Assiste.Forums

Sécurité informatique et protection de la vie privée sur Internet

Vers le contenu

analyse log OLT

Analyse de logs OTL, MBAM, autres - PAS DE HIJACKTHIS ici!

Modérateur: Modérateurs et Modératrices

Sujet verrouillé

analyse log OLT

Messagede pableoh » 29 07 2010

Bonjours j'ai besoin d'aide pour analyser les log suivant.
Un virus est rentrés sur l'appareil photo d'un ami qui l'avait connecter a mon ordinateur: résultats, impossible de transférer des photos depuis l'appareil à un ordinateur. Mon antivirus a détecté 12 spyware.
Je vous remerci pour votre aide.
pableoh
 
Messages: 3
Inscription: 29 07 2010
Haut

Messagede pableoh » 29 07 2010

OTL logfile created on: 29/07/2010 16:29:24 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Fnac Digitale\Desktop
Windows Vista Business Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51,01 Gb Total Space | 6,68 Gb Free Space | 13,10% Space Free | Partition Type: NTFS
Drive D: | 51,01 Gb Total Space | 49,33 Gb Free Space | 96,71% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-FNAC
Current User Name: Fnac Digitale
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/07/29 15:44:20 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Fnac Digitale\Desktop\OTL.exe
PRC - [2010/07/26 16:15:17 | 000,709,800 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Darty Sérénité\Darty Protection\Anti-Virus\fssm32.exe
PRC - [2010/07/26 16:15:16 | 000,496,808 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Darty Sérénité\Darty Protection\Anti-Virus\FSGK32.EXE
PRC - [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010/01/22 14:53:14 | 000,348,768 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Darty Sérénité\Darty Protection\Anti-Virus\fsav32.exe
PRC - [2010/01/22 14:53:14 | 000,215,648 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Darty Sérénité\Darty Protection\Anti-Virus\fsgk32st.exe
PRC - [2009/11/13 11:28:04 | 000,110,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2009/06/03 13:09:42 | 000,192,512 | ---- | M] () -- C:\PROGRA~1\DARTYS~1\DARTYS~1\ooservice.exe
PRC - [2009/04/14 13:56:56 | 000,174,688 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Darty Sérénité\Darty Protection\FSAUA\program\fsus.exe
PRC - [2009/04/06 17:35:58 | 000,055,904 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Darty Sérénité\Darty Protection\ORSP Client\fsorsp.exe
PRC - [2009/04/06 17:34:18 | 000,232,088 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Darty Sérénité\Darty Protection\Common\FSMB32.EXE
PRC - [2009/04/06 17:34:16 | 000,117,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Darty Sérénité\Darty Protection\Common\FSMA32.EXE
PRC - [2009/04/06 17:34:14 | 000,182,936 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Darty Sérénité\Darty Protection\Common\FSM32.EXE
PRC - [2009/04/06 17:34:12 | 000,125,592 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Darty Sérénité\Darty Protection\Common\FCH32.EXE
PRC - [2009/04/06 17:34:10 | 000,404,064 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Darty Sérénité\Darty Protection\Common\FAMEH32.EXE
PRC - [2009/04/06 17:32:52 | 000,604,768 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Darty Sérénité\Darty Protection\FSGUI\fsguidll.exe
PRC - [2009/04/06 17:29:48 | 000,510,560 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Darty Sérénité\Darty Protection\FWES\Program\fsdfwd.exe
PRC - [2009/04/06 17:28:54 | 000,043,680 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Darty Sérénité\Darty Protection\Anti-Virus\fsqh.exe
PRC - [2009/04/06 17:27:58 | 000,490,080 | ---- | M] (F-Secure Corporation) -- C:\Program Files\Darty Sérénité\Darty Protection\FSAUA\program\fsaua.exe
PRC - [2009/03/05 16:02:32 | 000,491,520 | ---- | M] (Avanquest Software USA, Inc.) -- C:\PROGRA~1\DARTYS~1\DARTYO~1\mxtask.exe
PRC - [2009/02/08 21:11:00 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/11/24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/11/24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008/10/29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/04/25 03:22:02 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/16 10:46:24 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/04/24 19:17:34 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007/03/22 18:21:52 | 000,131,072 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2007/02/07 00:04:26 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
PRC - [2007/02/07 00:04:16 | 000,464,168 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
PRC - [2007/01/31 18:18:42 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/01/02 09:33:24 | 000,135,168 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2006/12/22 14:43:18 | 000,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2006/11/24 12:57:54 | 000,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2006/11/09 20:57:52 | 003,784,704 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006/10/05 23:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe


========== Modules (SafeList) ==========

MOD - [2010/07/29 15:44:20 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Fnac Digitale\Desktop\OTL.exe
MOD - [2008/08/28 05:24:51 | 000,712,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
MOD - [2008/04/25 03:11:36 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SLC.dll
MOD - [2007/03/23 21:26:43 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
MOD - [2007/03/22 18:21:52 | 000,090,112 | ---- | M] (acer) -- C:\Windows\System32\eNetHook.dll
MOD - [2006/11/02 14:36:21 | 000,379,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2006/11/02 11:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2006/11/02 11:46:13 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\thumbcache.dll
MOD - [2006/11/02 11:46:11 | 002,226,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
MOD - [2006/11/02 11:46:04 | 000,183,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
MOD - [2006/11/02 11:46:03 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
MOD - [2006/11/02 11:46:02 | 000,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll
MOD - [2006/11/02 11:44:49 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2006/11/02 11:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Programmes\Darty Sérénité\Darty Optimisation\mxtask.exe -- (Darty Optimisation Task Manager)
SRV - File not found [Auto | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2010/07/20 11:43:15 | 002,561,624 | ---- | M] () [Auto | Running] -- C:/Program Files/Common Files/Akamai/rswin_3725.dll -- (Akamai)
SRV - [2010/01/22 14:53:14 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Darty Sérénité\Darty Protection\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2009/11/13 11:28:04 | 000,110,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/06/17 11:18:42 | 006,582,912 | ---- | M] () [On_Demand | Stopped] -- c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe -- (wampmysqld)
SRV - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009/06/03 13:09:42 | 000,192,512 | ---- | M] () [Auto | Running] -- C:\PROGRA~1\DARTYS~1\DARTYS~1\ooservice.exe -- (adbackup)
SRV - [2009/05/27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ)
SRV - [2009/04/06 17:35:58 | 000,055,904 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Darty Sérénité\Darty Protection\ORSP Client\fsorsp.exe -- (FSORSPClient)
SRV - [2009/04/06 17:34:16 | 000,117,400 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\Darty Sérénité\Darty Protection\Common\FSMA32.EXE -- (FSMA)
SRV - [2009/04/06 17:29:48 | 000,510,560 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Darty Sérénité\Darty Protection\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2009/04/06 17:27:58 | 000,490,080 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\Darty Sérénité\Darty Protection\FSAUA\program\fsaua.exe -- (FSAUA)
SRV - [2008/12/10 01:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe -- (wampapache)
SRV - [2008/11/24 23:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/11/24 23:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008/11/24 23:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008/04/25 03:22:02 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2008/01/16 10:46:24 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/04/24 19:17:34 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/04/24 17:26:08 | 000,105,248 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/03/22 18:21:52 | 000,131,072 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2007/02/07 00:04:26 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/01/31 18:18:42 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/01/02 09:33:24 | 000,135,168 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2006/12/22 14:43:18 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2006/11/24 12:57:54 | 000,107,008 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2006/11/17 20:45:26 | 000,118,784 | ---- | M] (Wistron Corp.) [On_Demand | Stopped] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2006/10/05 23:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Elements\1stboot\WisINT15.SYS -- (WisINT15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/07/29 15:29:51 | 000,124,072 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Darty Sérénité\Darty Protection\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2010/07/17 17:01:40 | 000,041,256 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\Drivers\fsbts.sys -- (fsbts)
DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2009/04/06 17:33:18 | 000,067,808 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program Files\Darty Sérénité\Darty Protection\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2009/04/06 17:29:46 | 000,070,944 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2009/04/06 17:29:40 | 000,035,552 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\fses.sys -- (FSES)
DRV - [2009/04/06 17:28:58 | 000,039,776 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Darty Sérénité\Darty Protection\Anti-Virus\Win2K\FSfilter.sys -- (F-Secure Filter)
DRV - [2009/04/06 17:28:58 | 000,025,184 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Program Files\Darty Sérénité\Darty Protection\Anti-Virus\Win2K\FSrec.sys -- (F-Secure Recognizer)
DRV - [2009/04/06 17:28:56 | 000,012,384 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Darty Sérénité\Darty Protection\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2009/02/13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2007/04/25 02:25:46 | 002,950,688 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Acer OrbiCam(UVC)
DRV - [2007/04/24 17:23:52 | 002,261,792 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/03/23 21:35:54 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2007/03/09 23:56:04 | 001,163,616 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007/02/27 21:26:00 | 004,465,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/02/25 15:14:00 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Pilote de carte Intel(R)
DRV - [2007/02/07 00:04:54 | 000,016,680 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PSDNServ.sys -- (PSDNServ)
DRV - [2007/02/07 00:04:50 | 000,060,712 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\psdvdisk.sys -- (psdvdisk)
DRV - [2007/02/07 00:04:48 | 000,020,264 | ---- | M] (HiTRUST) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV - [2006/12/07 18:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006/11/29 11:03:30 | 000,016,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2006/11/29 11:02:28 | 000,078,128 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2006/11/29 11:00:38 | 000,080,688 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2006/11/09 05:09:24 | 001,647,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/11/02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 09:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006/11/02 09:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Pilote de carte Intel(R)
DRV - [2006/11/02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/11/02 09:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2006/10/23 21:17:32 | 000,179,896 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2006/10/19 04:10:57 | 001,380,864 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\igdkmd32.sys -- (ialm)
DRV - [2006/07/06 23:44:00 | 000,168,448 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/12/05 21:37:23 | 000,357,568 | ---- | M] (THOMSON Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BT4501G.sys -- (BT4501G)
DRV - [2003/04/28 11:27:06 | 000,009,867 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\HOTKEY.sys -- (Hotkey)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.fr/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.dartybox.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.dartybox.com/|http://www.google.fr/"
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/28 20:34:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/28 20:34:12 | 000,000,000 | ---D | M]

[2010/07/18 14:00:08 | 000,000,000 | ---D | M] -- C:\Users\Fnac Digitale\AppData\Roaming\mozilla\Extensions
[2010/07/29 16:23:04 | 000,000,000 | ---D | M] -- C:\Users\Fnac Digitale\AppData\Roaming\mozilla\Firefox\Profiles\axcbxjvh.default\extensions
[2010/07/18 14:00:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Fnac Digitale\AppData\Roaming\mozilla\Firefox\Profiles\axcbxjvh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/18 13:59:16 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010/07/28 20:34:06 | 000,001,516 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-france.xml
[2010/07/28 20:34:06 | 000,001,822 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/07/28 20:34:06 | 000,000,757 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-france.xml
[2010/07/28 20:34:06 | 000,001,426 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-fr.xml
[2010/07/28 20:34:06 | 000,000,956 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-france.xml

O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O4 - HKLM..\Run: [Acer Tour] File not found
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\Darty Sérénité\Darty Protection\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\Darty Sérénité\Darty Protection\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Acer Tour Reminder] File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Fnac Digitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\Fnac Digitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\µTorrent.lnk = C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Darty Sérénité\Darty Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Darty Sérénité\Darty Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Darty Sérénité\Darty Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Darty Sérénité\Darty Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Darty Sérénité\Darty Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Darty Sérénité\Darty Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Darty Sérénité\Darty Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Darty Sérénité\Darty Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Darty Sérénité\Darty Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Darty Sérénité\Darty Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Darty Sérénité\Darty Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Program Files\Darty Sérénité\Darty Protection\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (eNetHook.dll) - C:\Windows\System32\eNetHook.dll (acer)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Fnac Digitale\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\Fnac Digitale\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0e755af0-6018-11df-92cb-0016d35a0993}\Shell - "" = AutoRun
O33 - MountPoints2\{0e755af0-6018-11df-92cb-0016d35a0993}\Shell\AutoRun\command - "" = F:\WD SmartWare.exe -- File not found
O33 - MountPoints2\{79d008f6-d28e-11dd-ad6d-0016d35a0993}\Shell\Auto\command - "" = F:\MSOCache\doWTP_RESTORE_0.exe -- File not found
O33 - MountPoints2\{7cf8b2c4-9af1-11de-847f-0016d35a0993}\Shell - "" = AutoRun
O33 - MountPoints2\{7cf8b2c4-9af1-11de-847f-0016d35a0993}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{e490307c-1620-11dd-ba8e-0016d35a0993}\Shell - "" = AutoRun
O33 - MountPoints2\{e490307c-1620-11dd-ba8e-0016d35a0993}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/07/29 16:20:43 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/07/29 15:57:18 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/07/29 15:54:54 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/07/29 15:52:44 | 000,000,000 | ---D | C] -- C:\Users\Fnac Digitale\AppData\Roaming\Malwarebytes
[2010/07/29 15:52:32 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/07/29 15:52:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/07/29 15:52:29 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/07/29 15:52:29 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/29 15:51:21 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Fnac Digitale\Desktop\mbam-setup.exe
[2010/07/29 15:44:10 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Fnac Digitale\Desktop\OTL.exe
[2010/07/29 14:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/07/26 14:39:43 | 000,000,000 | ---D | C] -- C:\Users\Fnac Digitale\.thumbnails
[2010/07/26 14:38:42 | 000,000,000 | ---D | C] -- C:\Users\Fnac Digitale\AppData\Roaming\gtk-2.0
[2010/07/26 14:36:54 | 000,000,000 | ---D | C] -- C:\Users\Fnac Digitale\Documents\gegl-0.0
[2010/07/26 14:36:54 | 000,000,000 | ---D | C] -- C:\Users\Fnac Digitale\.gimp-2.6
[2010/07/26 14:35:47 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010/07/23 10:08:57 | 000,305,664 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUn040c.exe
[2010/07/20 13:03:07 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2010/07/20 13:00:38 | 000,000,000 | ---D | C] -- C:\Users\Fnac Digitale\AppData\Roaming\InstallShield
[2010/07/20 11:43:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai
[2010/07/19 12:40:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2010/07/18 19:52:35 | 000,000,000 | ---D | C] -- C:\wamp
[2010/07/18 17:39:48 | 000,000,000 | ---D | C] -- C:\Users\Fnac Digitale\Desktop\L0reNz0
[2010/07/18 16:02:53 | 000,000,000 | ---D | C] -- C:\Users\Fnac Digitale\.jedit
[2010/07/18 13:59:46 | 000,000,000 | ---D | C] -- C:\Users\Fnac Digitale\AppData\Local\Mozilla
[2010/07/18 13:59:45 | 000,000,000 | ---D | C] -- C:\Users\Fnac Digitale\AppData\Roaming\Mozilla
[2010/07/18 13:59:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/07/18 13:24:16 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010/07/18 13:22:50 | 000,000,000 | ---D | C] -- C:\Users\Fnac Digitale\AppData\Roaming\uTorrent
[2007/03/23 22:08:24 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll

========== Files - Modified Within 30 Days ==========

[2010/07/29 16:29:32 | 002,359,296 | -HS- | M] () -- C:\Users\Fnac Digitale\NTUSER.DAT
[2010/07/29 16:26:46 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/29 16:26:46 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/29 15:55:03 | 000,000,917 | ---- | M] () -- C:\Users\Fnac Digitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/07/29 15:54:54 | 000,000,718 | ---- | M] () -- C:\Users\Fnac Digitale\Desktop\ERUNT.lnk
[2010/07/29 15:52:35 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/29 15:51:41 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Fnac Digitale\Desktop\mbam-setup.exe
[2010/07/29 15:47:38 | 000,013,401 | ---- | M] () -- C:\Users\Fnac Digitale\AppData\Roaming\nvModes.001
[2010/07/29 15:44:20 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Fnac Digitale\Desktop\OTL.exe
[2010/07/29 14:37:13 | 000,001,964 | ---- | M] () -- C:\Users\Fnac Digitale\Desktop\HiJackThis.lnk
[2010/07/29 14:32:21 | 000,755,854 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/07/29 14:32:21 | 000,667,534 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/07/29 14:32:21 | 000,145,070 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/07/29 14:32:21 | 000,126,068 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/07/29 14:32:20 | 001,688,248 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/07/29 14:27:40 | 000,013,401 | ---- | M] () -- C:\Users\Fnac Digitale\AppData\Roaming\nvModes.dat
[2010/07/29 14:27:26 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010/07/29 14:26:46 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/07/29 14:26:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/07/29 14:26:28 | 3219,316,736 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/29 11:52:39 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/07/29 11:28:55 | 003,316,270 | -H-- | M] () -- C:\Users\Fnac Digitale\AppData\Local\IconCache.db
[2010/07/28 01:59:44 | 000,043,520 | ---- | M] () -- C:\Users\Fnac Digitale\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/28 01:50:44 | 000,015,085 | ---- | M] () -- C:\Users\Fnac Digitale\.recently-used.xbel
[2010/07/26 14:36:50 | 000,000,904 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2010/07/23 10:11:12 | 000,000,662 | ---- | M] () -- C:\Windows\disney.ini
[2010/07/23 10:10:06 | 000,021,052 | ---- | M] () -- C:\Windows\System32\SIntfNT.dll
[2010/07/23 10:10:06 | 000,015,144 | ---- | M] () -- C:\Windows\System32\SIntf32.dll
[2010/07/23 10:10:06 | 000,012,067 | ---- | M] () -- C:\Windows\System32\SIntf16.dll
[2010/07/20 13:03:07 | 000,001,377 | ---- | M] () -- C:\Users\Public\Desktop\Shaiya.lnk
[2010/07/19 12:40:35 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/07/18 19:53:11 | 000,000,529 | ---- | M] () -- C:\Users\Fnac Digitale\Desktop\WampServer.lnk
[2010/07/18 13:59:21 | 000,001,752 | ---- | M] () -- C:\Users\Fnac Digitale\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/07/18 13:59:21 | 000,001,728 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/07/18 13:24:16 | 000,000,756 | ---- | M] () -- C:\Users\Fnac Digitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\µTorrent.lnk
[2010/07/17 17:01:40 | 000,041,256 | ---- | M] () -- C:\Windows\System32\drivers\fsbts.sys

========== Files Created - No Company Name ==========

[2010/07/29 15:55:03 | 000,000,917 | ---- | C] () -- C:\Users\Fnac Digitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/07/29 15:54:54 | 000,000,718 | ---- | C] () -- C:\Users\Fnac Digitale\Desktop\ERUNT.lnk
[2010/07/29 15:52:35 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/29 14:34:15 | 000,001,964 | ---- | C] () -- C:\Users\Fnac Digitale\Desktop\HiJackThis.lnk
[2010/07/28 01:50:44 | 000,015,085 | ---- | C] () -- C:\Users\Fnac Digitale\.recently-used.xbel
[2010/07/26 14:36:50 | 000,000,904 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2010/07/23 10:10:06 | 000,021,052 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010/07/23 10:10:06 | 000,015,144 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010/07/23 10:10:06 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010/07/23 10:09:01 | 000,000,662 | ---- | C] () -- C:\Windows\disney.ini
[2010/07/20 13:03:07 | 000,001,377 | ---- | C] () -- C:\Users\Public\Desktop\Shaiya.lnk
[2010/07/19 12:40:35 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/07/18 19:53:11 | 000,000,529 | ---- | C] () -- C:\Users\Fnac Digitale\Desktop\WampServer.lnk
[2010/07/18 13:59:21 | 000,001,752 | ---- | C] () -- C:\Users\Fnac Digitale\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/07/18 13:59:21 | 000,001,728 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/07/18 13:24:16 | 000,000,756 | ---- | C] () -- C:\Users\Fnac Digitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\µTorrent.lnk
[2009/10/18 16:21:03 | 000,041,256 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
[2008/12/29 21:09:54 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/12/29 21:09:53 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/08/24 19:44:16 | 000,000,176 | ---- | C] () -- C:\Windows\WININIT.INI
[2007/06/20 20:19:03 | 000,051,370 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2007/06/20 12:55:36 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007/06/20 12:55:36 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007/06/20 12:54:55 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2007/06/20 12:54:10 | 000,009,867 | ---- | C] () -- C:\Windows\System32\drivers\HOTKEY.sys
[2007/06/20 12:42:00 | 000,000,037 | ---- | C] () -- C:\Windows\Acer.ini
[2007/03/24 08:13:57 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007/03/24 07:57:06 | 000,743,424 | R--- | C] () -- C:\Windows\libxml2.dll
[2007/03/24 07:55:17 | 000,872,448 | R--- | C] () -- C:\Windows\iconv.dll
[2007/03/23 22:08:24 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2007/02/06 23:58:10 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007/02/06 23:57:58 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007/02/06 23:57:20 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007/02/06 23:56:30 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007/02/06 23:56:28 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007/02/06 23:52:08 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/12/25 15:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/12/13 09:26:32 | 000,000,041 | ---- | C] () -- C:\Windows\PreLaunch.ini
[2006/12/13 09:26:29 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006/11/29 15:28:54 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 12:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/11/14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[1997/06/14 12:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll

========== LOP Check ==========

[2009/09/12 15:17:32 | 000,000,000 | -HSD | M] -- C:\Users\Fnac Digitale\AppData\Roaming\.#
[2010/01/16 15:05:01 | 000,000,000 | ---D | M] -- C:\Users\Fnac Digitale\AppData\Roaming\com.zipeg
[2009/09/12 15:27:10 | 000,000,000 | ---D | M] -- C:\Users\Fnac Digitale\AppData\Roaming\Darty
[2009/10/17 16:55:21 | 000,000,000 | ---D | M] -- C:\Users\Fnac Digitale\AppData\Roaming\F-Secure
[2010/07/28 01:50:44 | 000,000,000 | ---D | M] -- C:\Users\Fnac Digitale\AppData\Roaming\gtk-2.0
[2008/12/28 23:44:57 | 000,000,000 | ---D | M] -- C:\Users\Fnac Digitale\AppData\Roaming\Uniblue
[2010/07/29 16:29:21 | 000,000,000 | ---D | M] -- C:\Users\Fnac Digitale\AppData\Roaming\uTorrent
[2010/05/15 13:58:03 | 000,000,000 | ---D | M] -- C:\Users\Fnac Digitale\AppData\Roaming\Western Digital
[2010/07/29 15:55:49 | 000,000,000 | ---D | M] -- C:\Users\Fnac Digitale\AppData\Roaming\Zipeg
[2010/07/29 11:52:40 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


<SYSTEMDRIVE>


<MD5>
[2008/01/19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

<MD5>
[2008/01/19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/04/25 03:17:08 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys
[2008/04/25 03:17:08 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/04/25 03:17:08 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/04/25 03:17:07 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

<MD5>
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

<MD5>
[2007/03/22 18:21:52 | 000,090,112 | ---- | M] (acer) MD5=649664E7B90580AA849BDC05B3EF07C7 -- C:\Acer\Empowering Technology\eNet\eNetHook.dll
[2007/03/22 18:21:52 | 000,090,112 | ---- | M] (acer) MD5=649664E7B90580AA849BDC05B3EF07C7 -- C:\Windows\System32\eNetHook.dll

<MD5>
[2008/01/19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

<MD5>
[2006/11/02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006/11/02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008/01/19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

<MD5>
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

<MD5>
[2008/01/19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\a58fa8f1a78b89e6c2a670e288053b8b\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006/11/02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

<systemroot>

<systemroot>
[2006/11/02 11:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008/04/25 03:11:36 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

<systemroot>
<End>
pableoh
 
Messages: 3
Inscription: 29 07 2010
Haut

Messagede pableoh » 29 07 2010

Voici le fichier extras.txt

OTL Extras logfile created on: 29/07/2010 16:29:24 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Fnac Digitale\Desktop
Windows Vista Business Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51,01 Gb Total Space | 6,68 Gb Free Space | 13,10% Space Free | Partition Type: NTFS
Drive D: | 51,01 Gb Total Space | 49,33 Gb Free Space | 96,71% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC-DE-FNAC
Current User Name: Fnac Digitale
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{098E7EFB-BBEA-4D01-AB2D-8655446FCE03}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{378AA686-7E32-4C7D-A170-226F37253C4F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5BD2EC83-307E-4D96-AFD3-142CEE983DD9}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8AB7F832-03A0-407B-99FB-3FE3CF99EF10}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{8AD895DA-5272-49D8-9D86-2E464A119608}" = lport=49162 | protocol=6 | dir=in | name=akamai netsession interface |
"{8B3963F1-56A9-4413-B4BF-F974DDE3BCD2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9C89F087-42CC-4FBF-8B42-C2685C416435}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A16B69E1-6B6A-447F-8C77-32F6A096BF10}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{BE3D2CAC-5D88-46B2-995C-833B0D7281FE}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0146C920-2DDF-41B3-A857-E867768A36FD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{048A9FC4-E245-4AEB-8F1C-02E760855C98}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{11360D26-694A-4350-8CE8-852DFBDFD15B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1DC63C0D-8B87-4356-910B-47CED0741DEE}" = protocol=17 | dir=in | app=c:\program files\cyberlink\powerdvd\olrsubmission\olrsubmission.exe |
"{452C9D06-2681-475B-B87C-13B62A4703CA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7CA6C117-AD66-4F1B-9B76-46AE45613336}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{968C265C-54DE-4E85-A616-3E082B1DF395}" = protocol=6 | dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{A241D3DE-8DAB-4CFA-8E57-D9802FE81D88}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{A3EB312A-8517-4D2B-A915-84D85C733002}" = protocol=17 | dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{FAF25721-8FFA-452A-89BD-29002220FCC9}" = protocol=6 | dir=in | app=c:\program files\cyberlink\powerdvd\olrsubmission\olrsubmission.exe |
"TCP Query User{53CAFD54-D6E4-498B-870A-CAA204064885}D:\l0renz0\empires2.icd" = protocol=6 | dir=in | app=d:\l0renz0\empires2.icd |
"TCP Query User{5A80A421-D61C-4B5D-9F1A-426F7D5E9397}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd |
"TCP Query User{7E93FE0C-8DEF-4333-AA47-2C6DC3922928}D:\l0renz0\age2_x1\age2_x1.icd" = protocol=6 | dir=in | app=d:\l0renz0\age2_x1\age2_x1.icd |
"TCP Query User{AE015FB2-5037-4B3C-A0E6-F1B81416E334}C:\wamp\bin\apache\apache2.2.11\bin\httpd.exe" = protocol=6 | dir=in | app=c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe |
"UDP Query User{4AE829DA-43BC-4FB0-8B12-A51C1D2C0B78}D:\l0renz0\age2_x1\age2_x1.icd" = protocol=17 | dir=in | app=d:\l0renz0\age2_x1\age2_x1.icd |
"UDP Query User{5FAF3AD2-9567-4709-8BC3-B7B5DC90F8E0}C:\wamp\bin\apache\apache2.2.11\bin\httpd.exe" = protocol=17 | dir=in | app=c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe |
"UDP Query User{A6B67483-30E0-4191-BEA6-FF50AF2D56FD}D:\l0renz0\empires2.icd" = protocol=17 | dir=in | app=d:\l0renz0\empires2.icd |
"UDP Query User{A834439B-5899-4524-A954-7984EF5E2355}C:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\age2_x1\age2_x1.icd |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01339AE5-04D4-43F8-008E-13AD788DC4F7}" = SimCity 4
"{059C042E-796A-4ACC-A81A-ECC2010BB78C}" = Windows Live Messenger
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F24E48F-7692-4E89-8784-68DD4D2712A0}" = Microsoft SQL Server Native Client
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare
"{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}" = Need for Speed™ Carbono
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 11
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}" = Fichiers de prise en charge de l'installation de Microsoft SQL Server (Français)
"{35725FBC-A136-4A46-9F29-091759D9BB93}" = MVision
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E31821C-7917-367E-938E-E65FC413EA31}" = Microsoft .NET Framework 3.5 Language Pack SP1 - fra
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{480DBB60-F0B6-45F2-B26F-1A2E11197791}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{485775E8-AEB8-46BD-922B-242879E03DD5}" = Age of Empires III
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{5158974E-2D28-4018-9335-7694C2974746}" = Darty Optimisation
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{69ca8988-1c6c-4285-b8af-db780a6e42af}" = Gestionnaire de contacts professionnels pour Outlook 2007 SP2
"{7370DF47-B4F9-4279-BFC3-3F09919F720D}" = Installation Windows Live
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
"{85BC5CC4-399C-4755-A498-F48CDE105D42}" = Acer OrbiCam Application
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90A4040C-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3500
"{A30179B7-997A-4D47-AA43-57AE59A9C78B}" = Microsoft SQL Server VSS Writer
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.1.1.4
"{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
"{E32B0931-C97B-48E1-A466-27D4088060EF}" = Install(Fr)
"{EA516024-D84D-41F1-814F-83175A6188F2}" = Logitech Video Enumerator
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = TIPCI
"AcerOrbiCamDrv" = Programme de gestion Camera de Acer
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"AdBackup" = Darty Sauvegarde
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II : The Conquerors Expansion
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Akamai" = Akamai NetSession Interface
"Business Contact Manager" = Gestionnaire de contacts professionnels pour Outlook 2007 SP2
"ERUNT_is1" = ERUNT 1.1j
"F-Secure Product 303" = Darty Protection
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{485775E8-AEB8-46BD-922B-242879E03DD5}" = Age of Empires III
"InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - fra" = Module linguistique Microsoft .NET Framework 3.5 SP1- fra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"PROHYBRIDR" = 2007 Microsoft Office system
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"uTorrent" = µTorrent
"WampServer 2_is1" = WampServer 2.0
"WinGimp-2.0_is1" = GIMP 2.6.10
"WinLiveSuite_Wave3" = Installation Windows Live
"Xvid_is1" = Xvid 1.2.1 final uninstall
"Yahoo! Companion" = Yahoo! Toolbar avec bloqueur de fenêtres pop-up
"Yahoo! Toolbar" = Yahoo! Toolbar
"Zipeg" = Zipeg

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Free Realms Installer" = Free Realms Installer
"SOE-Free Realms" = Free Realms

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 29/07/2010 05:20:35 | Computer Name = PC-de-Fnac | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 19 2010-07-29 11:20:35+02:00 pc-de-fnac PC-de-Fnac\Fnac Digitale
F-Secure Anti-Virus Malicious code found in file F:\zPk.lnk. Infection: Exploit:W32/WormLink.B


Error - 29/07/2010 05:20:35 | Computer Name = PC-de-Fnac | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 20 2010-07-29 11:20:35+02:00 pc-de-fnac PC-de-Fnac\Fnac Digitale
F-Secure Anti-Virus Malicious code found in file F:\zlM.lnk. Infection: Exploit:W32/WormLink.B


Error - 29/07/2010 05:20:35 | Computer Name = PC-de-Fnac | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 21 2010-07-29 11:20:35+02:00 pc-de-fnac PC-de-Fnac\Fnac Digitale
F-Secure Anti-Virus Malicious code found in file F:\zYu.lnk. Infection: Exploit:W32/WormLink.B


Error - 29/07/2010 05:20:35 | Computer Name = PC-de-Fnac | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 22 2010-07-29 11:20:35+02:00 pc-de-fnac PC-de-Fnac\Fnac Digitale
F-Secure Anti-Virus Malicious code found in file F:\zPk.lnk. Infection: Exploit:W32/WormLink.B


Error - 29/07/2010 05:20:35 | Computer Name = PC-de-Fnac | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 23 2010-07-29 11:20:35+02:00 pc-de-fnac PC-de-Fnac\Fnac Digitale
F-Secure Anti-Virus Malicious code found in file F:\zwb.lnk. Infection: Exploit:W32/WormLink.B


Error - 29/07/2010 05:20:35 | Computer Name = PC-de-Fnac | Source = FSecure-FSecure-F-Secure Anti-Virus | ID = 103
Description = 24 2010-07-29 11:20:35+02:00 pc-de-fnac PC-de-Fnac\Fnac Digitale
F-Secure Anti-Virus Malicious code found in file F:\zhs.lnk. Infection: Exploit:W32/WormLink.B


Error - 29/07/2010 05:25:50 | Computer Name = PC-de-Fnac | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 7.0.6000.17037, horodatage
0x4b9658a0, module défaillant mshtml.dll, version 7.0.6000.17037, horodatage 0x4b967d32,
code d’exception 0xc0000005, décalage d’erreur 0x000cad7b, ID du processus 0x1728,
heure de début de l’application 0x01cb2effed134b90.

Error - 29/07/2010 05:26:18 | Computer Name = PC-de-Fnac | Source = Application Error | ID = 1000
Description = Application défaillante iexplore.exe, version 7.0.6000.17037, horodatage
0x4b9658a0, module défaillant mshtml.dll, version 7.0.6000.17037, horodatage 0x4b967d32,
code d’exception 0xc0000005, décalage d’erreur 0x000cad7b, ID du processus 0xc8c,
heure de début de l’application 0x01cb2effece3b010.

Error - 29/07/2010 05:38:28 | Computer Name = PC-de-Fnac | Source = WDSmartWareBackgroundService | ID = 0
Description =

Error - 29/07/2010 08:27:27 | Computer Name = PC-de-Fnac | Source = WDSmartWareBackgroundService | ID = 0
Description =

[ OSession Events ]
Error - 05/10/2009 13:52:47 | Computer Name = PC-de-Fnac | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 46
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 28/07/2010 14:26:37 | Computer Name = PC-de-Fnac | Source = Service Control Manager | ID = 7023
Description =

Error - 28/07/2010 14:26:37 | Computer Name = PC-de-Fnac | Source = Service Control Manager | ID = 7026
Description =

Error - 28/07/2010 17:23:49 | Computer Name = PC-de-Fnac | Source = Service Control Manager | ID = 7023
Description =

Error - 28/07/2010 17:23:51 | Computer Name = PC-de-Fnac | Source = Service Control Manager | ID = 7026
Description =

Error - 29/07/2010 03:00:29 | Computer Name = PC-de-Fnac | Source = Service Control Manager | ID = 7023
Description =

Error - 29/07/2010 03:00:31 | Computer Name = PC-de-Fnac | Source = Service Control Manager | ID = 7026
Description =

Error - 29/07/2010 05:38:31 | Computer Name = PC-de-Fnac | Source = Service Control Manager | ID = 7023
Description =

Error - 29/07/2010 05:38:34 | Computer Name = PC-de-Fnac | Source = Service Control Manager | ID = 7026
Description =

Error - 29/07/2010 08:27:29 | Computer Name = PC-de-Fnac | Source = Service Control Manager | ID = 7023
Description =

Error - 29/07/2010 08:27:32 | Computer Name = PC-de-Fnac | Source = Service Control Manager | ID = 7026
Description =


<End>
pableoh
 
Messages: 3
Inscription: 29 07 2010
Haut

Messagede nickW » 31 07 2010

Bonsoir,

Peux-tu envoyer aussi le rapport d'analyse de MBAM (Malwarebytes' Anti-Malware)?

A suivre,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 20538
Inscription: 20 05 2004
Localisation: Île de France/Dordogne
Haut
Sujet verrouillé

Retourner vers Demandes d'étude de rapports d'analyse

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 1 invité

Développé par phpBB® Forum Software © phpBB Group
Traduction par phpBB-fr.com
cron