Service.) -- C:\Windows\System32\ZoneLabs\vsmon.exe O87 - FAEL: "{BB5B9FA2-85ED-418A-A5E8-7B0DFB83DF08}" | In - Public - P17 - TRUE | .(.Check Point Software Technologies LTD - TrueVector Service.) -- C:\Windows\System32\ZoneLabs\vsmon.exe O87 - FAEL: "{FB626392-0AF6-46A8-9368-AC0FAC430C39}" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O87 - FAEL: "{6B9788F2-1F16-42F8-AC08-F02A212988D7}" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O87 - FAEL: "TCP Query User{A49E5666-2416-45B8-9B62-7704985B881D}C:\program files\utorrent\utorrent.exe" | In - Private - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\program files\utorrent\utorrent.exe O87 - FAEL: "UDP Query User{01270738-7AA8-41AD-B0A2-B5C85BD7CC99}C:\program files\utorrent\utorrent.exe" | In - Private - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\program files\utorrent\utorrent.exe O87 - FAEL: "{EB7B4C71-4688-42A5-8508-BF658E0D02B4}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Call.) -- C:\Program Files\Windows Live\Messenger\wlcsdk.exe O87 - FAEL: "{D81E879F-DEED-48DD-9FED-37BD262F6B4D}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O87 - FAEL: "{D336220F-1115-4E91-8C63-9106A6946AB5}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O87 - FAEL: "{8780F6D0-A5E1-4ADB-9AF3-FD5F1406E881}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O87 - FAEL: "{F21299E0-A1A0-443E-80F1-535047C87059}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O87 - FAEL: "{4906CC15-3688-4C55-9FFB-0DA2633FAEEF}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe O87 - FAEL: "{F38DC242-050D-47FD-98B4-24F264BE2626}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (.not file.) O87 - FAEL: "{C1A04BA2-F60D-49CA-AA3F-BA899967C5E7}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (.not file.) O87 - FAEL: "{EE921C9F-88B8-4AB7-B8CA-AE2EFDCABAC8}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O87 - FAEL: "{828C4C21-96EE-4772-8649-8CF59F153966}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O87 - FAEL: "{09B57BA5-2FE6-419A-8888-A162392E8156}" | In - Private - P6 - TRUE | .(.Hewlett-Packard Co. - DeviceSetup.exe.) -- C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe O87 - FAEL: "{2A7A8D6A-EF77-4A56-AE12-792B5B85BE90}" | In - Private - P17 - TRUE | .(.Hewlett-Packard Co. - DeviceSetup.exe.) -- C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe O87 - FAEL: "{B631570A-EEAE-48F6-8FFC-4824B96B7AD4}" | In - Private - P6 - TRUE | .(.Hewlett-Packard Co. - HPNetworkCommunicator.) -- C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe O87 - FAEL: "{A869EA34-6739-4B33-B59F-2898EE7A6476}" | In - Private - P17 - TRUE | .(.Hewlett-Packard Co. - HPNetworkCommunicator.) -- C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe O87 - FAEL: "{0E1C3C96-3E90-49C2-9E3C-1D8ED3CB9947}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{E0747242-5DA0-4259-82AA-EEE4FEE6F0A7}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{9C61AC0D-4EDD-48E3-8A7B-5E4F9BE62633}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe O87 - FAEL: "{0085408A-6A6C-405C-8992-22C9AAED1089}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O87 - FAEL: "{48DAC28D-5FB8-4AF5-94DB-9DEAD9AB4675}" |In - Private - P6 - TRUE | .(...) -- C:\Users\Mayke\Downloads\AviConverterSetup.exe (.not file.) O87 - FAEL: "{6E4FC0F3-1C21-454B-9BAE-E88272F63667}" |In - Private - P17 - TRUE | .(...) -- C:\Users\Mayke\Downloads\AviConverterSetup.exe (.not file.) ---\\ Scan Additionnel (O88) Database Version : 8461 - (04/07/2011) Clés trouvées (Keys found) : 11 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 8 Fichiers trouvés (Files found) : 1 [HKLM\Software\Classes\Toolbar.CT2611275] =>Toolbar.Agent [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}] =>Toolbar.Babylon [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}] =>Toolbar.Babylon [HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit [HKCU\Software\Ask&Record] =>Toolbar.Agent [HKCU\Software\Conduit] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit [HKLM\Software\Conduit] =>Toolbar.Conduit C:\Program Files\Conduit =>Toolbar.Conduit C:\Users\Mayke\AppData\Local\MediaGet2 =>PUP.MediaGet C:\Users\Mayke\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon C:\Users\Mayke\AppData\LocalLow\Conduit =>Toolbar.Conduit C:\Users\Mayke\AppData\Local\MediaGet2 =>PUP.MediaGet C:\Users\Mayke\AppData\Roaming\Mozilla\Firefox\Profiles\raz6ubhh.default\Conduit =>Toolbar.Conduit C:\Users\Mayke\AppData\Roaming\Mozilla\Firefox\Profiles\raz6ubhh.default\ConduitEngine =>Toolbar.Conduit C:\Users\Mayke\AppData\Roaming\Mozilla\Firefox\Profiles\raz6ubhh.default\Extensions\engine@conduit.com =>Toolbar.Conduit C:\Users\Mayke\AppData\Roaming\Mozilla\Firefox\Profiles\raz6ubhh.default\SearchPlugins\conduit.xml =>Toolbar.Conduit ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 18/06/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 19/10/2010 13312 | (AgereModemAudio) . (.Agere Systems.) - C:\Windows\system32\agrsmsvc.exe SR - | Auto 19/10/2010 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 19/10/2010 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SR - | Auto 21/04/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 21/04/2011 349472 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 08/05/2008 16384 | (BUNAgentSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe SR - | Auto 19/10/2010 500784 | (eDataSecurity Service) . (.Egis Incorporated.) - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe SR - | Auto 08/05/2008 24576 | (ETService) . (...) - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe SS - | Auto 19/10/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 19/10/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 19/10/2010 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Demand 21/04/2011 820520 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 08/05/2008 61440 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe SS - | Demand 31/01/2011 310640 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe SR - | Auto 03/07/2011 366640 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe SR - | Auto 19/10/2010 110592 | (MobilityService) . (...) - C:\Acer\Mobility Center\MobilityService.exe SS - | Auto 23/06/2011 584488 | C:\Program Files\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG.) - C:\Program Files\Nero\Update\NASvc.exe SR - | Auto 08/05/2008 50424 | (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe SR - | Auto 08/05/2008 131072 | (NTISchedulerSvc) . (...) - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe SR - | Auto 19/10/2010 2435592 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\Windows\System32\ZoneLabs\vsmon.exe SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by Mayke at 04/07/2011 23:05:46 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x858AB1F8]<< 1 ntkrnlpa!IofCallDriver[0x82504FEF] -> \Device\Harddisk0\DR0[0x860F1AC8] 3 CLASSPNP[0x8AB9F745] -> ntkrnlpa!IofCallDriver[0x82504FEF] -> \Device\Ide\IdeDeviceP0T0L0-0[0x85937BA0] \Driver\atapi[0x85928850] -> IRP_MJ_CREATE -> 0x858AB1F8 kernel: MBR read successfully detected disk devices: detected hooks: \Driver\atapi -> 0x858ab1f8 user & kernel MBR OK Warning: possible MBR rootkit infection ! ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Mayke at 04/07/2011 23:05:48 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O58 - SDL:[MD5.DCEE1200FEFFFFFF000000008CF11200] - 28/12/2010 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [717296] End of the scan (1602 lines in 10mn 13s)(0)
  23. Voila le nouveau rapport MBAM qui ne trouve rien. Je mets à la suite le rapport d hier qui a trouve un element! Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Version de la base de données: 7021 Windows 6.0.6001 Service Pack 1 Internet Explorer 8.0.6001.19088 04/07/2011 22:42:03 mbam-log-2011-07-04 (22-42-03).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 284522 Temps écoulé: 1 heure(s), 8 minute(s), 33 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Version de la base de données: 7013 Windows 6.0.6001 Service Pack 1 Internet Explorer 8.0.6001.19088 03/07/2011 23:38:07 mbam-log-2011-07-03 (23-38-07).txt Type d'examen: Examen éclair Elément(s) analysé(s): 110706 Temps écoulé: 1 minute(s), 24 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 1 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (PUM.Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
×
×
  • Créer...