[Résolu] Infection supposée

Strygh · le 25 mai 2011

Bonjour à tous, voila, j'ai récemment reçu le lien par ma boite mail d'un contact en qui j'avais une totale confiance, je clique dessus, et je reçois l'alerte disant que j'expose mon pc à un virus, je ferme la fenêtre, malheureusement, quelques heures plus tard, je reçois un second mail disant que ce contact n'avait pas envoyé ce mail, je me dis c'est ok, j'ai pas complètement ouvert la page internet. Cependant aujourd'hui j'ai l'impression que mon pc est BIEN plus lent que d'habitude, alors je demande votre aide pour m'aider à résoudre ce problème, si vous le voulez bien !

De plus, n'ayant jamais fait d'analyse propre de mon pc, j'en profite, pour vous demander quelles sont les méthodes à suivre, une analyse de routine ne fait jamais de mal (même si le ralentissement n'a pas de lien avec une quelconque infection, j'aurais je pense l'esprit plus tranquille après ça)

Je vous remercie d'avance et vous souhaite une bonne journée

voila le rapport Hijack :

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:48:00, on 25/05/2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v8.00 (8.00.7601.17514)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

D:\Program Files\Logiciels\Hamachi\hamachi-2-ui.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\ExpressGateUtil\VAWinAgent.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe

D:\Program Files\Logiciels\iTunes\iTunesHelper.exe

D:\Program Files\Logiciels\DAEMON Tools Lite\DTShellHlp.exe

D:\Program Files\Logiciels\bin\javaw.exe

C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

D:\Program Files\Logiciels\DAEMON Tools Lite\DTLite.exe

C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Leonard\AppData\Local\Google\Chrome\Application\chrome.exe

D:\Program Files\Logiciels\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe

D:\Program Files\Jeux\League of Legends\RADS\system\rads_user_kernel.exe

D:\Program Files\Jeux\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.25\deploy\LoLLauncher.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = A s u s | M S N

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Facemoods Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Facemoods Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll (file missing)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Logiciels\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll (file missing)

O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

O4 - HKLM\..\Run: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r

O4 - HKLM\..\Run: [updReg] C:\Windows\UpdReg.EXE

O4 - HKLM\..\Run: [sessionLogon] C:\ExpressGateUtil\SessionLogon.exe

O4 - HKLM\..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe" /md I

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe

O4 - HKLM\..\Run: [bEWINTERNET-FR-DMESessionManager] "C:\Program Files (x86)\OrangeBS\BEWInternet\SessionManager\SessionManager.exe"

O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Program Files\Logiciels\Hamachi\hamachi-2-ui.exe" --auto-start

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\Logiciels\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\Leonard\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\Logiciels\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe

O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Dragon Age: Origins - Application de mise à jour (DAUpdaterSvc) - BioWare - D:\Program Files\Jeux\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files\Logiciels\Hamachi\hamachi-2.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: Intel® Turbo Boost Technology Monitor (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--

End of file - 28404 bytes

Modifié le 30 mai 2011 par Strygh

lance_yien · le 28 mai 2011

Bonjour Strygh,

Très Important!

>>> A faire immédiatement:

- En haut de ce message cliquer sur le bouton "Suivre ce sujet", en choisissant "Notification immédiate" => "Soumettre" tu seras avisé en temps réel pour les réponses apportées à ton sujet et de ce fait, ta machine sera nettoyée dans les meilleurs délais.

Si à la place du bouton "Suivre ce sujet" tu as "Arrêter de suivre ce sujet", c'est que les réglages ont déjà été faits.

- Sauvegarder (en copiant) tous les documents personnels sur un support autre que la partition système: Clé USB, CD/DVD, Disque Dur externe etc.

>>> Que faire durant ce nettoyage: Merci de NE PAS utiliser, installer et/ou désinstaller aucun programme à part ceux qui sont proposés à chaque étape ce qui a pour but d'éviter tout problème d'incompatibilité entre les outils.

>>> Que faire à la réception de nouvelles instructions:

Lire la totalité du message.
Certains programmes peuvent créer des problèmes s'ils ne sont pas lancés depuis le Bureau. Aussi, il est demandé de les télécharger et enregistrer DIRECTEMENT sur le Bureau (ou les déplacer avant utilisation par un clic-droit dessus => "Couper" puis clic-droit sur le Bureau => "Coller").
Prendre l'habitude de désactiver tous les programmes de protection au début de chaque nouvelle étape et de les réactiver à la fin.
Procéder toujours dans l'ordre donné et demander des clarifications si nécessaire AVANT de commencer.
NE PAS hésiter à commenter et signaler tout changement (en bien ou en mal) dans le comportement de la machine ou par rapport au problème initial.

>>> Comment répondre:

- Cliquer sur le bouton (et non sur car je n'ai pas besoin de relire mes messages précédents).

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...).

>>> Ne pas abandonner son sujet avant d'avoir été informé(e) que tout est OK.

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment.

>>> ESET Online Scanner: Brancher tous les médias amovible disponibles (DD externe, clés USB etc) et désactiver antivirus/ parefeu et antispyware.

Utiliser Internet Explorer pour aller ICI.

Cliquer sur le bouton vert ESET Online Scanner, cocher la case "YES, I accept the Terms of Use" et cliquer sur Start.
Accepter l'installation de l'ActiveX.
Cocher "Scan archives", DEcocher "Remove found threats" et cliquer Start.
Eset téléchargera la base de données et commencera le scan. Le laisser finir son scan.
Ensuite, cliquer sur "List of found threats"
Cliquer sur "Export to text file..." et sauvegarder les résultats sur le Bureau en le nommant "scan-results" pour les copier/coller ici.
Cliquer sur et cocher la case Uninstall application on close pour supprimer ESET Online Scanner de la machine.

Cliquer sur et poster le rapport.

--

Télécharger, sur le Bureau:

Malware Bytes Anti-Malware depuis ici.
Security Check (par screen317) depuis ici ou ici.

>>> Utiliser Malwarebytes' Anti-Malware: Fermer toutes les applications et fenêtres ouvertes et double-cliquer sur mbam-setup.exe (pour Vista/ Windows7, cliquer-droit sur mbam-setup.exe => "Exécuter en tant qu'administrateur"). Suivre les indications en laissant tout par défaut. Cliquer sur Terminer sans rien changer.

- Lancer le programme depuis son icône sur le bureau ou depuis "Démarrer" => "Tous les programmes" => "Malwarebytes' Anti-Malware".

- Faire les Mises à jour depuis l'onglet du même nom. Si problème avec les mises à jour automatiques, cliquer ICI pour les télécharger et les installer manuellement.

- Dans l'onglet "Recherche" laisser la case "Exécuter un examen rapide" cochée et cliquer sur "Rechercher".

Patienter jusqu'à la fin (affichage du message ci-dessous)

Cliquer sur OK, pour fermer ce message.

- Cliquer sur "Afficher les résultats" puis s'assurer que tout est coché et cliquer sur "Supprimer la sélection".

Le programme procède alors au nettoyage. S'il vous demande de redémarrer le PC, ACCEPTER (c'est pour supprimer certains fichiers spécifiques).

A la fin un rapport s'affiche (accessible à tout moment depuis l'onglet Rapport/Logs de la fenêtre principale de MBAM. Poster son contenu dans la prochaine réponse.

>>> Utiliser SecurityCheck: Fermer tout et double-cliquer sur "SecurityCheck.exe" (Vista/W7, cliquer-droit dessus => "Exécuter en tant qu'administrateur") pour lancer le programme.

Appuyer sur une touche comme demandé et suivre les indications.

Note: Si un des programmes de sécurité demande la permission d'accéder à Internet depuis dig.exe, acceptez.

Le Rapport checkup.txt s'ouvre à la fin. Poster son contenu.

Ce rapport ne sera pas enregistré automatiquement. Si vous voulez en garder une copie, cliquez sur "Fichier" => "Enregistrer sous", choisissez un endroit (Bureau par exemple) et cliquez sur "Enregistrer" en bas à droite.

Poster son contenu.

Rapports demandés:

scan-results.txt
Malwarebytes Anti-Malware log
checkup.txt

Strygh · le 28 mai 2011

Tout d'abord, merci de prendre sur ton temps libre pour m'aider et désolé de répondre si longtemps après, mais le scan ESET a pris pas mal de temps

Tout d'abord le log de ESET SCANNER ONLINE :
D:\Program Files\Jeux\Fable 3\paul.dll a variant of Win32/Packed.VMProtect.AAA trojan

D:\Program Files\Téléchargements\JDownloader\sr_update1_f3.rar a variant of Win32/Packed.VMProtect.AAA trojan

F:\Divertissement\Utilitaires\VSO ConvertXtoDVD 4.1.9.346 Pre-Release.zip a variant of Win32/Keygen.AS application

Le log de Malwarebytes maintenant :
Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Version de la base de données: 6702

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

28/05/2011 20:23:44

mbam-log-2011-05-28 (20-23-44).txt

Type d'examen: Examen rapide

Elément(s) analysé(s): 161655

Temps écoulé: 4 minute(s), 6 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

Et pour finir celui de SecurityCheck :
Results of screen317's Security Check version 0.99.12

Windows 7 (UAC is disabled!)

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

avast! Free Antivirus

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Java 6 Update 24

Out of date Java installed!

Flash Player Out of Date!

Adobe Flash Player 10.0.32.18

Adobe Reader 9.4.4 MUI

Out of date Adobe Reader installed!

````````````````````````````````

Process Check:

objlist.exe by Laurent

AVAST Software Avast AvastSvc.exe

AVAST Software Avast AvastUI.exe

``````````End of Log````````````

Voila, ma partition d'OS est la C, une seconde partition du disque dur la D, et le disque F est un disque dur externe !

Merci pour ton aide !

lance_yien · le 29 mai 2011

Bonjour,

Merci de coller directement les rapports. Relire la note "Très important" dans mon 1er message et respecter toutes les consignes.

...

>>> Comment répondre:

...

- Coller le contenu des rapports SANS y ajouter AUCUN formatage de texte (en citation, code, couleur etc...)...

--

ESET montre quelques fichiers/ dossiers malicieux (en gras ci-dessous). Peux-tu les supprimer manuellement?

D:\Program Files\Jeux\Fable 3\paul.dll

D:\Program Files\Téléchargements\JDownloader\sr_update1_f3.rar

F:\Divertissement\Utilitaires\VSO ConvertXtoDVD 4.1.9.346 Pre-Release.zip

--

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment et télécharger, sur le Bureau OTL (par OldTimer) depuis ici ou ici.

Brancher et allumer tous les médias amovibles (Disques externes, clés USB etc...).

Fermer toutes les applications et fenêtres ouvertes et cliquer-droit sur OTL.exe => Exécuter en tant qu'Adminnistrateur.

Copiez/ Collez ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs
drivers32

%SYSTEMDRIVE%\*.*

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

SAVEMBR:0

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: OTL.txt (qui s'ouvre dans le bloc-note) et Extras.txt (qui sera minimisé dans la Barre des tâches).

Copier/ Coller le contenu de chaque rapport, un seul par message parce qu'ils sont souvent très longs et dépassent la limite autorisée par le forum.

Rapports demandés:

OTL.txt
Extras.txt

Pas de soucis avec la suppression des fichiers?

Strygh · le 29 mai 2011

Désolé pour les citations, je pensais que ce serait plus facile pour lire les rapports, qu'ils soient bien séparés les uns des autres.

Voila le rapport OLT.txt :

OTL logfile created on: 29/05/2011 12:36:53 - Run 1

OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Leonard\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,86 Gb Total Physical Memory | 2,35 Gb Available Physical Memory | 60,83% Memory free

7,71 Gb Paging File | 5,93 Gb Available in Paging File | 76,91% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 149,04 Gb Total Space | 88,88 Gb Free Space | 59,64% Space Free | Partition Type: NTFS

Drive D: | 425,64 Gb Total Space | 311,47 Gb Free Space | 73,18% Space Free | Partition Type: NTFS

Drive F: | 931,48 Gb Total Space | 585,78 Gb Free Space | 62,89% Space Free | Partition Type: NTFS

Drive H: | 7,52 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: LEONARD-PC | User Name: Leonard | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/29 12:33:26 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Leonard\Desktop\OTL.exe

PRC - [2011/03/28 15:41:14 | 001,910,152 | ---- | M] (LogMeIn Inc.) -- D:\Program Files\Logiciels\Hamachi\hamachi-2-ui.exe

PRC - [2011/03/27 17:36:40 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2011/02/23 17:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe

PRC - [2011/02/23 17:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe

PRC - [2011/01/20 11:20:04 | 000,313,152 | ---- | M] (DT Soft Ltd) -- D:\Program Files\Logiciels\DAEMON Tools Lite\DTShellHlp.exe

PRC - [2010/12/21 16:56:14 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2010/11/23 05:07:45 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe

PRC - [2010/10/08 00:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

PRC - [2010/10/07 19:43:00 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

PRC - [2010/09/24 02:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

PRC - [2010/08/21 04:47:58 | 000,077,312 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe

PRC - [2010/08/18 00:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

PRC - [2010/08/13 03:52:16 | 000,021,504 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe

PRC - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2009/12/15 20:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

PRC - [2009/11/03 00:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

PRC - [2009/10/01 05:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

PRC - [2009/10/01 05:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

PRC - [2009/08/28 23:44:30 | 000,282,624 | R--- | M] (France Telecom SA) -- C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe

PRC - [2009/08/28 21:22:56 | 000,077,824 | ---- | M] (France Telecom SA) -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

PRC - [2009/08/12 22:32:56 | 000,365,936 | ---- | M] (Boingo Wireless, Inc.) -- C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe

PRC - [2009/07/31 20:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

PRC - [2009/06/19 20:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

PRC - [2009/06/19 20:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

PRC - [2009/06/16 03:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

PRC - [2008/12/23 03:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

========== Modules (SafeList) ==========

MOD - [2011/05/29 12:33:26 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Leonard\Desktop\OTL.exe

MOD - [2011/02/23 17:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll

MOD - [2010/11/20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/02/23 17:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV:64bit: - [2010/06/22 21:20:42 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)

SRV:64bit: - [2010/04/17 02:07:42 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)

SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2011/03/28 15:41:12 | 002,111,368 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files\Logiciels\Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2011/03/27 17:36:40 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2010/12/21 16:56:14 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2010/11/23 05:08:18 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2010/11/23 05:08:15 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)

SRV - [2010/08/21 04:47:58 | 000,077,312 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)

SRV - [2010/04/24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2010/04/24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/12/15 22:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- D:\Program Files\Jeux\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)

SRV - [2009/12/15 20:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)

SRV - [2009/10/01 05:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®

SRV - [2009/10/01 05:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®

SRV - [2009/08/28 21:22:56 | 000,077,824 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)

SRV - [2009/06/16 03:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)

SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/03/26 22:31:55 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/02/23 16:55:05 | 000,064,344 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011/01/19 17:47:18 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)

DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/12 01:10:49 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2010/09/25 05:24:26 | 000,229,376 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) Fresco Logic xHCI (USB3)

DRV:64bit: - [2010/09/25 05:24:26 | 000,069,120 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh) Fresco Logic xHCI (USB3)

DRV:64bit: - [2010/07/26 05:27:33 | 000,318,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)

DRV:64bit: - [2010/04/28 09:57:50 | 000,061,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)

DRV:64bit: - [2010/04/24 01:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2010/04/24 01:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2010/04/24 01:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2010/04/24 01:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2010/04/21 09:47:49 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)

DRV:64bit: - [2010/04/17 02:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)

DRV:64bit: - [2010/03/05 05:19:45 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010/03/03 13:51:39 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010/03/02 10:45:23 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2010/02/26 10:32:11 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2009/11/18 01:11:59 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)

DRV:64bit: - [2009/09/17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel®

DRV:64bit: - [2009/08/20 04:41:37 | 001,800,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)

DRV:64bit: - [2009/07/20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)

DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/15 13:45:36 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)

DRV:64bit: - [2009/06/15 13:45:36 | 000,116,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake)

DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)

DRV:64bit: - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)

DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2009/05/13 19:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)

DRV:64bit: - [2009/04/06 13:19:46 | 000,027,160 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)

DRV:64bit: - [2008/05/24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2009/07/03 03:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Facemoods Search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Facemoods Search

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

[2011/03/26 17:40:37 | 000,002,046 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrchddr.xml

O1 HOSTS File: ([2011/05/18 16:32:21 | 000,000,870 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 www.screamingbee.com

O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)

O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - File not found

O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Logiciels\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - File not found

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()

O4:64bit: - HKLM..\Run: [setwallpaper] File not found

O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)

O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [bEWINTERNET-FR-DMESessionManager] C:\Program Files (x86)\OrangeBS\BEWInternet\SessionManager\SessionManager.exe (France Telecom SA)

O4 - HKLM..\Run: [boingo Wi-Fi] C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk ()

O4 - HKLM..\Run: [CardDetectorHUAWEI1752_1552] C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe (France Telecom SA)

O4 - HKLM..\Run: [facemoods] File not found

O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] D:\Program Files\Logiciels\Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [sessionLogon] File not found

O4 - HKLM..\Run: [THX TruStudio NB Settings] C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [updateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [updReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)

O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()

O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()

O4 - HKCU..\Run: [DAEMON Tools Lite] D:\Program Files\Logiciels\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241

O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found

O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2011/03/28 00:05:42 | 000,000,456 | ---- | M] () - D:\autoexec.cfg -- [ NTFS ]

O32 - AutoRun File - [2011/03/09 21:28:18 | 000,231,518 | R--- | M] () - H:\autorun.ico -- [ CDFS ]

O32 - AutoRun File - [2010/02/11 05:05:02 | 000,000,047 | R--- | M] () - H:\autorun.inf -- [ CDFS ]

O33 - MountPoints2\{5da1d9c5-64e4-11e0-b1d6-bcaec51e7154}\Shell - "" = AutoRun

O33 - MountPoints2\{5da1d9c5-64e4-11e0-b1d6-bcaec51e7154}\Shell\AutoRun\command - "" = F:\MicroLauncher.exe

O33 - MountPoints2\{5da1d9d8-64e4-11e0-b1d6-bcaec51e7154}\Shell - "" = AutoRun

O33 - MountPoints2\{5da1d9d8-64e4-11e0-b1d6-bcaec51e7154}\Shell\AutoRun\command - "" = F:\MicroLauncher.exe

O33 - MountPoints2\{79aad67b-57d0-11e0-88c4-bcaec51e7154}\Shell - "" = AutoRun

O33 - MountPoints2\{79aad67b-57d0-11e0-88c4-bcaec51e7154}\Shell\AutoRun\command - "" = H:\Setup.exe -- [2010/09/15 22:54:40 | 000,394,016 | R--- | M] (Microsoft Corporation)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011/05/29 12:34:15 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Leonard\Desktop\OTL.exe

[2011/05/28 20:19:13 | 000,000,000 | ---D | C] -- C:\Users\Leonard\AppData\Roaming\Malwarebytes

[2011/05/28 20:19:05 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

[2011/05/28 20:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/05/28 20:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/05/28 20:19:01 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2011/05/28 20:19:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2011/05/28 20:15:24 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Leonard\Desktop\mbam-setup.exe

[2011/05/27 07:30:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace

[2011/05/26 23:18:05 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2011/05/26 23:18:05 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll

[2011/05/26 23:18:05 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2011/05/26 23:18:05 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2011/05/26 23:18:05 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll

[2011/05/26 23:18:05 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2011/05/26 23:18:05 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2011/05/26 23:18:05 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll

[2011/05/26 23:18:05 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2011/05/26 23:18:05 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll

[2011/05/26 23:18:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2011/05/26 23:18:05 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2011/05/26 23:18:05 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll

[2011/05/26 23:18:05 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2011/05/26 23:18:05 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2011/05/26 23:18:05 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll

[2011/05/26 23:18:05 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2011/05/26 23:18:05 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2011/05/26 23:18:05 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2011/05/26 23:18:05 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2011/05/26 23:18:05 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2011/05/26 23:18:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2011/05/26 23:18:05 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2011/05/26 23:18:05 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe

[2011/05/26 23:18:05 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2011/05/26 23:18:05 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2011/05/26 23:18:05 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2011/05/26 23:18:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2011/05/26 23:18:05 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2011/05/26 23:18:05 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2011/05/26 23:18:05 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2011/05/26 23:18:04 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2011/05/26 23:18:04 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2011/05/26 23:18:04 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2011/05/26 23:18:04 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2011/05/26 23:18:04 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2011/05/26 23:18:04 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2011/05/26 23:18:04 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2011/05/26 23:18:04 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2011/05/26 23:18:04 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2011/05/26 23:18:04 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2011/05/26 23:18:04 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll

[2011/05/26 23:18:04 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011/05/26 23:18:04 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2011/05/26 23:18:04 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll

[2011/05/26 23:18:04 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2011/05/26 23:18:04 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2011/05/26 23:18:04 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2011/05/26 23:18:04 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2011/05/26 23:18:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll

[2011/05/26 23:18:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll

[2011/05/26 23:18:04 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2011/05/26 23:18:04 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll

[2011/05/26 23:18:04 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2011/05/26 23:18:04 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2011/05/26 23:18:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2011/05/26 23:18:04 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2011/05/26 23:18:04 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2011/05/26 23:18:04 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll

[2011/05/26 23:18:04 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2011/05/26 23:18:04 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2011/05/26 23:18:04 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll

[2011/05/26 23:18:04 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2011/05/26 23:18:04 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2011/05/26 23:18:04 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2011/05/26 23:18:04 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2011/05/26 23:18:04 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2011/05/26 23:18:04 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2011/05/26 23:18:04 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2011/05/26 23:18:04 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2011/05/26 23:18:04 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2011/05/26 23:18:04 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2011/05/26 23:18:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2011/05/26 23:18:04 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2011/05/26 23:18:04 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll

[2011/05/26 23:18:04 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2011/05/26 23:18:04 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2011/05/26 23:18:04 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2011/05/26 23:03:47 | 000,000,000 | ---D | C] -- C:\Windows\pss

[2011/05/26 22:56:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache

[2011/05/26 14:39:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS

[2011/05/26 14:31:35 | 000,000,000 | ---D | C] -- C:\Users\Leonard\AppData\Roaming\Lionhead Studios

[2011/05/26 11:38:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive

[2011/05/26 11:38:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE

[2011/05/25 16:27:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks

[2011/05/25 14:42:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam

[2011/05/25 13:36:18 | 000,000,000 | ---D | C] -- C:\Users\Leonard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

[2011/05/25 00:09:58 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys

[2011/05/22 17:41:37 | 000,000,000 | ---D | C] -- C:\Users\Leonard\AppData\Roaming\FileZilla

[2011/05/22 17:41:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client

[2011/05/22 15:43:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MovieToolbox

[2011/05/22 12:42:56 | 000,000,000 | ---D | C] -- C:\Users\Leonard\Desktop\Saison 4

[2011/05/22 05:33:33 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe

[2011/05/22 05:33:33 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe

[2011/05/18 16:24:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Screaming Bee LLC

[2011/05/18 15:01:10 | 000,000,000 | ---D | C] -- C:\Users\Leonard\AppData\Roaming\Google

[2011/05/18 15:00:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Screaming Bee

[2011/05/18 15:00:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Screaming Bee

[2011/05/18 14:35:18 | 000,000,000 | ---D | C] -- C:\Users\Leonard\AppData\Roaming\Screaming Bee

[2011/05/18 14:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee

[2011/05/15 20:45:12 | 000,000,000 | ---D | C] -- C:\Users\Leonard\AppData\Roaming\Apple Computer

[2011/05/15 20:45:12 | 000,000,000 | ---D | C] -- C:\Users\Leonard\AppData\Local\Apple Computer

[2011/05/15 20:44:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2011/05/15 20:44:36 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll

[2011/05/15 20:44:36 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll

[2011/05/15 20:44:36 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys

[2011/05/15 20:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011/05/15 20:44:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2011/05/15 20:44:18 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

[2011/05/15 20:43:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2011/05/15 20:43:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime

[2011/05/15 20:43:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2011/05/15 20:43:01 | 000,000,000 | ---D | C] -- C:\Users\Leonard\AppData\Local\Apple

[2011/05/15 20:42:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update

[2011/05/15 20:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple

[2011/05/15 20:42:29 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour

[2011/05/15 20:42:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour

[2011/05/15 20:42:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple

[2011/05/15 20:42:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple

[2011/05/11 19:48:50 | 005,562,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2011/05/11 19:48:49 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2011/05/11 19:48:49 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2011/05/11 19:48:43 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys

[2011/05/11 19:48:43 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys

[2011/05/08 01:32:47 | 000,000,000 | ---D | C] -- C:\Users\Leonard\AppData\Roaming\EeeStorageUploader

[2011/05/04 21:20:50 | 000,000,000 | ---D | C] -- C:\Users\Leonard\Desktop\Dossier Easy Reward

[2011/05/01 18:31:30 | 000,000,000 | ---D | C] -- C:\Users\Leonard\AppData\Local\SKIDROW

[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/29 12:38:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2011/05/29 12:36:00 | 000,001,086 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3467160849-1519717777-2155176496-1001UA.job

[2011/05/29 12:33:26 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Leonard\Desktop\OTL.exe

[2011/05/29 11:32:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/05/29 00:47:42 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/05/29 00:47:42 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/05/29 00:40:07 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe

[2011/05/29 00:39:46 | 3105,124,352 | -HS- | M] () -- C:\hiberfil.sys

[2011/05/28 20:36:02 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3467160849-1519717777-2155176496-1001Core.job

[2011/05/28 20:19:05 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/05/28 20:16:45 | 000,879,092 | ---- | M] () -- C:\Users\Leonard\Desktop\SecurityCheck.exe

[2011/05/28 20:15:33 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Leonard\Desktop\mbam-setup.exe

[2011/05/27 07:11:04 | 000,001,459 | ---- | M] () -- C:\Users\Leonard\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

[2011/05/26 23:18:05 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2011/05/26 23:18:05 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll

[2011/05/26 23:18:05 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2011/05/26 23:18:05 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2011/05/26 23:18:05 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll

[2011/05/26 23:18:05 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2011/05/26 23:18:05 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2011/05/26 23:18:05 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll

[2011/05/26 23:18:05 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2011/05/26 23:18:05 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll

[2011/05/26 23:18:05 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2011/05/26 23:18:05 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2011/05/26 23:18:05 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll

[2011/05/26 23:18:05 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2011/05/26 23:18:05 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2011/05/26 23:18:05 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll

[2011/05/26 23:18:05 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2011/05/26 23:18:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2011/05/26 23:18:05 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2011/05/26 23:18:05 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2011/05/26 23:18:05 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2011/05/26 23:18:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2011/05/26 23:18:05 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2011/05/26 23:18:05 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe

[2011/05/26 23:18:05 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf

[2011/05/26 23:18:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2011/05/26 23:18:05 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2011/05/26 23:18:05 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2011/05/26 23:18:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2011/05/26 23:18:05 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2011/05/26 23:18:05 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2011/05/26 23:18:05 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2011/05/26 23:18:04 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2011/05/26 23:18:04 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2011/05/26 23:18:04 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2011/05/26 23:18:04 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2011/05/26 23:18:04 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2011/05/26 23:18:04 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2011/05/26 23:18:04 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2011/05/26 23:18:04 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2011/05/26 23:18:04 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2011/05/26 23:18:04 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2011/05/26 23:18:04 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll

[2011/05/26 23:18:04 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011/05/26 23:18:04 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2011/05/26 23:18:04 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll

[2011/05/26 23:18:04 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2011/05/26 23:18:04 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2011/05/26 23:18:04 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2011/05/26 23:18:04 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2011/05/26 23:18:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll

[2011/05/26 23:18:04 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll

[2011/05/26 23:18:04 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2011/05/26 23:18:04 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll

[2011/05/26 23:18:04 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2011/05/26 23:18:04 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2011/05/26 23:18:04 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2011/05/26 23:18:04 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2011/05/26 23:18:04 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2011/05/26 23:18:04 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll

[2011/05/26 23:18:04 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2011/05/26 23:18:04 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2011/05/26 23:18:04 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll

[2011/05/26 23:18:04 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2011/05/26 23:18:04 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2011/05/26 23:18:04 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2011/05/26 23:18:04 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2011/05/26 23:18:04 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2011/05/26 23:18:04 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2011/05/26 23:18:04 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2011/05/26 23:18:04 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf

[2011/05/26 23:18:04 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2011/05/26 23:18:04 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2011/05/26 23:18:04 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2011/05/26 23:18:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2011/05/26 23:18:04 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2011/05/26 23:18:04 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll

[2011/05/26 23:18:04 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2011/05/26 23:18:04 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2011/05/26 23:18:04 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2011/05/26 23:09:56 | 000,275,208 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011/05/25 16:27:23 | 000,000,819 | ---- | M] () -- C:\Users\Public\Desktop\Brink.lnk

[2011/05/25 16:00:00 | 000,029,998 | ---- | M] () -- C:\Windows\SysWow64\unins000.dat

[2011/05/25 15:59:27 | 000,722,611 | ---- | M] () -- C:\Windows\SysWow64\unins000.exe

[2011/05/24 19:25:42 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2011/05/24 19:18:33 | 000,002,190 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini

[2011/05/24 19:18:14 | 000,001,341 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini

[2011/05/22 15:43:18 | 000,002,617 | ---- | M] () -- C:\Users\Public\Desktop\Fix Player.lnk

[2011/05/15 20:28:44 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2011/05/07 19:09:26 | 001,581,972 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011/05/07 19:09:26 | 000,716,336 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat

[2011/05/07 19:09:26 | 000,627,864 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011/05/07 19:09:26 | 000,134,692 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat

[2011/05/07 19:09:26 | 000,110,326 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011/05/04 22:06:33 | 000,000,302 | ---- | M] () -- C:\Windows\SysWow64\Config.ini

[2011/04/29 22:14:49 | 000,434,362 | ---- | M] () -- C:\Users\Leonard\Desktop\Sans titre.png

[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/29 12:38:14 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin

[2011/05/28 20:19:05 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/05/28 20:16:42 | 000,879,092 | ---- | C] () -- C:\Users\Leonard\Desktop\SecurityCheck.exe

[2011/05/27 07:30:08 | 000,001,340 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk

[2011/05/26 23:18:05 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf

[2011/05/26 23:18:04 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf

[2011/05/26 22:57:47 | 000,002,557 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visionneuse Microsoft PowerPoint .lnk

[2011/05/25 16:27:23 | 000,000,819 | ---- | C] () -- C:\Users\Public\Desktop\Brink.lnk

[2011/05/25 15:59:57 | 000,722,611 | ---- | C] () -- C:\Windows\SysWow64\unins000.exe

[2011/05/25 14:52:56 | 000,029,998 | ---- | C] () -- C:\Windows\SysWow64\unins000.dat

[2011/05/22 15:43:18 | 000,002,617 | ---- | C] () -- C:\Users\Public\Desktop\Fix Player.lnk

[2011/05/15 20:42:57 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

[2011/05/15 20:28:44 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2011/05/04 21:20:12 | 000,000,302 | ---- | C] () -- C:\Windows\SysWow64\Config.ini

[2011/04/29 22:14:49 | 000,434,362 | ---- | C] () -- C:\Users\Leonard\Desktop\Sans titre.png

[2011/04/24 16:06:07 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2011/04/07 17:48:33 | 000,001,189 | ---- | C] () -- C:\Users\Leonard\AppData\Roaming\vso_ts_preview.xml

[2011/04/04 21:47:37 | 001,608,770 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011/03/27 17:36:45 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2011/03/27 17:36:40 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2010/11/23 05:08:21 | 000,001,200 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini

[2010/11/23 05:08:21 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini

[2010/11/23 05:08:21 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini

[2010/11/23 05:08:20 | 000,181,760 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL

[2010/11/23 05:08:20 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL

[2010/11/23 04:46:26 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe

[2010/02/09 09:07:38 | 000,020,480 | ---- | C] () -- C:\Windows\OOBEPlayer.exe

[2010/02/09 09:07:38 | 000,000,269 | ---- | C] () -- C:\Windows\OOBEPlayer.ini

[2009/10/26 05:38:22 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config

[2009/07/29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini

[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2006/05/19 05:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >

[2009/06/15 13:11:59 | 000,000,054 | ---- | M] () -- C:\AdobeReader.log

[2010/11/20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr

[2009/07/29 08:03:37 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2010/11/23 05:08:22 | 000,000,168 | ---- | M] () -- C:\creative.log

[2010/11/23 05:22:43 | 000,015,178 | ---- | M] () -- C:\devlist.txt

[2011/05/18 14:37:01 | 000,000,000 | ---- | M] () -- C:\fftoutput.txt

[2010/11/23 05:22:43 | 000,000,009 | ---- | M] () -- C:\Finish.log

[2010/11/08 13:57:53 | 002,097,152 | -H-- | M] () -- C:\G73Jw.BIN

[2010/11/09 07:32:23 | 000,000,019 | ---- | M] () -- C:\G73JW_WIN7.30

[2011/05/29 00:39:46 | 3105,124,352 | -HS- | M] () -- C:\hiberfil.sys

[2011/05/29 00:39:48 | 4140,167,168 | -HS- | M] () -- C:\pagefile.sys

[2010/11/22 14:42:16 | 000,000,233 | ---- | M] () -- C:\Pass.txt

[2011/05/29 12:38:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin

[2010/11/09 07:32:23 | 000,000,007 | ---- | M] () -- C:\RECOVERY.DAT

[2010/11/23 05:02:57 | 000,002,280 | ---- | M] () -- C:\RHDSetup.log

[2010/11/23 05:13:43 | 000,000,168 | ---- | M] () -- C:\setup.log

[2006/05/13 18:22:24 | 000,000,005 | ---- | M] () -- C:\store.log

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >

Le Extra.txt maintenant :

OTL Extras logfile created on: 29/05/2011 12:36:53 - Run 1