Lolovbo

Ok, encore merci pour tout, je clôture donc

Bonjour, j'ai rescanné le PC et il semble que tout est en ordre maintenant Je vous remercie beaucoup pour votre aide :D:D Bonne journée

Je m'en aperçois, un peu tard, lol J'éviterai sérieusement. Il semble d'une part que BitDefender ai réussi à supprimer le fichier litigieux. De plus, j'ai réussi à trouver le répertoire suspect dans l'explorer en montrant les fichiers cachés et à le supprimer. Je referai un scan complet avec BitDefender cette nuit. Cela semble réglé mais je vérifierai. Merci pour l'aide en tout cas, super PS : J'ai complètment supprimé les (sous)répertoires infectés précédemment trouvé par malware. Voici le rapport final de MalwareBytes ==> Malwarebytes Anti-Malware (Essai) 1.62.0.1300 www.malwarebytes.org Version de la base de données: v2012.07.20.07 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 Laurent :: GOOFY [administrateur] Protection: Activé 20/07/2012 22:20:53 mbam-log-2012-07-20 (22-20-53).txt Type d'examen: Examen complet (C:\|D:\|F:\|G:\|H:\|I:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 682149 Temps écoulé: 1 heure(s), 30 minute(s), 59 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 0 (Aucun élément nuisible détecté) (fin)

Désolé pour le délais, voici seulement le résultat de MalwareBytes La machine semble fonctionner correctement, merci Je vais supprimer tout ce qui est litigieux en tout cas. Je vais refaire une scan avec BitDefender sur le folder Windows dans lequel apparaît la référence au virus. Merci pour l'aide Rapport ==> Malwarebytes Anti-Malware (Essai) 1.62.0.1300 www.malwarebytes.org Version de la base de données: v2012.07.20.07 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 Laurent :: GOOFY [administrateur] Protection: Activé 20/07/2012 20:34:26 mbam-log-2012-07-20 (22-13-34).txt Type d'examen: Examen complet (C:\|D:\|F:\|G:\|H:\|I:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 683981 Temps écoulé: 1 heure(s), 36 minute(s), 25 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 4 C:\NonOfficiel\Dragon Age II\Crack\rld-da2k.exe (RiskWare.Tool.CK) -> Aucune action effectuée. D:\A nettoyer\Downloads\Jeux\Little games\Luxor 1-2-3 + Cracks\GameHouse.Luxor.Cura + install\luxorres.dll (Trojan.Agent) -> Aucune action effectuée. D:\Apps\32 bits\Développement\MySQL\Sqlyog.Enterprise.v7.14.Incl.Keymaker-CORE\CORE10k.EXE (Dont.Steal.Our.Software) -> Aucune action effectuée. H:\From Temp H\Save Datas\EXTERNAL\Jeux0\Dungeon Lord\dl_13fr_trainer_by Lordkud\dl_13fr_trainer.exe (HackTool.GamesCheat.Gen) -> Aucune action effectuée. (fin)

Voici les rapports, dans l'ordre, de RogueKiller ==> 1. Scan ==> RogueKiller V7.6.4 [17/07/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/57) Blog: tigzy-RK Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version Demarrage : Mode normal Utilisateur: Laurent [Droits d'admin] Mode: Recherche -- Date: 20/07/2012 20:12:40 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Entrees de registre: 0 ¤¤¤ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver: [NON CHARGE] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: Hitachi HTS545050B9SA00 +++++ --- User --- [MBR] b006d51f2d25eb7a86420df12c8d61bd [bSP] 84e9b7d8f5cd1573be7b6f02bb1f244a : Windows 7 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13689 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 28037120 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 28241920 | Size: 258349 Mo 3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 557340672 | Size: 204800 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: Hitachi HTS545050B9SA00 +++++ --- User --- [MBR] df13ae27e8495edfbc987a58ce16a7df [bSP] 665c81049882a5383f8bdb7e23670a70 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 2048 | Size: 476938 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[1].txt >> RKreport[1].txt 2. Suppression ==> RogueKiller V7.6.4 [17/07/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/57) Blog: http://tigzyrk.blogspot.com Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version Demarrage : Mode normal Utilisateur: Laurent [Droits d'admin] Mode: Suppression -- Date: 20/07/2012 20:14:09 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Entrees de registre: 0 ¤¤¤ ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤ ¤¤¤ Driver: [NON CHARGE] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Verif: ¤¤¤ +++++ PhysicalDrive0: Hitachi HTS545050B9SA00 +++++ --- User --- [MBR] b006d51f2d25eb7a86420df12c8d61bd [bSP] 84e9b7d8f5cd1573be7b6f02bb1f244a : Windows 7 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13689 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 28037120 | Size: 100 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 28241920 | Size: 258349 Mo 3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 557340672 | Size: 204800 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: Hitachi HTS545050B9SA00 +++++ --- User --- [MBR] df13ae27e8495edfbc987a58ce16a7df [bSP] 665c81049882a5383f8bdb7e23670a70 : Windows 7 MBR Code Partition table: 0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 2048 | Size: 476938 Mo User = LL1 ... OK! User = LL2 ... OK! Termine : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt 3. Host RAZ ==> RogueKiller V7.6.4 [17/07/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/57) Blog: tigzy-RK Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version Demarrage : Mode normal Utilisateur: Laurent [Droits d'admin] Mode: HOSTS RAZ -- Date: 20/07/2012 20:14:52 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Driver: [NON CHARGE] ¤¤¤ ¤¤¤ Fichier HOSTS: ¤¤¤ 127.0.0.1 localhost ¤¤¤ Nouveau fichier HOSTS: ¤¤¤ 127.0.0.1 localhost Termine : << RKreport[3].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt 4. Proxy RAZ ==> RogueKiller V7.6.4 [17/07/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/57) Blog: http://tigzyrk.blogspot.com Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version Demarrage : Mode normal Utilisateur: Laurent [Droits d'admin] Mode: Proxy RAZ -- Date: 20/07/2012 20:14:56 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Driver: [NON CHARGE] ¤¤¤ ¤¤¤ Entrees de registre: 0 ¤¤¤ Termine : << RKreport[4].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt 5. DNS RAZ ==> RogueKiller V7.6.4 [17/07/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/57) Blog: tigzy-RK Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version Demarrage : Mode normal Utilisateur: Laurent [Droits d'admin] Mode: DNS RAZ -- Date: 20/07/2012 20:14:59 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Driver: [NON CHARGE] ¤¤¤ ¤¤¤ Entrees de registre: 0 ¤¤¤ Termine : << RKreport[5].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt 6. Raccourci RAZ ==> RogueKiller V7.6.4 [17/07/2012] par Tigzy mail: tigzyRK<at>gmail<dot>com Remontees: [RogueKiller] Remontées (1/57) Blog: http://tigzyrk.blogspot.com Systeme d'exploitation: Windows 7 (6.1.7600 ) 64 bits version Demarrage : Mode normal Utilisateur: Laurent [Droits d'admin] Mode: Raccourcis RAZ -- Date: 20/07/2012 20:17:52 ¤¤¤ Processus malicieux: 0 ¤¤¤ ¤¤¤ Driver: [NON CHARGE] ¤¤¤ ¤¤¤ Attributs de fichiers restaures: ¤¤¤ Bureau: Success 1 / Fail 0 Lancement rapide: Success 1 / Fail 0 Programmes: Success 19 / Fail 0 Menu demarrer: Success 5 / Fail 0 Dossier utilisateur: Success 421 / Fail 0 Mes documents: Success 2 / Fail 0 Mes favoris: Success 0 / Fail 0 Mes images: Success 0 / Fail 0 Ma musique: Success 0 / Fail 0 Mes videos: Success 1 / Fail 0 Disques locaux: Success 464 / Fail 0 Sauvegarde: [NOT FOUND] Lecteurs: [C:] \Device\HarddiskVolume3 -- 0x3 --> Restored [D:] \Device\HarddiskVolume6 -- 0x3 --> Restored [E:] \Device\CdRom0 -- 0x5 --> Skipped [F:] \Device\HarddiskVolume4 -- 0x3 --> Restored [G:] \Device\HarddiskVolume7 -- 0x3 --> Restored [H:] \Device\HarddiskVolume5 -- 0x3 --> Restored [i:] \Device\HarddiskVolume8 -- 0x3 --> Restored ¤¤¤ Infection : ¤¤¤ Termine : << RKreport[6].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ; RKreport[6].txt

Voici le rapport de ComboFix ==> ComboFix 12-07-20.02 - Laurent 20/07/2012 19:36:07.2.4 - x64 Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.32.1036.18.3950.1455 [GMT 2:00] Lancé depuis: c:\users\Laurent\Desktop\ComboFix.exe Commutateurs utilisés :: c:\users\Laurent\Desktop\CFScript.txt AV: BitDefender Antivirus *Disabled/Updated* {50909708-FF80-02AF-F814-B28405891E92} FW: BitDefender Pare-feu *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9} SP: BitDefender Antispyware *Disabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\combofix\CF27914.3XE" . . ((((((((((((((((((((((((((((( Fichiers créés du 2012-06-20 au 2012-07-20 )))))))))))))))))))))))))))))))))))) . . 2012-07-20 17:50 . 2012-07-20 17:50 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-20 12:14 . 2012-07-20 12:14 -------- d-----w- c:\program files (x86)\Trend Micro 2012-07-17 23:45 . 2012-07-17 23:45 157608 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe 2012-07-17 23:45 . 2012-07-17 23:45 113120 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe 2012-07-17 23:45 . 2012-07-17 23:45 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll 2012-07-17 23:45 . 2012-07-17 23:45 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll 2012-07-17 23:39 . 2012-07-17 23:39 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-07-17 23:38 . 2012-07-17 23:38 -------- d-----w- c:\program files (x86)\Oracle 2012-07-17 23:38 . 2012-07-05 20:06 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-07-17 22:26 . 2012-07-17 22:26 -------- d-----w- c:\users\Laurent\AppData\Roaming\Malwarebytes 2012-07-17 22:26 . 2012-07-17 22:26 -------- d-----w- c:\programdata\Malwarebytes 2012-07-17 14:26 . 2012-07-17 14:26 -------- d-----w- c:\users\Laurent\AppData\Roaming\xsecva 2012-07-15 12:58 . 2012-07-15 12:59 -------- d-----w- c:\users\Corinne 2012-07-12 01:07 . 2012-06-12 03:02 3147264 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 17:05 . 2012-06-09 05:30 14165504 ----a-w- c:\windows\system32\shell32.dll 2012-07-11 17:05 . 2012-06-02 05:38 95088 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-11 17:05 . 2012-06-02 05:38 152432 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-07-11 17:05 . 2012-06-02 05:37 459216 ----a-w- c:\windows\system32\drivers\cng.sys 2012-07-11 17:05 . 2012-06-02 05:27 340992 ----a-w- c:\windows\system32\schannel.dll 2012-07-11 17:05 . 2012-06-02 05:27 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-07-11 17:05 . 2012-06-02 04:48 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-07-11 17:05 . 2012-06-02 04:48 225280 ----a-w- c:\windows\SysWow64\schannel.dll 2012-07-11 17:05 . 2012-06-02 04:47 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-07-11 17:05 . 2012-06-02 04:42 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2012-07-11 17:05 . 2012-06-06 05:50 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2012-07-11 17:05 . 2012-06-06 05:09 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll 2012-07-11 17:04 . 2012-06-06 05:50 2003968 ----a-w- c:\windows\system32\msxml6.dll 2012-07-11 17:04 . 2012-06-06 05:50 1880064 ----a-w- c:\windows\system32\msxml3.dll 2012-07-11 17:04 . 2012-06-06 05:09 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-07-11 17:04 . 2012-06-06 05:09 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-29 06:58 . 2012-06-29 06:58 -------- d-----w- c:\programdata\MySQL 2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll 2012-06-23 09:14 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-23 09:14 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-23 09:14 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-23 09:14 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-23 09:14 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-23 09:14 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-23 09:14 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-23 09:14 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-23 09:14 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-17 23:34 . 2012-04-06 22:54 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-07-17 23:34 . 2011-06-10 09:46 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-12 01:02 . 2011-03-18 18:21 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-07-05 20:06 . 2011-03-15 14:24 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-05-29 15:11 . 2012-01-22 14:15 34656 ----a-w- c:\windows\system32\TURegOpt.exe 2012-05-29 15:11 . 2012-01-22 14:17 35680 ----a-w- c:\windows\system32\uxtuneup.dll 2012-05-29 15:11 . 2012-01-22 14:17 29024 ----a-w- c:\windows\SysWow64\uxtuneup.dll 2012-05-29 15:11 . 2012-01-22 14:15 21344 ----a-w- c:\windows\SysWow64\authuitu.dll 2012-05-29 15:11 . 2012-01-22 14:15 25952 ----a-w- c:\windows\system32\authuitu.dll 2012-05-04 10:52 . 2012-06-14 15:46 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 10:08 . 2012-06-14 15:46 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:08 . 2012-06-14 15:46 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-02 05:32 . 2012-06-14 15:46 208896 ----a-w- c:\windows\system32\profsvc.dll 2012-04-28 03:50 . 2012-06-14 15:46 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-26 05:34 . 2012-06-14 15:46 76288 ----a-w- c:\windows\system32\rdpwsx.dll 2012-04-26 05:34 . 2012-06-14 15:46 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-04-26 05:28 . 2012-06-14 15:46 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-04-24 05:59 . 2012-06-14 15:47 182272 ----a-w- c:\windows\system32\cryptsvc.dll 2012-04-24 05:59 . 2012-06-14 15:47 1460224 ----a-w- c:\windows\system32\crypt32.dll 2012-04-24 05:59 . 2012-06-14 15:47 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-04-24 04:47 . 2012-06-14 15:47 139264 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-04-24 04:47 . 2012-06-14 15:47 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-04-24 04:47 . 2012-06-14 15:47 1156608 ----a-w- c:\windows\SysWow64\crypt32.dll 2010-07-08 08:37 . 2010-07-08 08:37 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe . . ((((((((((((((((((((((((((((( SnapShot@2012-07-20_15.42.15 ))))))))))))))))))))))))))))))))))))))))) . + 2010-10-12 16:40 . 2012-07-20 17:53 69170 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin - 2009-07-14 05:10 . 2012-07-20 15:42 36594 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-07-20 17:53 36594 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-03-15 15:02 . 2012-07-20 17:53 21896 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1011796473-2173836017-4021787739-1000_UserData.bin - 2011-03-15 13:58 . 2012-07-20 14:58 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-03-15 13:58 . 2012-07-20 15:40 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-07-20 14:58 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-07-20 15:40 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-07-20 17:51 . 2012-07-20 17:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-07-20 15:40 . 2012-07-20 15:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-07-20 17:51 . 2012-07-20 17:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-07-20 15:40 . 2012-07-20 15:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-03-15 13:58 . 2012-07-20 14:58 327680 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-03-15 13:58 . 2012-07-20 15:40 327680 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 05:01 . 2012-07-20 17:50 318272 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 05:01 . 2012-07-20 15:39 318272 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-03-15 14:01 . 2012-07-20 17:50 2315984 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat - 2011-03-15 14:01 . 2012-07-20 15:39 2315984 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat - 2011-03-15 14:59 . 2012-07-20 15:39 7088174 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1011796473-2173836017-4021787739-1000-8192.dat + 2011-03-15 14:59 . 2012-07-20 17:50 7088174 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1011796473-2173836017-4021787739-1000-8192.dat - 2011-06-20 22:35 . 2012-07-20 15:39 35104920 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1011796473-2173836017-4021787739-1000-4096.dat + 2011-06-20 22:35 . 2012-07-20 17:50 35104920 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1011796473-2173836017-4021787739-1000-4096.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] "HP Photosmart 6510 series (NET)"="c:\program files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" [2011-05-25 2672488] "Akamai NetSession Interface"="c:\users\Laurent\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440] "PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168] . c:\users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Alertes de surveillance de l'encre - HP Photosmart 6510 series (réseau).lnk - c:\windows\system32\RunDll32.exe [2009-7-14 45568] EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2011-3-7 969216] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224] HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart "ArcSoft Connection Service"=c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2011-06-19 44672] R3 Apache2.2;Apache2.2;f:\apache2.2\bin\httpd.exe [2012-01-28 20549] R3 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2010-11-29 591968] R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2010-11-29 1186272] R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-23 342056] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-23 39464] R3 dump_wmimmc;dump_wmimmc;c:\program files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys [x] R3 GSService;GSService;c:\windows\SysWOW64\GSService.exe [2011-03-24 745472] R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-24 271872] R3 MySQL55;MySQL55;f:\mysql server 5.5 prog\bin\mysqld --defaults-file=f:\mysql server 5.5 prog\my.ini MySQL55 [x] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952] R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 304496] R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2010-11-30 467248] R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 851824] R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 537456] R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 101232] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-16 1255736] R4 AWiCSrvc;AWiCSrvc;c:\program files (x86)\Atheros\AWiCSrvc.exe [2010-12-20 50336] R4 DAUpdaterSvc;Dragon Age: Origins - Application de mise à jour;h:\dragon age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832] R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-03-29 598312] R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456] S1 Bdfndisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2010-08-20 88144] S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [2010-08-20 99408] S1 Bdvedisk;Bdvedisk;c:\windows\system32\DRIVERS\bdvedisk.sys [2010-01-19 103944] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 204288] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592] S2 O&O CleverCache;O&O CleverCache;c:\program files\OO Software\CleverCache\ooccag.exe [2009-12-09 844616] S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2012-03-28 3288400] S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [2011-06-01 73216] S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2010-06-23 78848] S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-05-29 2143072] S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-05-28 2320920] S2 Updatesrv;BitDefender Desktop Update Service;c:\program files\BitDefender\BitDefender 2011\updatesrv.exe [2011-10-13 53224] S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856] S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 836608] S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [2011-10-21 73728] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-11-10 10567680] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-11-10 325632] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968] S3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [2010-05-13 162896] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-05-28 56344] S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-05-28 158976] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2010-04-26 12032] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-10-13 11856] S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736] S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2011-09-14 398112] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contenu du dossier 'Tâches planifiées' . 2012-07-20 c:\windows\Tasks\HP Photo Creations Messager.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992] "Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [bU] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992] "OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2012-03-28 3998032] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = Google mStart Page = about:blank mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local> uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html IE: Lire des données EXIF - c:\program files (x86)\ArcSoft\RAW Thumbnail Viewer\ArcEXIFM.htm Trusted Zone: dexia.be TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Laurent\AppData\Roaming\Mozilla\Firefox\Profiles\qv6gpcv1.default\ . - - - - ORPHELINS SUPPRIMES - - - - . Toolbar-10 - (no file) . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\"" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL] "ImagePath"="\"f:\mysql server prog\bin\mysqld\" --defaults-file=\"f:\mysql server prog\my.ini\" MySQL" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL55] "ImagePath"="\"f:\mysql server 5.5 prog\bin\mysqld\" --defaults-file=\"f:\mysql server 5.5 prog\my.ini\" MySQL55" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-1011796473-2173836017-4021787739-1000\Software\SecuROM\License information*] "datasecu"=hex:34,8f,f1,2e,f5,80,98,fd,fc,da,7c,58,6e,35,18,af,48,f9,ee,0a,7b, d5,39,83,23,0f,fc,db,c6,b9,f6,9e,e1,26,8a,e9,49,b7,e6,e1,92,c8,ad,57,d2,05,\ "rkeysecu"=hex:30,35,a3,d2,0d,78,95,0f,61,9b,0d,49,0a,da,e3,4c . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*] "OODEFRAG14.00.00.01PROFESSIONAL"="16E0DA7F31F1C77B16677EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5C5D575E7D6A3B98088EDD5E5BE2F6E667D5B819A0F6C0019FB24CE50932943EC21DE143C7E1F724400B7C76A5DC52AB90712FE0AB0871714DA9F874BE810735B960EAB9105D7A6799182167D36C07C64EBD8C095097AF93D34A89B63FCAFCC28074C9567071105C98738B79CE7D7FCC3755A3BEA8020B587DD7D449CDE39B1C1CE5F8C8F90B1218A314F90E963369CE2CB417333D4627F7C8F803CF2243993748254744323AEDF1525100899BD908A9C240619B8F863AEB64B993726804C54F7206D8809135A3866DE98654C3DE3077C1BCCEB3908991713889D659C1E77DE4BD4122B98653CAB6F67EC7DAE9534D1C26D5FEB5A7BA0A0C5CBBF234C1D237B87F736FAFEF138A25A293D50F5CEC5DBAA119E86730A898809E8762B5EE4BF9D4449C5F25A314A13A551592E35C07713D17F9538B7906C35A0289F21547FD620149A16362EA1C5F242D4E36D3A01E325020CD5CEB46ABA667BABEC40CB9BAA1CF02CB45B20394ABCF78F1CCD9D255586689CFF3574E9171B8B10C4FD82B757A9213459CE51C887DF43C1435F690723233D11EDE9F3AD7E625863ADB40714646DFD8A0D94FDBA9E4092E2FA5B0EB5EA2B0B03A37192C42DD47887188865B68F014E1CFBF47DBCE00483A20A28FEB27209B8B0CE79EB536C2FC3E44C6F7283DF9CEEE2EE3A9A86E05B400A88A1F0AFE337501DC338CDCC01468E1A45BE28B46F7717876B2D442A5BE11D36D0C71B3BC7C04E05B2D469E0F656FDFE8E2982D2E90A4A7C7E9AC9FB689E53CF82B99CB58ACCEAF1B3F2F68F25D3DD94EC771A83E8152DC299C1B2806D57EF4B8BFB128F18A23269024331F6637BEA6F3CD4810E81BAAA802B108399AA96DEE7C74551249F094B017EE3F1802C326CD5C8AF9653F4020D19E64E6A4A49E844BFACA2649464C746F6D05C41E06E4E90EEFE6EA21FBEB6A532FC1A8ADF2E0DB64CD95C8FD71A16038359B3972D3124558F82200AF79A7055C48AE45107AB3D04271FCE4D67884B01275C216C4F356B4D2A74CA57137942E4EE160B976D46A0327487CA66EAE210BB919DAD94010D17BD60FCC49BA5AE7E9C059628583BEEED605176340520935D1216C9605FB77379E72275C5E512A69FDFD6E93AACA1A3FF4858756E604A1122E6B24019E099D4E69E44B88DBF313F4778346A5B1D569EB4802A54DD1F9B59F0FF05575AE6A99F1E9A6B9B43BD0247AA384E7A1A723569A020B6513BC1FA857A4BFFA26C496A411F1609694FB0D917F96E741DF1AA1AE8395E31AC86BCFFE4763167317F1F81E3097ED6A33203F331B28C721901E3864743B837E609F60E212856B019FCA700B" "OOCC7.00.00.01PROSTATION"="D890A1741BF549E445FABE4C353DC3DD3D3369A8898BD9EDED4A328EE4F2666E2F1ECFE277314B64623A01465B13479926483E71EC7309FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5C5D575E7D6A3B98088EDD5E5BE2F6E667F3DFF669D63B5CDC91E12BDB2F2C2E572CD3DBB635960B194B830AD1F5C3E468C8D0474FD76E26ADEBDFAE5C871D2C8D9918D829E44649D50579F1C7854E623C02B453CAC84C8BE5DD25B63B7AA3C7C9480A70DF056DC9584D9ABE4BB2AE4CFAE3652B4603637ADE02017583095660924E8D9521E1C67B725382467FB4E444E352D1A4E4C6996362965763719B1D59DFE01A81682C60D068675C1F3BA2C46FA759FAD877B328BBB0FE1E37F6FC38981BDE3E2E62771DC372FD6BA60B7B76F4EB26F7250A539AFEFAC16271395C37072746975AF3BC364E3EAF83FC2E1F75024C0AF2A9578DD2A86989C1D3124E0196D63C5C09B15833EF6DB90F0597549047D4FAAA4DD0B284BC162670E40E4A4FB7F207D303678AF2AE947E8A67EF446CF98A1371389AF339BE910A35ED70A930E0B614D95113F82B8E3D000811907C81D160902C578C684DB8DDCC6C7CAD2D040ED1F1DF45E6A9DF1F62E82C328C6C9A0CC1D4575CB4097239722803E3EEF881BD68D5EAF04A8A6EEBF706AFBEA3EB58E88CE5FEBB5236ACD139FA7EBA131333F1149611AA57EC828CE1C860EC50B32EAD936DC6AFD9B1D39792C97659AAE7F5B1DE31FE8EDB8221967844203C3CE062231B3AE3B3F3221624D13914DFFAC5FB08CA44F67CDBE69F2508B3E36A487692155E3EA28A7E9074953C96972F7E614B814995CB160D14AAD8547235FB06D62ED40C0EDEB8886CC28D0E4FD4ED62D13CB3C40BE44359EABE56100130BA3FCC793644E30C87D608AAB0F5F532858711FDB39832BFAE60B03043E40687AFEE060A131E1FB084E299272A18C2ABA58480919C9339ECC8738DA54C71497FAEC3944EC625C06700583C0C270A8F50BF22E2CD0C7B750FC31B8D99A0C3B7F0C8A1EB8433D3ECDD8F186D7BD8D6DBC309DDDEDA2608DD61968FA05AF4E2624B589FE741BC9FF0550CB590EE75FE4A3DFB6901B890E30FACFB411C8C7F47FD8E788AC36B4B6C382593FA6AB3B5F2A186D8AAB7B676B049D374513824FCDEE3CE88E022BE4C95D4B706642769D81DCC809EBA567C06016FC9439790EDAD8890372ED588CCAF68FD8B0921D4079E55DA1E16E7960372DE0A186D9CA788531B25045151DE776A278CB20717E453CD6CFEE648B11097F24444D9C0A0DE65B6DFE5079DEF7477F508FE52AADDAD6BAF25907582CFC45DC022EEBE4A96804D2313BDA4830079D74E33762767C3EA4192368879D7AB18C81BDB7D8C5EA23959E86537" "OODEFRAG15.00.00.01PROFESSIONAL"="ABCC3B5F3EC0A7045909CB244968CBD5840160C744AE2461DA8AD122F8B63462393FCBEBA22B70A17B8D752D1BA50FDE14ED7ABBE1223862FA97D44B6F7CFB0A6C4AF10ADA081977EF2A9FCFCFAD14C1BAAED05D4E25273DD713A829432D7254A5E860C1EB6989E9A534F2B40ABB4953948CA01668BB025BD8DF4189B0B76F5B3CBA5DDF8DC6006401A029CA9FEDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6A0AC4980AC7933A6A0AC4980AC79338EDD5E5BE2F6E667E30ED7A098279541CE5B18F89B7EE1788C468E900D981CE01D075BA3D5D6298C77CC4FB41FB63EFCCA6274E5C077C9489B656B657EDD414A2D8C18E59C81AFE6B4009E2B40AB1EE067BDB0A49C43C3B5D18F289376D20F947D16F2CC720A785EE9D6D27B39E9253BDA6DE783E36ADDB868B80CE3BC3D51026C2602B8D4982C9B3C876E3FDD1BF8BC2C78A9F55DB5D82DEC565442AFA90536AF454DAED49B252D23C8E73412AD72FDB9E67792E4322BD04163303E3DE55E3B4B00D35997BF73846AD8A7BBD2D19B78B34849156834FE471BDDC40B6B8641FA9CE40582557C5BF532780E5C2C7CB78A1FAD8A5A6CD0B01A84CA298251614A485007C59DDC08D1BBECEAEAC0C167B9F6D3AB1A67886250325B2DE81E1B9348D4E87FEFBD8F5E06F264F806B4480F4B63FE5D4A61660727E0D11384FE0A79BBBB3FE8D09DE1C0D41DB270182B0C3547DA225F6315C6202BD8EB89F0E87138DC777DE3A7185DB3D29FC822CF3BE95FC0CC91D31F6FFC550C30062215C4BB3795E9A0932CAF1F7D47C46961CF9C5555F80976DFAC85EE0FAB64CBF54D1C629F85D67D1F0589582B2DB72C87ACAF53A46BC7CC2EAF8C19FC1DD3BF9EE9A1F6E27D66B93350EBCF0E358BFDF071737F1F43A366EB3F608A912CC1B7B9AEA79C3305A5517E9F47DB3942B51F7F1C90875A6099E64AE6FE66815556DCEB53250E8756041135752A6C04EB8EA1969ECFAC2E598D477FA38B64C7CA1CAED90538951A5F561E8FCE4A828CFD556D1F5E9D46B8F44455C4EACD4EA17082FCAF629F146BC4D4ECC7158031B0772ABF06358E3EDAAF6A3058A12F8492E2DDEE9A7F3FFD3F5A9CC91EABC924970C1127BAF2D693B9BB8BCDFAA340FA5F6C647DCE651E5B1BACAD5256E5C79726247688345951583DFA1DF7F2413238939033F5038F6AC84B79EC7BB88D3D5D0AD9A59A681CFAB1948973C989BB5DD7FB04C7FB706E7275DDB2218910E094D9347DD0695667F5DBB030C9340E4B3D08AB300683D6E52BA62700F799AC0F5B87D7128DD3FC5888A345F13E7B4F19ED0E79B3B657F7CDAAB43E3B0398E03D4072ECCF541062019C6BCC8253BA2546B43F7D5F83159BF12E0C7DF2B3C9060699BCB02203A38E" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Autres processus actifs ------------------------ . c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe c:\windows\SysWOW64\DllHost.exe c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe c:\program files\BitDefender\BitDefender 2011\Antispam32\pchooklaunch32.exe c:\windows\SysWOW64\RunDll32.exe c:\program files\Sony\VAIO Care\listener.exe c:\program files (x86)\Internet Explorer\IELowutil.exe . ************************************************************************** . Heure de fin: 2012-07-20 20:04:43 - La machine a redémarré ComboFix-quarantined-files.txt 2012-07-20 18:04 ComboFix2.txt 2012-07-20 15:55 . Avant-CF: 143.992.610.816 octets libres Après-CF: 143.677.157.376 octets libres . - - End Of File - - DA6148AC5C24354234D99017AA851D7F

Bonjour et merci pour votre réponse rapide. J'ai installé Combofix après avoir désactivé un maximum d'items par msconfig et désactivé les otils BitDefender par son interface. Lors de l'installation, un module BitDefender m'a demandé l'autorisation d'exécuter cmd.3xe et j'ai approuvé. Au cours du processus, un problème au niveau backup/restore registry est apparut. - Erreur lors du bakcup du default [je n'ai pas pu relecver le message exact ] - Problème lors du traitemenent de "la clé 5" ?? Au redémarrage de l'ordi, j'ai eu la mauvaise surprise de constater que le parefeu windows s'était activé. Il m'a demandé la permission d'accès réseau aux programmes de gestion de ma connexion internet. Voici cependant el rapport généré ComboFix 12-07-20.02 - Laurent 20/07/2012 17:09:17.1.4 - x64 Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.32.1036.18.3950.1980 [GMT 2:00] Lancé depuis: c:\users\Laurent\Desktop\ComboFix.exe AV: BitDefender Antivirus *Disabled/Updated* {50909708-FF80-02AF-F814-B28405891E92} FW: BitDefender Pare-feu *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9} SP: BitDefender Antispyware *Disabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Un nouveau point de restauration a été créé . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\1318521394.bdinstall.bin c:\programdata\1318525800.bdinstall.bin c:\users\Laurent\AppData\Roaming\.# c:\users\Laurent\AppData\Roaming\.#\MBX@1BD8@F62740.### c:\users\Laurent\AppData\Roaming\.#\MBX@1BD8@F62770.### c:\windows\msxml4-KB2721691-enu.LOG c:\windows\SysWow64\Packet.dll c:\windows\SysWow64\pthreadVC.dll c:\windows\SysWow64\wpcap.dll . . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_NPF -------\Service_npf . . ((((((((((((((((((((((((((((( Fichiers créés du 2012-06-20 au 2012-07-20 )))))))))))))))))))))))))))))))))))) . . 2012-07-20 15:24 . 2012-07-20 15:24 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-20 12:14 . 2012-07-20 12:14 -------- d-----w- c:\program files (x86)\Trend Micro 2012-07-17 23:45 . 2012-07-17 23:45 157608 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe 2012-07-17 23:45 . 2012-07-17 23:45 113120 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe 2012-07-17 23:45 . 2012-07-17 23:45 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll 2012-07-17 23:45 . 2012-07-17 23:45 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll 2012-07-17 23:39 . 2012-07-17 23:39 -------- d-----w- c:\program files (x86)\Common Files\Java 2012-07-17 23:38 . 2012-07-17 23:38 -------- d-----w- c:\program files (x86)\Oracle 2012-07-17 23:38 . 2012-07-05 20:06 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-07-17 22:26 . 2012-07-17 22:26 -------- d-----w- c:\users\Laurent\AppData\Roaming\Malwarebytes 2012-07-17 22:26 . 2012-07-17 22:26 -------- d-----w- c:\programdata\Malwarebytes 2012-07-17 14:26 . 2012-07-17 14:26 -------- d-----w- c:\users\Laurent\AppData\Roaming\xsecva 2012-07-15 12:58 . 2012-07-15 12:59 -------- d-----w- c:\users\Corinne 2012-07-12 01:07 . 2012-06-12 03:02 3147264 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 17:05 . 2012-06-09 05:30 14165504 ----a-w- c:\windows\system32\shell32.dll 2012-07-11 17:05 . 2012-06-02 05:38 95088 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-11 17:05 . 2012-06-02 05:38 152432 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-07-11 17:05 . 2012-06-02 05:37 459216 ----a-w- c:\windows\system32\drivers\cng.sys 2012-07-11 17:05 . 2012-06-02 05:27 340992 ----a-w- c:\windows\system32\schannel.dll 2012-07-11 17:05 . 2012-06-02 05:27 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-07-11 17:05 . 2012-06-02 04:48 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-07-11 17:05 . 2012-06-02 04:48 225280 ----a-w- c:\windows\SysWow64\schannel.dll 2012-07-11 17:05 . 2012-06-02 04:47 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-07-11 17:05 . 2012-06-02 04:42 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2012-07-11 17:05 . 2012-06-06 05:50 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2012-07-11 17:05 . 2012-06-06 05:09 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll 2012-07-11 17:04 . 2012-06-06 05:50 2003968 ----a-w- c:\windows\system32\msxml6.dll 2012-07-11 17:04 . 2012-06-06 05:50 1880064 ----a-w- c:\windows\system32\msxml3.dll 2012-07-11 17:04 . 2012-06-06 05:09 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-07-11 17:04 . 2012-06-06 05:09 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-29 06:58 . 2012-06-29 06:58 -------- d-----w- c:\programdata\MySQL 2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll 2012-06-23 09:14 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-23 09:14 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-23 09:14 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-23 09:14 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-23 09:14 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-23 09:14 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-23 09:14 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-23 09:14 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-23 09:14 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-17 23:34 . 2012-04-06 22:54 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-07-17 23:34 . 2011-06-10 09:46 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-12 01:02 . 2011-03-18 18:21 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-07-05 20:06 . 2011-03-15 14:24 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-05-29 15:11 . 2012-01-22 14:15 34656 ----a-w- c:\windows\system32\TURegOpt.exe 2012-05-29 15:11 . 2012-01-22 14:17 35680 ----a-w- c:\windows\system32\uxtuneup.dll 2012-05-29 15:11 . 2012-01-22 14:17 29024 ----a-w- c:\windows\SysWow64\uxtuneup.dll 2012-05-29 15:11 . 2012-01-22 14:15 21344 ----a-w- c:\windows\SysWow64\authuitu.dll 2012-05-29 15:11 . 2012-01-22 14:15 25952 ----a-w- c:\windows\system32\authuitu.dll 2012-05-04 10:52 . 2012-06-14 15:46 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 10:08 . 2012-06-14 15:46 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:08 . 2012-06-14 15:46 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-02 05:32 . 2012-06-14 15:46 208896 ----a-w- c:\windows\system32\profsvc.dll 2012-04-28 03:50 . 2012-06-14 15:46 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-26 05:34 . 2012-06-14 15:46 76288 ----a-w- c:\windows\system32\rdpwsx.dll 2012-04-26 05:34 . 2012-06-14 15:46 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-04-26 05:28 . 2012-06-14 15:46 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-04-24 05:59 . 2012-06-14 15:47 182272 ----a-w- c:\windows\system32\cryptsvc.dll 2012-04-24 05:59 . 2012-06-14 15:47 1460224 ----a-w- c:\windows\system32\crypt32.dll 2012-04-24 05:59 . 2012-06-14 15:47 140288 ----a-w- c:\windows\system32\cryptnet.dll 2012-04-24 04:47 . 2012-06-14 15:47 139264 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2012-04-24 04:47 . 2012-06-14 15:47 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll 2012-04-24 04:47 . 2012-06-14 15:47 1156608 ----a-w- c:\windows\SysWow64\crypt32.dll 2010-07-08 08:37 . 2010-07-08 08:37 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072] "HP Photosmart 6510 series (NET)"="c:\program files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" [2011-05-25 2672488] "Akamai NetSession Interface"="c:\users\Laurent\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440] "PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168] . c:\users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Alertes de surveillance de l'encre - HP Photosmart 6510 series (réseau).lnk - c:\windows\system32\RunDll32.exe [2009-7-14 45568] EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2011-3-7 969216] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224] HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart "ArcSoft Connection Service"=c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2011-06-19 44672] R3 Apache2.2;Apache2.2;f:\apache2.2\bin\httpd.exe [2012-01-28 20549] R3 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2010-11-29 591968] R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2010-11-29 1186272] R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-23 342056] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-23 39464] R3 dump_wmimmc;dump_wmimmc;c:\program files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys [x] R3 GSService;GSService;c:\windows\SysWOW64\GSService.exe [2011-03-24 745472] R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-24 271872] R3 MySQL55;MySQL55;f:\mysql server 5.5 prog\bin\mysqld --defaults-file=f:\mysql server 5.5 prog\my.ini MySQL55 [x] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952] R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 304496] R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2010-11-30 467248] R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 851824] R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 537456] R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 101232] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-16 1255736] R4 AWiCSrvc;AWiCSrvc;c:\program files (x86)\Atheros\AWiCSrvc.exe [2010-12-20 50336] R4 DAUpdaterSvc;Dragon Age: Origins - Application de mise à jour;h:\dragon age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832] R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-03-29 598312] R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456] S1 Bdfndisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2010-08-20 88144] S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [2010-08-20 99408] S1 Bdvedisk;Bdvedisk;c:\windows\system32\DRIVERS\bdvedisk.sys [2010-01-19 103944] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 204288] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592] S2 O&O CleverCache;O&O CleverCache;c:\program files\OO Software\CleverCache\ooccag.exe [2009-12-09 844616] S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2012-03-28 3288400] S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [2011-06-01 73216] S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2010-06-23 78848] S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-05-29 2143072] S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-05-28 2320920] S2 Updatesrv;BitDefender Desktop Update Service;c:\program files\BitDefender\BitDefender 2011\updatesrv.exe [2011-10-13 53224] S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856] S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 836608] S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [2011-10-21 73728] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-11-10 10567680] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-11-10 325632] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968] S3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [2010-05-13 162896] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-05-28 56344] S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-05-28 158976] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2010-04-26 12032] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-10-13 11856] S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736] S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2011-09-14 398112] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contenu du dossier 'Tâches planifiées' . 2012-07-20 c:\windows\Tasks\HP Photo Creations Messager.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] "RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 2277992] "OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2012-03-28 3998032] "combofix"="c:\combofix\CF27914.3XE" [2009-07-14 344576] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . ------- Examen supplémentaire ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = Google mStart Page = about:blank mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local> uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html IE: Lire des données EXIF - c:\program files (x86)\ArcSoft\RAW Thumbnail Viewer\ArcEXIFM.htm Trusted Zone: dexia.be TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Laurent\AppData\Roaming\Mozilla\Firefox\Profiles\qv6gpcv1.default\ . - - - - ORPHELINS SUPPRIMES - - - - . Toolbar-10 - (no file) Toolbar-10 - (no file) HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\"" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL] "ImagePath"="\"f:\mysql server prog\bin\mysqld\" --defaults-file=\"f:\mysql server prog\my.ini\" MySQL" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL55] "ImagePath"="\"f:\mysql server 5.5 prog\bin\mysqld\" --defaults-file=\"f:\mysql server 5.5 prog\my.ini\" MySQL55" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_USERS\S-1-5-21-1011796473-2173836017-4021787739-1000\Software\SecuROM\License information*] "datasecu"=hex:34,8f,f1,2e,f5,80,98,fd,fc,da,7c,58,6e,35,18,af,48,f9,ee,0a,7b, d5,39,83,23,0f,fc,db,c6,b9,f6,9e,e1,26,8a,e9,49,b7,e6,e1,92,c8,ad,57,d2,05,\ "rkeysecu"=hex:30,35,a3,d2,0d,78,95,0f,61,9b,0d,49,0a,da,e3,4c . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*] "OODEFRAG14.00.00.01PROFESSIONAL"="16E0DA7F31F1C77B16677EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5C5D575E7D6A3B98088EDD5E5BE2F6E667D5B819A0F6C0019FB24CE50932943EC21DE143C7E1F724400B7C76A5DC52AB90712FE0AB0871714DA9F874BE810735B960EAB9105D7A6799182167D36C07C64EBD8C095097AF93D34A89B63FCAFCC28074C9567071105C98738B79CE7D7FCC3755A3BEA8020B587DD7D449CDE39B1C1CE5F8C8F90B1218A314F90E963369CE2CB417333D4627F7C8F803CF2243993748254744323AEDF1525100899BD908A9C240619B8F863AEB64B993726804C54F7206D8809135A3866DE98654C3DE3077C1BCCEB3908991713889D659C1E77DE4BD4122B98653CAB6F67EC7DAE9534D1C26D5FEB5A7BA0A0C5CBBF234C1D237B87F736FAFEF138A25A293D50F5CEC5DBAA119E86730A898809E8762B5EE4BF9D4449C5F25A314A13A551592E35C07713D17F9538B7906C35A0289F21547FD620149A16362EA1C5F242D4E36D3A01E325020CD5CEB46ABA667BABEC40CB9BAA1CF02CB45B20394ABCF78F1CCD9D255586689CFF3574E9171B8B10C4FD82B757A9213459CE51C887DF43C1435F690723233D11EDE9F3AD7E625863ADB40714646DFD8A0D94FDBA9E4092E2FA5B0EB5EA2B0B03A37192C42DD47887188865B68F014E1CFBF47DBCE00483A20A28FEB27209B8B0CE79EB536C2FC3E44C6F7283DF9CEEE2EE3A9A86E05B400A88A1F0AFE337501DC338CDCC01468E1A45BE28B46F7717876B2D442A5BE11D36D0C71B3BC7C04E05B2D469E0F656FDFE8E2982D2E90A4A7C7E9AC9FB689E53CF82B99CB58ACCEAF1B3F2F68F25D3DD94EC771A83E8152DC299C1B2806D57EF4B8BFB128F18A23269024331F6637BEA6F3CD4810E81BAAA802B108399AA96DEE7C74551249F094B017EE3F1802C326CD5C8AF9653F4020D19E64E6A4A49E844BFACA2649464C746F6D05C41E06E4E90EEFE6EA21FBEB6A532FC1A8ADF2E0DB64CD95C8FD71A16038359B3972D3124558F82200AF79A7055C48AE45107AB3D04271FCE4D67884B01275C216C4F356B4D2A74CA57137942E4EE160B976D46A0327487CA66EAE210BB919DAD94010D17BD60FCC49BA5AE7E9C059628583BEEED605176340520935D1216C9605FB77379E72275C5E512A69FDFD6E93AACA1A3FF4858756E604A1122E6B24019E099D4E69E44B88DBF313F4778346A5B1D569EB4802A54DD1F9B59F0FF05575AE6A99F1E9A6B9B43BD0247AA384E7A1A723569A020B6513BC1FA857A4BFFA26C496A411F1609694FB0D917F96E741DF1AA1AE8395E31AC86BCFFE4763167317F1F81E3097ED6A33203F331B28C721901E3864743B837E609F60E212856B019FCA700B" "OOCC7.00.00.01PROSTATION"="D890A1741BF549E445FABE4C353DC3DD3D3369A8898BD9EDED4A328EE4F2666E2F1ECFE277314B64623A01465B13479926483E71EC7309FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5C5D575E7D6A3B98088EDD5E5BE2F6E667F3DFF669D63B5CDC91E12BDB2F2C2E572CD3DBB635960B194B830AD1F5C3E468C8D0474FD76E26ADEBDFAE5C871D2C8D9918D829E44649D50579F1C7854E623C02B453CAC84C8BE5DD25B63B7AA3C7C9480A70DF056DC9584D9ABE4BB2AE4CFAE3652B4603637ADE02017583095660924E8D9521E1C67B725382467FB4E444E352D1A4E4C6996362965763719B1D59DFE01A81682C60D068675C1F3BA2C46FA759FAD877B328BBB0FE1E37F6FC38981BDE3E2E62771DC372FD6BA60B7B76F4EB26F7250A539AFEFAC16271395C37072746975AF3BC364E3EAF83FC2E1F75024C0AF2A9578DD2A86989C1D3124E0196D63C5C09B15833EF6DB90F0597549047D4FAAA4DD0B284BC162670E40E4A4FB7F207D303678AF2AE947E8A67EF446CF98A1371389AF339BE910A35ED70A930E0B614D95113F82B8E3D000811907C81D160902C578C684DB8DDCC6C7CAD2D040ED1F1DF45E6A9DF1F62E82C328C6C9A0CC1D4575CB4097239722803E3EEF881BD68D5EAF04A8A6EEBF706AFBEA3EB58E88CE5FEBB5236ACD139FA7EBA131333F1149611AA57EC828CE1C860EC50B32EAD936DC6AFD9B1D39792C97659AAE7F5B1DE31FE8EDB8221967844203C3CE062231B3AE3B3F3221624D13914DFFAC5FB08CA44F67CDBE69F2508B3E36A487692155E3EA28A7E9074953C96972F7E614B814995CB160D14AAD8547235FB06D62ED40C0EDEB8886CC28D0E4FD4ED62D13CB3C40BE44359EABE56100130BA3FCC793644E30C87D608AAB0F5F532858711FDB39832BFAE60B03043E40687AFEE060A131E1FB084E299272A18C2ABA58480919C9339ECC8738DA54C71497FAEC3944EC625C06700583C0C270A8F50BF22E2CD0C7B750FC31B8D99A0C3B7F0C8A1EB8433D3ECDD8F186D7BD8D6DBC309DDDEDA2608DD61968FA05AF4E2624B589FE741BC9FF0550CB590EE75FE4A3DFB6901B890E30FACFB411C8C7F47FD8E788AC36B4B6C382593FA6AB3B5F2A186D8AAB7B676B049D374513824FCDEE3CE88E022BE4C95D4B706642769D81DCC809EBA567C06016FC9439790EDAD8890372ED588CCAF68FD8B0921D4079E55DA1E16E7960372DE0A186D9CA788531B25045151DE776A278CB20717E453CD6CFEE648B11097F24444D9C0A0DE65B6DFE5079DEF7477F508FE52AADDAD6BAF25907582CFC45DC022EEBE4A96804D2313BDA4830079D74E33762767C3EA4192368879D7AB18C81BDB7D8C5EA23959E86537" "OODEFRAG15.00.00.01PROFESSIONAL"="ABCC3B5F3EC0A7045909CB244968CBD5840160C744AE2461DA8AD122F8B63462393FCBEBA22B70A17B8D752D1BA50FDE14ED7ABBE1223862FA97D44B6F7CFB0A6C4AF10ADA081977EF2A9FCFCFAD14C1BAAED05D4E25273DD713A829432D7254A5E860C1EB6989E9A534F2B40ABB4953948CA01668BB025BD8DF4189B0B76F5B3CBA5DDF8DC6006401A029CA9FEDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6A0AC4980AC7933A6A0AC4980AC79338EDD5E5BE2F6E667E30ED7A098279541CE5B18F89B7EE1788C468E900D981CE01D075BA3D5D6298C77CC4FB41FB63EFCCA6274E5C077C9489B656B657EDD414A2D8C18E59C81AFE6B4009E2B40AB1EE067BDB0A49C43C3B5D18F289376D20F947D16F2CC720A785EE9D6D27B39E9253BDA6DE783E36ADDB868B80CE3BC3D51026C2602B8D4982C9B3C876E3FDD1BF8BC2C78A9F55DB5D82DEC565442AFA90536AF454DAED49B252D23C8E73412AD72FDB9E67792E4322BD04163303E3DE55E3B4B00D35997BF73846AD8A7BBD2D19B78B34849156834FE471BDDC40B6B8641FA9CE40582557C5BF532780E5C2C7CB78A1FAD8A5A6CD0B01A84CA298251614A485007C59DDC08D1BBECEAEAC0C167B9F6D3AB1A67886250325B2DE81E1B9348D4E87FEFBD8F5E06F264F806B4480F4B63FE5D4A61660727E0D11384FE0A79BBBB3FE8D09DE1C0D41DB270182B0C3547DA225F6315C6202BD8EB89F0E87138DC777DE3A7185DB3D29FC822CF3BE95FC0CC91D31F6FFC550C30062215C4BB3795E9A0932CAF1F7D47C46961CF9C5555F80976DFAC85EE0FAB64CBF54D1C629F85D67D1F0589582B2DB72C87ACAF53A46BC7CC2EAF8C19FC1DD3BF9EE9A1F6E27D66B93350EBCF0E358BFDF071737F1F43A366EB3F608A912CC1B7B9AEA79C3305A5517E9F47DB3942B51F7F1C90875A6099E64AE6FE66815556DCEB53250E8756041135752A6C04EB8EA1969ECFAC2E598D477FA38B64C7CA1CAED90538951A5F561E8FCE4A828CFD556D1F5E9D46B8F44455C4EACD4EA17082FCAF629F146BC4D4ECC7158031B0772ABF06358E3EDAAF6A3058A12F8492E2DDEE9A7F3FFD3F5A9CC91EABC924970C1127BAF2D693B9BB8BCDFAA340FA5F6C647DCE651E5B1BACAD5256E5C79726247688345951583DFA1DF7F2413238939033F5038F6AC84B79EC7BB88D3D5D0AD9A59A681CFAB1948973C989BB5DD7FB04C7FB706E7275DDB2218910E094D9347DD0695667F5DBB030C9340E4B3D08AB300683D6E52BA62700F799AC0F5B87D7128DD3FC5888A345F13E7B4F19ED0E79B3B657F7CDAAB43E3B0398E03D4072ECCF541062019C6BCC8253BA2546B43F7D5F83159BF12E0C7DF2B3C9060699BCB02203A38E" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Autres processus actifs ------------------------ . c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe c:\windows\SysWOW64\DllHost.exe c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe c:\program files\BitDefender\BitDefender 2011\Antispam32\pchooklaunch32.exe c:\windows\SysWOW64\RunDll32.exe c:\program files\Sony\VAIO Care\listener.exe . ************************************************************************** . Heure de fin: 2012-07-20 17:55:29 - La machine a redémarré ComboFix-quarantined-files.txt 2012-07-20 15:55 . Avant-CF: 144.833.290.240 octets libres Après-CF: 143.893.712.896 octets libres . - - End Of File - - 89DAB637D42F22488AA440DABE2E1405

Bonjour, mon portable semble infecté par le virus en objet. OS : W7 Edition familiale Premium Ordi : Sony Vaio VPCEC4M1E (version belge) Antivirus : Bitdefender Total Security 2011 Outils d'optimization : - TuneUp utilities 2012 - O&O Defrag 15 Pro - O&O CelverCache Pro 7.1 IE : v 9 à jour Symptômes : - Bitdefender à intercepté plusieurs tentatives d'infection du virus par IE sur c:\windows\assembly\gac_?? les ?? représentent 32 ou 64 [je n'ai pas noté, désolé ] - second élément, la mise à jour de adobe flashplayer s'est bloquée sur un message "entrée introuvable pour ??? dans msimsg32.dll" les ??? représente une entrée de la bibliothèque graphique dont je ne me rapelle plus le texte (grr) - troisième élément, à chaque démarrage de l'ordi, le fichier "desktop.ini" est ouvert sur le bureau j'ai utilisé la procédure donnée ici pour supprimer le problème ==> Windows: Desktop.ini File Opens on Startup — Technipages - quatrième élément, j'ai tenté une désinfection et mon anti-virus trouve toujours l'entrée suivante ==> Fichier: C:\Windows\Installer\{29594dc2-99e3-0009-4047-7e4662a7267b}\n=>(Embedded EXE g) Menace : Trojan.Sirefef.FY Action : Déplacé(s) en quarantaine le problème c'est que le fichier n'apparaît pas en quarantaine et un nouveau scan donne le même message malgrés plusieurs tentatives d'éradication avec divers outils et la suppression d'une clés du registre référençant cette entrée - cinquième élément, j'ai finit par pouvoir mettre à jour flashplayer après suppression des fichiers temporaires el concernant par un autre outil Hormis ce problème, l'ordinateur semble fonctionenr normalement mais je ne suis absolument pas confiant. Le problème étant que je suis en vacance en et donc que je ne dispose pas de tous les moyens comme si j'étais chez moi, lol Depuis cette découverte voici quelques jours, je n'utilise plus que très peu l'ordi par précaution. Pourriez-vous m'aider s'il vous plaît ? En vous remerciant par avance, je vous souhaite une bonne journée. Voici le rapport HijackThis ==> Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:20:01, on 20/07/2012 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Program Files\BitDefender\BitDefender 2011\Antispam32\pchooklaunch32.exe C:\Users\Laurent\AppData\Local\Akamai\netsession_win.exe C:\Users\Laurent\AppData\Local\Akamai\netsession_win.exe F:\Apache2.2\bin\ApacheMonitor.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe C:\Windows\SysWOW64\RunDll32.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~2\ArcSoft\VIDEOD~1\ARCURL~1.DLL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ToolbarBHO Class - {9519AF7E-638D-4933-BAD6-D33D23C79FE5} - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: RAW Thumbnail Viewer - {F301665A-12F8-4331-804A-5BCBD379668C} - C:\PROGRA~2\ArcSoft\RAWTHU~1\EXIFToolBar.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [HP Photosmart 6510 series (NET)] "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN193413QH05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Laurent\AppData\Local\Akamai\netsession_win.exe" O4 - Startup: Alertes de surveillance de l'encre - HP Photosmart 6510 series (réseau).lnk = ? O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Monitor Apache Servers.lnk = F:\Apache2.2\bin\ApacheMonitor.exe O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html O8 - Extra context menu item: Lire des données EXIF - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\ArcEXIFM.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apache2.2 - Apache Software Foundation - F:\Apache2.2\bin\httpd.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GSService - Unknown owner - C:\Windows\SysWOW64\GSService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MySQL - Unknown owner - F:\MySQL.exe (file missing) O23 - Service: MySQL55 - Unknown owner - F:\MySQL.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: O&O CleverCache - O&O Software GmbH - C:\Program Files\OO Software\CleverCache\ooccag.exe O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe -- End of file - 15409 bytes