Quel virus ????

maluko13 · le 20 juin 2010

Bonsoir à tous(tes)

je ne m'en sors plus help me please,

ci joint mon rapport RSIT pour commencer:

Logfile of random's system information tool 1.07 (written by random/random)

Run by Marc at 2010-06-20 19:03:16

Microsoft® Windows Vista™ Édition Intégrale Service Pack 2

System drive C: has 10 GB (21%) free of 47 GB

Total RAM: 2046 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:03:26, on 20/06/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18904)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\WindowsMobile\wmdSync.exe

C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Marc\Desktop\RSIT.exe

C:\Program Files\trend micro\Marc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = SFR : Téléphone portable, mobile, forfaits portables, ADSL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide

O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6017/mcfscan.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{BC0E4D39-11F1-4ADB-8EDD-909A9FB064A1}: NameServer = 80.118.192.100,80.118.196.36

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (BthServ) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: CryptSvc - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe

O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: ERSvc - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: helpsvc - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - libusb-Win32 - C:\Windows\system32\libusbd-nt.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Brother USB Mass-Storage Upper Filter Helper (owfzkqyg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\WindowsMobile\rapimgr.dll,-104 (RapiMgr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Secondary Logon (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe

O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe

O23 - Service: srservice - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service Panneau de saisie Tablet PC (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe

O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: UPS - Unknown owner - (no file)

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: TuneUp Extension de thème (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe

O23 - Service: @%windir%\WindowsMobile\wcescomm.dll,-40079 (WcesComm) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Windows Update (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--

End of file - 21033 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1001Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1001UA.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1009Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1009UA.job

C:\Windows\tasks\User_Feed_Synchronization-{2688C223-C27B-4382-B0D3-55A9B3351058}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]

Objet d'aide à la navigation SFR - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll [2009-10-15 165184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-05-28 278128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-28 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-05-28 278128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584]

"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]

"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-16 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-11-09 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PowerReg Scheduler V3.exe]

[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]

Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2009-11-08 233888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorUser"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoLogOff"=0

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=

"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-06-20 16:17:25 ----A---- C:\ComboFix.txt

2010-06-20 16:16:15 ----SHD---- C:\$RECYCLE.BIN

2010-06-20 15:48:33 ----D---- C:\Windows\temp

2010-06-20 15:17:44 ----D---- C:\%APPDATA%

2010-06-20 15:17:43 ----A---- C:\Windows\SWXCACLS.exe

2010-06-20 14:48:03 ----A---- C:\Windows\MBR.exe

2010-06-20 14:43:45 ----D---- C:\Qoobox

2010-06-19 19:17:15 ----D---- C:\Program Files\Windows Live Safety Center

2010-06-19 16:18:21 ----D---- C:\Windows\McAfee.com

2010-06-18 16:57:30 ----A---- C:\Windows\ntbtlog.txt

2010-06-15 14:29:33 ----D---- C:\Program Files\Gamigo Games

2010-06-15 13:27:51 ----D---- C:\Program Files\Neffy

2010-06-13 16:18:30 ----D---- C:\Program Files\Mozilla Firefox

2010-06-07 14:38:38 ----A---- C:\Windows\system32\VBoxNetFltNotify.dll

2010-06-06 19:10:56 ----D---- C:\rsit

2010-06-06 19:02:28 ----A---- C:\Windows\system32\wininet (2).dll

2010-06-06 18:56:28 ----A---- C:\Windows\system32\WSOCK32 (2).dll

2010-06-05 11:26:04 ----D---- C:\Program Files\Sweet Home 3D

2010-06-04 14:44:31 ----D---- C:\Windows\MATS

2010-06-04 14:44:30 ----D---- C:\Program Files\Microsoft Fix it Center

2010-06-01 19:33:24 ----A---- C:\Windows\system32\uxtuneup.dll

2010-06-01 19:33:24 ----A---- C:\Windows\system32\authuitu.dll

2010-05-31 19:46:50 ----D---- C:\Windows\system32\catroot2

2010-05-28 20:22:54 ----D---- C:\Windows\SoftwareDistribution

2010-05-28 19:28:18 ----A---- C:\Windows\system32\initpki.dll

2010-05-28 18:38:25 ----D---- C:\Marc

2010-05-24 16:59:05 ----D---- C:\Users\Marc\AppData\Roaming\Ahead

2010-05-24 16:58:30 ----D---- C:\ProgramData\Ahead

2010-05-24 16:55:44 ----D---- C:\Program Files\Common Files\Ahead

2010-05-21 06:55:15 ----A---- C:\Windows\system32\2AED1994-F97B-454C-8FB3-2F4C5C8F45D2.txt

======List of files/folders modified in the last 1 months======

2010-06-20 19:03:18 ----D---- C:\Program Files\trend micro

2010-06-20 18:56:33 ----D---- C:\Windows\Prefetch

2010-06-20 18:55:01 ----SHD---- C:\Windows\Installer

2010-06-20 18:55:01 ----D---- C:\Program Files

2010-06-20 18:54:59 ----D---- C:\Windows\system32\drivers

2010-06-20 18:54:59 ----D---- C:\ProgramData\Microsoft

2010-06-20 18:46:54 ----D---- C:\Windows\System32

2010-06-20 18:46:54 ----D---- C:\Windows\inf

2010-06-20 18:46:54 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-06-20 16:11:58 ----D---- C:\Windows

2010-06-20 16:11:58 ----A---- C:\Windows\system.ini

2010-06-20 15:45:11 ----D---- C:\Windows\AppPatch

2010-06-20 15:45:10 ----D---- C:\Program Files\Common Files

2010-06-20 06:35:53 ----SD---- C:\Windows\Downloaded Program Files

2010-06-18 20:58:54 ----D---- C:\Windows\Microsoft.NET

2010-06-18 20:39:05 ----D---- C:\Program Files\CCleaner

2010-06-18 20:28:36 ----D---- C:\Program Files\TuneUp Utilities 2010

2010-06-18 20:07:21 ----RSD---- C:\Windows\assembly

2010-06-18 20:06:14 ----D---- C:\Windows\winsxs

2010-06-18 16:57:19 ----D---- C:\Windows\ShellNew

2010-06-18 16:48:07 ----D---- C:\ProgramData\Spybot - Search & Destroy

2010-06-17 17:57:59 ----D---- C:\Windows\Tasks

2010-06-17 15:08:13 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

2010-06-17 15:07:57 ----D---- C:\Program Files\AGEIA Technologies

2010-06-16 16:25:01 ----D---- C:\Users\Marc\AppData\Roaming\uTorrent

2010-06-16 15:02:37 ----HD---- C:\Program Files\InstallShield Installation Information

2010-06-16 14:56:52 ----D---- C:\Windows\system32\Tasks

2010-06-16 14:46:49 ----D---- C:\Program Files\Microsoft Games

2010-06-15 14:28:41 ----D---- C:\Program Files\Common Files\InstallShield

2010-06-14 13:21:48 ----SHD---- C:\System Volume Information

2010-06-13 16:18:38 ----D---- C:\Users\Marc\AppData\Roaming\Mozilla

2010-06-10 14:53:10 ----D---- C:\Windows\Minidump

2010-06-10 13:00:40 ----D---- C:\ProgramData\Test Drive Unlimited

2010-06-08 20:01:48 ----DC---- C:\Windows\system32\DRVSTORE

2010-06-06 19:30:35 ----RD---- C:\Users

2010-06-06 19:30:25 ----D---- C:\Windows\system32\appmgmt

2010-06-04 11:25:49 ----D---- C:\Users\Marc\AppData\Roaming\vlc

2010-06-04 11:19:18 ----D---- C:\Users\Marc\AppData\Roaming\dvdcss

2010-06-01 15:20:20 ----D---- C:\Users\Marc\AppData\Roaming\Notepad++

2010-06-01 15:20:20 ----D---- C:\Program Files\Notepad++

2010-05-28 20:44:30 ----D---- C:\Windows\system32\catroot2.bak

2010-05-27 19:23:51 ----D---- C:\Windows\Globalization

2010-05-27 07:35:22 ----D---- C:\Windows\system32\catroot

2010-05-24 17:11:05 ----D---- C:\ProgramData

2010-05-24 17:10:59 ----D---- C:\Windows\ehome

2010-05-23 08:53:36 ----D---- C:\Windows\DigitalLocker

2010-05-21 06:53:11 ----D---- C:\Windows\ERDNT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]

R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]

R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]

R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-12-02 4179968]

R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-04-07 36608]

R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]

R3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120; C:\Windows\system32\drivers\libusb0.sys [2008-09-12 28672]

R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-04-29 20952]

R3 NBXG7031;NB 802.11g XG703 SP1 Driver; C:\Windows\system32\DRIVERS\WlanUIG.sys [2004-09-17 381312]

R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-02-15 27632]

R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 298496]

S1 PCIDump;PCIDump; C:\Windows\system32\drivers\PCIDump.sys []

S3 akg3zvun;akg3zvun; C:\Windows\system32\drivers\akg3zvun.sys []

S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]

S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]

S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]

S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]

S3 catchme;catchme; \??\C:\Marc23130M\catchme.sys []

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]

S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2009-05-01 265496]

S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam.sys []

S3 mbr;mbr; \??\C:\Users\Marc\AppData\Local\Temp\mbr.sys []

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]

S3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2009-04-30 13976]

S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2009-04-30 2687512]

S3 pspdisp;pspdisp; C:\Windows\system32\DRIVERS\pspdisp.sys [2008-09-12 3328]

S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]

S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]

S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]

S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]

S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]

S3 usbaudio;Pilote USB audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]

S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]

S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-06-07 100496]

S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2010-06-07 111312]

S3 WinUSB;PS3Eye Camera; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-04-11 31616]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

S3 XPADFL02;XPAD Filter Service 02; C:\Windows\system32\DRIVERS\xpadfl02.sys [2006-12-24 27904]

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-12-01 720896]

R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]

R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-04-07 233472]

R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1; C:\Windows\system32\libusbd-nt.exe [2005-03-09 18944]

R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]

R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]

R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]

R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]

S2 ERSvc;ERSvc; C:\Windows\System32\svchost.exe [2008-01-19 21504]

S2 helpsvc;helpsvc; C:\Windows\System32\svchost.exe [2008-01-19 21504]

S2 owfzkqyg;Brother USB Mass-Storage Upper Filter Helper; C:\Windows\System32\svchost.exe [2008-01-19 21504]

S2 srservice;srservice; C:\Windows\system32\svchost.exe [2008-01-19 21504]

S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]

S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]

S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-19 523776]

S3 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-30 135664]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-09 182768]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 MatSvc;@%ProgramFiles%\Microsoft Fix it Center\MatsRes.dll,-9000; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]

S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]

S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-06-01 435016]

S3 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]

S3 UxTuneUp;TuneUp Extension de thème; C:\Windows\System32\svchost.exe [2008-01-19 21504]

S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]

-----------------EOF-----------------

Merci,

Marc

no.ppp · le 20 juin 2010

Bonsoir,

Je vais te demander un autre rapport d'analyse avant de réellement commencer à désinfecter.

Télécharge OTL sur ton Bureau

Double-clique sur OTL.exe pour le lancer.
Coche la case Tous les utilisateurs
Fais de même avec Recherche Lop et Recherche Purity.
Clique ensuite sur Analyse puis patiente pendant qu'il scanne le registre et les fichiers.
Quand l'analyse est terminée, deux fenêtres du Bloc-notes vont s'ouvrir. OTL.Txt et Extras.Txt. Ces fichiers sont sauvegardés au même endroit que OTL.
Copie-colle les dans ta prochaine réponse.

maluko13 · le 21 juin 2010

Bonsoir no.ppp,

le 1er rapport OTL :

OTL Extras logfile created on: 21/06/2010 18:48:01 - Run 1

OTL by OldTimer - Version 3.2.6.1 Folder = C:\Windows\system32\config\systemprofile\Desktop

Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18904)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 79,00% Paging File free

Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 46,19 Gb Total Space | 9,50 Gb Free Space | 20,57% Space Free | Partition Type: NTFS

Drive D: | 39,08 Gb Total Space | 26,45 Gb Free Space | 67,67% Space Free | Partition Type: NTFS

Drive E: | 63,77 Gb Total Space | 24,76 Gb Free Space | 38,82% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

Drive G: | 99,36 Gb Total Space | 70,98 Gb Free Space | 71,43% Space Free | Partition Type: NTFS

Drive H: | 99,36 Gb Total Space | 99,07 Gb Free Space | 99,70% Space Free | Partition Type: NTFS

Drive I: | 99,36 Gb Total Space | 19,61 Gb Free Space | 19,74% Space Free | Partition Type: NTFS

Drive J: | 76,34 Gb Total Space | 39,48 Gb Free Space | 51,71% Space Free | Partition Type: NTFS

Drive K: | 76,32 Gb Total Space | 11,85 Gb Free Space | 15,52% Space Free | Partition Type: NTFS

Drive L: | 465,75 Gb Total Space | 58,81 Gb Free Space | 12,63% Space Free | Partition Type: NTFS

Computer Name: PC-DE-MARC

Current User Name: Marc

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]

.exe [@ = secfile] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]

.exe [@ = secfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2895517941-1792322226-2511147505-1000]

"EnableNotifications" = 1

"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{247B6728-33FC-4D2E-BD14-62FF683C9AEF}" = rport=10243 | protocol=6 | dir=out | app=system |

"{52AF2E91-521A-4E7A-AE98-4BCA9503508C}" = lport=10243 | protocol=6 | dir=in | app=system |

"{59B283C0-9F21-4C92-B686-56B7757143ED}" = lport=2869 | protocol=6 | dir=in | app=system |

"{643434A6-AC8C-4598-9954-EF3B2C2829EF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{76B7E5B6-A5B6-48E5-8BC8-3F0ECDD73CE2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{7F94D116-FA9D-40A8-836D-E82F172399E1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{8BB5AB72-15A2-4B02-B4EA-DEA6F7633860}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{8EF7E884-58CE-4A06-9889-FC5B45B6ACD9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{A1788F99-3105-408E-BF7E-0AAF479E07BB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{B787003F-2CE0-484F-AAB7-133E9BBA1AC7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{BE5BBEC1-8810-4F9B-A108-B1766E929633}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{C33D7CB1-F976-40E4-B843-920DE2E230E2}" = lport=2869 | protocol=6 | dir=in | app=system |

"{CEB7847F-04CF-4AF0-ADF9-981B5B7FBC68}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{E0F1EEDE-31A0-4A63-989F-D77DBDB96318}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{E4582109-C819-4EC0-B60E-FD99B431BA46}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

"{EFCA04F7-EA93-4F6E-9D4E-6DDE5393915A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

"{F4BCB7A7-FAF0-4AE4-AEAC-0D7AA4C96AE3}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{025B2A1B-91E4-4D18-9788-E362E6D90714}" = protocol=6 | dir=in | app=c:\program files\avira\antivir desktop\update.exe |

"{03D2221F-308F-4EDC-8AF0-B9695B4FA292}" = protocol=6 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |

"{0507AB4F-C870-4D6C-8C52-16E1618C95D9}" = protocol=6 | dir=in | app=c:\program files\windows mail\winmail.exe |

"{080609A2-D5CB-4A30-A3FA-271438F97F75}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"{0885F258-A0A8-4DC7-90D5-3B9C8C24A7F4}" = protocol=6 | dir=in | app=c:\windows\system32\wuapp.exe |

"{089F3707-68D4-46D5-B071-210FE96E6901}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"{1A61801A-66FD-468C-86F2-8143BD78721C}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |

"{27479516-22F7-42BB-8F9A-AD05DDE7DD79}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |

"{2CB0003C-A732-4BBE-A818-61638D13CC55}" = protocol=17 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |

"{31692C3E-72EF-4A5F-B436-03B5FF06BEC9}" = protocol=6 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |

"{31D630E7-3465-4B1B-B28A-BEF465E088B4}" = protocol=6 | dir=in | app=c:\program files\windows defender\msascui.exe |

"{32C872E2-B742-40CF-9768-14376395C6C3}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |

"{40F273E0-E2DF-4B6B-8658-EC7677257D45}" = protocol=17 | dir=in | app=c:\program files\malwarebytes' anti-malware\mbam.exe |

"{49F8E489-40D4-4752-BF15-5EA13A9DA29B}" = protocol=6 | dir=in | app=c:\program files\windows mail\winmail.exe |

"{4D81A6E7-F464-4F8A-849B-279321763095}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{5474F0AA-66ED-46D5-B17C-97CA58A5808B}" = protocol=17 | dir=in | app=c:\program files\windows mail\winmail.exe |

"{5A3CD355-4EA9-4063-8192-0CE49036A624}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |

"{5C4C928D-086E-406D-A0E8-4EF64D2C63D0}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |

"{5CB4CE00-5BB6-4A35-8ACE-75E34532E832}" = protocol=17 | dir=in | app=c:\program files\avira\antivir desktop\update.exe |

"{611B3280-0E26-4129-8BFF-479BE9F06A7B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{622F0A5D-8154-4D26-9253-E8720403BD0F}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |

"{714F091B-71A9-4215-88EA-C686058BA548}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |

"{74E9D4AB-4CA7-4E52-8DCF-DEDFAA9FE4D5}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |

"{76174DA1-E732-4E35-9651-88795D08B58A}" = protocol=6 | dir=in | app=c:\program files\gamigo games\levelr\levelr.bin |

"{77B2B717-CCF6-4BA9-993A-C3D1577F1595}" = protocol=17 | dir=in | app=c:\program files\gamigo games\levelr\levelr.bin |

"{7C49EA16-D5EE-4F64-81F7-387FAAA9D2B2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{86FEDEC1-5717-424B-B858-703DD92B84F0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{8917458F-964A-4381-A149-C26DA84FC78E}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"{8B51D1A8-38EB-4962-BE8D-B7025C509D86}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |

"{8E6B48F6-B390-460D-8E71-3CF81EC89462}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |

"{909A2CA8-7FD7-4854-A681-0F2BA06D7313}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{927F7236-3DA4-4D11-A1A7-BB486B3C5EDF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{AD68ED77-835E-4C34-BE4E-EE2A2CF0E2AD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{AEEBC46A-D33F-4831-ADB1-A1BE1297B8AD}" = protocol=6 | dir=out | app=system |

"{AFA84B3F-E0A7-4BB9-8022-C96C37BC4DB5}" = protocol=6 | dir=in | app=c:\program files\7-zip\7zfm.exe |

"{B4DD3FE2-6146-4EBA-A74A-F304B0ED7876}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |

"{B6C14752-5AD0-4BB6-B330-3C1168DE8A6A}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |

"{BB354EED-57DD-4BD4-9FA9-4B0298391495}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"{BBA0D354-0506-4437-B29B-A405668FB61B}" = protocol=17 | dir=in | app=c:\windows\system32\wuapp.exe |

"{C14C14BC-E759-4119-B0EE-C71D085C8E8A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{C2D87F54-8410-4675-A728-7F35DC13060C}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"{C427633B-DE3F-4D7E-8555-ED30D9736FA0}" = protocol=17 | dir=in | app=c:\program files\windows mail\winmail.exe |

"{C5BDE236-EF20-47A2-8A25-88444C981A9C}" = protocol=17 | dir=in | app=c:\program files\7-zip\7zfm.exe |

"{CA264218-128C-4E64-8D94-2464D41F85A8}" = protocol=17 | dir=in | app=c:\program files\windows defender\msascui.exe |

"{CEE62028-22F7-4380-B1AF-5D30A7A5E716}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{D655F3C1-C48E-4C0C-856D-5814348612D5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{E0098B65-62D1-4516-ABCE-12316039A0E3}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{E67A20B5-3A07-4431-AFB6-CB0083EF25E3}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |

"{EC5773FE-93CB-4D56-B266-F122E828E1F1}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |

"{EF0D8417-8C60-49F8-A4D0-8B66E25DD3FB}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |

"{F86D6279-9027-40B8-8483-E25ADD265289}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"{F8EDB0BD-26AF-4FA8-9726-479CCF171D88}" = protocol=6 | dir=out | app=system |

"{FFFA8F8C-6924-4CA7-A2AB-5992B617ED13}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |

"TCP Query User{1CBBDA99-B920-4A25-B9E0-36BC964ED849}C:\program files\nero\nero 7\nero home\nerohome.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero 7\nero home\nerohome.exe |

"TCP Query User{3B235853-36A7-41D6-8F04-EDD2ED175DA1}C:\users\marc\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\marc\program files\dna\btdna.exe |

"TCP Query User{546ABAFC-0169-468C-8366-7A01CB2B7E79}C:\program files\microsoft games\age of empires iii\age3.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |

"TCP Query User{61415722-5DC2-43DA-850E-4FD36CC93B99}L:\xbox360\pc » left 4 dead 2 full game directplay by globe@\left 4 dead 2\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=l:\xbox360\pc » left 4 dead 2 full game directplay by globe@\left 4 dead 2\left 4 dead 2\left4dead2.exe |

"TCP Query User{7389BBF4-F9F3-427F-A6AF-381A3663AF0F}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"TCP Query User{76C816A2-C0A6-408D-9A8D-3B21425B48CE}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

"TCP Query User{779250F3-3FCA-498E-811F-C87B5A40BE28}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |

"TCP Query User{988C29D6-188F-451B-8363-4CE96C85E201}C:\program files\sony ericsson\update service\update service.exe" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |

"TCP Query User{B87308D4-DDE5-40C8-A412-9B9EE0258B35}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |

"TCP Query User{F32A50F0-5749-4C95-9D7B-F74FAC19E953}L:\xbox360\[pc] test drive unlimited [proper] [rip] [dopeman]\tdu\tdu\testdriveunlimited.exe" = protocol=6 | dir=in | app=l:\xbox360\[pc] test drive unlimited [proper] [rip] [dopeman]\tdu\tdu\testdriveunlimited.exe |

"TCP Query User{F76145B7-063A-41B6-B384-8CD1DE449D28}C:\users\florent\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\florent\appdata\local\google\chrome\application\chrome.exe |

"TCP Query User{FB0B9A91-66DE-41DF-BC73-82448204693E}L:\v8\launcher.exe" = protocol=6 | dir=in | app=l:\v8\launcher.exe |

"TCP Query User{FEC39CB2-F74B-45C3-9952-3CB59DF0E2DB}L:\v8\launcher.exe" = protocol=6 | dir=in | app=l:\v8\launcher.exe |

"UDP Query User{0CD1198B-B37F-42B8-86F8-1F2C62D37029}L:\xbox360\[pc] test drive unlimited [proper] [rip] [dopeman]\tdu\tdu\testdriveunlimited.exe" = protocol=17 | dir=in | app=l:\xbox360\[pc] test drive unlimited [proper] [rip] [dopeman]\tdu\tdu\testdriveunlimited.exe |

"UDP Query User{135A02B6-6199-48BA-9142-3BF46FF57873}C:\program files\nero\nero 7\nero home\nerohome.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero 7\nero home\nerohome.exe |

"UDP Query User{2770888D-3FFF-4AA5-AC6F-9AB05390F434}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"UDP Query User{39041500-EDA8-4152-914C-638291EFBEA5}C:\program files\microsoft games\age of empires iii\age3.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |

"UDP Query User{3C3BF043-73C8-4B2C-B91C-1DBE7C864501}L:\v8\launcher.exe" = protocol=17 | dir=in | app=l:\v8\launcher.exe |

"UDP Query User{4FED875C-C52D-40EB-8322-4F473B6677A9}C:\users\florent\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\florent\appdata\local\google\chrome\application\chrome.exe |

"UDP Query User{51CA9910-1CE4-449E-9919-F238CB10686D}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |

"UDP Query User{539A8EA9-1F65-4686-B066-8A2D32DCD8BA}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |

"UDP Query User{594E0CEE-DE47-42D9-8C19-AAF8D79D6627}C:\program files\sony ericsson\update service\update service.exe" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |

"UDP Query User{6527574A-AB59-4673-9643-A932ECBE35DA}C:\users\marc\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\marc\program files\dna\btdna.exe |

"UDP Query User{7FEE7A2F-FBA1-4D4C-B61E-0CAFEF142C90}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |

"UDP Query User{88D47BBE-C650-48EC-BB4A-642413C1ADE2}L:\xbox360\pc » left 4 dead 2 full game directplay by globe@\left 4 dead 2\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=l:\xbox360\pc » left 4 dead 2 full game directplay by globe@\left 4 dead 2\left 4 dead 2\left4dead2.exe |

"UDP Query User{AA7058AF-4109-425E-9E96-77AC2D689AF9}L:\v8\launcher.exe" = protocol=17 | dir=in | app=l:\v8\launcher.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{02EBDBB9-4600-41D3-B566-40CB861511D2}" = World of Warcraft FREE Trial

"{10A44844-4465-456E-8C97-80BDD4F68845}" = Assistant de connexion Windows Live ID

"{1102B81E-73F2-339C-E299-C48D7CA32441}" = Catalyst Control Center Graphics Full Existing

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP5200" = Canon iP5200

"{153C7D89-9CF4-4719-A551-C5BF45236DB5}" = redist

"{15422767-809D-8D9C-140D-99B39C9683DA}" = Catalyst Control Center Graphics Full New

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{186DB7E2-1C55-0715-12E1-7FC473D30A4C}" = Catalyst Control Center Graphics Previews Common

"{1943A043-5C85-4A16-A0D0-D687B2C1A40F}" = VirtualCom driver

"{1C87A9F3-D01A-F4DA-F3DF-6ED7DB9EEBE1}" = CCC Help French

"{1DE0F8B5-763F-395F-56F3-98F8D9E0492D}" = HydraVision

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live

"{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}" = EPSON TWAIN 5

"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java 6 Update 19

"{27DC856A-0916-4988-8198-8714DDD3183D}" = AGEIA PhysX v7.05.17

"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1

"{3516C69A-024D-42A8-B948-FFAA7B9CC49A}" = Windows SideShow Managed Runtime 1.0

"{3A1BBC38-2602-B555-24D3-942F01D8DC39}" = CCC Help English

"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra

"{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer

"{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{53B20C18-D8D4-4588-8737-9BBFE303C354}" = Windows Live Movie Maker

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{597DE5BD-C24B-4D0F-BA2D-F5D591D800DA}" = AccuWeather SideShow Gadget

"{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail

"{5F778DA4-7CDF-435C-9650-0201FCAD8DAE}" = Superstars® V8 Racing

"{6419FBF5-2DB7-FF43-EE67-5448F868D080}" = Catalyst Control Center Core Implementation

"{6530EB5E-F2BE-45D3-906B-E4AFFF2D1588}" = Gestionnaire de périphériques de Windows Live

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = AusLogics BoostSpeed

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger

"{7B0A8F0E-3672-4DA5-9540-A8D0171C38D8}" = TuneUp Utilities Language Pack (fr-FR)

"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver

"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007

"{90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable

"{92E4CCD6-CB9A-951B-E333-78A8BC6BA8E2}" = Catalyst Control Center Localization French

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9FA7B446-0DE0-C883-9DB4-AC9A35D60735}" = Catalyst Control Center HydraVision Full

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}" = Epson Copy Utility 3.5

"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution

"{AC76BA86-7AD7-1036-7B44-A93000000001}" = Adobe Reader 9.3.1 - Français

"{ACB91656-A3D1-4E5F-82F0-D3E5200F1D06}" = Skins

"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4

"{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center

"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX

"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software

"{C3F7C6EB-B6AD-CE5E-46BD-E6DE8EBB6E5A}" = Catalyst Control Center Graphics Previews Vista

"{C8E9FBF9-6CBE-AE9B-C8AB-2C8F5E32140C}" = ccc-core-static

"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities

"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding

"{D484F0BE-2429-4B3F-97C0-ADDA10F3EA4A}" = Oracle VM VirtualBox 3.2.4

"{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver

"{DDACB061-0C85-8A15-45C9-28415476762B}" = Catalyst Control Center Graphics Light

"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{ECE1F718-CDFD-7A05-BDB9-4D33BFE67D9C}" = ccc-utility

"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth

"{FC5A7E9B-2CAC-6261-7F34-817C6547ABF3}" = Catalyst Control Center InstallProxy

"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner

"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Package de pilotes Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)

"7-Zip" = 7-Zip 9.07 beta

"Action Replay Code Manager_is1" = Action Replay Code Manager

"Adobe AIR" = Adobe AIR

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"ATRAC3" = Sony ATRAC3 Audio Codec (remove only)

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"AviSynth" = AviSynth 2.5

"CCleaner" = CCleaner

"Clean Virus MSN_is1" = Clean Virus MSN

"D'Fusion @Home Web Plug-In" = Total Immersion D'Fusion @Home Web Plug-In

"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.2

"GameSaike SixaxisDriver_is1" = SixaxisDriver 0.91

"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)

"Neuf_TV_PC" = TV sur PC

"OpenAL" = OpenAL

"PROPLUS" = Microsoft Office Professional Plus 2007

"PSPdisp" = PSPdisp 0.1

"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software

"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set

"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software

"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software

"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software

"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software

"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software

"SFR_Kit" = SFR - Kit de connexion

"Sweet Home 3D_is1" = Sweet Home 3D version 2.4

"TuneUp Utilities" = TuneUp Utilities

"UltSounds" = Modèles de sons Windows

"UltSounds2" = Ultimate Extras sounds from Microsoft® Tinker™

"uTorrent" = µTorrent

"VLC media player" = VLC media player 1.0.5

"WinLiveSuite_Wave3" = Installation Windows Live

"WinRAR archiver" = WinRAR archiver

"Xilisoft PSP Video Converter" = Xilisoft PSP Video Converter

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2895517941-1792322226-2511147505-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"BitTorrent" = BitTorrent

"BitTorrent DNA" = DNA

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 20/06/2010 14:24:23 | Computer Name = PC-de-Marc | Source = Microsoft-Windows-CAPI2 | ID = 131329

Description =

Error - 20/06/2010 15:08:47 | Computer Name = PC-de-Marc | Source = SPP | ID = 16387

Description =

Error - 20/06/2010 15:08:47 | Computer Name = PC-de-Marc | Source = System Restore | ID = 8193

Description =

Error - 20/06/2010 15:08:47 | Computer Name = PC-de-Marc | Source = System Restore | ID = 8210

Description =

Error - 21/06/2010 06:44:07 | Computer Name = PC-de-Marc | Source = ESENT | ID = 488

Description = Catalog Database (1540) Catalog Database: Une tentative de création

du fichier "C:\Windows\system32\CatRoot2\edbtmp.log" a échoué en indiquant l'erreur

système 5 (0x00000005) : "Accès refusé. ". L'opération de création de dossier échouera

en indiquant l'erreur -1032 (0xfffffbf8).

Error - 21/06/2010 06:44:07 | Computer Name = PC-de-Marc | Source = ESENT | ID = 413

Description = Catalog Database (1540) Catalog Database: Impossible de créer un nouveau

journal car la base de données ne peut pas écrire sur le lecteur de journalisation.

Le lecteur est probablement en lecture seule, mal configuré ou endommagé. Erreur

-1032.

Error - 21/06/2010 06:44:07 | Computer Name = PC-de-Marc | Source = Microsoft-Windows-CAPI2 | ID = 131329

Description =

Error - 21/06/2010 06:44:17 | Computer Name = PC-de-Marc | Source = ESENT | ID = 488

Description = Catalog Database (1540) Catalog Database: Une tentative de création

du fichier "C:\Windows\system32\CatRoot2\edbtmp.log" a échoué en indiquant l'erreur

système 5 (0x00000005) : "Accès refusé. ". L'opération de création de dossier échouera

en indiquant l'erreur -1032 (0xfffffbf8).

Error - 21/06/2010 06:44:17 | Computer Name = PC-de-Marc | Source = ESENT | ID = 413

Description = Catalog Database (1540) Catalog Database: Impossible de créer un nouveau

journal car la base de données ne peut pas écrire sur le lecteur de journalisation.

Le lecteur est probablement en lecture seule, mal configuré ou endommagé. Erreur

-1032.

Error - 21/06/2010 06:44:17 | Computer Name = PC-de-Marc | Source = Microsoft-Windows-CAPI2 | ID = 131329

Description =

[ System Events ]

Error - 21/06/2010 07:27:28 | Computer Name = PC-de-Marc | Source = EventLog | ID = 6008

Description = L'arrêt système précédant à 13:25:24 le 21/06/2010 n'était pas prévu.

Error - 21/06/2010 07:27:35 | Computer Name = PC-de-Marc | Source = Service Control Manager | ID = 7009

Description =

Error - 21/06/2010 07:27:35 | Computer Name = PC-de-Marc | Source = Service Control Manager | ID = 7000

Description =

Error - 21/06/2010 07:27:35 | Computer Name = PC-de-Marc | Source = Service Control Manager | ID = 7001

Description =

Error - 21/06/2010 07:27:35 | Computer Name = PC-de-Marc | Source = Service Control Manager | ID = 7009

Description =

Error - 21/06/2010 07:27:35 | Computer Name = PC-de-Marc | Source = Service Control Manager | ID = 7000

Description =

Error - 21/06/2010 07:27:35 | Computer Name = PC-de-Marc | Source = Service Control Manager | ID = 7000

Description =

Error - 21/06/2010 07:27:35 | Computer Name = PC-de-Marc | Source = Service Control Manager | ID = 7023

Description =

Error - 21/06/2010 07:29:47 | Computer Name = PC-de-Marc | Source = WMPNetworkSvc | ID = 866312

Description =

Error - 21/06/2010 07:29:47 | Computer Name = PC-de-Marc | Source = WMPNetworkSvc | ID = 866312

Description =

< End of report >

maluko13 · le 21 juin 2010

la suite:

OTL logfile created on: 21/06/2010 18:48:01 - Run 1

OTL by OldTimer - Version 3.2.6.1 Folder = C:\Windows\system32\config\systemprofile\Desktop

Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18904)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 62,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 79,00% Paging File free

Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 46,19 Gb Total Space | 9,50 Gb Free Space | 20,57% Space Free | Partition Type: NTFS

Drive D: | 39,08 Gb Total Space | 26,45 Gb Free Space | 67,67% Space Free | Partition Type: NTFS

Drive E: | 63,77 Gb Total Space | 24,76 Gb Free Space | 38,82% Space Free | Partition Type: NTFS

F: Drive not present or media not loaded

Drive G: | 99,36 Gb Total Space | 70,98 Gb Free Space | 71,43% Space Free | Partition Type: NTFS

Drive H: | 99,36 Gb Total Space | 99,07 Gb Free Space | 99,70% Space Free | Partition Type: NTFS

Drive I: | 99,36 Gb Total Space | 19,61 Gb Free Space | 19,74% Space Free | Partition Type: NTFS

Drive J: | 76,34 Gb Total Space | 39,48 Gb Free Space | 51,71% Space Free | Partition Type: NTFS

Drive K: | 76,32 Gb Total Space | 11,85 Gb Free Space | 15,52% Space Free | Partition Type: NTFS

Drive L: | 465,75 Gb Total Space | 58,81 Gb Free Space | 12,63% Space Free | Partition Type: NTFS

Computer Name: PC-DE-MARC

Current User Name: Marc

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/06/21 18:46:42 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Windows\System32\config\systemprofile\Desktop\OTL.exe

PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2009/10/14 14:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe

PRC - [2009/10/14 14:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe

PRC - [2009/10/07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe

PRC - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2009/04/16 09:41:18 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/04/07 09:39:44 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe

PRC - [2009/03/30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

PRC - [2009/03/30 17:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

PRC - [2009/03/02 12:08:11 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

PRC - [2006/11/02 11:45:59 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe

PRC - [2005/03/09 21:50:18 | 000,018,944 | ---- | M] (libu s b-Win32) -- C:\Windows\System32\libusbd-nt.exe

========== Modules (SafeList) ==========

MOD - [2010/06/21 18:46:42 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Windows\System32\config\systemprofile\Desktop\OTL.exe

MOD - [2009/04/11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll

MOD - [2008/01/19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (UPS)

SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)

SRV - File not found [On_Demand | Stopped] -- -- (CiSvc)

SRV - [2010/06/01 19:33:24 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)

SRV - [2010/05/07 18:05:00 | 001,051,976 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)

SRV - [2010/05/07 18:01:44 | 000,030,024 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)

SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2010/04/10 17:05:58 | 000,266,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)

SRV - [2009/10/07 02:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)

SRV - [2009/07/21 13:33:58 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2009/05/13 15:47:40 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2009/04/07 09:39:44 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)

SRV - [2009/03/30 17:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)

SRV - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

SRV - [2008/01/19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2008/01/19 09:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)

SRV - [2008/01/19 09:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)

SRV - [2005/03/09 21:50:18 | 000,018,944 | ---- | M] (libu s b-Win32) [Auto | Running] -- C:\Windows\System32\libusbd-nt.exe -- (libusbd)

========== Driver Services (SafeList) ==========

DRV - [2010/06/07 14:38:40 | 000,111,312 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)

DRV - [2010/06/07 14:38:40 | 000,100,496 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

DRV - [2010/05/09 15:56:25 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)

DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2010/02/15 14:19:57 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)

DRV - [2009/11/25 11:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2009/10/25 06:11:34 | 000,077,312 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\MBR.exe -- (mbr)

DRV - [2009/10/14 07:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)

DRV - [2009/10/07 02:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)

DRV - [2009/05/11 09:11:52 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2009/05/01 00:01:36 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)

DRV - [2009/04/30 23:55:58 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)

DRV - [2009/04/30 23:55:34 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)

DRV - [2009/04/11 06:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)

DRV - [2009/04/11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)

DRV - [2009/04/07 09:39:44 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)

DRV - [2009/03/30 09:32:47 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2009/02/13 11:34:33 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2008/12/02 00:14:32 | 004,179,968 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)

DRV - [2008/09/12 18:58:32 | 000,028,672 | ---- | M] (libu s b-Win32) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)

DRV - [2008/09/12 18:58:30 | 000,003,328 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pspdisp.sys -- (pspdisp)

DRV - [2007/12/06 10:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)

DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)

DRV - [2007/07/03 16:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)

DRV - [2007/07/03 16:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)

DRV - [2007/07/03 16:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)

DRV - [2006/12/24 06:15:18 | 000,027,904 | ---- | M] (Compuware Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xPADFL02.sys -- (XPADFL02)

DRV - [2006/11/02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2006/11/02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2006/11/02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2006/11/02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2006/11/02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2006/11/02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2006/11/02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2006/11/02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2006/11/02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006/11/02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)

DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006/11/02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2006/11/02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2006/11/02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)

DRV - [2006/11/02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2006/11/02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006/11/02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006/11/02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006/11/02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2006/11/02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2006/11/02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2006/11/02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2006/11/02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®

DRV - [2004/09/17 15:56:10 | 000,381,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WlanUIG.sys -- (NBXG7031)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = M S N : Hotmail, Me s s enger, Bing, Actualit é et S port

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2895517941-1792322226-2511147505-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = S FR : T é l é phone portable, mobile, forfait s portable s , AD S L

IE - HKU\S-1-5-21-2895517941-1792322226-2511147505-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-2895517941-1792322226-2511147505-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "S FR : T é l é phone portable, mobile, forfait s portable s , AD S L"

FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/06/13 16:18:32 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/13 16:18:31 | 000,000,000 | ---D | M]

[2010/06/13 16:18:48 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\mozilla\Extensions

[2010/02/10 13:37:00 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

[2010/06/14 19:54:26 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\6b1lgpvg.default\extensions

[2010/06/14 19:54:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\6b1lgpvg.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/06/13 16:18:31 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2010/04/01 19:07:29 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml

[2010/04/01 19:07:29 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml

[2010/04/01 19:07:29 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml

[2010/04/01 19:07:29 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml

[2010/04/01 19:07:29 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2010/06/20 16:11:24 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKU\S-1-5-21-2895517941-1792322226-2511147505-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2895517941-1792322226-2511147505-1000..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2895517941-1792322226-2511147505-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-2895517941-1792322226-2511147505-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0

O7 - HKU\S-1-5-21-2895517941-1792322226-2511147505-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.)

O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.s un.com/update/1.6.0/jin s tall-1_6_0_19-window s -i586.cab (Java Plug-in 1.6.0_19)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NO S /getPlu s Plu s /1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcafee.com/molbin/i s s -loc/mcf s can/3,0,0,6017/mcf s can.cab (McFreeScan Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKU\.DEFAULT\...exe [@ = secfile] -- Reg Error: Key error. File not found

O37 - HKU\S-1-5-18\...exe [@ = secfile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/06/21 12:56:37 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%

[2010/06/20 20:09:16 | 000,000,000 | --SD | C] -- C:\Lychen

[2010/06/20 20:08:48 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe

[2010/06/20 19:49:05 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/06/20 19:14:42 | 000,000,000 | ---D | C] -- C:\Users\Marc\Desktop\ANTIVIR

[2010/06/20 16:16:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2010/06/20 15:48:34 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\temp

[2010/06/20 15:48:33 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2010/06/20 15:17:44 | 000,000,000 | ---D | C] -- C:\%APPDATA%

[2010/06/19 19:17:15 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center

[2010/06/19 16:18:21 | 000,000,000 | ---D | C] -- C:\Windows\McAfee.com

[2010/06/18 19:45:13 | 007,283,496 | ---- | C] (Microsoft Corporation) -- C:\Users\Marc\Desktop\microsoft-security-essentials-mse_microsoft_se_1.0.1961.0_vista_7_32_bits_francais_291762.exe

[2010/06/17 15:04:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Lightrock Entertainment

[2010/06/16 14:45:12 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Videos

[2010/06/16 14:45:12 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Saved Games

[2010/06/16 14:45:12 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Pictures

[2010/06/16 14:45:12 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Links

[2010/06/16 14:45:12 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Downloads

[2010/06/16 14:45:12 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Documents

[2010/06/16 14:45:12 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Desktop

[2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\Voisinage réseau

[2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\Voisinage d'impression

[2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\SendTo

[2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\Recent

[2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\Modèles

[2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\Mes documents

[2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\Menu Démarrer

[2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\Local Settings

[2010/06/16 14:45:12 | 000,000,000 | -HSD | C] -- C:\Windows\System32\config\systemprofile\Application Data

[2010/06/16 14:45:11 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Searches

[2010/06/15 14:29:33 | 000,000,000 | ---D | C] -- C:\Program Files\Gamigo Games

[2010/06/15 13:27:51 | 000,000,000 | ---D | C] -- C:\Program Files\Neffy

[2010/06/13 16:18:38 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\Mozilla

[2010/06/13 16:18:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2010/06/08 20:01:48 | 000,142,928 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxDrv.sys

[2010/06/08 20:01:33 | 000,041,744 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxUSBMon.sys

[2010/06/07 14:38:40 | 000,111,312 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxNetFlt.sys

[2010/06/07 14:38:40 | 000,100,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxNetAdp.sys

[2010/06/07 14:38:38 | 000,133,648 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\VBoxNetFltNotify.dll

[2010/06/06 19:10:56 | 000,000,000 | ---D | C] -- C:\rsit

[2010/06/06 19:02:28 | 000,669,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet (2).dll

[2010/06/06 18:56:28 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSOCK32 (2).dll

[2010/06/05 11:26:04 | 000,000,000 | ---D | C] -- C:\Program Files\Sweet Home 3D

[2010/06/04 14:48:12 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\FixItCenter

[2010/06/04 14:44:31 | 000,000,000 | ---D | C] -- C:\Windows\MATS

[2010/06/04 14:44:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Fix it Center

[2010/06/01 19:33:24 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll

[2010/06/01 19:33:24 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll

[2010/05/31 19:46:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2

[2010/05/28 20:22:54 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2010/05/28 19:28:18 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\initpki.dll

[2010/05/28 18:38:25 | 000,000,000 | ---D | C] -- C:\Marc

[2010/05/24 17:01:36 | 000,000,000 | ---D | C] -- C:\Users\Marc\Documents\Nero Home

[2010/05/24 17:00:51 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\Ahead

[2010/05/24 16:59:05 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\Ahead

[2010/05/24 16:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead

[2010/05/24 16:55:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead

========== Files - Modified Within 30 Days ==========

[2010/06/21 18:50:00 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{2688C223-C27B-4382-B0D3-55A9B3351058}.job

[2010/06/21 18:30:00 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1009UA.job

[2010/06/21 18:02:00 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1001UA.job

[2010/06/21 18:02:00 | 000,001,036 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1001Core.job

[2010/06/21 17:27:30 | 000,005,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010/06/21 17:27:30 | 000,005,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010/06/21 13:31:44 | 001,499,290 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010/06/21 13:31:44 | 000,679,180 | ---- | M] () -- C:\Windows\System32\perfh00C.dat

[2010/06/21 13:31:44 | 000,595,748 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010/06/21 13:31:44 | 000,128,212 | ---- | M] () -- C:\Windows\System32\perfc00C.dat

[2010/06/21 13:31:44 | 000,105,078 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010/06/21 13:27:32 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010/06/21 13:27:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/06/20 21:18:32 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat

[2010/06/20 21:18:24 | 001,667,617 | -H-- | M] () -- C:\Users\Marc\AppData\Local\IconCache.db

[2010/06/20 20:22:25 | 212,273,617 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2010/06/20 19:54:28 | 000,524,288 | -HS- | M] () -- C:\Windows\system32\config\systemprofile\ntuser.dat{d81bcdf3-cc66-11de-883d-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms

[2010/06/20 19:54:28 | 000,262,144 | ---- | M] () -- C:\Windows\system32\config\systemprofile\ntuser.dat

[2010/06/20 19:54:28 | 000,065,536 | -HS- | M] () -- C:\Windows\system32\config\systemprofile\ntuser.dat{d81bcdf3-cc66-11de-883d-806e6f6e6963}.TM.blf

[2010/06/20 19:45:10 | 003,716,715 | R--- | M] () -- C:\Users\Marc\Desktop\Lychen.exe

[2010/06/20 19:30:00 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1009Core.job

[2010/06/20 16:11:58 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini

[2010/06/20 16:11:24 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2010/06/19 16:26:18 | 000,040,448 | ---- | M] () -- C:\Users\Marc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/06/19 16:21:46 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf

[2010/06/18 19:45:24 | 007,283,496 | ---- | M] (Microsoft Corporation) -- C:\Users\Marc\Desktop\microsoft-security-essentials-mse_microsoft_se_1.0.1961.0_vista_7_32_bits_francais_291762.exe

[2010/06/18 17:00:22 | 000,000,921 | ---- | M] () -- C:\Windows\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2010/06/13 16:18:33 | 000,001,690 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2010/06/09 19:18:52 | 000,403,658 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100618-165248.backup

[2010/06/09 19:17:10 | 000,403,658 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100609-191852.backup

[2010/06/09 19:14:47 | 000,403,658 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100609-191710.backup

[2010/06/08 20:01:49 | 000,000,403 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk

[2010/06/07 14:38:40 | 000,142,928 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxDrv.sys

[2010/06/07 14:38:40 | 000,111,312 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxNetFlt.sys

[2010/06/07 14:38:40 | 000,100,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxNetAdp.sys

[2010/06/07 14:38:40 | 000,041,744 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\drivers\VBoxUSBMon.sys

[2010/06/07 14:38:38 | 000,133,648 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\VBoxNetFltNotify.dll

[2010/06/06 19:10:31 | 000,824,681 | ---- | M] () -- C:\Users\Marc\Desktop\RSIT.exe

[2010/06/06 18:57:17 | 000,669,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet (2).dll

[2010/06/06 18:56:29 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSOCK32 (2).dll

[2010/06/04 12:22:50 | 011,072,141 | ---- | M] () -- C:\Users\Marc\Documents\ssssrrr_modifié-1.jpg

[2010/06/04 12:17:04 | 011,035,616 | ---- | M] () -- C:\Users\Marc\Documents\ssssrrr.jpg

[2010/06/04 11:13:34 | 004,233,258 | ---- | M] () -- C:\Users\Marc\Documents\ssss.JPG

[2010/06/01 19:33:15 | 000,001,875 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Maintenance en 1 clic.lnk

[2010/06/01 19:33:15 | 000,001,855 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk

[2010/05/28 20:48:58 | 000,053,368 | ---- | M] () -- C:\Users\Marc\Documents\cc_20100528_204851.reg

[2010/05/28 19:24:06 | 000,147,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\initpki.dll

[2010/05/28 19:07:57 | 365,277,386 | ---- | M] () -- C:\Sauv.reg

[2010/05/27 20:01:16 | 000,396,225 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100609-191447.backup

[2010/05/27 19:26:28 | 000,041,032 | ---- | M] () -- C:\Users\Marc\Documents\cc_20100527_192620.reg

========== Files Created - No Company Name ==========

[2010/06/20 19:45:02 | 003,716,715 | R--- | C] () -- C:\Users\Marc\Desktop\Lychen.exe

[2010/06/20 14:48:03 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe

[2010/06/19 16:21:46 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi_01_00_00.Wdf

[2010/06/18 17:00:22 | 000,000,921 | ---- | C] () -- C:\Windows\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2010/06/17 17:57:59 | 000,001,088 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1001UA.job

[2010/06/17 17:57:59 | 000,001,036 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1001Core.job

[2010/06/13 16:18:33 | 000,001,690 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2010/06/10 14:53:04 | 212,273,617 | ---- | C] () -- C:\Windows\MEMORY.DMP

[2010/06/08 20:01:49 | 000,000,403 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk

[2010/06/08 16:20:57 | 000,001,080 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1009UA.job

[2010/06/08 16:20:56 | 000,001,028 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2895517941-1792322226-2511147505-1009Core.job

[2010/06/06 19:10:24 | 000,824,681 | ---- | C] () -- C:\Users\Marc\Desktop\RSIT.exe

[2010/06/04 12:39:57 | 011,035,616 | ---- | C] () -- C:\Users\Marc\Documents\ssssrrr.jpg

[2010/06/04 12:39:57 | 004,233,258 | ---- | C] () -- C:\Users\Marc\Documents\ssss.JPG

[2010/06/04 12:39:56 | 011,072,141 | ---- | C] () -- C:\Users\Marc\Documents\ssssrrr_modifié-1.jpg

[2010/06/01 19:33:15 | 000,001,875 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Maintenance en 1 clic.lnk

[2010/05/28 20:48:54 | 000,053,368 | ---- | C] () -- C:\Users\Marc\Documents\cc_20100528_204851.reg

[2010/05/28 19:07:35 | 365,277,386 | ---- | C] () -- C:\Sauv.reg

[2010/05/27 19:26:25 | 000,041,032 | ---- | C] () -- C:\Users\Marc\Documents\cc_20100527_192620.reg

[2010/05/23 08:43:38 | 000,005,654 | ---- | C] () -- C:\Users\Marc\AppData\Local\2AED1994-F97B-454C-8FB3-2F4C5C8F45D2.txt

[2010/05/09 15:56:25 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys

[2010/04/16 12:53:58 | 000,000,204 | ---- | C] () -- C:\Windows\System32\MRT.INI

[2010/04/12 11:54:40 | 000,000,282 | ---- | C] () -- C:\Windows\game.ini

[2010/03/05 13:36:50 | 000,000,077 | ---- | C] () -- C:\Windows\wininit.ini

[2009/12/25 19:37:40 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll

[2009/12/25 19:37:40 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys

[2009/12/13 11:15:26 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009/11/15 10:07:08 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en

[2009/10/07 02:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys

[2009/10/07 02:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll

[2009/04/30 23:39:36 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

[2008/12/01 22:46:10 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll

[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll

[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll

[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll

[2007/10/25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys

[2006/11/02 14:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006/01/06 14:36:12 | 000,098,304 | ---- | C] () -- C:\Windows\System32\Rey_SubClasser.dll

========== LOP Check ==========

[2010/04/30 14:00:01 | 000,000,000 | ---D | M] -- C:\Windows\System32\config\systemprofile\AppData\Roaming\TuneUp Software

[2010/06/21 13:24:02 | 000,032,492 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2010/06/21 18:50:00 | 000,000,434 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{2688C223-C27B-4382-B0D3-55A9B3351058}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:A9662AE0

< End of report >

merci,

Marc

no.ppp · le 21 juin 2010

Salut,

Plusieurs choses :

Il faudra penser à arrêter le P2P: µtorrent et consorts..

Pourquoi as-tu deux DNS différents : 192.168.1.1 et 80.118.196.36 ? En l'occurence Orange et Neuf ?

Que contient C:\Windows\System32\%APPDATA% ? et C:\%APPDATA% ?

C:\Qoobox >> Tu as utilisé ComboFix ? Je peux avoir le rapport ?

Relance OTL.exe.

Copie-colle le code suivant dans la fenêtre Personnalisation

:OTL
SRV - File not found [On_Demand | Stopped] -- -- (UPS)
SRV - File not found [On_Demand | Stopped] -- -- (NMIndexingService)
SRV - File not found [On_Demand | Stopped] -- -- (CiSvc)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:A9662AE0

:files
C:\Windows\system32\drivers\akg3zvun.sys

:services
akg3zvun
owfzkqyg

:reg

:commands
[EmptyTemp]
[EmptyFlash]
[Purity]
[CREATERESTOREPOINT]
[ResetHosts]
[Reboot]
Clique ensuite sur Correction et patiente pendant que l'outil travaille.
Copie-colle le contenu du rapport qui s'ouvre (C\_OTL\MovedFiles) dans ta prochaine réponse.

maluko13 · le 22 juin 2010

Salut,

Plusieurs choses :

Il faudra penser à arrêter le P2P: µtorrent et consorts..

Pourquoi as-tu deux DNS différents : 192.168.1.1 et 80.118.196.36 ? En l'occurence Orange et Neuf ?

Que contient C:\Windows\System32\%APPDATA% ? et C:\%APPDATA% ?

C:\Qoobox >> Tu as utilisé ComboFix ? Je peux avoir le rapport ?

Relance OTL.exe.

Copie-colle le code suivant dans la fenêtre Personnalisation

Clique ensuite sur Correction et patiente pendant que l'outil travaille.

Copie-colle le contenu du rapport qui s'ouvre (C\_OTL\MovedFiles) dans ta prochaine réponse.

1- Pour le P2P, je reste dans la légalité mais j'ai 2 ados qui squattent ce Pc .

2- Les DNS : 198.168.1.1 c'est le DHCP de la neufbox et 80.118.196.36 c'est le serveur DNS le plus rapide.

3- C:\Windows\System32\%APPDATA% ? et C:\%APPDATA% contiennent tous les 2 'C:\%APPDATA%\Microsoft\Windows\IETldCache\index.dat contenant 'Client UrlCache MMF Ver 5.2 @ €.

Combofix : c'est assez vieux > 4 mois

4- Rapport C\_OTL\MovedFiles :

All processes killed

========== OTL ==========

Service UPS stopped successfully!

Service UPS deleted successfully!

Service NMIndexingService stopped successfully!

Service NMIndexingService deleted successfully!

Service CiSvc stopped successfully!

Service CiSvc deleted successfully!

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

ADS C:\ProgramData\Temp:A9662AE0 deleted successfully.

========== FILES ==========

File\Folder C:\Windows\system32\drivers\akg3zvun.sys not found.

========== SERVICES/DRIVERS ==========

Error: No service named akg3zvun was found to stop!

Service\Driver key akg3zvun not found.

Service owfzkqyg stopped successfully!

Service owfzkqyg deleted successfully!

========== REGISTRY ==========

========== COMMANDS ==========

[EMPTYTEMP]

User: Admin

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 294871 bytes

->Flash cache emptied: 42054 bytes

User: All Users

User: Annie

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 294871 bytes

->Java cache emptied: 30664826 bytes

->Flash cache emptied: 1745 bytes

User: Benjamin

->Temp folder emptied: 348867 bytes

->Temporary Internet Files folder emptied: 1234435594 bytes

->Java cache emptied: 45956457 bytes

->Google Chrome cache emptied: 18152539 bytes

->Flash cache emptied: 58115 bytes

User: BUBULE

->Temp folder emptied: 153419 bytes

->Temporary Internet Files folder emptied: 57153884 bytes

->Java cache emptied: 1345823 bytes

->FireFox cache emptied: 61043386 bytes

->Google Chrome cache emptied: 0 bytes

->Flash cache emptied: 46598 bytes

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes

->Flash cache emptied: 41620 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Marc

->Temp folder emptied: 13685041 bytes

->Temporary Internet Files folder emptied: 61207299 bytes

->Java cache emptied: 26056878 bytes

->FireFox cache emptied: 66335701 bytes

->Flash cache emptied: 56011 bytes

User: Public

->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 109440 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 106614461 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 42168268 bytes

Total Files Cleaned = 1 684,00 mb

[EMPTYFLASH]

User: Admin

->Flash cache emptied: 0 bytes

User: All Users

User: Annie

->Flash cache emptied: 0 bytes

User: Benjamin

->Flash cache emptied: 0 bytes

User: BUBULE

->Flash cache emptied: 0 bytes

User: Default

->Flash cache emptied: 0 bytes

User: Default User

->Flash cache emptied: 0 bytes

User: Marc

->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

OTL by OldTimer - Version 3.2.6.1 log created on 06222010_193737

Files\Folders moved on Reboot...

C:\Users\Marc\AppData\Local\Temp\Low\Google Toolbar\GoogleToolbarWelcome.log moved successfully.

File\Folder C:\Users\Marc\AppData\Local\Temp\~DF4CAC.tmp not found!

File\Folder C:\Users\Marc\AppData\Local\Temp\~DF4CBC.tmp not found!

File\Folder C:\Users\Marc\AppData\Local\Temp\~DF4D48.tmp not found!

File\Folder C:\Users\Marc\AppData\Local\Temp\~DF4D58.tmp not found!

File\Folder C:\Users\Marc\AppData\Local\Temp\~DF4D9A.tmp not found!

File\Folder C:\Users\Marc\AppData\Local\Temp\~DF4DAC.tmp not found!

C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QVDPCZ3X\01[1].htm moved successfully.

C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QVDPCZ3X\v=4;m=3;l=6699;c=88902;b=903089;ts=20100622183353;p=ui=Fsa322v8rIpqwD;tr=WeG8lq6mFVE;tm=0-0[1].htm moved successfully.

C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KIWN31VM\imgCAYMGM3G.htm moved successfully.

C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KIWN31VM\rectangle_300x250[1].htm moved successfully.

C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DYBJ94TD\imgCAE9WOJX.htm moved successfully.

C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DYBJ94TD\povh[1].htm moved successfully.

C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0L7XB8KU\ads[7].htm moved successfully.

C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0L7XB8KU\afr[1].htm moved successfully.

C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0L7XB8KU\afr[2].htm moved successfully.

C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0L7XB8KU\ban_home_728x90[1].htm moved successfully.

C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0L7XB8KU\quel-virus-t177561[1].html moved successfully.

C:\Users\Marc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Merci de ton coup de main?

Marc

no.ppp · le 22 juin 2010

Salut,

Très bien.

C'était à quelle occasion ComboFix ?

Télécharge Malwarebytes' Anti-Malware (MBAM)

Double clique sur le fichier téléchargé pour lancer le processus d'installation.
Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
Sélectionne "Exécuter un examen rapide"
Clique sur "Rechercher"
L'analyse démarre, le scan est relativement long, c'est normal.
A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

Connexion

Pas encore inscrit ?

Quel virus ????

Messages recommandés

maluko13

no.ppp

maluko13

maluko13

no.ppp

maluko13

no.ppp

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer