Analyse Rapport

DeepCold1 · le 9 février 2011

Bonjour !

Je voudrais savoir si quelqu'un peut m'aider avec ces logs... Mon ordi détecte une infection mais est incapable de la supprimer. Mon antivirus est NOD 32...

J'ai fait runner 2 applications.. soit Combo-Fix et OTL.exe...

Le problème est que je ne comprends rien a ces logs et ce qu'il faut que je fasse avec !

Merci d'avance pour votre aide !

Combo-Fix

ComboFix 11-02-09.02 - Utilisateur 2011-02-09 17:00:27.1.3 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.2.1036.18.4095.2545 [GMT -5:00]

Lancé depuis: c:\users\Utilisateur\Desktop\Combo-Fix.exe

AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}

SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\install.exe

c:\program files (x86)\Blender

c:\program files (x86)\Blender\.blender\.bfont.ttf

c:\program files (x86)\Blender\.blender\.Blanguages

c:\program files (x86)\Blender\.blender\Bpymenus

c:\program files (x86)\Blender\.blender\locale\ar\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\bg\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\ca\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\cs\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\de\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\el\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\es\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\fi\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\fr\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\hr\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\hr_HR\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\it\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\ja\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\ko\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\nl\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\pl\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\pt_BR\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\ro\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\ru\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\sr@Latn\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\sr\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\sv\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\uk\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\locale\zh_CN\LC_MESSAGES\blender.mo

c:\program files (x86)\Blender\.blender\scripts\3ds_export.py

c:\program files (x86)\Blender\.blender\scripts\3ds_import.py

c:\program files (x86)\Blender\.blender\scripts\ac3d_export.py

c:\program files (x86)\Blender\.blender\scripts\ac3d_import.py

c:\program files (x86)\Blender\.blender\scripts\add_mesh_empty.py

c:\program files (x86)\Blender\.blender\scripts\add_mesh_torus.py

c:\program files (x86)\Blender\.blender\scripts\animation_bake_constraints.py

c:\program files (x86)\Blender\.blender\scripts\animation_clean.py

c:\program files (x86)\Blender\.blender\scripts\animation_trajectory.py

c:\program files (x86)\Blender\.blender\scripts\armature_symmetry.py

c:\program files (x86)\Blender\.blender\scripts\Axiscopy.py

c:\program files (x86)\Blender\.blender\scripts\bevel_center.py

c:\program files (x86)\Blender\.blender\scripts\blenderLipSynchro.py

c:\program files (x86)\Blender\.blender\scripts\bpydata\config\readme.txt

c:\program files (x86)\Blender\.blender\scripts\bpydata\KUlang.txt

c:\program files (x86)\Blender\.blender\scripts\bpydata\readme.txt

c:\program files (x86)\Blender\.blender\scripts\bpymodules\blend2renderinfo.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\BPyAddMesh.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\BPyArmature.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\BPyBlender.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\BPyCurve.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\BPyImage.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\BPyMathutils.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\BPyMesh.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\BPyMesh_redux.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\BPyMessages.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\BPyNMesh.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\BPyObject.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\BPyRegistry.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\BPyRender.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\BPySys.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\BPyTextPlugin.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\BPyWindow.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\colladaImEx\__init__.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\colladaImEx\collada.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\colladaImEx\cstartup.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\colladaImEx\cutils.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\colladaImEx\helperObjects.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\colladaImEx\logo.png

c:\program files (x86)\Blender\.blender\scripts\bpymodules\colladaImEx\translator.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\colladaImEx\xmlUtils.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\defaultdoodads.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\dxfColorMap.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\dxfLibrary.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\dxfReader.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\mesh_gradient.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\meshtools.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\paths_ai2obj.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\paths_eps2obj.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\paths_gimp2obj.py

c:\program files (x86)\Blender\.blender\scripts\bpymodules\paths_svg2obj.py

c:\program files (x86)\Blender\.blender\scripts\bvh_import.py

c:\program files (x86)\Blender\.blender\scripts\c3d_import.py

c:\program files (x86)\Blender\.blender\scripts\camera_changer.py

c:\program files (x86)\Blender\.blender\scripts\collada_export.py

c:\program files (x86)\Blender\.blender\scripts\collada_import.py

c:\program files (x86)\Blender\.blender\scripts\colladaExport14.py

c:\program files (x86)\Blender\.blender\scripts\colladaImport14.py

c:\program files (x86)\Blender\.blender\scripts\config.py

c:\program files (x86)\Blender\.blender\scripts\console.py

c:\program files (x86)\Blender\.blender\scripts\DirectX8Exporter.py

c:\program files (x86)\Blender\.blender\scripts\DirectX8Importer.py

c:\program files (x86)\Blender\.blender\scripts\discombobulator.py

c:\program files (x86)\Blender\.blender\scripts\envelope_symmetry.py

c:\program files (x86)\Blender\.blender\scripts\export-iv-0.1.py

c:\program files (x86)\Blender\.blender\scripts\export_dxf.py

c:\program files (x86)\Blender\.blender\scripts\export_fbx.py

c:\program files (x86)\Blender\.blender\scripts\export_lightwave_motion.py

c:\program files (x86)\Blender\.blender\scripts\export_m3g.py

c:\program files (x86)\Blender\.blender\scripts\export_map.py

c:\program files (x86)\Blender\.blender\scripts\export_mdd.py

c:\program files (x86)\Blender\.blender\scripts\export_obj.py

c:\program files (x86)\Blender\.blender\scripts\faceselect_same_weights.py

c:\program files (x86)\Blender\.blender\scripts\flt_defaultp.py

c:\program files (x86)\Blender\.blender\scripts\flt_dofedit.py

c:\program files (x86)\Blender\.blender\scripts\flt_export.py

c:\program files (x86)\Blender\.blender\scripts\flt_filewalker.py

c:\program files (x86)\Blender\.blender\scripts\flt_import.py

c:\program files (x86)\Blender\.blender\scripts\flt_lodedit.py

c:\program files (x86)\Blender\.blender\scripts\flt_palettemanager.py

c:\program files (x86)\Blender\.blender\scripts\flt_properties.py

c:\program files (x86)\Blender\.blender\scripts\flt_toolbar.py

c:\program files (x86)\Blender\.blender\scripts\help_bpy_api.py

c:\program files (x86)\Blender\.blender\scripts\help_browser.py

c:\program files (x86)\Blender\.blender\scripts\help_getting_started.py

c:\program files (x86)\Blender\.blender\scripts\help_manual.py

c:\program files (x86)\Blender\.blender\scripts\help_release_notes.py

c:\program files (x86)\Blender\.blender\scripts\help_tutorials.py

c:\program files (x86)\Blender\.blender\scripts\help_web_blender.py

c:\program files (x86)\Blender\.blender\scripts\help_web_devcomm.py

c:\program files (x86)\Blender\.blender\scripts\help_web_eshop.py

c:\program files (x86)\Blender\.blender\scripts\help_web_usercomm.py

c:\program files (x86)\Blender\.blender\scripts\hotkeys.py

c:\program files (x86)\Blender\.blender\scripts\IDPropBrowser.py

c:\program files (x86)\Blender\.blender\scripts\image_2d_cutout.py

c:\program files (x86)\Blender\.blender\scripts\image_auto_layout.py

c:\program files (x86)\Blender\.blender\scripts\image_billboard.py

c:\program files (x86)\Blender\.blender\scripts\image_edit.py

c:\program files (x86)\Blender\.blender\scripts\import_dxf.py

c:\program files (x86)\Blender\.blender\scripts\import_edl.py

c:\program files (x86)\Blender\.blender\scripts\import_lightwave_motion.py

c:\program files (x86)\Blender\.blender\scripts\import_mdd.py

c:\program files (x86)\Blender\.blender\scripts\import_obj.py

c:\program files (x86)\Blender\.blender\scripts\import_web3d.py

c:\program files (x86)\Blender\.blender\scripts\lightwave_export.py

c:\program files (x86)\Blender\.blender\scripts\lightwave_import.py

c:\program files (x86)\Blender\.blender\scripts\md2_export.py

c:\program files (x86)\Blender\.blender\scripts\md2_import.py

c:\program files (x86)\Blender\.blender\scripts\mesh_boneweight_copy.py

c:\program files (x86)\Blender\.blender\scripts\mesh_cleanup.py

c:\program files (x86)\Blender\.blender\scripts\mesh_edges2curves.py

c:\program files (x86)\Blender\.blender\scripts\mesh_mirror_tool.py

c:\program files (x86)\Blender\.blender\scripts\mesh_poly_reduce.py

c:\program files (x86)\Blender\.blender\scripts\mesh_poly_reduce_grid.py

c:\program files (x86)\Blender\.blender\scripts\mesh_skin.py

c:\program files (x86)\Blender\.blender\scripts\mesh_solidify.py

c:\program files (x86)\Blender\.blender\scripts\mesh_unfolder.py

c:\program files (x86)\Blender\.blender\scripts\mesh_wire.py

c:\program files (x86)\Blender\.blender\scripts\ms3d_import.py

c:\program files (x86)\Blender\.blender\scripts\ms3d_import_ascii.py

c:\program files (x86)\Blender\.blender\scripts\obdatacopier.py

c:\program files (x86)\Blender\.blender\scripts\object_active_to_other.py

c:\program files (x86)\Blender\.blender\scripts\object_apply_def.py

c:\program files (x86)\Blender\.blender\scripts\object_batch_name_edit.py

c:\program files (x86)\Blender\.blender\scripts\object_cookie_cutter.py

c:\program files (x86)\Blender\.blender\scripts\object_drop.py

c:\program files (x86)\Blender\.blender\scripts\object_find.py

c:\program files (x86)\Blender\.blender\scripts\object_random_loc_sz_rot.py

c:\program files (x86)\Blender\.blender\scripts\object_sel2dupgroup.py

c:\program files (x86)\Blender\.blender\scripts\object_timeofs_follow_act.py

c:\program files (x86)\Blender\.blender\scripts\off_export.py

c:\program files (x86)\Blender\.blender\scripts\off_import.py

c:\program files (x86)\Blender\.blender\scripts\paths_import.py

c:\program files (x86)\Blender\.blender\scripts\ply_export.py

c:\program files (x86)\Blender\.blender\scripts\ply_import.py

c:\program files (x86)\Blender\.blender\scripts\raw_export.py

c:\program files (x86)\Blender\.blender\scripts\raw_import.py

c:\program files (x86)\Blender\.blender\scripts\renameobjectbyblock.py

c:\program files (x86)\Blender\.blender\scripts\render_save_layers.py

c:\program files (x86)\Blender\.blender\scripts\rvk1_torvk2.py

c:\program files (x86)\Blender\.blender\scripts\save_theme.py

c:\program files (x86)\Blender\.blender\scripts\scripttemplate_background_job.py

c:\program files (x86)\Blender\.blender\scripts\scripttemplate_camera_object.py

c:\program files (x86)\Blender\.blender\scripts\scripttemplate_gamelogic.py

c:\program files (x86)\Blender\.blender\scripts\scripttemplate_gamelogic_basic.py

c:\program files (x86)\Blender\.blender\scripts\scripttemplate_gamelogic_module.py

c:\program files (x86)\Blender\.blender\scripts\scripttemplate_ipo_gen.py

c:\program files (x86)\Blender\.blender\scripts\scripttemplate_mesh_edit.py

c:\program files (x86)\Blender\.blender\scripts\scripttemplate_metaball_create.py

c:\program files (x86)\Blender\.blender\scripts\scripttemplate_object_edit.py

c:\program files (x86)\Blender\.blender\scripts\scripttemplate_pyconstraint.py

c:\program files (x86)\Blender\.blender\scripts\scripttemplate_text_plugin.py

c:\program files (x86)\Blender\.blender\scripts\slp_import.py

c:\program files (x86)\Blender\.blender\scripts\sysinfo.py

c:\program files (x86)\Blender\.blender\scripts\textplugin_convert_ge.py

c:\program files (x86)\Blender\.blender\scripts\textplugin_functiondocs.py

c:\program files (x86)\Blender\.blender\scripts\textplugin_imports.py

c:\program files (x86)\Blender\.blender\scripts\textplugin_membersuggest.py

c:\program files (x86)\Blender\.blender\scripts\textplugin_outliner.py

c:\program files (x86)\Blender\.blender\scripts\textplugin_suggest.py

c:\program files (x86)\Blender\.blender\scripts\textplugin_templates.py

c:\program files (x86)\Blender\.blender\scripts\unweld.py

c:\program files (x86)\Blender\.blender\scripts\uv_export.py

c:\program files (x86)\Blender\.blender\scripts\uv_seams_from_islands.py

c:\program files (x86)\Blender\.blender\scripts\uvcalc_follow_active_coords.py

c:\program files (x86)\Blender\.blender\scripts\uvcalc_lightmap.py

c:\program files (x86)\Blender\.blender\scripts\uvcalc_quad_clickproj.py

c:\program files (x86)\Blender\.blender\scripts\uvcalc_smart_project.py

c:\program files (x86)\Blender\.blender\scripts\uvcopy.py

c:\program files (x86)\Blender\.blender\scripts\vertexpaint_from_material.py

c:\program files (x86)\Blender\.blender\scripts\vertexpaint_gradient.py

c:\program files (x86)\Blender\.blender\scripts\vertexpaint_selfshadow_ao.py

c:\program files (x86)\Blender\.blender\scripts\vrml97_export.py

c:\program files (x86)\Blender\.blender\scripts\weightpaint_average.py

c:\program files (x86)\Blender\.blender\scripts\weightpaint_clean.py

c:\program files (x86)\Blender\.blender\scripts\weightpaint_copy.py

c:\program files (x86)\Blender\.blender\scripts\weightpaint_envelope_assign.py

c:\program files (x86)\Blender\.blender\scripts\weightpaint_gradient.py

c:\program files (x86)\Blender\.blender\scripts\weightpaint_grow_shrink.py

c:\program files (x86)\Blender\.blender\scripts\weightpaint_invert.py

c:\program files (x86)\Blender\.blender\scripts\weightpaint_normalize.py

c:\program files (x86)\Blender\.blender\scripts\widgetwizard.py

c:\program files (x86)\Blender\.blender\scripts\wizard_bolt_factory.py

c:\program files (x86)\Blender\.blender\scripts\wizard_curve2tree.py

c:\program files (x86)\Blender\.blender\scripts\wizard_landscape_ant.py

c:\program files (x86)\Blender\.blender\scripts\x3d_export.py

c:\program files (x86)\Blender\.blender\scripts\xsi_export.py

c:\program files (x86)\Blender\blender.exe

c:\program files (x86)\Blender\blender.exe.manifest

c:\program files (x86)\Blender\blender.html

c:\program files (x86)\Blender\blenderplayer.exe

c:\program files (x86)\Blender\BlenderQuickStart.pdf

c:\program files (x86)\Blender\copyright.txt

c:\program files (x86)\Blender\GPL-license.txt

c:\program files (x86)\Blender\libtiff.dll

c:\program files (x86)\Blender\makesdna.exe

c:\program files (x86)\Blender\makesdna.idb

c:\program files (x86)\Blender\plugins\bmake

c:\program files (x86)\Blender\plugins\Makefile

c:\program files (x86)\Blender\plugins\sequence\blur.c

c:\program files (x86)\Blender\plugins\sequence\color-correction-hsv.c

c:\program files (x86)\Blender\plugins\sequence\color-correction-yuv.c

c:\program files (x86)\Blender\plugins\sequence\dnr.c

c:\program files (x86)\Blender\plugins\sequence\gamma.c

c:\program files (x86)\Blender\plugins\sequence\Makefile

c:\program files (x86)\Blender\plugins\sequence\scatter.c

c:\program files (x86)\Blender\plugins\texture\clouds2.c

c:\program files (x86)\Blender\plugins\texture\Makefile

c:\program files (x86)\Blender\plugins\texture\tiles.c

c:\program files (x86)\Blender\pthreadVC2.dll

c:\program files (x86)\Blender\Python-license.txt

c:\program files (x86)\Blender\python26.dll

c:\program files (x86)\Blender\release_249.txt

c:\program files (x86)\Common Files\0.exe

c:\program files (x86)\Search Settings

C:\TeamViewer.exe

c:\windows\system32\twunk_32.exe

c:\windows\SysWow64\twunk_32.exe

.

((((((((((((((((((((((((((((( Fichiers créés du 2011-01-09 au 2011-02-09 ))))))))))))))))))))))))))))))))))))

.

2011-02-09 22:06 . 2011-02-09 22:06 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-02-09 21:48 . 2011-02-09 21:48 -------- d-----w- c:\users\Utilisateur\AppData\Local\{F9119B97-E7BD-477A-8F93-839461B976A0}

2011-02-08 17:44 . 2011-02-08 17:45 -------- d-----w- c:\users\Utilisateur\AppData\Local\{6EC05281-7EB8-4804-9925-CF6B8E3D261A}

2011-02-08 08:33 . 2011-01-13 10:20 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9CCAA655-9E49-4A41-9CBB-2A72A4FCA416}\mpengine.dll

2011-02-07 16:01 . 2011-02-08 04:02 -------- d-----w- c:\users\Utilisateur\AppData\Local\{64946502-77EE-443C-A67B-301C3E33BC1F}

2011-02-06 16:01 . 2011-02-07 04:01 -------- d-----w- c:\users\Utilisateur\AppData\Local\{FE1D23C3-7D5F-426A-9B13-F04E3CC4EAFF}

2011-02-05 18:42 . 2011-02-05 18:43 -------- d-----w- c:\users\Utilisateur\AppData\Local\{C7463EEC-E72A-4A2B-81D1-3A0774562407}

2011-02-05 06:42 . 2011-02-05 06:42 -------- d-----w- c:\users\Utilisateur\AppData\Local\{1372783D-99B6-49A8-8C69-460DE85CA3C7}

2011-02-03 18:32 . 2011-02-04 18:33 -------- d-----w- c:\users\Utilisateur\AppData\Local\{5E9B0FAE-E2B5-417C-B4B5-EC750441B50F}

2011-02-01 23:55 . 2011-02-01 23:55 -------- d-----w- c:\users\Utilisateur\AppData\Local\{CEEF3C7D-60F4-45C1-922B-96608C0DC94B}

2011-02-01 13:57 . 2011-02-01 13:57 -------- d-----w- c:\program files\ESET

2011-02-01 11:54 . 2011-02-01 11:54 -------- d-----w- c:\users\Utilisateur\AppData\Local\{122B2030-BDA7-448F-9BDB-FEBAE1D10B69}

2011-02-01 00:52 . 2011-02-01 00:52 -------- d-----w- c:\users\Utilisateur\AppData\Local\ESET

2011-01-31 23:54 . 2011-01-31 23:54 -------- d-----w- c:\users\Utilisateur\AppData\Local\{502E7B9A-10CB-42B4-8EE5-BCF0997A1E66}

2011-01-31 23:51 . 2011-01-31 23:52 -------- d-----w- c:\program files (x86)\Windows Live

2011-01-30 19:57 . 2011-01-30 19:57 103864 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll

2011-01-25 16:44 . 2011-01-25 16:44 -------- d-----w- c:\program files (x86)\Machinarium

2011-01-25 16:10 . 2011-01-25 16:22 -------- d-----w- c:\program files (x86)\Worms Reloaded

2011-01-18 05:13 . 2011-01-24 03:14 -------- d-----w- c:\programdata\Blizzard Entertainment

2011-01-18 02:59 . 2011-01-18 03:25 -------- d-----w- c:\users\Public\Games

2011-01-18 02:58 . 2011-01-18 02:58 -------- d-----w- c:\programdata\Blizzard

2011-01-13 04:08 . 2011-01-13 04:12 892248144 ----a-w- c:\users\Utilisateur\Flyff_Eu_FR_Setup_v16_Full.exe

2011-01-13 04:07 . 2011-01-13 04:07 -------- d-----w- c:\program files (x86)\Neffy

2011-01-12 23:01 . 2011-01-12 23:02 967 ----a-w- c:\windows\ScUnin.pif

2011-01-12 23:01 . 2011-01-12 23:02 94208 ----a-w- c:\windows\ScUnin.exe

2011-01-12 23:01 . 2011-01-12 23:16 -------- d-----w- c:\program files (x86)\Starcraft

2011-01-11 19:11 . 2011-01-11 19:11 30840 ----a-w- c:\windows\system32\Gun64.sys

2011-01-11 04:18 . 2010-11-09 06:44 4290192 ----a-w- c:\windows\SysWow64\GameMon.des

2011-01-11 04:18 . 2005-01-01 09:43 4682 ----a-w- c:\windows\SysWow64\npptNT2.sys

2011-01-11 04:18 . 2003-07-17 18:17 5174 ----a-w- c:\windows\SysWow64\nppt9x.vxd

2011-01-11 04:18 . 2011-01-11 04:18 -------- d-----w- c:\program files\Common Files\INCA Shared

2011-01-11 04:16 . 2011-01-11 04:16 -------- d-----w- c:\program files (x86)\SoftnyxGame

2011-01-11 02:01 . 2011-01-11 06:05 -------- d-----w- c:\program files (x86)\Perfect World Entertainment

2011-01-11 01:59 . 2011-01-11 01:59 258352 ----a-w- c:\windows\SysWow64\unicows.dll

2011-01-11 01:32 . 2011-01-11 01:59 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\GetRightToGo

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-12-25 02:32 . 2010-12-25 02:32 49152 ----a-r- c:\users\Utilisateur\AppData\Roaming\Microsoft\Installer\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\ARPPRODUCTICON.exe

2010-12-25 02:32 . 2010-12-25 02:32 335872 ----a-r- c:\users\Utilisateur\AppData\Roaming\Microsoft\Installer\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}\ARPPRODUCTICON.exe

2010-12-25 02:30 . 2003-03-19 17:05 106496 ----a-w- c:\windows\SysWow64\ATL71.DLL

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}"= "c:\program files (x86)\uTorrentBar_FR\tbuTo1.dll" [2010-12-28 3911776]

[HKEY_CLASSES_ROOT\clsid\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]

2010-12-28 02:12 3911776 ----a-w- c:\program files (x86)\uTorrentBar_FR\tbuTo1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}"= "c:\program files (x86)\uTorrentBar_FR\tbuTo1.dll" [2010-12-28 3911776]

[HKEY_CLASSES_ROOT\clsid\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"bluebirds"="c:\users\Utilisateur\Bluebirds\BlueBirds.exe" [2009-04-29 270336]

"MsnMsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2009-10-26 15872]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-08-10 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-09-01 421160]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-01 98304]

"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"Nikon Transfer Monitor"="c:\program files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-09-15 479232]

c:\users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2009-11-4 576000]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;c:\windows\system32\libusbd-nt.exe [x]

R3 ATICDSDr;ATICDSDr;c:\users\UTILIS~1\AppData\Local\Temp\ATICDSDr.sys [x]

R3 driverhardwarev2x64;driverhardwarev2x64;c:\program files\ma-config.com\Drivers\driverhardwarev2x64.sys [2010-02-11 15872]

R3 dump_wmimmc;dump_wmimmc;c:\program files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys [x]

R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-01-26 1030600]

R3 Gun;Gun;c:\windows\system32\Gun64.sys [2011-01-11 30840]

R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [x]

R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2010-02-11 358768]

R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2010-04-20 50688]

R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-05 1255736]

S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-11-16 136584]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-22 203264]

S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2010-02-19 380928]

S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-11-16 735960]

S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-12-18 123200]

S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2009-12-17 185640]

S2 wmcmgc;Windows Management Configuration;c:\windows\System32\svchost.exe [2009-07-14 27136]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-10-22 7883264]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-10-22 285696]

S3 HP1319EWS;HP1319EWS;c:\windows\system32\Drivers\HP1319EWS.sys [2008-11-10 14848]

S3 HP1319FAX;HP1319MFP FAX;c:\windows\system32\Drivers\HP1319FAX.sys [2008-11-10 16384]

S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2010-07-21 45456]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-06-23 344680]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - AvgTdiA

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

wmcmgc

.

--------- x86-64 -----------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-02-03 6975520]

"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-02-03 1833504]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2716216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Examen supplémentaire -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000

.

- - - - ORPHELINS SUPPRIMES - - - -

WebBrowser-{FE37BE35-B028-49F9-BB0C-6A38C4E55B97} - (no file)

WebBrowser-{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - (no file)

AddRemove-Acoolsoft PPT2DVD Pro_is1 - c:\program files (x86)\Acoolsoft\PPT2DVD Pro\unins000.exe

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-CardRecovery - h:\photos\CARDRE~1\UNWISE.EXE

AddRemove-dBpowerAMP Music Converter - c:\windows\system32\SpoonUninstall.exe

AddRemove-Free Mp3 Wma Converter_is1 - c:\program files (x86)\Free Audio Pack\unins000.exe

AddRemove-Free Video Converter_is1 - c:\program files (x86)\Free Video Converter\unins000.exe

AddRemove-HijackThis - D:\HijackThis.exe

AddRemove-PhotoRescue Advanced PC_is1 - h:\photos\PhotoRescue Advanced PC\unins000.exe

AddRemove-Prince of Persia_is1 - c:\program files (x86)\Prince of Persia\unins000.exe

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_moh.exe

AddRemove-Windows Live OneCare safety scanner - c:\program files (x86)\Windows Live Safety Center\UnInstall.exe

AddRemove-Wondershare Photo Recovery_is1 - h:\photos\Photo Recovery\unins000.exe

AddRemove-Crack Left 4 Dead 2 Non-Steam - c:\users\Utilisateur\Desktop\Left 4 Dead 2\Uninstal.exe

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"

"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"

"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Autres processus actifs ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Bonjour\mDNSResponder.exe

c:\windows\SysWOW64\PnkBstrA.exe

c:\program files (x86)\TVersity\Media Server\MediaServer.exe

.

**************************************************************************

.

Heure de fin: 2011-02-09 17:13:38 - La machine a redémarré

ComboFix-quarantined-files.txt 2011-02-09 22:13

Avant-CF: 20 668 391 424 octets libres

Après-CF: 23 417 815 040 octets libres

- - End Of File - - 6B165FE30171469FA8666A684AA3C013

OTL.exe

OTL logfile created on: 2011-02-09 17:20:28 - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Utilisateur\Desktop

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000c0c | Country: Canada | Language: FRC | Date Format: yyyy-MM-dd

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free

8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 232,88 Gb Total Space | 22,55 Gb Free Space | 9,68% Space Free | Partition Type: NTFS

Drive D: | 0,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Drive E: | 624,83 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Drive F: | 7,19 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Drive G: | 542,65 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Drive I: | 2,56 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Drive J: | 6,25 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Drive K: | 505,90 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PC-DE-UTILISATE | User Name: Utilisateur | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Utilisateur\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()

PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)

PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)

PRC - C:\Program Files (x86)\TVersity\Media Server\MediaServer.exe ()

PRC - C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)

PRC - C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

========== Modules (SafeList) ==========

MOD - C:\Users\Utilisateur\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)

SRV:64bit: - (maconfservice) -- C:\Program Files\ma-config.com\maconfservice.exe (CybelSoft)

SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Macrovision Europe Ltd.)

SRV:64bit: - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)

SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)

SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()

SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (Application Updater) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)

SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (TVersityMediaServer) -- C:\Program Files (x86)\TVersity\Media Server\MediaServer.exe ()

SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)

SRV - (wmcmgc) -- C:\Windows\SysWOW64\icm64.dll (Microsoft Corporation)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (libusbd) -- C:\Windows\SysWOW64\libusbd-nt.exe (http://libusb-win32.sourceforge.net)

========== Driver Services (SafeList) ==========

DRV:64bit: - (Gun) -- C:\Windows\SysNative\Gun64.sys ()

DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)

DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )

DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)

DRV:64bit: - (driverhardwarev2x64) -- C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys (CybelSoft)

DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\drivers\epfwwfpr.sys (ESET)

DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)

DRV:64bit: - (eamon) -- C:\Windows\SysNative\drivers\eamon.sys (ESET)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)

DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)

DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\drivers\Rtlh64.sys (Realtek Corporation )

DRV:64bit: - (HP1319FAX) -- C:\Windows\SysNative\drivers\HP1319FAX.sys (Marvell Semiconductor, Inc.)

DRV:64bit: - (HP1319EWS) -- C:\Windows\SysNative\drivers\HP1319EWS.sys (Marvell Semiconductor, Inc.)

DRV:64bit: - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (ATI Technologies Inc.)

DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()

DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)

DRV - (libusb0) -- C:\Windows\SysWOW64\drivers\libusb0.sys ()

DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)

DRV - (PQNTDrv) -- C:\Windows\SysWow64\drivers\PQNTDRV.sys (PowerQuest Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTo1.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {fe37be35-b028-49f9-bb0c-6a38c4e55b97} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr-ca

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 35 A4 F0 CA 5F 52 CA 01 [binary data]

IE - HKCU\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTo1.dll (Conduit Ltd.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011-02-03 15:14:22 | 000,000,000 | ---D | M]

[2009-12-30 17:34:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\Extensions

[2009-12-30 17:34:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Utilisateur\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2006-09-18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTo1.dll (Conduit Ltd.)

O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O3 - HKLM\..\Toolbar: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTo1.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar_FR Toolbar) - {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - C:\Program Files (x86)\uTorrentBar_FR\tbuTo1.dll (Conduit Ltd.)

O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)

O4:64bit: - HKLM..\Run: [intelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [ATICustomerCare] c:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)

O4 - HKLM..\Run: [startCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [unlockerAssistant] C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()

O4 - HKCU..\Run: [bluebirds] C:\Users\Utilisateur\Bluebirds\BlueBirds.exe (LG Electronics)

O4 - Startup: C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micro s oft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micro s oft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitChec k Control.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://me s s enger.zone.m s n.com/Me s s engerGame s Content/GameContent/fr/uno1/GAME_UNO1.cab (UnoCtrl Class)

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} http://www.ma-config.com/activex/MaConfig_3_5_3_0.cab (Ma-Config control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.s un.com/update/1.6.0/jin s tall-1_6_0_22-window s -i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://me s s enger.zone.m s n.com/binary/Me s s enger S tat s PAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.s un.com/update/1.6.0/jin s tall-1_6_0_22-window s -i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.s un.com/update/1.6.0/jin s tall-1_6_0_22-window s -i586.cab (Java Plug-in 1.6.0_22)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 24.200.241.37 24.201.245.77 24.200.243.189

O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O24 - Desktop WallPaper: C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg

O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010-02-28 19:11:32 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]

O32 - AutoRun File - [2009-04-29 04:02:01 | 000,000,055 | R--- | M] () - D:\autorun.inf -- [ CDFS ]

O32 - AutoRun File - [1998-12-12 18:43:32 | 000,000,040 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]

O32 - AutoRun File - [2001-04-18 02:23:00 | 000,000,041 | R--- | M] () - G:\AUTORUN.INF -- [ CDFS ]

O32 - AutoRun File - [2010-09-28 15:56:03 | 000,000,085 | R--- | M] () - I:\autorun.inf -- [ CDFS ]

O32 - AutoRun File - [2010-10-19 10:24:59 | 000,000,064 | R--- | M] () - J:\autorun.inf -- [ CDFS ]

O32 - AutoRun File - [2009-10-16 08:02:17 | 000,000,081 | R--- | M] () - K:\autorun.inf -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011-02-09 17:17:14 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Utilisateur\Desktop\OTL.exe

[2011-02-09 17:06:53 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2011-02-09 16:57:59 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2011-02-09 16:57:59 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2011-02-09 16:57:59 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2011-02-09 16:57:39 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe

[2011-02-09 16:57:15 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2011-02-09 16:52:45 | 000,000,000 | ---D | C] -- C:\Qoobox

[2011-02-09 16:48:45 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{F9119B97-E7BD-477A-8F93-839461B976A0}

[2011-02-08 12:44:41 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{6EC05281-7EB8-4804-9925-CF6B8E3D261A}

[2011-02-07 11:01:55 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{64946502-77EE-443C-A67B-301C3E33BC1F}

[2011-02-06 11:01:04 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{FE1D23C3-7D5F-426A-9B13-F04E3CC4EAFF}

[2011-02-05 13:42:49 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{C7463EEC-E72A-4A2B-81D1-3A0774562407}

[2011-02-05 01:42:13 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{1372783D-99B6-49A8-8C69-460DE85CA3C7}

[2011-02-03 15:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET

[2011-02-03 15:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET

[2011-02-03 13:32:05 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{5E9B0FAE-E2B5-417C-B4B5-EC750441B50F}

[2011-02-01 18:55:08 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{CEEF3C7D-60F4-45C1-922B-96608C0DC94B}

[2011-02-01 09:51:37 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\Desktop\100_FUJI

[2011-02-01 08:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2011-02-01 06:54:33 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{122B2030-BDA7-448F-9BDB-FEBAE1D10B69}

[2011-01-31 19:52:00 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\ESET

[2011-01-31 18:54:10 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Local\{502E7B9A-10CB-42B4-8EE5-BCF0997A1E66}

[2011-01-31 18:51:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live

[2011-01-31 18:32:16 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Utilisateur\Desktop\HijackThis.exe

[2011-01-27 09:51:25 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\Desktop\Cégep Session 6

[2011-01-25 11:44:30 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Machinarium

[2011-01-25 11:44:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Machinarium

[2011-01-25 11:44:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Machinarium

[2011-01-25 11:10:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Worms Reloaded

[2011-01-18 00:13:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment

[2011-01-17 21:59:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft

[2011-01-17 21:58:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard

[2011-01-12 23:08:00 | 892,248,144 | ---- | C] (Gala Networks Europe Limited ) -- C:\Users\Utilisateur\Flyff_Eu_FR_Setup_v16_Full.exe

[2011-01-12 23:07:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Neffy

[2011-01-12 18:01:54 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe

[2011-01-12 18:01:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starcraft

[2011-01-12 18:01:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Starcraft

[2011-01-12 13:25:32 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll

[2011-01-12 13:25:32 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll

[2011-01-12 13:25:32 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll

[2011-01-12 13:25:32 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll

[2011-01-12 13:25:31 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll

[2011-01-12 13:25:31 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll

[2011-01-12 13:25:31 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll

[2011-01-12 13:25:31 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll

[2011-01-12 13:25:31 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll

[2011-01-12 13:25:31 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll

[2011-01-12 13:25:31 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll

[2011-01-12 13:25:31 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll

[2011-01-12 13:25:31 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll

[2011-01-12 13:25:30 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll

[2011-01-12 13:25:30 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys

[2011-01-12 13:25:30 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll

[2011-01-12 13:25:30 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll

[2011-01-12 13:25:30 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll

[2011-01-12 13:25:30 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll

[2011-01-12 13:25:30 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll

[2011-01-12 13:25:29 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll

[2011-01-12 13:25:28 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll

[2011-01-12 12:14:10 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\Desktop\Brutus

[2011-01-10 23:18:24 | 004,290,192 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des

[2011-01-10 23:18:21 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys

[2011-01-10 23:18:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared

[2011-01-10 23:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftnyxGame

[2011-01-10 23:16:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftnyxGame

[2011-01-10 21:06:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment

[2011-01-10 21:01:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Perfect World Entertainment

[2011-01-10 20:59:07 | 000,258,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unicows.dll

[2011-01-10 20:32:37 | 000,000,000 | ---D | C] -- C:\Users\Utilisateur\AppData\Roaming\GetRightToGo

[2010-01-31 18:44:19 | 000,120,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-02-09 17:17:17 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011-02-09 17:17:17 | 000,011,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011-02-09 17:17:14 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Utilisateur\Desktop\OTL.exe

[2011-02-09 17:07:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011-02-09 17:07:47 | 3220,525,056 | -HS- | M] () -- C:\hiberfil.sys

[2011-02-09 16:57:31 | 004,266,117 | R--- | M] () -- C:\Users\Utilisateur\Desktop\Combo-Fix.exe

[2011-02-09 16:49:59 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2011-02-07 09:04:31 | 001,570,282 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011-02-07 09:04:31 | 000,711,518 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2011-02-07 09:04:31 | 000,622,856 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011-02-07 09:04:31 | 000,133,472 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2011-02-07 09:04:31 | 000,108,978 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011-02-05 19:50:29 | 000,003,840 | ---- | M] () -- C:\Users\Utilisateur\Desktop\lolfailsister.png

[2011-02-05 12:51:17 | 003,379,264 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011-02-05 11:46:25 | 000,046,876 | ---- | M] () -- C:\Users\Utilisateur\Desktop\Perception.jpeg

[2011-02-05 01:52:26 | 000,076,819 | ---- | M] () -- C:\Users\Utilisateur\Desktop\Sans titre.wma

[2011-02-03 21:49:23 | 000,339,084 | ---- | M] () -- C:\Users\Utilisateur\Desktop\Scavenger2011.jpg

[2011-02-03 21:32:04 | 002,669,814 | ---- | M] () -- C:\Users\Utilisateur\Desktop\SHj.bmp

[2011-01-31 18:53:36 | 000,002,486 | ---- | M] () -- C:\Users\Utilisateur\Desktop\Windows Live Messenger.lnk

[2011-01-31 18:32:16 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Utilisateur\Desktop\HijackThis.exe

[2011-01-31 16:57:54 | 000,063,849 | ---- | M] () -- C:\Users\Utilisateur\Desktop\wcms_decl_fs_55_fr.pdf

[2011-01-30 20:39:48 | 000,086,707 | ---- | M] () -- C:\Users\Utilisateur\Desktop\PC_Villa MACHIRE _ -1. INFRASTR.pdf

[2011-01-30 20:39:34 | 000,068,119 | ---- | M] () -- C:\Users\Utilisateur\Desktop\CASE NIVELLES _ 0. Rez-de-chaus.pdf

[2011-01-30 20:39:00 | 000,213,019 | ---- | M] () -- C:\Users\Utilisateur\Desktop\saturday-space-area.jpg

[2011-01-30 14:43:11 | 000,001,984 | RHS- | M] () -- C:\Windows\ntdll.dl

[2011-01-30 13:48:49 | 000,273,920 | ---- | M] () -- C:\Users\Utilisateur\Desktop\Fiche d'inscription 2011.doc

[2011-01-28 18:44:52 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk

[2011-01-25 11:44:30 | 000,001,043 | ---- | M] () -- C:\Users\Utilisateur\Desktop\Machinarium.lnk

[2011-01-25 11:12:40 | 000,001,453 | ---- | M] () -- C:\Users\Utilisateur\Desktop\Worms Reloaded.lnk

[2011-01-23 15:18:00 | 248,757,836 | ---- | M] () -- C:\Users\Utilisateur\Desktop\Ken Block's Gymkhana THREE, Part 2; Ultimate Playground; l'Autodrome, France.mp4

[2011-01-22 18:39:04 | 003,657,174 | ---- | M] () -- C:\Users\Utilisateur\Desktop\GYMKHANA 21 BLOCK vs DYRDEK.mp3

[2011-01-22 14:10:59 | 000,281,575 | ---- | M] () -- C:\Users\Utilisateur\Desktop\Moment de tendresse.png

[2011-01-20 22:14:32 | 014,737,763 | ---- | M] () -- C:\Users\Utilisateur\Desktop\blink-182 - The Rock Show.mp4

[2011-01-19 13:10:44 | 000,055,042 | ---- | M] () -- C:\Users\Utilisateur\Desktop\67532_482858031356_569971356_7373681_2291602_n.jpg

[2011-01-18 00:30:43 | 000,001,676 | ---- | M] () -- C:\Users\Utilisateur\Desktop\World of Warcraft.lnk

[2011-01-17 21:39:45 | 000,002,533 | ---- | M] () -- C:\Users\Utilisateur\Desktop\Skype.lnk

[2011-01-13 21:16:28 | 019,985,265 | ---- | M] () -- C:\Users\Utilisateur\Documents\vlc-1.1.5-win32.exe

[2011-01-12 23:12:16 | 892,248,144 | ---- | M] (Gala Networks Europe Limited ) -- C:\Users\Utilisateur\Flyff_Eu_FR_Setup_v16_Full.exe

[2011-01-12 18:02:27 | 000,038,215 | ---- | M] () -- C:\Windows\scunin.dat

[2011-01-12 18:02:27 | 000,001,919 | ---- | M] () -- C:\Users\Utilisateur\Desktop\Starcraft - Brood War.lnk

[2011-01-12 18:02:27 | 000,000,967 | ---- | M] () -- C:\Windows\ScUnin.pif

[2011-01-12 18:02:26 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\Windows\ScUnin.exe

[2011-01-12 12:04:54 | 002,632,508 | ---- | M] () -- C:\Users\Utilisateur\Desktop\The Hackers Underground Handbook.pdf

[2011-01-11 14:11:37 | 000,030,840 | ---- | M] () -- C:\Windows\SysNative\Gun64.sys

[2011-01-10 23:17:05 | 000,001,096 | ---- | M] () -- C:\Users\Utilisateur\Desktop\GunboundIS.lnk

[2011-01-10 20:59:02 | 000,258,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\unicows.dll

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-02-09 16:57:59 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe

[2011-02-09 16:57:59 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2011-02-09 16:57:59 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe

[2011-02-09 16:57:59 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2011-02-09 16:57:59 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2011-02-05 19:50:29 | 000,003,840 | ---- | C] () -- C:\Users\Utilisateur\Desktop\lolfailsister.png

[2011-02-05 11:46:25 | 000,046,876 | ---- | C] () -- C:\Users\Utilisateur\Desktop\Perception.jpeg

[2011-02-05 01:52:26 | 000,076,819 | ---- | C] () -- C:\Users\Utilisateur\Desktop\Sans titre.wma

[2011-02-04 18:33:32 | 004,266,117 | R--- | C] () -- C:\Users\Utilisateur\Desktop\Combo-Fix.exe

[2011-02-03 21:49:21 | 000,339,084 | ---- | C] () -- C:\Users\Utilisateur\Desktop\Scavenger2011.jpg

[2011-02-03 21:31:29 | 002,669,814 | ---- | C] () -- C:\Users\Utilisateur\Desktop\SHj.bmp

[2011-01-31 18:53:36 | 000,002,486 | ---- | C] () -- C:\Users\Utilisateur\Desktop\Windows Live Messenger.lnk

[2011-01-31 18:52:07 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk

[2011-01-31 16:57:54 | 000,063,849 | ---- | C] () -- C:\Users\Utilisateur\Desktop\wcms_decl_fs_55_fr.pdf

[2011-01-30 20:39:48 | 000,086,707 | ---- | C] () -- C:\Users\Utilisateur\Desktop\PC_Villa MACHIRE _ -1. INFRASTR.pdf

[2011-01-30 20:39:34 | 000,068,119 | ---- | C] () -- C:\Users\Utilisateur\Desktop\CASE NIVELLES _ 0. Rez-de-chaus.pdf

[2011-01-30 20:39:00 | 000,213,019 | ---- | C] () -- C:\Users\Utilisateur\Desktop\saturday-space-area.jpg

[2011-01-30 14:43:11 | 000,001,984 | RHS- | C] () -- C:\Windows\ntdll.dl

[2011-01-30 13:48:49 | 000,273,920 | ---- | C] () -- C:\Users\Utilisateur\Desktop\Fiche d'inscription 2011.doc

[2011-01-28 18:44:52 | 000,001,841 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk

[2011-01-28 18:44:52 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk

[2011-01-25 11:44:30 | 000,001,043 | ---- | C] () -- C:\Users\Utilisateur\Desktop\Machinarium.lnk

[2011-01-25 11:12:40 | 000,001,453 | ---- | C] () -- C:\Users\Utilisateur\Desktop\Worms Reloaded.lnk

[2011-01-23 15:17:57 | 248,757,836 | ---- | C] () -- C:\Users\Utilisateur\Desktop\Ken Block's Gymkhana THREE, Part 2; Ultimate Playground; l'Autodrome, France.mp4

[2011-01-22 18:38:51 | 003,657,174 | ---- | C] () -- C:\Users\Utilisateur\Desktop\GYMKHANA 21 BLOCK vs DYRDEK.mp3

[2011-01-22 14:10:58 | 000,281,575 | ---- | C] () -- C:\Users\Utilisateur\Desktop\Moment de tendresse.png

[2011-01-20 22:12:41 | 014,737,763 | ---- | C] () -- C:\Users\Utilisateur\Desktop\blink-182 - The Rock Show.mp4

[2011-01-19 13:10:44 | 000,055,042 | ---- | C] () -- C:\Users\Utilisateur\Desktop\67532_482858031356_569971356_7373681_2291602_n.jpg

[2011-01-18 00:30:43 | 000,001,676 | ---- | C] () -- C:\Users\Utilisateur\Desktop\World of Warcraft.lnk

[2011-01-17 21:39:45 | 000,002,533 | ---- | C] () -- C:\Users\Utilisateur\Desktop\Skype.lnk

[2011-01-13 21:15:53 | 019,985,265 | ---- | C] () -- C:\Users\Utilisateur\Documents\vlc-1.1.5-win32.exe

[2011-01-12 18:02:27 | 000,001,919 | ---- | C] () -- C:\Users\Utilisateur\Desktop\Starcraft - Brood War.lnk

[2011-01-12 18:01:54 | 000,038,215 | ---- | C] () -- C:\Windows\scunin.dat

[2011-01-12 18:01:54 | 000,000,967 | ---- | C] () -- C:\Windows\ScUnin.pif

[2011-01-12 12:04:25 | 002,632,508 | ---- | C] () -- C:\Users\Utilisateur\Desktop\The Hackers Underground Handbook.pdf

[2011-01-11 14:11:37 | 000,030,840 | ---- | C] () -- C:\Windows\SysNative\Gun64.sys

[2011-01-10 23:18:21 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd

[2011-01-10 23:17:05 | 000,001,096 | ---- | C] () -- C:\Users\Utilisateur\Desktop\GunboundIS.lnk

[2010-12-30 18:58:42 | 000,000,008 | ---- | C] () -- C:\Users\Utilisateur\AppData\Roaming\DofusAppId0_3

[2010-12-30 18:46:04 | 000,000,008 | ---- | C] () -- C:\Users\Utilisateur\AppData\Roaming\DofusAppId0_1

[2010-12-30 18:40:31 | 000,000,177 | ---- | C] () -- C:\Users\Utilisateur\AppData\Roaming\D2Info0

[2010-12-30 18:40:31 | 000,000,008 | ---- | C] () -- C:\Users\Utilisateur\AppData\Roaming\DofusAppId0_2

[2010-12-24 21:30:26 | 000,000,268 | RH-- | C] () -- C:\ProgramData\DirectoryService

[2010-12-24 21:30:26 | 000,000,268 | RH-- | C] () -- C:\Users\Utilisateur\AppData\Roaming\Dictionaries

[2010-12-24 21:30:26 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT

[2010-12-24 21:30:26 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Drums

[2010-10-14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2010-09-02 16:03:40 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini

[2010-07-06 14:43:08 | 001,589,876 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010-07-06 14:35:27 | 000,000,234 | ---- | C] () -- C:\Windows\hardcopy.INI

[2010-07-06 14:34:06 | 000,000,118 | ---- | C] () -- C:\Windows\Antidote.ini

[2010-07-01 21:37:24 | 000,000,053 | ---- | C] () -- C:\Windows\wininit.ini

[2010-04-16 18:58:08 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys

[2010-03-11 13:12:26 | 000,000,000 | ---- | C] () -- C:\ProgramData\leverage.drm.log

[2010-03-01 12:22:25 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll

[2010-03-01 12:22:25 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll

[2010-03-01 12:22:25 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll

[2010-01-31 18:45:27 | 000,000,077 | ---- | C] () -- C:\Windows\huffyuv.ini

[2010-01-31 15:32:16 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll

[2010-01-16 14:47:33 | 000,290,816 | ---- | C] () -- C:\Windows\SysWow64\decdll.dll

[2009-12-19 23:39:08 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini

[2009-12-12 23:32:46 | 000,172,544 | ---- | C] () -- C:\Users\Utilisateur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-11-16 22:23:29 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2009-11-16 22:23:28 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll

[2009-11-16 22:23:28 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll

[2009-11-16 22:23:28 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll

[2009-11-16 22:23:26 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

[2009-11-04 20:09:14 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2009-10-23 10:04:56 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2009-10-21 18:47:34 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll

[2009-10-20 20:32:15 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll

[2009-10-20 20:32:15 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys

[2009-10-20 20:32:13 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys

[2009-10-20 20:32:12 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys

[2009-10-20 19:34:27 | 000,037,899 | ---- | C] () -- C:\Windows\Ascd_log.ini

[2009-10-20 19:34:11 | 000,031,840 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

[2009-08-03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.DLL

[2009-07-13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009-07-13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009-06-19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll

[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll

[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll

[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll

[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll

[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll

[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll

[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll

[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll

[2009-06-19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll

[2007-12-30 02:22:04 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS

< End of report >

Merci d'avance!!!

DeepCold1 · le 10 février 2011

BUMP

bernard53 · le 10 février 2011

Bonsoir DeepCold1

juste un reste sur le rapport OTL donc fait ceci s.t.p

* Fait un double-clic sur l'icône d'OTL pour le lancer

/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure-toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case " Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:OTL

PRC - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)

SRV - (Application Updater) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)

IE - HKLM\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTo1.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {fe37be35-b028-49f9-bb0c-6a38c4e55b97} - Reg Error: Key error. File not found

IE - HKCU\..\URLSearchHook: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTo1.dll (Conduit Ltd.)

O2 - BHO: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTo1.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (uTorrentBar_FR Toolbar) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\tbuTo1.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar_FR Toolbar) - {05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} - C:\Program Files (x86)\uTorrentBar_FR\tbuTo1.dll (Conduit L

:Commands

[emptytemp]

* Cliques sur l'icône Correction (en haut à gauche) .

* Laisse le scan aller à son terme sans te servir du PC

* A la fin du scan un rapport s'ouvrir "OTL.log"

* Copie et colle le ou les rapports dans ta réponse stp...

* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

Mets le rapport ici car il prend bien de la place.

Cijoint.fr - Service gratuit de dépôt de fichiers

Ensuite :: Installe Malewarebytes' Antimalware,

Téléchargement

*** Met-le à jour puis choisi, Exécuter un examen complet

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

Poste le rapport final.

:hello2:

PS: Après cela dis moi comment va ton pc s.t.p

DeepCold1 · le 11 février 2011

Voici le lien de mon log OTL

OTL.log

Malwarebyte est en train de faire un scan au moment ou j'écrit ce message. Je ne sais pas combien de temps prend le scan alors je vais le laisser aller et je vais dormir

Je te redonne des nouvelles demain matin

Merci

DeepCold1 · le 11 février 2011

Log Antivirus

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Version de la base de données: 5736

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

2011-02-11 06:34:14

mbam-log-2011-02-11 (06-34-14).txt

Type d'examen: Examen complet (C:\|)

Elément(s) analysé(s): 385280

Temps écoulé: 1 heure(s), 6 minute(s), 12 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 1

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 10

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Dealio (PUP.Dealio) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

C:\Program Files (x86)\SQUARE ENIX - Eidos Interactive\Lara Croft and the Guardian of Light\LcgolLauncher.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Program Files (x86)\YouTube Downloader Toolbar\SearchSettingsRes409.dll (PUP.Dealio) -> Quarantined and deleted successfully.

C:\Qoobox\Quarantine\C\Program Files (x86)\Common Files\0.exe.vir (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Users\Utilisateur\Desktop\Brutus\BrutusA2.exe (HackTool.Brutus) -> Quarantined and deleted successfully.

C:\Users\Utilisateur\Downloads\Lara.Croft.and.the.Guardian.of.Light-SKIDROW\SKIDROW\LcgolLauncher.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Windows\Installer\$PatchCache$\Managed\96DC878CBD58B624183A7E1157AABE19\1.0.3\applicationupdater.exe.2AEA64FA_898D_4F2B_A6D4_6ACAB09B67CA (PUP.Dealio) -> Quarantined and deleted successfully.

C:\Windows\Installer\$PatchCache$\Managed\D82C50F59AED6DA47AA360145789E8BA\11.1.30\applicationupdater.exe.2AEA64FA_898D_4F2B_A6D4_6ACAB09B67CA (PUP.Dealio) -> Quarantined and deleted successfully.

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F36K9NXL\0[1].jpg (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F36K9NXL\0[1].jpg (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\_OTL\MovedFiles\02112011_003126\C_Program Files (x86)\Application Updater\ApplicationUpdater.exe (PUP.Dealio) -> Quarantined and deleted successfully.

Je vais maintenant réessayer un scan avec NOD32 pour voir si tout va bien, probablement que c'est le cas.

Alors je te dis un gros MERCI et si j'ai un problème à nouveau je posterai une autre réponse ici !

Merci !

bernard53 · le 11 février 2011

Très bien pour le rapport MalwaresBytes. :super:

Donne moi des nouvelles de ton scan "NOD32". Possible que tu est juste une détection dans le restauration système, a voir.

DeepCold1 · le 15 février 2011

Bon... J'espérais ne pas avoir à revenir ici, mais apparament que j'ai encore un problème... lol

Nod32 trouve plusieurs menaces au niveau de C:/Windows/System32/icm64.dll

J'ai fait beaucoup de recherche sur ce fameux ''icm64.dll'' mais tous ce que je trouve me ramème a Combo-Fix ou OTL.exe...

Donc me voila encore dans une impasse...

J'ai aussi remarquer récemment des Lag Spikes... (aucune idée comment dire sa en francais )

Quand je joue a World Of Warcraft (Oui oui j'ai honte XD), mais ce n'est pas du lag reliez au réseau car il est constant...

À des intervalles de 20-30 secondes, l'écran gèle pendant 1-3 secondes et tout redeviens normal jusqu'au prochain Spike...

Évidemment, ces lag régulier me pousse a croire que c'est la machine et non le réseau qui lag... Probablement un spyware...

Probablement ce même icm64.dll qui me fait suer depuis tout ce temps

Merci d'avance pour ton aide

EDIT: Ah oui j'oubliais, il m'est arriver une fois de voir mon MSN MEssenger s'ouvrir tout seul et envoyer du spam a tout mes contactes un apres l'autres en lespece de 5-6 secondes... Probablement un autre petit virus mineur... mais je croit que Malwarebytes a éliminer ce virus de toutes facon Just thought i'd let you know! hehe

Modifié le 15 février 2011 par DeepCold1

bernard53 · le 16 février 2011

Nod32 trouve plusieurs menaces au niveau de C:/Windows/System32/icm64.dll

Pour en savoir plus sur ce DLL fais ceci.

Vas ici : VirusTotal - Free Online Virus, Malware and URL Scanner

Clique sur choisir un fichier et choisi ce dossier :

C:/Windows/System32/icm64.dll

poste le rapport s.t.p

DeepCold1 · le 18 février 2011

Log VirusTotal

Antivirus Version Last Update Result
AhnLab-V3 2011.02.06.00 2011.02.06 -

AntiVir 7.11.3.40 2011.02.10 -

Antiy-AVL 2.0.3.7 2011.02.10 -

Avast 4.8.1351.0 2011.02.10 -

Avast5 5.0.677.0 2011.02.10 -

AVG 10.0.0.1190 2011.02.10 -

BitDefender 7.2 2011.02.10 -

CAT-QuickHeal 11.00 2011.02.10 -

ClamAV 0.96.4.0 2011.02.10 -

Commtouch 5.2.11.5 2011.02.10 -

Comodo 7645 2011.02.10 -

DrWeb 5.0.2.03300 2011.02.10 -

eSafe 7.0.17.0 2011.02.10 -

eTrust-Vet 36.1.8152 2011.02.10 -

F-Prot 4.6.2.117 2011.02.04 -

F-Secure 9.0.16160.0 2011.02.10 -

Fortinet 4.2.254.0 2011.02.10 -

GData 21 2011.02.10 -

Ikarus T3.1.1.97.0 2011.02.10 -

Jiangmin 13.0.900 2011.02.10 -

K7AntiVirus 9.83.3813 2011.02.10 -

Kaspersky 7.0.0.125 2011.02.10 -

McAfee 5.400.0.1158 2011.02.10 -

McAfee-GW-Edition 2010.1C 2011.02.08 -

Microsoft 1.6502 2011.02.10 -

NOD32 5863 2011.02.10 -

Norman 6.07.03 2011.02.10 -

nProtect 2011-01-27.01 2011.02.02 -

Panda 10.0.3.5 2011.02.10 -

PCTools 7.0.3.5 2011.02.10 -

Prevx 3.0 2011.02.10 -

Rising 23.44.03.05 2011.02.10 -

Sophos 4.61.0 2011.02.10 -

SUPERAntiSpyware 4.40.0.1006 2011.02.10 -

Symantec 20101.3.0.103 2011.02.10 -

TheHacker 6.7.0.1.126 2011.02.10 -

TrendMicro 9.200.0.1012 2011.02.10 -

TrendMicro-HouseCall 9.200.0.1012 2011.02.10 -

VBA32 3.12.14.3 2011.02.10 -

VIPRE 8375 2011.02.10 -

ViRobot 2011.2.10.4303 2011.02.10 -

VirusBuster 13.6.193.0 2011.02.10 -

Additional information

Show all

MD5 : 816b681cc308faa128edcb90643dced7

SHA1 : 809c04b94215bed440c7ac310f991d58fd57a4f5

SHA256: c2c6295f59f00f4d47673c361f1965ba62f9adf6897a6a0be224509628a27d7e

ssdeep: 6144:853dyric0ss466cGIcv71YBLVBPW2Gdvgs2:8Vb/ss4FcNc

File size : 215040 bytes

First seen: 2009-11-19 10:09:00

Last seen : 2011-02-10 21:39:46

Magic: PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit

TrID:

Win32 Executable Generic (42.3%)

Win32 Dynamic Link Library (generic) (37.6%)

Generic Win/DOS Executable (9.9%)

DOS Executable Generic (9.9%)

Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

sigcheck:

publisher....: Microsoft Corporation

copyright....: Copyright ©1995-1997 Heidelberger Druckmaschinen AG

product......: Microsoft_ Windows_ Operating System

description..: Microsoft Color Management Module (CMM)

original name: ICM32.DLL

internal name: ICM32.DLL

file version.: 6.1.7600.16385 (win7_rtm.090713-1255)

comments.....: n/a

signers......: -

signing date.: -

verified.....: Unsigned

PEiD: -

PEInfo: PE structure information

[[ basic data ]]

entrypointaddress: 0x27B6

timedatestamp....: 0x4A5BD9FA (Tue Jul 14 01:06:02 2009)

machinetype......: 0x14C (Intel I386)

[[ 4 section(s) ]]

name, viradd, virsiz, rawdsiz, ntropy, md5

.text, 0x1000, 0x32697, 0x32800, 6.58, 05dc04c14021b29eae5341dbfaed69ab

.data, 0x34000, 0x1AB0, 0x800, 7.56, a7940340ea443978bdf622fc1d249131

.rsrc, 0x36000, 0xA38, 0xC00, 3.51, 0cae9a42146e8d361f6763475613897a

.reloc, 0x37000, 0x684, 0x800, 4.44, 9e446afe754e3dc6f5a3266feba8ef84

[[ 4 import(s) ]]

advapi32.dll: EventUnregister, EventRegister, EventWrite

kernel32.dll: SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, GetSystemTimeAsFileTime, GetCurrentProcessId, GetLocalTime, GetTickCount, QueryPerformanceCounter, InterlockedCompareExchange, Sleep, InterlockedExchange, GetLastError, GlobalHandle, GlobalUnlock, GlobalLock, GetCurrentThreadId, EnterCriticalSection, DeleteCriticalSection, InitializeCriticalSection, DisableThreadLibraryCalls, SetLastError, LeaveCriticalSection, GlobalAlloc, lstrlenW, GlobalFree

mscms.dll: IsColorProfileTagPresent, GetColorProfileElement, GetColorProfileHeader, OpenColorProfileW, CloseColorProfile

msvcrt.dll: _except_handler4_common, _amsg_exit, memset, memmove, _ftol2_sse, _CIpow, _ftol2, _initterm, free, malloc, _XcptFilter

[[ 21 export(s) ]]

CMCheckColors, CMCheckColorsInGamut, CMCheckRGBs, CMConvertColorNameToIndex, CMConvertIndexToColorName, CMCreateDeviceLinkProfile, CMCreateMultiProfileTransform, CMCreateProfile, CMCreateProfileW, CMCreateTransform, CMCreateTransformExt, CMCreateTransformExtW, CMCreateTransformW, CMDeleteTransform, CMGetInfo, CMGetNamedProfileInfo, CMIsProfileValid, CMTranslateColors, CMTranslateRGB, CMTranslateRGBs, CMTranslateRGBsExt

ExifTool:

file metadata

CharacterSet: Unicode

CodeSize: 206848

CompanyName: Microsoft Corporation

EntryPoint: 0x27b6

FileDescription: Microsoft Color Management Module (CMM)

FileFlagsMask: 0x003f

FileOS: Windows NT 32-bit

FileSize: 210 kB

FileSubtype: 0

FileType: Win32 DLL

FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)

FileVersionNumber: 6.1.7600.16385

ImageVersion: 6.1

InitializedDataSize: 12288

InternalName: ICM32.DLL

LanguageCode: English (U.S.)

LegalCopyright: Copyright 1995-1997 Heidelberger Druckmaschinen AG

LinkerVersion: 9.0

MIMEType: application/octet-stream

MachineType: Intel 386 or later, and compatibles

OSVersion: 6.1

ObjectFileType: Dynamic link library

OriginalFilename: ICM32.DLL

PEType: PE32

ProductName: Microsoft Windows Operating System

ProductVersion: 6.1.7600.16385

ProductVersionNumber: 6.1.7600.16385

Subsystem: Windows command line

SubsystemVersion: 6.1

TimeStamp: 2009:07:14 03:06:02+02:00

UninitializedDataSize:

Merde j'y comprend rien... sans raison, ma souris ou mon clavier arrête de fontionner momentanément... Sur tout la souris, c'est assez fréquent... comme si je la déconnectait et reconnectait sans cesse !

bernard53 · le 18 février 2011

Bon le rapport ne signale aucune anomalie concernant ce fichier. il s'agit d'un faux positif.

Regarde ce tuto qui va te renseigner comment le mettre dans les exclusion de ton antivirus.

Tutorial NOD32 | malekal's site

Exclure permet d’exclurer des fichiers ou répertoires
pour que le module ne scanne plus. Pratique en cas de faux positifs ou

si l’antivirus provoque des plantages d’une application à cause du

vérouillage de fichiers par le module d’analyse.

Pour ton clavier et autre, vérifies a tout hasard que tu n'as pas besoin de mettre à jour certains pilotes ici.

Mes Drivers - détection en ligne automatique de la configuration matérielle et des drivers compatibles

:hello2:

Connexion

Pas encore inscrit ?

Analyse Rapport

Messages recommandés

DeepCold1

DeepCold1

bernard53

DeepCold1

DeepCold1

bernard53

DeepCold1

bernard53

DeepCold1

bernard53

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer