Mémoire infectée et sessions ne démarrent pas

Mel80 -
jlpjlp Messages postés 51580 Date d'inscription Statut Contributeur sécurité Dernière intervention - 7 août 2009 à 11:54

Bonjour,

Depuis quelques jours, j'ai plusieurs problèmes avec mon ordinateur (un acer sous vista) qui a certainement été infecté par un virus d'après certains messages.
Je vais tenter d'expliquer ce qui est arrivé :
Alors, j'étais tranquillement sur internet quand plusieurs messages d'avast se sont affiché m'annonçant la présence de logiciels malveillants. Je les ai donc supprimé mais avast n'arrivait pas à les supprimer.. J'ai donc fait un nettoyage en supprimer les logiciels dangereux d'après Hijackthis. Le problème de la présence d'un virus 'trojan' étant toujours là, j'ai utilisé le logiciel a² qui me l'a bien supprimé (je pense). Je n'avais plus de problèmes puis quelques heures plus tard, plein de messages d'erreurs et de logiciels malveillants se sont affiché avec avast. Ces infections semblaient se trouver au niveau du system32 de windows. J'ai voulu les supprimer mais certains ne pouvaient pas être supprimés (encore une fois). De plus, avast lors de son démarrage mettais un message 'mémoire infectée'. J'ai donc fait un scan d'avast au démarrage de l'ordinateur. Ce qu'il a fait mais au bout d'un certain temps, le scan s'est arrêté et l'ordinateur aussi. Lorsque je l'ai redémarré, j'ai eu un message 'startup repair' qui après recherche de problème me dit qu'il n'y a aucune solution. Et que si ces problèmes persistent, je devrais contacter un service client. Mon ordinateur a ensuite démarré mais maintenant lorsque je clique pour entrer dans une session utilisateur, l'ordinateur se bloque. Il ne démarre qu'en 'mode sans échec' et même avec ce mode, quand je le démarre avast me donne un message pour dire qu'il est dangereux de laisser l'ordinateur allumé à cause d'un virus je crois. C'est mauvais signe tout ça, non ?
Je ne sais pas si j'ai été assez clair dans mes propos mais si vous pouvez m'aider, je vous attends.
J'espère ne pas avoir à devoir reformater mon ordinateur car j'ai beaucoup de documents que je ne voudrais pas perdre si possible.

Merci d'avance !

Afficher la suite

A voir également:

Mémoire infectée et sessions ne démarrent pas
Mémoire vive - Guide
RAM : type, format, CAS, vitesse, tout sur la mémoire vive - Guide
Nettoyer memoire iphone - Guide
C'est un secret bien gardé : ce réglage d'expert peut doper les performances de votre PC - Guide
Comment savoir si une clé usb est infectée - Guide

121 réponses

Réponse 21 / 121

jlpjlp Messages postés 51580 Date d'inscription Statut Contributeur sécurité Dernière intervention 5 040

ok vire navilog et combofix manuellement

fais le scan en ligne

a plus

Réponse 22 / 121

Mel80

Ca s'arrande pas ..

Scan de Kapersky ( je ne peux toujours pas enregistrer le rapport) :

L'ordinateur est infecté :
Nom de fichier : globalroot/systemroot/system32/geyekrvgndgdlq.dll/globalroot/syst...
Menace : Trojan.Win32.Agent.crez
Compteur de menaces : 9

Réponse 23 / 121

jlpjlp Messages postés 51580 Date d'inscription Statut Contributeur sécurité Dernière intervention 5 040

remets un rapport de malwarebyte?

tu as le rapport complet de kaspersky???

jlpjlp Messages postés 51580 Date d'inscription Statut Contributeur sécurité Dernière intervention 5 040

--> Télécharge The Avenger sur ton Bureau.

http://www.geekstogo.com/forum/files/file/393-the-avenger-by-swandog46/

--> Dézippe le fichier avenger.zip (Clique droit > Extraire).
--> Ferme toutes les fenêtres et toutes les applications en cours et clique droit sur l'icône avenger (Icône avec l'épée) puis choisis Exécuter en tant qu'administrateur.
--> Clique sur OK pour accepter les termes d'utilisation.
--> Une fois le programme lancé, verifie bien que :
- La case "Scan For RootKit" soit cochée
- La case "Automatically disable any rootkits found ne soit pas cochée"
--> Clique sur Execute pour lancer le scan.
--> Répondre Oui à ce message de confirmation.
--> Répondre Oui pour exécuter un scan antirootkit.
--> La première étape étant finie, The Avenger a désormais besoin de redémarrer votre PC pour finir, clique sur Oui.
Ton PC redémarrera alors automatiquement.
--> Au redémarrage, le rapport de The Avenger s'ouvrira automatiquement, poste-le (C:\avenger.txt).

Réponse 24 / 121

Mel80

Rapport de Avenger :

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Completed script processing.

*******************

Finished! Terminate.

Par contre, c'est peut être normal mais entre le moment où je confirme le début du scan et le message qui informe de la fin de la 1ère étape, à peine 1 seconde s'écoule. Rapide pour un scan, ou alors très actif ! O_o

J'ai refait un scan avec Malwarebytes :

Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2494
Windows 6.0.6000

24/07/2009 21:56:09
rapport 21h56

Type de recherche: Examen complet (C:\|)
Eléments examinés: 162989
Temps écoulé: 38 minute(s), 43 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
\\?\globalroot\systemroot\System32\geyekrvgndgdlq.dll (Trojan.TDSS) -> No action taken.

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
\\?\globalroot\systemroot\System32\geyekrvgndgdlq.dll (Trojan.TDSS) -> No action taken.

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 25 / 121

jlpjlp Messages postés 51580 Date d'inscription Statut Contributeur sécurité Dernière intervention 5 040

ok vire ce qui est trouvé par malwarebyte

puis recolle un rapport malwarbyte complet cette fois pour être sur

puis

Télécharge ZHPDiag de Nicolas Coolman sur ton bureau :

-> http://www.premiumorange.com/zeb-help-process/download/ZHPDiag.zip
-> https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

!! déconnecte toi et ferme toutes tes applications en cours !!

* Clique droit sur le .zip que tu viens de télécharger et choisis " extraire tout " sur ton bureau ...

* Double-clique sur "ZHPDiag.exe" pour lancer l'outil :

> Clique sur le bouton " Tous " ( important ).

> puis clique sur le bouton de "la loupe" pour lancer le scan .

Laisses travailler l'outil ...

> Une fois terminé , le rapport s'affiche : clique sur bouton "appareil photo" pour sauvegarder le rapport obtenu ...

Enregistres bien ZHPDiag.txt de façon à le retrouver facilement ( sur le bureau par exemple ).

Puis ferme le programme ...

Enfin , fais un copier/coller du contenu du rapport sauvegardé dans ta prochaine réponse pour analyse ...

Réponse 26 / 121

Mel80

Voici le rapport du scan complet de Malwarebytes :

Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2494
Windows 6.0.6000

25/07/2009 12:22:03
mbam-log-2009-07-25 (12-22-03).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|)
Eléments examinés: 281436
Temps écoulé: 40 minute(s), 44 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
\\?\globalroot\systemroot\System32\geyekrvgndgdlq.dll (Trojan.TDSS) -> Delete on reboot.

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
\\?\globalroot\systemroot\System32\geyekrvgndgdlq.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
c:\$RECYCLE.BIN\s-1-5-21-2283137450-1778682601-968884257-1000\$R6924JY.exe (Trojan.Agnet) -> Quarantined and deleted successfully.
c:\Users\rouvillain\Desktop\avensis.exe (Trojan.Agnet) -> Quarantined and deleted successfully.

Réponse 27 / 121

Mel80

Voici le résultat de ZHPDiag (en plusieurs parties car le rapport est trop long pour le mettre en 1 fois .. ) :

Mel80

Rapport de ZHPDiag v1.23.18 par Nicolas Coolman
Enregistré le 25/07/2009 12:44:02
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Platform : Windows Vista (TM) Home Premium
MSIE: Internet Explorer v7.0.6000.16851

---\\ Processus lancés
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe
C:\Acer\WR_PopUp\WarReg_PopUp.exe
C:\Acer\AcerTour\Reminder.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\system32\Ati2evxx.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\SearchIndexer.exe
\??\C:\Program Files\Acer Arcade Live\Acer PlayMovie\000.fcl

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

---\\ Pages de démarrage d'Internet Explorer (R0)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/

---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm

---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: Search Class - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\system32\ieframe.dll

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll

---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [PlayMovie] C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [SystrayORAHSS] C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKLM\..\policies\Explorer: [NoDrives] Data=0
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - Global Startup: Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PCM Media Sharing.lnk - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O4 - Global Startup: ScanPanel.lnk - C:\Program Files\ScanPanel\ScnPanel.exe

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\Rouvillain\AppData\LocalLow\Dealio\kb127\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll,201
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll,103

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

---\\ Protocole additionnel et piratage de protocole (O18)
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - %SystemRoot%\system32\browseui.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Acer HomeMedia Connect Service (Acer HomeMedia Connect Service) - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: (Ati External Event Utility) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
O23 - Service: eRecovery Service (eRecoveryService) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service Google Update (gupdate1c9c8de20341bb7) (gupdate1c9c8de20341bb7) - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
O23 - Service: Google Software Updater (gusvc) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MgiSvr (MgiSvr) - C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - C:\Windows\system32\SLsvc.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - C:\Windows\system32\SearchIndexer.exe /Embedding
O23 - Service: {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) - C:\WindowsC:\Program Files\Acer Arcade Live\Acer PlayMovie\000.fcl

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Norton Security Scan for Rouvillain.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PersonalAV.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{A133BA7E-385C-4FDF-8606-460D6061EBCF}.job

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file)
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Adobe Shockwave Director 10.4 - {233C1507-6A77-46A4-9443-F871F945D258} - C:\Windows\System32\Adobe\Director\swdir.dll
O40 - ASIC: Adobe Shockwave Director 10.4 - {2A202491-F00D-11cf-87CC-0020AFEECF20} - (not file)
O40 - ASIC: Themes Setup - {2A4D6006-17FC-D44A-B57A-AF5C189016BF} - (not file)
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\Windows\system32\regsvr32.exe /s /n /i:/UserInstall C:\Windows\system32\themeui.dll
O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file)
O40 - ASIC: Adobe Shockwave Director 10.4 - {4155E365-9413-73F8-C346-5EACB15EECBC} - (not file)
O40 - ASIC: Themes Setup - {440F129D-0534-FF4C-FDE2-37356C0D13C9} - (not file)
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file)
O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file)
O40 - ASIC: Browser Customizations - {4DC23B3C-5D28-054D-AC28-011158461C80} - (not file)
O40 - ASIC: Microsoft Windows Script 5.7 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file)
O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file)
O40 - ASIC: Address Book 7 - {7790769C-0471-11d2-AF11-00C04FA35D02} - (not file)
O40 - ASIC: Themes Setup - {7A2D289B-6A5F-8BF1-0521-EE645CBC07BD} - (not file)
O40 - ASIC: .NET Framework - {7C028AF8-F614-47B3-82DA-BA94E41B1089} - (not file)
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file)
O40 - ASIC: Internet Explorer - {94518AC4-5750-4975-A900-D6C8F148366C} - (not file)
O40 - ASIC: Offline Browsing Pack - {972991D7-2AF3-88C1-E392-D87BA12F7B36} - (not file)
O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB929729) - {AAC3F1F0-5649-4670-A698-F1523729F015} - (not file)
O40 - ASIC: .NET Framework - {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - (not file)
O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file)
O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file)
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\Windows\system32\Macromed\Flash\Flash10b.ocx
O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file)
O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file)
O40 - ASIC: Themes Setup - {EE1F6EF5-7D0B-7AAA-0121-AD499D393B4C} - (not file)

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Magic-i Virtual Driver (ARCSOFTVIRTUALCAPTURE) - C:\WINDOWS\system32\DRIVERS\ArcSoftVirtualCapture.sys
O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys
O41 - Driver: (no object) (atikmdag) - C:\WINDOWS\system32\DRIVERS\atikmdag.sys
O41 - Driver: ATI PCI Express (3GIO) Filter (AtiPcie) - C:\WINDOWS\system32\DRIVERS\AtiPcie.sys
O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys
O41 - Driver: Intel(R) PRO/1000 NDIS 6 Adapter Driver (E1G60) - C:\WINDOWS\system32\DRIVERS\E1G60I32.sys
O41 - Driver: GEARAspiWDM (GEARAspiWDM) - C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
O41 - Driver: Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio (HdAudAddService) - C:\WINDOWS\system32\drivers\HdAudio.sys
O41 - Driver: int15 (int15) - C:\Acer\Empowering Technology\eRecovery\int15.sys
O41 - Driver: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHDA.sys
O41 - Driver: IP Traffic Filter Driver (IpFilterDriver) - C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
O41 - Driver: IP in IP Tunnel Driver (IpInIp) - C:\WINDOWS\system32\DRIVERS\ipinip.sys
O41 - Driver: Link-Layer Topology Discovery Mapper I/O Driver (lltdio) - C:\WINDOWS\system32\DRIVERS\lltdio.sys
O41 - Driver: Service Pilote de fonction de classe Moniteur Microsoft (monitor) - C:\WINDOWS\system32\DRIVERS\monitor.sys
O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys
O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys
O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys
O41 - Driver: Convertisseur en T/site-à-site de répartition Microsoft (MSTEE) - C:\WINDOWS\system32\drivers\MSTEE.sys
O41 - Driver: NativeWiFi Filter (NativeWifiP) - C:\WINDOWS\system32\DRIVERS\nwifi.sys
O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\system32\DRIVERS\ndistapi.sys
O41 - Driver: NDIS Usermode I/O Protocol (Ndisuio) - C:\WINDOWS\system32\DRIVERS\ndisuio.sys
O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\system32\DRIVERS\ndiswan.sys
O41 - Driver: NetBIOS Interface (NetBIOS) - C:\WINDOWS\system32\DRIVERS\netbios.sys
O41 - Driver: Upper Class Filter Driver (NTIDrvr) - C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
O41 - Driver: IPX Traffic Filter Driver (NwlnkFlt) - C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
O41 - Driver: IPX Traffic Forwarder Driver (NwlnkFwd) - C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
O41 - Driver: PAC7302 VGA USB Camera (PAC7302) - C:\WINDOWS\system32\DRIVERS\PAC7302.SYS
O41 - Driver: (no object) (pavboot) - C:\WINDOWS\system32\drivers\pavboot.sys
O41 - Driver: PCAMp50 NDIS Protocol Driver (PCAMp50) - C:\WINDOWS\System32\Drivers\PCAMp50.sys
O41 - Driver: PCASp50 NDIS Protocol Driver (PCASp50) - C:\WINDOWS\System32\Drivers\PCASp50.sys
O41 - Driver: VSO Software pcouffin (pcouffin) - C:\WINDOWS\System32\Drivers\pcouffin.sys
O41 - Driver: Miniport réseau étendu WAN (PPTP) (PptpMiniport) - C:\WINDOWS\system32\DRIVERS\raspptp.sys
O41 - Driver: @%SystemRoot%\System32\drivers\pacer.sys,-101 (PSched) - C:\WINDOWS\system32\DRIVERS\pacer.sys
O41 - Driver: Remote Access Auto Connection Driver (RasAcd) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: Miniport réseau étendu WAN (L2TP) (Rasl2tp) - C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\system32\DRIVERS\raspppoe.sys
O41 - Driver: Link-Layer Topology Discovery Responder (rspndr) - C:\WINDOWS\system32\DRIVERS\rspndr.sys
O41 - Driver: USB-Flachbettscanner (SampleScanner) - C:\WINDOWS\system32\DRIVERS\ArtecGT.sys
O41 - Driver: @%SystemRoot%\system32\tcpipcfg.dll,-50005 (Smb) - C:\WINDOWS\system32\DRIVERS\smb.sys
O41 - Driver: Pilote d'appareil photo numérique série (StillCam) - C:\WINDOWS\system32\DRIVERS\serscan.sys
O41 - Driver: Microsoft IPv6 Protocol Driver (Tcpip6) - C:\WINDOWS\system32\DRIVERS\tcpip.sys
O41 - Driver: Pilote de carte miniport Microsoft Tun (tunmp) - C:\WINDOWS\system32\DRIVERS\tunmp.sys
O41 - Driver: Pilote de carte miniport Microsoft IPv6 Tunnel (tunnel) - C:\WINDOWS\system32\DRIVERS\tunnel.sys
O41 - Driver: (no object) (ueqeesi) - C:\WINDOWS\system32\drivers\figwav.sys
O41 - Driver: Pilote USB audio (WDM) (usbaudio) - C:\WINDOWS\system32\drivers\usbaudio.sys
O41 - Driver: (no object) (vga) - C:\WINDOWS\system32\DRIVERS\vgapnp.sys
O41 - Driver: Remote Access IP ARP Driver (Wanarp) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: Remote Access IPv6 ARP Driver (Wanarpv6) - C:\WINDOWS\system32\DRIVERS\wanarp.sys
O41 - Driver: WinUSB Service (winusb) - C:\WINDOWS\system32\DRIVERS\winusb.sys
O41 - Driver: WpdUsb (WpdUsb) - C:\WINDOWS\system32\DRIVERS\wpdusb.sys
O41 - Driver: (no object) (WUDFRd) - C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
O41 - Driver: NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller (yukonwlh) - C:\WINDOWS\system32\DRIVERS\yk60x86.sys
O41 - Driver: {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) - C:\Program Files\Acer Arcade Live\Acer PlayMovie\000.fcl

---\\ Logiciels installés (O42)
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 1 (SP1)
O42 - Logiciel: Acer Arcade Live Main Page
O42 - Logiciel: Acer DV Magician
O42 - Logiciel: Acer DVDivine
O42 - Logiciel: Acer Empowering Technology
O42 - Logiciel: Acer HomeMedia
O42 - Logiciel: Acer HomeMedia Connect
O42 - Logiciel: Acer PlayMovie
O42 - Logiciel: Acer ScreenSaver
O42 - Logiciel: Acer SlideShow DVD
O42 - Logiciel: Acer Tour
O42 - Logiciel: Acer VideoMagician
O42 - Logiciel: Acer ePerformance Management
O42 - Logiciel: Activation Assistant for the 2007 Microsoft Office suites
O42 - Logiciel: Adobe Flash Player 10 ActiveX
O42 - Logiciel: Adobe Flash Player 10 Plugin
O42 - Logiciel: Adobe Reader 7.0 - Français
O42 - Logiciel: Adobe Shockwave Player
O42 - Logiciel: Apple Mobile Device Support
O42 - Logiciel: Apple Software Update
O42 - Logiciel: ArcSoft Magic-i 3
O42 - Logiciel: ArcSoft PhotoImpression 5
O42 - Logiciel: ArcSoft VideoImpression 2
O42 - Logiciel: ArcSoft WebCam Companion 2
O42 - Logiciel: Archiveur WinRAR
O42 - Logiciel: Assistant de connexion Windows Live
O42 - Logiciel: Audacity 1.3.7 (Unicode)
O42 - Logiciel: Avery Wizard 3.1
O42 - Logiciel: AviSynth 2.5
O42 - Logiciel: Big Fish Games Client
O42 - Logiciel: Dealio Toolbar 3.4
O42 - Logiciel: Del Mp3 Karaoke 4.7.4703
O42 - Logiciel: DivX Codec
O42 - Logiciel: DivX Converter
O42 - Logiciel: DivX Player
O42 - Logiciel: DivX Web Player
O42 - Logiciel: Galerie de photos Windows Live
O42 - Logiciel: Google Chrome
O42 - Logiciel: Google Update Helper
O42 - Logiciel: Google Earth
O42 - Logiciel: Guitar Pro 5.2
O42 - Logiciel: HP DeskJet Série 840C (Supprimer uniquement)
O42 - Logiciel: Java(TM) 6 Update 4
O42 - Logiciel: Java(TM) 6 Update 6
O42 - Logiciel: Les Sims 2
O42 - Logiciel: Les tests
O42 - Logiciel: LimeWire 4.18.6
O42 - Logiciel: MSXML 4.0 SP2 (KB936181)
O42 - Logiciel: MSXML 4.0 SP2 (KB941833)
O42 - Logiciel: MSXML 4.0 SP2 (KB954430)
O42 - Logiciel: Malwarebytes' Anti-Malware
O42 - Logiciel: Mega Manager
O42 - Logiciel: Messenger Plus! Live
O42 - Logiciel: Microsoft .NET Framework 1.1
O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB929729)
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007
O42 - Logiciel: Microsoft Office Home and Student 2007
O42 - Logiciel: Microsoft Office Language Pack 2007 Service Pack 1 (SP1)
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007
O42 - Logiciel: Microsoft Office Proof (English) 2007
O42 - Logiciel: Microsoft Office Proof (French) 2007
O42 - Logiciel: Microsoft Office Proof (German) 2007
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007
O42 - Logiciel: Microsoft Office Proofing (French) 2007
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007
O42 - Logiciel: Microsoft Office Word MUI (French) 2007
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU]
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
O42 - Logiciel: Microsoft Works
O42 - Logiciel: MioMap v3 Updater
O42 - Logiciel: MioTransfer
O42 - Logiciel: NTI Backup NOW! 4.7
O42 - Logiciel: Navigateur Orange
O42 - Logiciel: Norton Security Scan
O42 - Logiciel: Norton Security Scan (Symantec Corporation)
O42 - Logiciel: OpenOffice.org 2.4
O42 - Logiciel: Orange - Logiciels Internet
O42 - Logiciel: Panda ActiveScan 2.0
O42 - Logiciel: Pharaon
O42 - Logiciel: Power Tab Editor 1.7
O42 - Logiciel: QuickTime Alternative 2.5.1
O42 - Logiciel: RealPlayer
O42 - Logiciel: Realtek High Definition Audio Driver
O42 - Logiciel: SAMSUNG CDMA Modem Driver Set
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software
O42 - Logiciel: SAMSUNG Mobile USB Modem Software
O42 - Logiciel: Samsung Master
O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer
O42 - Logiciel: Search Settings 1.2
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951550)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB951944)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559)
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969679)
O42 - Logiciel: Security Update for CAPICOM (KB931906)
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB969682)
O42 - Logiciel: Security Update for Microsoft Office OneNote 2007 (KB950130)
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789)
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB969604)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB954326)
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613)
O42 - Logiciel: TweakNow RegCleaner Standard
O42 - Logiciel: USB-Flachbettscanner
O42 - Logiciel: Ulead Photo Express 3.0 SE
O42 - Logiciel: Ultra Mobile 3GP Video Converter 3.9.0306
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642)
O42 - Logiciel: VLC media player 0.9.9
O42 - Logiciel: Version d'évaluation de Microsoft Office Home and Student 2007
O42 - Logiciel: WinZip 11.1
O42 - Logiciel: Windows Live Messenger
O42 - Logiciel: Windows Live Writer
O42 - Logiciel: Windows Live installer
O42 - Logiciel: eMule
O42 - Logiciel: eSobi v2
O42 - Logiciel: iTunes

Mel80 > Mel80

---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files\a-squared Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Acer Arcade Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Acer Inc
O43 - CFD:Common File Directory ----D- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Alwil Software
O43 - CFD:Common File Directory ----D- C:\Program Files\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files\ArcSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI
O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files\Audacity 1.3 Beta (Unicode)
O43 - CFD:Common File Directory ----D- C:\Program Files\Avery
O43 - CFD:Common File Directory ----D- C:\Program Files\AviSynth 2.5
O43 - CFD:Common File Directory ----D- C:\Program Files\AVS4YOU
O43 - CFD:Common File Directory ----D- C:\Program Files\bfgclient
O43 - CFD:Common File Directory ----D- C:\Program Files\BitComet
O43 - CFD:Common File Directory ----D- C:\Program Files\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files\BoontyGames
O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files\Dealio
O43 - CFD:Common File Directory ----D- C:\Program Files\DelMp3Kok
O43 - CFD:Common File Directory ----D- C:\Program Files\Digital Chocolate
O43 - CFD:Common File Directory ----D- C:\Program Files\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files\EA GAMES
O43 - CFD:Common File Directory ----D- C:\Program Files\eMule
O43 - CFD:Common File Directory ----D- C:\Program Files\eRightSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\eSobi
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs
O43 - CFD:Common File Directory ----D- C:\Program Files\Google
O43 - CFD:Common File Directory ----D- C:\Program Files\Guitar Pro 5
O43 - CFD:Common File Directory ----D- C:\Program Files\Happyneuron
O43 - CFD:Common File Directory ----D- C:\Program Files\HP DeskJet 840C Series
O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files\iPod
O43 - CFD:Common File Directory ----D- C:\Program Files\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\LimeWire
O43 - CFD:Common File Directory ----D- C:\Program Files\Logitech
O43 - CFD:Common File Directory ----D- C:\Program Files\ma-config.com
O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files\Megaupload
O43 - CFD:Common File Directory ----D- C:\Program Files\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files\Mio DigiWalker
O43 - CFD:Common File Directory ----D- C:\Program Files\Mio Technology
O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker
O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files\MSN
O43 - CFD:Common File Directory ----D- C:\Program Files\MSXML 4.0
O43 - CFD:Common File Directory ----D- C:\Program Files\NewTech Infosystems
O43 - CFD:Common File Directory ----D- C:\Program Files\Norton Security Scan
O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 2.4
O43 - CFD:Common File Directory ----D- C:\Program Files\OrangeHSS
O43 - CFD:Common File Directory ----D- C:\Program Files\Panda Security
O43 - CFD:Common File Directory ----D- C:\Program Files\Power Tab Software
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime Alternative
O43 - CFD:Common File Directory ----D- C:\Program Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek
O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files\ReflexiveArcade
O43 - CFD:Common File Directory ----D- C:\Program Files\Samsung
O43 - CFD:Common File Directory ----D- C:\Program Files\ScanPanel
O43 - CFD:Common File Directory ----D- C:\Program Files\Sierra On-Line
O43 - CFD:Common File Directory ----D- C:\Program Files\trend micro
O43 - CFD:Common File Directory ----D- C:\Program Files\TweakNow RegCleaner Std
O43 - CFD:Common File Directory ----D- C:\Program Files\Ulead Systems
O43 - CFD:Common File Directory ----D- C:\Program Files\Ultra Mobile 3GP Video Converter
O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files\VSO
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery
O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files\WinRAR
O43 - CFD:Common File Directory ----D- C:\Program Files\WinZip
O43 - CFD:Common File Directory ----D- C:\Program Files\Xtreme
O43 - CFD:Common File Directory ----D- C:\Program Files\Yahoo!
O43 - CFD:Common File Directory --H-D- C:\Program Files\Zero G Registry
O43 - CFD:Common File Directory ----D- C:\Program Files\Zylom Games
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\ArcSoft
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\AVSMedia
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\BOONTY Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\France Telecom
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\LightScribe
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\NewTech Infosystems
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Oberon Media
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Real
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Uninstall
O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\xing shared

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:Last File Created 07/07/2009 - 16:10:56 ---A- C:\Windows\System32\mrt.exe
O44 - LFC:Last File Created 13/07/2009 - 04:48:54 ---A- C:\Windows\PEV.exe
O44 - LFC:Last File Created 13/07/2009 - 12:36:12 ---A- C:\Windows\System32\drivers\mbam.sys
O44 - LFC:Last File Created 13/07/2009 - 12:36:34 ---A- C:\Windows\System32\drivers\mbamswissarmy.sys
O44 - LFC:Last File Created 16/07/2009 - 11:31:22 ---A- C:\Windows\System32\FNTCACHE.DAT
O44 - LFC:Last File Created 17/07/2009 - 11:07:47 ---A- C:\Windows\System32\test.aok
O44 - LFC:Last File Created 19/07/2009 - 20:15:04 --HA- C:\Windows\QTFont.qfn
O44 - LFC:Last File Created 24/07/2009 - 11:55:29 ---A- C:\Windows\System32\Trace.txt
O44 - LFC:Last File Created 24/07/2009 - 19:41:49 ---A- C:\Windows\system.ini
O44 - LFC:Last File Created 25/07/2009 - 10:35:08 ---A- C:\Windows\System32\spsys.log
O44 - LFC:Last File Created 25/07/2009 - 11:28:54 ---A- C:\Windows\System32\PerfStringBackup.INI
O44 - LFC:Last File Created 25/07/2009 - 11:28:54 ---A- C:\Windows\System32\perfc009.dat
O44 - LFC:Last File Created 25/07/2009 - 11:28:54 ---A- C:\Windows\System32\perfc00C.dat
O44 - LFC:Last File Created 25/07/2009 - 11:28:54 ---A- C:\Windows\System32\perfh009.dat
O44 - LFC:Last File Created 25/07/2009 - 11:28:54 ---A- C:\Windows\System32\perfh00C.dat
O44 - LFC:Last File Created 25/07/2009 - 11:33:50 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:Last File Created 25/07/2009 - 11:33:50 --HA- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
O44 - LFC:Last File Created 25/07/2009 - 11:34:46 ---A- C:\Windows\PFRO.log
O44 - LFC:Last File Created 25/07/2009 - 11:34:58 -S-A- C:\Windows\bootstat.dat
O44 - LFC:Last File Created 25/07/2009 - 11:35:02 ---A- C:\Windows\ntbtlog.txt
O44 - LFC:Last File Created 28/06/2009 - 15:07:51 ---A- C:\Windows\Ausba3.INI
O44 - LFC:Last File Created 28/06/2009 - 15:07:51 ---A- C:\Windows\Dusb3ar.ini
O44 - LFC:Last File Created 28/06/2009 - 15:07:51 ---A- C:\Windows\ScnPanel.ini
O44 - LFC:Last File Created 28/06/2009 - 15:08:23 ---A- C:\Windows\ULEAD32.INI

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch 05/07/2009 - 21:21:44 ---A- C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2283137450-1778682601-968884257-1002.db
O45 - LFCP:Last File Created Prefetch 05/07/2009 - 21:21:44 ---A- C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2283137450-1778682601-968884257-1002.db
O45 - LFCP:Last File Created Prefetch 06/07/2009 - 14:30:42 ---A- C:\Windows\Prefetch\AgCx_S1_S-1-5-21-2283137450-1778682601-968884257-1002.snp.db
O45 - LFCP:Last File Created Prefetch 06/07/2009 - 18:47:50 ---A- C:\Windows\Prefetch\AgCx_S4_S-1-5-21-2283137450-1778682601-968884257-1001.snp.db
O45 - LFCP:Last File Created Prefetch 08/07/2009 - 20:53:14 ---A- C:\Windows\Prefetch\AgCx_S1_S-1-5-21-2283137450-1778682601-968884257-1001.snp.db
O45 - LFCP:Last File Created Prefetch 08/07/2009 - 20:54:41 ---A- C:\Windows\Prefetch\AgCx_S2_S-1-5-21-2283137450-1778682601-968884257-1000.snp.db
O45 - LFCP:Last File Created Prefetch 15/07/2009 - 12:38:37 ---A- C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2283137450-1778682601-968884257-1001.db
O45 - LFCP:Last File Created Prefetch 15/07/2009 - 12:38:38 ---A- C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2283137450-1778682601-968884257-1001.db
O45 - LFCP:Last File Created Prefetch 15/07/2009 - 13:43:49 ---A- C:\Windows\Prefetch\AgCx_SC3_356CC34A.db
O45 - LFCP:Last File Created Prefetch 15/07/2009 - 14:42:03 ---A- C:\Windows\Prefetch\AgCx_S2_S-1-5-21-2283137450-1778682601-968884257-1001.snp.db
O45 - LFCP:Last File Created Prefetch 17/07/2009 - 18:59:10 ---A- C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:Last File Created Prefetch 17/07/2009 - 19:00:10 ---A- C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:Last File Created Prefetch 19/07/2009 - 21:21:11 ---A- C:\Windows\Prefetch\AgCx_S2_S-1-5-21-2283137450-1778682601-968884257-1002.snp.db
O45 - LFCP:Last File Created Prefetch 19/07/2009 - 21:22:36 ---A- C:\Windows\Prefetch\AgCx_SC3_DDFC1401.db
O45 - LFCP:Last File Created Prefetch 20/07/2009 - 20:25:36 ---A- C:\Windows\Prefetch\AgCx_S1_S-1-5-21-2283137450-1778682601-968884257-1000.snp.db
O45 - LFCP:Last File Created Prefetch 20/07/2009 - 21:12:58 ---A- C:\Windows\Prefetch\AgCx_SC3_942C5730.db
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 18:22:47 ---A- C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 18:23:25 ---A- C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 18:33:47 ---A- C:\Windows\Prefetch\SCANNINGPROCESS.EXE-6BD67518.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 19:15:31 ---A- C:\Windows\Prefetch\CONIME.EXE-9781FD5F.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 19:41:19 ---A- C:\Windows\Prefetch\RUNONCE.EXE-D0649312.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 19:45:34 ---A- C:\Windows\Prefetch\MOBSYNC.EXE-C5E2284F.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 20:14:30 ---A- C:\Windows\Prefetch\Layout.ini
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 20:49:47 ---A- C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2283137450-1778682601-968884257-1000.db
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 20:49:48 ---A- C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2283137450-1778682601-968884257-1000.db
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 20:53:05 ---A- C:\Windows\Prefetch\RUNDLL32.EXE-70A53FFC.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 20:53:16 ---A- C:\Windows\Prefetch\MSNMSGR.EXE-9974F251.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 20:56:18 ---A- C:\Windows\Prefetch\MBAM-DOR.EXE-547CF556.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:01:38 ---A- C:\Windows\Prefetch\FTCOMMODULE.EXE-CD001D50.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:12:17 ---A- C:\Windows\Prefetch\AVENGER.EXE-D4B8F8F0.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:15:13 ---A- C:\Windows\Prefetch\DLLHOST.EXE-6A473D35.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:15:30 ---A- C:\Windows\Prefetch\WINRAR.EXE-94E7D80C.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:15:46 ---A- C:\Windows\Prefetch\AVENSIS.EXE-89D32EE5.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:18:05 ---A- C:\Windows\Prefetch\USNSVC.EXE-5FE071D8.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:19:34 ---A- C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:19:43 ---A- C:\Windows\Prefetch\RUNDLL32.EXE-E8AC3089.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:20:32 ---A- C:\Windows\Prefetch\LAUNCHER.EXE-ED689328.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:20:41 ---A- C:\Windows\Prefetch\SYSTRAYAPP.EXE-455C1E8F.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:20:54 ---A- C:\Windows\Prefetch\CONNECTIVITYMANAGER.EXE-F9B456C1.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:20:56 ---A- C:\Windows\Prefetch\CORECOM.EXE-604BB56B.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:21:01 ---A- C:\Windows\Prefetch\FTCOMMODULE.EXE-6C1F994F.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:21:01 ---A- C:\Windows\Prefetch\ORACONFIGRECOVER.EXE-0A609F51.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:21:05 ---A- C:\Windows\Prefetch\DESKBOARD.EXE-23DA47CA.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:21:15 ---A- C:\Windows\Prefetch\BROWSER.EXE-05475FFC.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:22:34 ---A- C:\Windows\Prefetch\CCC.EXE-AE792174.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:23:48 ---A- C:\Windows\Prefetch\RUNDLL32.EXE-E2EB680C.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:23:59 ---A- C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:24:36 ---A- C:\Windows\Prefetch\MBAM.EXE-305FF92C.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:24:51 ---A- C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:25:53 ---A- C:\Windows\Prefetch\GOOGLEUPDATE.EXE-FE771DDA.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:28:41 ---A- C:\Windows\Prefetch\FLASHUTIL10B.EXE-06DAF439.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:30:02 ---A- C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:30:09 ---A- C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf
O45 - LFCP:Last File Created Prefetch 24/07/2009 - 21:30:10 ---A- C:\Windows\Prefetch\WERCON.EXE-E36BD04E.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:25:44 ---A- C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:26:25 ---A- C:\Windows\Prefetch\GOOGLEUPDATERSERVICE.EXE-09540BCD.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:26:25 ---A- C:\Windows\Prefetch\SVCHOST.EXE-DD6406E8.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:27:05 ---A- C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:27:05 ---A- C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:27:08 ---A- C:\Windows\Prefetch\DWM.EXE-6FFD3DA8.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:27:08 ---A- C:\Windows\Prefetch\USERINIT.EXE-2257A3E7.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:27:09 ---A- C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:27:10 ---A- C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:27:11 ---A- C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:27:11 ---A- C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:27:21 ---A- C:\Windows\Prefetch\RTHDVCPL.EXE-B116E9FD.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:27:32 ---A- C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:27:34 ---A- C:\Windows\Prefetch\MOM.EXE-3B2B5194.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:27:36 ---A- C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:27:40 ---A- C:\Windows\Prefetch\ALERTMODULE.EXE-45931BA6.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:27:55 ---A- C:\Windows\Prefetch\IPODSERVICE.EXE-37C43D64.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:28:10 ---A- C:\Windows\Prefetch\KASPERSKY-ANTIVIRUS-2010_KASP-F86E1B10.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:28:15 ---A- C:\Windows\Prefetch\STCLIENT_WRAPPER.EXE-7A90E0B8.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:28:17 ---A- C:\Windows\Prefetch\WMPLAYER.EXE-BAD6BD53.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:28:23 ---A- C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:28:24 ---A- C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:28:25 ---A- C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:28:32 ---A- C:\Windows\Prefetch\IEUSER.EXE-7C0FE221.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:28:33 ---A- C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:28:35 ---A- C:\Windows\Prefetch\ARCCON.AC-945FE43A.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:28:47 ---A- C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:29:15 ---A- C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:29:15 ---A- C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:29:15 ---A- C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:29:15 ---A- C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:Last File Created Prefetch 25/07/2009 - 11:29:15 ---A- C:\Windows\Prefetch\PfSvPerfStats.bin

---\\ Export de clé d'application autorisée (ECAA)(O47)
O47 - AAKE:Key Export SP - "C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe"="C:\Program Files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS"

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Minimal\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\vgasave.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CS3\Network\volmgrx.sys

---\\ Trojan Driver Search Data (TDSD) (O52)
O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv"
O52 - TDSD:HKLM\...\Drivers32\"msacm.siren"="sirenacm.dll"
O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.IYUV"="iyuv_32.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.UYVY"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YUY2"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVU9"="tsbyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"VIDC.YVYU"="msyuv.dll"
O52 - TDSD:HKLM\...\Drivers32\"MSVideo8"="VfWWDM32.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux1"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux2"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.XVID"="xvidvfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"wave3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux3"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"wave4"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"midi4"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"mixer4"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"aux4"="wdmaud.drv"
O52 - TDSD:HKLM\...\Drivers32\"vidc.yv12"="yv12vfw.dll"
O52 - TDSD:HKLM\...\Drivers32\"vidc.i420"="i420vfw.dll"
O52 - TDSD:HKLM\...\drivers.desc\"sirenacm.dll"="Messenger Audio Codec"
O52 - TDSD:HKLM\...\drivers.desc\"vfwwdm32.dll"="WDM Video For Windows Capture Driver (Win32)"
O52 - TDSD:HKLM\...\drivers.desc\"wdmaud.drv"="Périphérique audio USB"
O52 - TDSD:HKLM\...\drivers.desc\"xvidvfw.dll"="XviD MPEG-4 Video Codec"

---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=credssp.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDrives"=0

Mel80 > Mel80

---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\1394bus.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\acpi.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\adp94xx.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\adpahci.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\adpu160m.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\adpu320.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\afc.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\afd.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\AGP440.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\aliide.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\AMDAGP.SYS
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\amdide.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\amdk7.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\amdk8.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\arc.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\arcsas.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ArcSoftVirtualCapture.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ArtecGT.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\asyncmac.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\atapi.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ataport.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\atikmdag.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\AtiPcie.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\avgntflt.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\battc.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\bdasup.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\beep.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\bowser.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\BrFiltLo.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\BrFiltUp.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\bridge.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\BrSerId.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\BrSerWdm.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\BrUsbMdm.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\BrUsbSer.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\bthmodem.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\cdfs.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\cdrom.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\circlass.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\Classpnp.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\cmdide.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\compbatt.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\crashdmp.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\crcdisk.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\crusoe.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\dfsc.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\disk.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\Diskdump.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\djsvs.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\drmk.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\drmkaud.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\Dumpata.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\dxapi.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\dxg.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\dxgkrnl.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\E1G60I32.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ecache.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\elxstor.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\fastfat.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\fdc.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\fileinfo.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\filetrace.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\flpydisk.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\fltMgr.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\fs_rec.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\FWPKCLNT.SYS
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\GAGP30KX.SYS
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\GEARAspiWDM.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\hdaudbus.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\HdAudio.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\hidbth.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\hidclass.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\hidir.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\hidparse.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\hidusb.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\HpCISSs.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\hpzion00.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\hpziop00.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\hpziop98.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\http.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\i2omgmt.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\i2omp.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\i8042prt.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\iaStorV.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\iirsp.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\intelide.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\intelppm.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ipfltdrv.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\IPMIDrv.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ipnat.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\irda.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\irenum.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\isapnp.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\iteatapi.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\iteraid.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\kbdclass.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\kbdhid.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ks.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ksecdd.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\lltdio.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\lsi_fc.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\lsi_sas.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\lsi_scsi.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\luafv.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mbam.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mbamswissarmy.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mcd.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\megasas.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\modem.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\monitor.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mouclass.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mouhid.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mountmgr.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mpio.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mpsdrv.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\Mraid35x.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mrxdav.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mrxsmb.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mrxsmb10.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mrxsmb20.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\msahci.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\msdsm.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\msfs.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\msisadrv.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\msiscsi.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mskssrv.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mspclock.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mspqm.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\msrpc.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mssmbios.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mstee.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\mup.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ndis.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ndistapi.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ndisuio.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ndiswan.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ndproxy.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\netbios.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\netbt.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\netio.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\nfrd960.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\npfs.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\nsiproxy.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ntfs.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\NTIDrvr.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ntrigdigi.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\null.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\nvraid.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\nvstor.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\NV_AGP.SYS
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\nwifi.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ohci1394.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\PAC7302.SYS
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\pacer.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\parport.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\partmgr.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\parvdm.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\pavboot.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\PCAMp50.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\PCASp50.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\pci.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\pciide.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\pciidex.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\pcmcia.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\pcouffin.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\PEAuth.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\portcls.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\processr.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\psdfilter.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ql2300.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ql40xx.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\qwavedrv.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\rasacd.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\rasl2tp.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\raspppoe.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\raspptp.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\rdbss.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\RDPCDD.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\rdpdr.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\RDPENCDD.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\rdpwd.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\rmcast.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\RNDISMP.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\rootmdm.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\rspndr.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\RTKVHDA.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sbp2port.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\scsiport.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\secdrv.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\serenum.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\serial.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sermouse.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\serscan.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sffdisk.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sffp_mmc.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sffp_sd.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sfloppy.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\SISAGP.SYS
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sisraid2.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sisraid4.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\smb.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\smclib.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\spldr.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\spsys.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\srv.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\srv2.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\srvnet.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\Storport.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\stream.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\swenum.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\symc8xx.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sym_hi.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\sym_u3.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tape.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tcpip.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tcpipreg.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tdi.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tdpipe.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tdtcp.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tdx.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\termdd.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tssecsrv.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\TUNMP.SYS
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\tunnel.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\UAGP35.SYS
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\udfs.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ULIAGPKX.SYS
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\uliahci.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ulsata.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ulsata2.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\umbus.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\umpass.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usb8023.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\USBAUDIO.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\USBCAMD.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\USBCAMD2.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbccgp.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbcir.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbd.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbehci.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbhub.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbohci.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbport.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbprint.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\USBSTOR.SYS
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\usbuhci.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\vga.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\vgapnp.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\VIAAGP.SYS
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\viac7.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\viaide.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\videoprt.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\volmgr.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\volmgrx.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\volsnap.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\vsmraid.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\wacompen.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\wanarp.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\watchdog.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\WCEUSBSH.SYS
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\wd.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\Wdf01000.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\WdfLdr.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\winusb.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\wmiacpi.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\wmilib.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\WpdUsb.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\ws2ifsl.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\WUDFPf.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\WUDFRd.sys
O58 - SDL:System Drivers List - C:\Windows\system32\drivers\yk60x86.sys

Mel80 > Mel80

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC:Last File Created 23/07/2009 - 13:54:56 ---A- C:\Users\Public\mbam-setup.exe
O61 - LFC:Last File Created 23/07/2009 - 13:56:02 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\ignore.dat
O61 - LFC:Last File Created 23/07/2009 - 14:05:41 ---A- C:\Users\Mélanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
O61 - LFC:Last File Created 23/07/2009 - 14:45:17 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.19056
O61 - LFC:Last File Created 23/07/2009 - 14:45:17 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.19056
O61 - LFC:Last File Created 23/07/2009 - 14:45:18 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.27003
O61 - LFC:Last File Created 23/07/2009 - 14:45:18 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.33580
O61 - LFC:Last File Created 23/07/2009 - 14:45:18 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.40450
O61 - LFC:Last File Created 23/07/2009 - 14:45:18 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.50368
O61 - LFC:Last File Created 23/07/2009 - 14:45:18 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.27003
O61 - LFC:Last File Created 23/07/2009 - 14:45:18 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.33580
O61 - LFC:Last File Created 23/07/2009 - 14:45:18 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.40450
O61 - LFC:Last File Created 23/07/2009 - 14:45:18 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.50368
O61 - LFC:Last File Created 23/07/2009 - 14:45:19 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.13765
O61 - LFC:Last File Created 23/07/2009 - 14:45:19 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.32199
O61 - LFC:Last File Created 23/07/2009 - 14:45:19 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.79293
O61 - LFC:Last File Created 23/07/2009 - 14:45:19 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.98743
O61 - LFC:Last File Created 23/07/2009 - 14:45:19 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.13765
O61 - LFC:Last File Created 23/07/2009 - 14:45:19 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.32199
O61 - LFC:Last File Created 23/07/2009 - 14:45:19 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.43091
O61 - LFC:Last File Created 23/07/2009 - 14:45:19 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.79293
O61 - LFC:Last File Created 23/07/2009 - 14:45:19 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.98743
O61 - LFC:Last File Created 23/07/2009 - 14:45:20 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.29111
O61 - LFC:Last File Created 23/07/2009 - 14:45:20 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.32952
O61 - LFC:Last File Created 23/07/2009 - 14:45:20 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.43091
O61 - LFC:Last File Created 23/07/2009 - 14:45:20 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.65729
O61 - LFC:Last File Created 23/07/2009 - 14:45:20 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.72270
O61 - LFC:Last File Created 23/07/2009 - 14:45:20 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.29111
O61 - LFC:Last File Created 23/07/2009 - 14:45:20 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.32952
O61 - LFC:Last File Created 23/07/2009 - 14:45:20 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.65729
O61 - LFC:Last File Created 23/07/2009 - 14:45:20 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.72270
O61 - LFC:Last File Created 23/07/2009 - 14:45:21 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.59129
O61 - LFC:Last File Created 23/07/2009 - 14:45:21 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.85799
O61 - LFC:Last File Created 23/07/2009 - 14:45:21 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.89672
O61 - LFC:Last File Created 23/07/2009 - 14:45:21 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.95264
O61 - LFC:Last File Created 23/07/2009 - 14:45:21 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.89997
O61 - LFC:Last File Created 23/07/2009 - 14:45:21 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.59129
O61 - LFC:Last File Created 23/07/2009 - 14:45:21 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.85799
O61 - LFC:Last File Created 23/07/2009 - 14:45:21 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.89672
O61 - LFC:Last File Created 23/07/2009 - 14:45:21 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.95264
O61 - LFC:Last File Created 23/07/2009 - 14:45:22 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.18587
O61 - LFC:Last File Created 23/07/2009 - 14:45:22 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.75302
O61 - LFC:Last File Created 23/07/2009 - 14:45:22 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.94206
O61 - LFC:Last File Created 23/07/2009 - 14:45:22 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.18587
O61 - LFC:Last File Created 23/07/2009 - 14:45:22 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.52166
O61 - LFC:Last File Created 23/07/2009 - 14:45:22 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.75302
O61 - LFC:Last File Created 23/07/2009 - 14:45:22 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.94206
O61 - LFC:Last File Created 23/07/2009 - 14:45:23 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.23399
O61 - LFC:Last File Created 23/07/2009 - 14:45:23 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.25579
O61 - LFC:Last File Created 23/07/2009 - 14:45:23 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.36819
O61 - LFC:Last File Created 23/07/2009 - 14:45:23 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.52166
O61 - LFC:Last File Created 23/07/2009 - 14:45:23 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.65581
O61 - LFC:Last File Created 23/07/2009 - 14:45:23 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.23399
O61 - LFC:Last File Created 23/07/2009 - 14:45:23 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.25579
O61 - LFC:Last File Created 23/07/2009 - 14:45:23 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.36819
O61 - LFC:Last File Created 23/07/2009 - 14:45:23 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.65581
O61 - LFC:Last File Created 23/07/2009 - 14:45:24 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.55569
O61 - LFC:Last File Created 23/07/2009 - 14:45:24 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.79826
O61 - LFC:Last File Created 23/07/2009 - 14:45:24 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.88664
O61 - LFC:Last File Created 23/07/2009 - 14:45:24 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.13488
O61 - LFC:Last File Created 23/07/2009 - 14:45:24 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.55569
O61 - LFC:Last File Created 23/07/2009 - 14:45:24 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.79826
O61 - LFC:Last File Created 23/07/2009 - 14:45:24 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.88664
O61 - LFC:Last File Created 23/07/2009 - 14:45:25 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.13488
O61 - LFC:Last File Created 23/07/2009 - 14:45:25 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.16373
O61 - LFC:Last File Created 23/07/2009 - 14:45:25 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.69390
O61 - LFC:Last File Created 23/07/2009 - 14:45:25 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.84926
O61 - LFC:Last File Created 23/07/2009 - 14:45:25 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.16373
O61 - LFC:Last File Created 23/07/2009 - 14:45:25 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.69390
O61 - LFC:Last File Created 23/07/2009 - 14:45:25 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.84926
O61 - LFC:Last File Created 23/07/2009 - 14:45:26 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.19021
O61 - LFC:Last File Created 23/07/2009 - 14:45:26 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.26614
O61 - LFC:Last File Created 23/07/2009 - 14:45:26 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.31427
O61 - LFC:Last File Created 23/07/2009 - 14:45:26 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.37868
O61 - LFC:Last File Created 23/07/2009 - 14:45:26 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.19021
O61 - LFC:Last File Created 23/07/2009 - 14:45:26 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.26614
O61 - LFC:Last File Created 23/07/2009 - 14:45:26 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.31427
O61 - LFC:Last File Created 23/07/2009 - 14:45:26 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.37868
O61 - LFC:Last File Created 23/07/2009 - 14:45:27 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.12479
O61 - LFC:Last File Created 23/07/2009 - 14:45:27 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.35673
O61 - LFC:Last File Created 23/07/2009 - 14:45:27 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.42983
O61 - LFC:Last File Created 23/07/2009 - 14:45:27 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.88148
O61 - LFC:Last File Created 23/07/2009 - 14:45:27 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.12479
O61 - LFC:Last File Created 23/07/2009 - 14:45:27 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.35673
O61 - LFC:Last File Created 23/07/2009 - 14:45:27 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.42983
O61 - LFC:Last File Created 23/07/2009 - 14:45:27 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.76677
O61 - LFC:Last File Created 23/07/2009 - 14:45:27 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.88148
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.32344
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.40042
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.52422
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.54284
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.57132
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.58853
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.97920
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.19729
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.55843
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.62809
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.76677
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.32344
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.40042
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.52422
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.54284
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.57132
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.58853
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.97920
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.19729
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.55843
O61 - LFC:Last File Created 23/07/2009 - 14:45:28 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.62809
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.11591
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.14861
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.14921
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.19338
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.27525
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.34691
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.36720
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.41536
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.50579
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.51857
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.53942
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.56454
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.58438
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.58464
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.69281
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.77659
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.78771
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.81071
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.81466
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.84333
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.85816
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.85886
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.94126
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.96237
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.96751
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP2.50504
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.36137
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.77304
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.94705
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.11591
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.14861
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.14921
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.19338
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.27525
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.34691
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.36720
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.41536
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.50579
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.51857
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.53942
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.56454
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.58438
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.58464
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.69281
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.77659
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.78771
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.81071
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.81466
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.84333
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.85816
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.85886
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.94126
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.96237
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.96751
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.36137
O61 - LFC:Last File Created 23/07/2009 - 14:45:29 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.77304
O61 - LFC:Last File Created 23/07/2009 - 14:45:30 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP3.80908
O61 - LFC:Last File Created 23/07/2009 - 14:45:30 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.45971
O61 - LFC:Last File Created 23/07/2009 - 14:45:30 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP4.85327
O61 - LFC:Last File Created 23/07/2009 - 14:45:30 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR3.80908
O61 - LFC:Last File Created 23/07/2009 - 14:45:31 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2009-07-23 (15-45-31).txt
O61 - LFC:Last File Created 23/07/2009 - 14:45:36 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\3779139
O61 - LFC:Last File Created 23/07/2009 - 15:38:15 ---A- C:\Users\Mélanie\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2009-07-23 (16-35-01).txt
O61 - LFC:Last File Created 23/07/2009 - 15:40:03 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\3099287
O61 - LFC:Last File Created 23/07/2009 - 16:13:42 ---A- C:\Users\Mélanie\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2009-07-23 (17-13-42).txt
O61 - LFC:Last File Created 23/07/2009 - 16:14:00 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\1866286
O61 - LFC:Last File Created 23/07/2009 - 16:17:04 ---A- C:\Users\Mélanie\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2009-07-23 (17-17-04).txt
O61 - LFC:Last File Created 23/07/2009 - 16:17:04 ---A- C:\Users\Mélanie\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.38675
O61 - LFC:Last File Created 23/07/2009 - 16:17:04 ---A- C:\Users\Mélanie\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.38675
O61 - LFC:Last File Created 23/07/2009 - 16:17:08 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\2053815
O61 - LFC:Last File Created 23/07/2009 - 16:39:36 ---A- C:\Users\Mélanie\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.63109
O61 - LFC:Last File Created 23/07/2009 - 16:39:36 ---A- C:\Users\Mélanie\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.63109
O61 - LFC:Last File Created 23/07/2009 - 16:39:37 ---A- C:\Users\Mélanie\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2009-07-23 (17-39-37).txt
O61 - LFC:Last File Created 23/07/2009 - 16:55:56 ---A- C:\Users\Mélanie\Documents\Base de registre du 23 07 09.reg
O61 - LFC:Last File Created 23/07/2009 - 17:18:48 ---A- C:\Users\Rouvillain\AppData\Roaming\Microsoft\HTML Help\hh.dat
O61 - LFC:Last File Created 23/07/2009 - 17:55:42 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\4F6552EE-24C7-4B74-A2F9-C3FCCC025463.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:22:56 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\761081F6-DD0B-40E6-9061-018833AEACE6.WindowsLiveGroup
O61 - LFC:Last File Created 23/07/2009 - 21:22:57 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\14816045-CDF1-42CD-A3ED-6D841735769C.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:22:57 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\706F58AE-4314-4F90-B2BB-A850846063BB.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:22:58 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\3EAF6E30-B776-4DD3-9390-3A63E563D09E.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:22:58 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\5F50073B-3A03-4695-875F-20672C524328.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:22:58 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\D11FF902-D5C0-4781-A03F-1723FF997ADD.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:22:59 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\0BF19DE2-53A2-4BAC-A12E-D48A9C8BCD57.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:22:59 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\2C414FF9-C0B8-413E-A5CB-C60DBCA911AB.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:22:59 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\86751134-12B1-4ADE-9D0F-83B3B9CA6460.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:23:00 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\5310E1ED-7CA2-4105-848D-650A0ED4508B.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:23:00 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\9D45FFC2-36C2-4349-A6D1-1A392343925C.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:23:01 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\1AAACA88-B96C-4A25-9AFB-AF54CB938BB4.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:23:01 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\6B271105-31F5-4885-A0E5-67B17C34F1D5.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:23:01 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\98BD3FC9-3B79-4D44-A3CC-424DE63FB66E.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:23:01 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\CEBCC460-75CC-48D4-A910-2994C237F32F.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:23:01 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\F92ABF0A-37CE-4AD8-8784-21EE437A449F.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:23:02 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\23446F98-DC11-4D20-AB90-D3B9935A77C7.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:23:02 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\562F3BCD-7643-4C47-A911-60AD17E29999.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:23:03 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\864F55EE-6DF4-49E6-B14B-21C313712E1B.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:23:04 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\2FC90C4D-2355-45B9-A2C3-5E41ECDB1B5E.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:23:04 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\9DDFEBB5-19BC-43BF-8B61-0905B7B5C948.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:23:04 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\BEAC13C0-6496-484B-9CFC-F42B708539AD.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:24:57 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\AC72FFE7-1E2F-4B34-84B1-9DC4298B95EB.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:28:25 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\5650F544-8CA3-4372-970F-50780A3FD82C.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:35:44 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\1B3B8C63-322C-473B-81B2-C03450D049B2.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 21:37:52 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\630546DC-3094-4055-A574-62E401EEE7A7.WindowsLiveContact
O61 - LFC:Last File Created 23/07/2009 - 22:26:33 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\E5B908A5-FB2B-4AC1-9DD1-EDD01E053F12.WindowsLiveGroup
O61 - LFC:Last File Created 23/07/2009 - 22:38:52 ---A- C:\Users\Mélanie\AppData\Roaming\OpenOffice.org2\user\registry\data\org\openoffice\Office\Common.xcu
O61 - LFC:Last File Created 23/07/2009 - 22:38:58 ---A- C:\Users\Mélanie\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\stamp.sys
O61 - LFC:Last File Created 23/07/2009 - 22:38:59 ---A- C:\Users\Mélanie\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\registry\com.sun.star.comp.deployment.component.PackageRegistryBackend\Windows_x86rc
O61 - LFC:Last File Created 23/07/2009 - 22:38:59 ---A- C:\Users\Mélanie\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\registry\com.sun.star.comp.deployment.component.PackageRegistryBackend\unorc
O61 - LFC:Last File Created 23/07/2009 - 22:39:00 ---A- C:\Users\Mélanie\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\log.txt
O61 - LFC:Last File Created 23/07/2009 - 22:41:42 ---A- C:\Users\Mélanie\AppData\Roaming\OpenOffice.org2\user\registry\data\org\openoffice\Office\Recovery.xcu
O61 - LFC:Last File Created 23/07/2009 - 22:41:42 ---A- C:\Users\Mélanie\AppData\Roaming\OpenOffice.org2\user\registry\data\org\openoffice\Office\Views.xcu
O61 - LFC:Last File Created 23/07/2009 - 22:41:42 ---A- C:\Users\Mélanie\AppData\Roaming\OpenOffice.org2\user\registry\data\org\openoffice\Setup.xcu
O61 - LFC:Last File Created 23/07/2009 - 22:45:12 ---A- C:\Users\Mélanie\AppData\Roaming\OpenOffice.org2\user\registry\data\org\openoffice\Office\Jobs.xcu
O61 - LFC:Last File Created 24/07/2009 - 11:19:10 ---A- C:\Users\Mélanie\AppData\Local\d3d9caps.dat

Mel80 > Mel80

O61 - LFC:Last File Created 24/07/2009 - 11:19:19 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\12245ADE-9C83-496C-B380-98D2E84A86CB.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 11:19:19 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\1468A9AF-6C90-4384-BB8E-D2851471BCA1.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 11:19:19 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\9413F5B0-D7CF-4638-85BE-87C45ADDCC02.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 11:19:19 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\F2C79059-832A-4071-A97E-BBCE1721AA7B.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 11:19:20 ---A- C:\Users\Mélanie\Contacts\nynye92@msn.com\contactcoll.cache
O61 - LFC:Last File Created 24/07/2009 - 11:32:35 ---A- C:\Users\Mélanie\AppData\Roaming\Microsoft\HTML Help\hh.dat
O61 - LFC:Last File Created 24/07/2009 - 11:47:54 ---A- C:\Users\All Users\Symantec\Definitions\SymcData\virusdefs-2.5-e\usage.dat
O61 - LFC:Last File Created 24/07/2009 - 12:36:50 ---A- C:\Users\Rouvillain\AppData\Roaming\Real\Msg\Messages.dat
O61 - LFC:Last File Created 24/07/2009 - 12:38:10 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.38689
O61 - LFC:Last File Created 24/07/2009 - 12:38:10 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.38689
O61 - LFC:Last File Created 24/07/2009 - 12:38:15 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2009-07-24 (13-38-15).txt
O61 - LFC:Last File Created 24/07/2009 - 15:08:51 ---A- C:\Users\Rouvillain\AppData\Local\ATI\ACE\Manifest.Bin
O61 - LFC:Last File Created 24/07/2009 - 15:08:51 ---A- C:\Users\Rouvillain\AppData\Local\ATI\ACE\Manifest.xml
O61 - LFC:Last File Created 24/07/2009 - 15:09:14 ---A- C:\Users\All Users\ATI\ACE\Profiles.xml
O61 - LFC:Last File Created 24/07/2009 - 15:09:14 ---A- C:\Users\Rouvillain\AppData\Local\ATI\ACE\Profiles.xml
O61 - LFC:Last File Created 24/07/2009 - 15:11:35 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\08913F9D-4079-46DF-BCEA-51DB589DCA6E.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:35 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\E8E4A0AF-5C00-44F9-8C16-2C695E61870E.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:39 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\C564CCF5-C3BB-4588-9034-2A0D59B630C4.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:39 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\EA754537-58D3-4C56-A6C8-715C8BBDFC6E.WindowsLiveGroup
O61 - LFC:Last File Created 24/07/2009 - 15:11:39 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\F6FE4D3C-26BF-444B-A1F8-F30ECF57562C.WindowsLiveGroup
O61 - LFC:Last File Created 24/07/2009 - 15:11:40 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\1D9AFA6D-55A9-4AD5-B012-9827DE39303E.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:40 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\4B9042E8-68AC-4420-AEB9-00B234D7303E.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:40 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\649E7250-8586-4268-8882-91D0F7CA3D3C.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:40 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\79476B3B-0EFE-4BD8-AD12-71D3DE90F2ED.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:40 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\7F02D788-1115-48AE-8DA7-EFB4E5FF738F.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:40 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\A18344AE-5F1D-4CAA-839E-A3A70DD42D1A.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:40 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\C37B6CBF-866A-4D54-B917-F5A1FDF90678.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:40 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\D2EB1044-6A78-47C3-AF45-354ED61D2390.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:41 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\1847A7D0-9EB0-4695-8B51-66DCC38D6227.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:41 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\3E54FF33-2DFF-41DF-815D-07978445DBC2.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:41 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\6D6CA825-E36D-4876-8C97-59A4EFDE048E.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:41 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\7F95A922-72A4-43DA-86D0-7084B2AC931A.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:41 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\95A1A3F4-BFF9-4DD8-8C71-0DAC8A49F7A8.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:42 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\062E559C-363D-4C9F-B51E-0BDBC70FB871.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:42 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\6984E7BD-EFF1-408A-8E04-09A14AF4CB8D.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:11:44 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\2FB7C93E-00DB-4DA9-862F-47444E6E6796.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 15:15:44 ---A- C:\Users\Rouvillain\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\registry\com.sun.star.comp.deployment.component.PackageRegistryBackend\Windows_x86rc
O61 - LFC:Last File Created 24/07/2009 - 15:15:44 ---A- C:\Users\Rouvillain\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\registry\com.sun.star.comp.deployment.component.PackageRegistryBackend\unorc
O61 - LFC:Last File Created 24/07/2009 - 15:15:44 ---A- C:\Users\Rouvillain\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\stamp.sys
O61 - LFC:Last File Created 24/07/2009 - 15:15:46 ---A- C:\Users\Rouvillain\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\log.txt
O61 - LFC:Last File Created 24/07/2009 - 15:15:57 ---A- C:\Users\Rouvillain\AppData\Roaming\OpenOffice.org2\user\registry\data\org\openoffice\Office\Jobs.xcu
O61 - LFC:Last File Created 24/07/2009 - 15:17:08 ---A- C:\Users\Rouvillain\AppData\Roaming\OpenOffice.org2\user\registry\data\org\openoffice\Office\Recovery.xcu
O61 - LFC:Last File Created 24/07/2009 - 15:17:08 ---A- C:\Users\Rouvillain\AppData\Roaming\OpenOffice.org2\user\registry\data\org\openoffice\Office\Views.xcu
O61 - LFC:Last File Created 24/07/2009 - 15:17:08 ---A- C:\Users\Rouvillain\AppData\Roaming\OpenOffice.org2\user\registry\data\org\openoffice\Setup.xcu
O61 - LFC:Last File Created 24/07/2009 - 15:21:24 ---A- C:\Users\Rouvillain\AppData\Roaming\OpenOffice.org2\user\registry\data\org\openoffice\Office\Writer.xcu
O61 - LFC:Last File Created 24/07/2009 - 15:21:24 ---A- C:\Users\Rouvillain\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\registry\com.sun.star.comp.deployment.configuration.PackageRegistryBackend\registered_packages.db
O61 - LFC:Last File Created 24/07/2009 - 15:21:24 ---A- C:\Users\Rouvillain\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\uno_packages.db
O61 - LFC:Last File Created 24/07/2009 - 15:44:52 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\A9822611-03B3-4377-A9B4-CDD234A19583.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 18:28:47 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\4E4B2D08-538E-4938-92F3-83CB9A249FB3.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 18:29:49 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\A996BE14-2B80-4563-8F52-77E477159E67.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 18:55:38 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\news.txt
O61 - LFC:Last File Created 24/07/2009 - 18:56:32 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
O61 - LFC:Last File Created 24/07/2009 - 19:12:40 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\BACKUP1.63522
O61 - LFC:Last File Created 24/07/2009 - 19:12:40 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.63522
O61 - LFC:Last File Created 24/07/2009 - 19:12:41 ---A- C:\Users\Rouvillain\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2009-07-24 (20-12-41).txt
O61 - LFC:Last File Created 24/07/2009 - 19:16:42 --HA- C:\Users\Default\ntuser.dat.LOG1
O61 - LFC:Last File Created 24/07/2009 - 19:16:42 -SHA- C:\Users\Default\NTUSER.DAT
O61 - LFC:Last File Created 24/07/2009 - 19:16:43 --HA- C:\Users\Elodie\ntuser.dat.LOG1
O61 - LFC:Last File Created 24/07/2009 - 19:16:43 --HA- C:\Users\Mélanie\ntuser.dat.LOG1
O61 - LFC:Last File Created 24/07/2009 - 19:16:43 -SHA- C:\Users\Elodie\NTUSER.DAT
O61 - LFC:Last File Created 24/07/2009 - 19:16:43 -SHA- C:\Users\Mélanie\NTUSER.DAT
O61 - LFC:Last File Created 24/07/2009 - 19:49:56 ---A- C:\Users\Rouvillain\AppData\Local\Temp\log.txt
O61 - LFC:Last File Created 24/07/2009 - 19:53:23 ---A- C:\Users\Rouvillain\AppData\Local\Temp\~DF2F2E.tmp
O61 - LFC:Last File Created 24/07/2009 - 19:53:28 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\96712A5C-BD02-4B0E-A149-67D7764FA390.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 19:53:28 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\F9C0FA0E-AB14-4F70-86EF-2E931CC0B843.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 19:53:29 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\AC5E2F37-3496-47FE-ABB8-AA5940A81126.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 19:53:30 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\805018D5-0EDB-4017-87DE-5CF2443449A5.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 20:02:05 ---A- C:\Users\Rouvillain\AppData\Local\Temp\MessengerCache\Sl3U1TsYUO7NVs2WLkfnAd0yMn8=
O61 - LFC:Last File Created 24/07/2009 - 20:04:02 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\90F4BDAA-F702-46CB-BB98-3051B1E06C36.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 20:04:18 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\5A494419-2598-4873-843C-20FE746C506B.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 20:13:30 ---A- C:\Users\Rouvillain\AppData\Local\Temp\MessengerCache\vEFMF7maSYoGm3FF2F2mPfs2FXzRM=
O61 - LFC:Last File Created 24/07/2009 - 20:13:30 ---A- C:\Users\Rouvillain\Contacts\nynye92@msn.com\8679B354-19AE-42A0-97E6-C9B817005B09.WindowsLiveContact
O61 - LFC:Last File Created 24/07/2009 - 20:15:39 ---A- C:\Users\Rouvillain\AppData\Local\Temp\~DF9254.tmp
O61 - LFC:Last File Created 24/07/2009 - 20:18:29 ---A- C:\Users\Rouvillain\AppData\Local\Temp\java_install_reg.log
O61 - LFC:Last File Created 24/07/2009 - 20:18:55 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\product.conf
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\AVP3Info.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\Arj.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\ArjPack.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\Avp1.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\AvpMgr.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\Base64.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\Base64P.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\CAB.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\Explode.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\FSSync.dll
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\FsDrvPlg.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\HCCMP.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\HashCont.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\HashMD5.PPL
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\IWGen.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\Inflate.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\IniFile.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\L_llio.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\LicMgr.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\MDMAP.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\MKavIO.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\MailMsg.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\MemModSc.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\MemScan.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\Microsoft.VC80.CRT.manifest
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\NTFSstrm.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\PrUpdate.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\msvcm80.dll
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\03988373.key
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\PrUtil.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\Quantum.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\ScanningProcess.exe
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\StEnum2.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\StdComp.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\TempFile.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\Timer.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\UNSHRINK.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\UnArj.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\UnLZX.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\UnStored.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\UniArc.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\Unreduce.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\WDiskIO.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\WinReg.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\_kave.ini
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\appinfo.kli
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\avlib.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\avs.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\avspm.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\btdisk.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\btimages.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\buffer.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\crpthlpr.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\deflate.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\dmap.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\dtreg.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\farbuffer.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\faristream.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\iChkSA.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\ichk2.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\ikave.dll
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\kave.dll
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\klavsrch.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\kosglue-7.0.26.0.dll
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\lha.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\lic60.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\mc.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\mdb.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\minizip.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\msoe.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\msvcp80.dll
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\msvcr80.dll
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\ndetect.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\nfio.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\ods.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\params.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\passdmap.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\prKernel.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\prLoader.dll
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\procmon.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\prremote.dll
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\prseqio.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\rar.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\schedule.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\sfdb.PPL
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\stored.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\superio.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\thpimpl.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\tm.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\xorio.ppl
O61 - LFC:Last File Created 24/07/2009 - 20:19:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\update.conf
O61 - LFC:Last File Created 24/07/2009 - 20:19:49 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\index\master.xml
O61 - LFC:Last File Created 24/07/2009 - 20:19:49 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\index\master.xml.klz
O61 - LFC:Last File Created 24/07/2009 - 20:19:54 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\kavset.xml.klz
O61 - LFC:Last File Created 24/07/2009 - 20:19:55 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\kavset.xml
O61 - LFC:Last File Created 24/07/2009 - 20:19:57 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\upd\updcfg.xml
O61 - LFC:Last File Created 24/07/2009 - 20:20:04 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\black.lst
O61 - LFC:Last File Created 24/07/2009 - 20:20:04 ---A- C:\Users\Rouvillain\AppData\Local\Temp\jkos-Rouvillain\binaries\appinfo.kls
O61 - LFC:Last File Created 24/07/2009 - 20:20:06 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\kernel.avc
O61 - LFC:Last File Created 24/07/2009 - 20:20:11 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krnun001.avc
O61 - LFC:Last File Created 24/07/2009 - 20:20:14 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krnun002.avc
O61 - LFC:Last File Created 24/07/2009 - 20:20:16 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krnun003.avc
O61 - LFC:Last File Created 24/07/2009 - 20:20:19 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krnun004.avc
O61 - LFC:Last File Created 24/07/2009 - 20:20:24 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krnexe.avc
O61 - LFC:Last File Created 24/07/2009 - 20:20:28 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krnmacro.avc
O61 - LFC:Last File Created 24/07/2009 - 20:20:29 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krnjava.avc
O61 - LFC:Last File Created 24/07/2009 - 20:20:30 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krndos.avc
O61 - LFC:Last File Created 24/07/2009 - 20:20:34 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krngen.avc
O61 - LFC:Last File Created 24/07/2009 - 20:20:41 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krnexe32.avc
O61 - LFC:Last File Created 24/07/2009 - 20:20:42 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krnengn.avc
O61 - LFC:Last File Created 24/07/2009 - 20:20:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krn001.avc
O61 - LFC:Last File Created 24/07/2009 - 20:20:49 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krn002.avc
O61 - LFC:Last File Created 24/07/2009 - 20:20:50 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krn003.avc
O61 - LFC:Last File Created 24/07/2009 - 20:20:56 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krn004.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:03 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krn005.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:05 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\krn006.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:05 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\smart.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:06 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\ocr.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:07 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\chuka.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:13 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\fa001.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:15 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base001c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:17 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base002c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:19 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base003c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:21 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base004c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:24 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base005c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:26 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base006c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:29 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base007c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:32 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base008c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:38 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base009c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:41 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base010c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:44 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base011c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:48 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base012c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:51 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base013c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:55 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base014c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:21:59 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base015c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:22:03 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base016c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:22:07 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base017c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:22:13 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base018c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:22:16 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base019c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:22:21 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base020c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:22:25 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base021c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:22:28 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base022c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:22:33 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base023c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:22:37 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base024c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:22:39 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base025c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:22:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base026c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:22:47 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base027c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:22:51 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base028c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:22:53 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base029c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:22:57 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base030c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:22:59 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base031c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:23:02 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base032c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:23:06 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base033c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:23:10 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base034c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:23:13 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base035c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:23:15 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base036c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:23:19 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base037c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:23:22 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base038c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:23:25 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base039c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:23:28 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base040c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:23:32 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base041c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:23:35 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base042c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:23:43 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base043c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:23:46 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base044c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:23:52 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base045c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:23:57 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base046c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:23:59 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base047c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:24:02 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base048c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:24:05 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base049c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:24:13 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base050c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:24:16 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base051c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:24:19 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base052c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:24:23 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base053c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:24:29 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base054c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:24:33 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base055c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:24:37 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base056c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:24:41 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base057c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:24:44 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base058c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:24:48 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base059c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:24:54 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base060c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:24:58 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base061c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:25:02 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base062c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:25:04 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base063c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:25:10 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base064c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:25:16 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base065c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:25:18 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base066c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:25:21 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base067c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:25:24 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base068c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:25:28 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base069c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:25:33 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base070c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:25:36 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base071c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:25:40 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base072c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:25:44 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base073c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:25:48 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base074c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:25:51 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base075c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:25:54 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base076c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:25:57 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base077c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:26:00 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base078c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:26:03 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base079c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:26:08 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base080c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:26:11 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base081c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:26:16 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base082c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:26:20 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base083c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:26:23 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base084c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:26:27 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base085c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:26:30 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base086c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:26:35 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base087c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:26:40 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base088c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:26:45 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base089c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:26:50 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base090c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:26:53 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base091c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:27:00 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base092c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:27:06 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base093c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:27:10 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base094c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:27:15 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base095c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:27:19 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base096c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:27:24 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base097c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:27:27 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base098c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:27:31 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base099c.avc
O61 - LFC:Last File Created 24/07/2009 - 20:27:35 ---A- C:\Users\Rouvillain\AppData\Local\Temp\KAV Updater update files\updateTemp\bases\five\avc\base100c.avc

Réponse 28 / 121

jlpjlp Messages postés 51580 Date d'inscription Statut Contributeur sécurité Dernière intervention 5 040

ok vire ce qui est en quarantaine dans malwarebyte, ton antivirus
_________________
puis

- CCleaner https://www.ccleaner.com/ccleaner/download (FileHippo). Lance-le et clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Par la suite, laisse-le avec ses réglages par défaut. Ferme le programme.
__________________
puis

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 2 (nettoyage). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)

__________________
puis

lance tool cleaner et vire tout :
https://www.commentcamarche.net/telecharger/securite/22061-toolscleaner/

__________________
puis remets un rapport malwarebyte pour voir si encore des infections et dis si encore des soucis

Réponse 29 / 121

Mel80

Avec ToolBar, lorsque 3 propositions sont faites, il y a :
1 : Recherche
2 : Suppresion
Q : Quitter
Tu m'as dit de faire le 2 (nettoyage) donc je veux juste êtrê sûre que c'est bon le 2 ici aussi c'est à dire 'suppresion' ?

Réponse 30 / 121

Mel80

J'ai fait une recherche. Et j'attends une réponse pour savoir s'il faut faire 'suppression' ou non..
Voici le rapport :

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : AMD Phenom(tm) 9500 Quad-Core Processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Rouvillain ( Not Administrator ! )
BOOT : Fail-safe with network boot
Antivirus : Kaspersky Anti-Virus 6.0.2.621 (Not Activated)
C:\ (Local Disk) - NTFS - Total:228 Go (Free:36 Go)
D:\ (Local Disk) - NTFS - Total:227 Go (Free:227 Go)
E:\ (CD or DVD)
F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 25/07/2009|17:22 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Dealio
C:\Program Files\Dealio
C:\Program Files\Dealio\DealioAU.exe
C:\Program Files\Dealio\kb127
C:\Program Files\Dealio\SearchSettingsKit.exe
C:\Program Files\Dealio\kb127\Dealio Deskbar.exe
C:\Program Files\Dealio\kb127\Dealio.dll
C:\Program Files\Dealio\kb127\DealioRes409.dll
C:\Program Files\Dealio\kb127\res
C:\Program Files\Dealio\kb127\resDN
C:\Program Files\Dealio\kb127\rules
C:\Program Files\Dealio\kb127\temp
C:\Program Files\Dealio\kb127\res\alerts.gif
C:\Program Files\Dealio\kb127\res\alerts_over.gif
C:\Program Files\Dealio\kb127\res\alerts_rec.gif
C:\Program Files\Dealio\kb127\res\alerts_rec_over.gif
C:\Program Files\Dealio\kb127\res\chevron-small.gif
C:\Program Files\Dealio\kb127\res\DealioSearch.html
C:\Program Files\Dealio\kb127\res\deals-leftcap.gif
C:\Program Files\Dealio\kb127\res\deal_report.jpg
C:\Program Files\Dealio\kb127\res\ebay_login.jpg
C:\Program Files\Dealio\kb127\res\err_mainwindow.html
C:\Program Files\Dealio\kb127\res\err_toolbar.html
C:\Program Files\Dealio\kb127\res\global_scripts.js
C:\Program Files\Dealio\kb127\res\headerbgthin.jpg
C:\Program Files\Dealio\kb127\res\highlight-bg.png
C:\Program Files\Dealio\kb127\res\logo.gif
C:\Program Files\Dealio\kb127\res\logo_over.gif
C:\Program Files\Dealio\kb127\res\man_toolbar.css
C:\Program Files\Dealio\kb127\res\man_toolbar.html
C:\Program Files\Dealio\kb127\res\man_toolbar.js
C:\Program Files\Dealio\kb127\res\man_toolbarl.js
C:\Program Files\Dealio\kb127\res\post-this-deal.gif
C:\Program Files\Dealio\kb127\res\post-this-deal_over.gif
C:\Program Files\Dealio\kb127\res\scripts.js
C:\Program Files\Dealio\kb127\res\scroller.js
C:\Program Files\Dealio\kb127\res\search-chevron.gif
C:\Program Files\Dealio\kb127\res\search-chevron_over.gif
C:\Program Files\Dealio\kb127\res\search_bg_blink.gif
C:\Program Files\Dealio\kb127\res\separator.gif
C:\Program Files\Dealio\kb127\res\settings.gif
C:\Program Files\Dealio\kb127\res\settings_over.gif
C:\Program Files\Dealio\kb127\res\yahoo-search.png
C:\Program Files\Dealio\kb127\resDN\bottom.gif
C:\Program Files\Dealio\kb127\resDN\chevron_down.gif
C:\Program Files\Dealio\kb127\resDN\chevron_up.gif
C:\Program Files\Dealio\kb127\resDN\close.gif
C:\Program Files\Dealio\kb127\resDN\deskbar.css
C:\Program Files\Dealio\kb127\resDN\deskbar.js
C:\Program Files\Dealio\kb127\resDN\dispatch_helper.js
C:\Program Files\Dealio\kb127\resDN\ebay_compatible.jpg
C:\Program Files\Dealio\kb127\resDN\logo.gif
C:\Program Files\Dealio\kb127\resDN\logo_chevron_bkg.gif
C:\Program Files\Dealio\kb127\resDN\losing.gif
C:\Program Files\Dealio\kb127\resDN\lost.gif
C:\Program Files\Dealio\kb127\resDN\man_deskbar.html
C:\Program Files\Dealio\kb127\resDN\menu_arrow.gif
C:\Program Files\Dealio\kb127\resDN\menu_check.gif
C:\Program Files\Dealio\kb127\resDN\no_image.gif
C:\Program Files\Dealio\kb127\resDN\prod_img.gif
C:\Program Files\Dealio\kb127\resDN\search_chevron.gif
C:\Program Files\Dealio\kb127\resDN\spacer.gif
C:\Program Files\Dealio\kb127\resDN\textfield_bkg.gif
C:\Program Files\Dealio\kb127\resDN\top.gif
C:\Program Files\Dealio\kb127\resDN\unknown.gif
C:\Program Files\Dealio\kb127\resDN\winning.gif
C:\Program Files\Dealio\kb127\resDN\won.gif
C:\Program Files\Dealio\kb127\rules\index.76.35
C:\Program Files\Dealio\kb127\rules\rules.1.10.76
C:\Program Files\Dealio\kb127\rules\rules.1.109.43
C:\Program Files\Dealio\kb127\rules\rules.1.110.43
C:\Program Files\Dealio\kb127\rules\rules.1.12.52
C:\Program Files\Dealio\kb127\rules\rules.1.13.58
C:\Program Files\Dealio\kb127\rules\rules.1.130.58
C:\Program Files\Dealio\kb127\rules\rules.1.135.50
C:\Program Files\Dealio\kb127\rules\rules.1.153.44
C:\Program Files\Dealio\kb127\rules\rules.1.155.43
C:\Program Files\Dealio\kb127\rules\rules.1.156.49
C:\Program Files\Dealio\kb127\rules\rules.1.16.60
C:\Program Files\Dealio\kb127\rules\rules.1.161.52
C:\Program Files\Dealio\kb127\rules\rules.1.178.66
C:\Program Files\Dealio\kb127\rules\rules.1.184.55
C:\Program Files\Dealio\kb127\rules\rules.1.188.52
C:\Program Files\Dealio\kb127\rules\rules.1.189.45
C:\Program Files\Dealio\kb127\rules\rules.1.196.43
C:\Program Files\Dealio\kb127\rules\rules.1.198.56
C:\Program Files\Dealio\kb127\rules\rules.1.199.43
C:\Program Files\Dealio\kb127\rules\rules.1.200.53
C:\Program Files\Dealio\kb127\rules\rules.1.201.43
C:\Program Files\Dealio\kb127\rules\rules.1.202.43
C:\Program Files\Dealio\kb127\rules\rules.1.203.71
C:\Program Files\Dealio\kb127\rules\rules.1.205.62
C:\Program Files\Dealio\kb127\rules\rules.1.213.71
C:\Program Files\Dealio\kb127\rules\rules.1.214.49
C:\Program Files\Dealio\kb127\rules\rules.1.215.43
C:\Program Files\Dealio\kb127\rules\rules.1.216.67
C:\Program Files\Dealio\kb127\rules\rules.1.217.67
C:\Program Files\Dealio\kb127\rules\rules.1.218.52
C:\Program Files\Dealio\kb127\rules\rules.1.219.43
C:\Program Files\Dealio\kb127\rules\rules.1.220.43
C:\Program Files\Dealio\kb127\rules\rules.1.221.57
C:\Program Files\Dealio\kb127\rules\rules.1.222.43
C:\Program Files\Dealio\kb127\rules\rules.1.223.68
C:\Program Files\Dealio\kb127\rules\rules.1.226.68
C:\Program Files\Dealio\kb127\rules\rules.1.227.43
C:\Program Files\Dealio\kb127\rules\rules.1.228.62
C:\Program Files\Dealio\kb127\rules\rules.1.229.76
C:\Program Files\Dealio\kb127\rules\rules.1.23.63
C:\Program Files\Dealio\kb127\rules\rules.1.239.43
C:\Program Files\Dealio\kb127\rules\rules.1.24.43
C:\Program Files\Dealio\kb127\rules\rules.1.240.43
C:\Program Files\Dealio\kb127\rules\rules.1.241.43
C:\Program Files\Dealio\kb127\rules\rules.1.242.43
C:\Program Files\Dealio\kb127\rules\rules.1.243.43
C:\Program Files\Dealio\kb127\rules\rules.1.244.63
C:\Program Files\Dealio\kb127\rules\rules.1.245.43
C:\Program Files\Dealio\kb127\rules\rules.1.247.43
C:\Program Files\Dealio\kb127\rules\rules.1.248.43
C:\Program Files\Dealio\kb127\rules\rules.1.249.43
C:\Program Files\Dealio\kb127\rules\rules.1.250.43
C:\Program Files\Dealio\kb127\rules\rules.1.251.43
C:\Program Files\Dealio\kb127\rules\rules.1.252.43
C:\Program Files\Dealio\kb127\rules\rules.1.253.43
C:\Program Files\Dealio\kb127\rules\rules.1.254.43
C:\Program Files\Dealio\kb127\rules\rules.1.255.43
C:\Program Files\Dealio\kb127\rules\rules.1.256.43
C:\Program Files\Dealio\kb127\rules\rules.1.257.43
C:\Program Files\Dealio\kb127\rules\rules.1.279.43
C:\Program Files\Dealio\kb127\rules\rules.1.28.58
C:\Program Files\Dealio\kb127\rules\rules.1.282.75
C:\Program Files\Dealio\kb127\rules\rules.1.283.43
C:\Program Files\Dealio\kb127\rules\rules.1.284.43
C:\Program Files\Dealio\kb127\rules\rules.1.289.67
C:\Program Files\Dealio\kb127\rules\rules.1.290.62
C:\Program Files\Dealio\kb127\rules\rules.1.291.61
C:\Program Files\Dealio\kb127\rules\rules.1.296.43
C:\Program Files\Dealio\kb127\rules\rules.1.297.43
C:\Program Files\Dealio\kb127\rules\rules.1.304.43
C:\Program Files\Dealio\kb127\rules\rules.1.307.43
C:\Program Files\Dealio\kb127\rules\rules.1.308.75
C:\Program Files\Dealio\kb127\rules\rules.1.31.47
C:\Program Files\Dealio\kb127\rules\rules.1.310.46
C:\Program Files\Dealio\kb127\rules\rules.1.311.43
C:\Program Files\Dealio\kb127\rules\rules.1.315.43
C:\Program Files\Dealio\kb127\rules\rules.1.316.43
C:\Program Files\Dealio\kb127\rules\rules.1.317.43
C:\Program Files\Dealio\kb127\rules\rules.1.318.43
C:\Program Files\Dealio\kb127\rules\rules.1.319.49
C:\Program Files\Dealio\kb127\rules\rules.1.32.48
C:\Program Files\Dealio\kb127\rules\rules.1.334.44
C:\Program Files\Dealio\kb127\rules\rules.1.335.60
C:\Program Files\Dealio\kb127\rules\rules.1.336.44
C:\Program Files\Dealio\kb127\rules\rules.1.337.44
C:\Program Files\Dealio\kb127\rules\rules.1.338.75
C:\Program Files\Dealio\kb127\rules\rules.1.339.47
C:\Program Files\Dealio\kb127\rules\rules.1.34.43
C:\Program Files\Dealio\kb127\rules\rules.1.340.47
C:\Program Files\Dealio\kb127\rules\rules.1.341.47
C:\Program Files\Dealio\kb127\rules\rules.1.349.50
C:\Program Files\Dealio\kb127\rules\rules.1.35.48
C:\Program Files\Dealio\kb127\rules\rules.1.350.50
C:\Program Files\Dealio\kb127\rules\rules.1.351.51
C:\Program Files\Dealio\kb127\rules\rules.1.352.54
C:\Program Files\Dealio\kb127\rules\rules.1.353.51
C:\Program Files\Dealio\kb127\rules\rules.1.354.51
C:\Program Files\Dealio\kb127\rules\rules.1.357.62
C:\Program Files\Dealio\kb127\rules\rules.1.358.52
C:\Program Files\Dealio\kb127\rules\rules.1.359.52
C:\Program Files\Dealio\kb127\rules\rules.1.360.53
C:\Program Files\Dealio\kb127\rules\rules.1.361.54
C:\Program Files\Dealio\kb127\rules\rules.1.362.68
C:\Program Files\Dealio\kb127\rules\rules.1.363.58
C:\Program Files\Dealio\kb127\rules\rules.1.364.54
C:\Program Files\Dealio\kb127\rules\rules.1.365.53
C:\Program Files\Dealio\kb127\rules\rules.1.367.56
C:\Program Files\Dealio\kb127\rules\rules.1.368.58
C:\Program Files\Dealio\kb127\rules\rules.1.369.55
C:\Program Files\Dealio\kb127\rules\rules.1.370.56
C:\Program Files\Dealio\kb127\rules\rules.1.371.56
C:\Program Files\Dealio\kb127\rules\rules.1.372.57
C:\Program Files\Dealio\kb127\rules\rules.1.373.55
C:\Program Files\Dealio\kb127\rules\rules.1.375.56
C:\Program Files\Dealio\kb127\rules\rules.1.376.57
C:\Program Files\Dealio\kb127\rules\rules.1.377.55
C:\Program Files\Dealio\kb127\rules\rules.1.378.65
C:\Program Files\Dealio\kb127\rules\rules.1.384.58
C:\Program Files\Dealio\kb127\rules\rules.1.386.71
C:\Program Files\Dealio\kb127\rules\rules.1.387.59
C:\Program Files\Dealio\kb127\rules\rules.1.388.59
C:\Program Files\Dealio\kb127\rules\rules.1.389.59
C:\Program Files\Dealio\kb127\rules\rules.1.390.60
C:\Program Files\Dealio\kb127\rules\rules.1.391.60
C:\Program Files\Dealio\kb127\rules\rules.1.392.60
C:\Program Files\Dealio\kb127\rules\rules.1.393.60
C:\Program Files\Dealio\kb127\rules\rules.1.394.60
C:\Program Files\Dealio\kb127\rules\rules.1.396.61
C:\Program Files\Dealio\kb127\rules\rules.1.397.61
C:\Program Files\Dealio\kb127\rules\rules.1.398.60
C:\Program Files\Dealio\kb127\rules\rules.1.399.60
C:\Program Files\Dealio\kb127\rules\rules.1.403.61
C:\Program Files\Dealio\kb127\rules\rules.1.404.63
C:\Program Files\Dealio\kb127\rules\rules.1.405.61
C:\Program Files\Dealio\kb127\rules\rules.1.406.61
C:\Program Files\Dealio\kb127\rules\rules.1.407.76
C:\Program Files\Dealio\kb127\rules\rules.1.408.63
C:\Program Files\Dealio\kb127\rules\rules.1.409.61
C:\Program Files\Dealio\kb127\rules\rules.1.412.62
C:\Program Files\Dealio\kb127\rules\rules.1.413.62
C:\Program Files\Dealio\kb127\rules\rules.1.414.62
C:\Program Files\Dealio\kb127\rules\rules.1.415.62
C:\Program Files\Dealio\kb127\rules\rules.1.416.62
C:\Program Files\Dealio\kb127\rules\rules.1.417.62
C:\Program Files\Dealio\kb127\rules\rules.1.418.62
C:\Program Files\Dealio\kb127\rules\rules.1.419.62
C:\Program Files\Dealio\kb127\rules\rules.1.420.62
C:\Program Files\Dealio\kb127\rules\rules.1.421.62
C:\Program Files\Dealio\kb127\rules\rules.1.423.63
C:\Program Files\Dealio\kb127\rules\rules.1.424.63
C:\Program Files\Dealio\kb127\rules\rules.1.425.63
C:\Program Files\Dealio\kb127\rules\rules.1.426.63
C:\Program Files\Dealio\kb127\rules\rules.1.427.63
C:\Program Files\Dealio\kb127\rules\rules.1.428.65
C:\Program Files\Dealio\kb127\rules\rules.1.429.63
C:\Program Files\Dealio\kb127\rules\rules.1.430.63
C:\Program Files\Dealio\kb127\rules\rules.1.432.65
C:\Program Files\Dealio\kb127\rules\rules.1.433.64
C:\Program Files\Dealio\kb127\rules\rules.1.434.65
C:\Program Files\Dealio\kb127\rules\rules.1.435.64
C:\Program Files\Dealio\kb127\rules\rules.1.436.76
C:\Program Files\Dealio\kb127\rules\rules.1.437.64
C:\Program Files\Dealio\kb127\rules\rules.1.438.71
C:\Program Files\Dealio\kb127\rules\rules.1.439.71
C:\Program Files\Dealio\kb127\rules\rules.1.440.75
C:\Program Files\Dealio\kb127\rules\rules.1.442.73
C:\Program Files\Dealio\kb127\rules\rules.1.443.73
C:\Program Files\Dealio\kb127\rules\rules.1.444.73
C:\Program Files\Dealio\kb127\rules\rules.1.445.68
C:\Program Files\Dealio\kb127\rules\rules.1.446.69
C:\Program Files\Dealio\kb127\rules\rules.1.450.67
C:\Program Files\Dealio\kb127\rules\rules.1.451.67
C:\Program Files\Dealio\kb127\rules\rules.1.452.68
C:\Program Files\Dealio\kb127\rules\rules.1.453.68
C:\Program Files\Dealio\kb127\rules\rules.1.454.69
C:\Program Files\Dealio\kb127\rules\rules.1.456.69
C:\Program Files\Dealio\kb127\rules\rules.1.457.75
C:\Program Files\Dealio\kb127\rules\rules.1.458.70
C:\Program Files\Dealio\kb127\rules\rules.1.459.70
C:\Program Files\Dealio\kb127\rules\rules.1.460.69
C:\Program Files\Dealio\kb127\rules\rules.1.462.74
C:\Program Files\Dealio\kb127\rules\rules.1.463.69
C:\Program Files\Dealio\kb127\rules\rules.1.464.70
C:\Program Files\Dealio\kb127\rules\rules.1.465.68
C:\Program Files\Dealio\kb127\rules\rules.1.468.70
C:\Program Files\Dealio\kb127\rules\rules.1.469.70
C:\Program Files\Dealio\kb127\rules\rules.1.470.70
C:\Program Files\Dealio\kb127\rules\rules.1.471.73
C:\Program Files\Dealio\kb127\rules\rules.1.472.70
C:\Program Files\Dealio\kb127\rules\rules.1.478.74
C:\Program Files\Dealio\kb127\rules\rules.1.479.73
C:\Program Files\Dealio\kb127\rules\rules.1.480.68
C:\Program Files\Dealio\kb127\rules\rules.1.481.71
C:\Program Files\Dealio\kb127\rules\rules.1.482.74
C:\Program Files\Dealio\kb127\rules\rules.1.49.67
C:\Program Files\Dealio\kb127\rules\rules.1.50.43
C:\Program Files\Dealio\kb127\rules\rules.1.500.71
C:\Program Files\Dealio\kb127\rules\rules.1.501.74
C:\Program Files\Dealio\kb127\rules\rules.1.502.71
C:\Program Files\Dealio\kb127\rules\rules.1.51.69
C:\Program Files\Dealio\kb127\rules\rules.1.52.72
C:\Program Files\Dealio\kb127\rules\rules.1.520.76
C:\Program Files\Dealio\kb127\rules\rules.1.521.76
C:\Program Files\Dealio\kb127\rules\rules.1.522.76
C:\Program Files\Dealio\kb127\rules\rules.1.53.51
C:\Program Files\Dealio\kb127\rules\rules.1.531.76
C:\Program Files\Dealio\kb127\rules\rules.1.532.75
C:\Program Files\Dealio\kb127\rules\rules.1.534.75
C:\Program Files\Dealio\kb127\rules\rules.1.54.47
C:\Program Files\Dealio\kb127\rules\rules.1.55.45
C:\Program Files\Dealio\kb127\rules\rules.1.56.69
C:\Program Files\Dealio\kb127\rules\rules.1.57.43
C:\Program Files\Dealio\kb127\rules\rules.1.58.47
C:\Program Files\Dealio\kb127\rules\rules.1.593.76
C:\Program Files\Dealio\kb127\rules\rules.1.595.76
C:\Program Files\Dealio\kb127\rules\rules.1.63.57
C:\Program Files\Dealio\kb127\rules\rules.1.66.47
C:\Program Files\Dealio\kb127\rules\rules.1.70.75
C:\Program Files\Dealio\kb127\rules\rules.1.71.43

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://fr.yahoo.com/"
"SEARCH PAGE"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://fr.yahoo.com/"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\PROGRA~2\Fugazo\Cooking Academy\cached\sounds\eggcrack.wav

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 25/07/2009|17:24 - Option : [1]

-----------\\ Fin du rapport a 17:24:07,31

Réponse 31 / 121

jlpjlp Messages postés 51580 Date d'inscription Statut Contributeur sécurité Dernière intervention 5 040

ok vire ce cracks:

C:\PROGRA~2\Fugazo\Cooking Academy\cached\sounds\eggcrack.wav

_________________

fais l'option 2 (suppression de toolbar sd)

et colle le rapport puis fais le reste

Réponse 32 / 121

Mel80

J'ai supprimé ce crack puis voici le rapport :

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : AMD Phenom(tm) 9500 Quad-Core Processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Rouvillain ( Not Administrator ! )
BOOT : Fail-safe with network boot
Antivirus : Kaspersky Anti-Virus 6.0.2.621 (Not Activated)
C:\ (Local Disk) - NTFS - Total:228 Go (Free:36 Go)
D:\ (Local Disk) - NTFS - Total:227 Go (Free:227 Go)
E:\ (CD or DVD)
F:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 25/07/2009|17:45 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Dealio
Supprime! - C:\Program Files\Dealio\DealioAU.exe
Supprime! - C:\Program Files\Dealio\kb127
Supprime! - C:\Program Files\Dealio\SearchSettingsKit.exe
Supprime! - C:\Program Files\Dealio

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://fr.yahoo.com/"
"SEARCH PAGE"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"SearchMigratedDefaultURL"="https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 25/07/2009|17:24 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 25/07/2009|17:47 - Option : [2]

-----------\\ Fin du rapport a 17:47:24,29

Réponse 33 / 121

jlpjlp Messages postés 51580 Date d'inscription Statut Contributeur sécurité Dernière intervention 5 040

ok poursuis

Réponse 34 / 121

Mel80

Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2494
Windows 6.0.6000

25/07/2009 19:16:54
mbam-log-2009-07-25 (19-16-54).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|)
Eléments examinés: 278868
Temps écoulé: 37 minute(s), 8 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
\\?\globalroot\systemroot\System32\geyekrvgndgdlq.dll (Trojan.TDSS) -> Delete on reboot.

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
\\?\globalroot\systemroot\System32\geyekrvgndgdlq.dll (Trojan.TDSS) -> Quarantined and deleted successfully.

Donc je vois que l'infection est toujours présente malgrès les essais de suppression de la dernière fois avec Malwarebytes.. Ralalaa ..

Réponse 35 / 121

jlpjlp Messages postés 51580 Date d'inscription Statut Contributeur sécurité Dernière intervention 5 040

bizarre bizarre !

Pour fusionner:

http://img.photobucket.com/albums/v666/sUBs/CFScript.gif

_______________

telecharge combofix:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

_________________

Ferme tous tes navigateurs (donc copie ou imprime les instructions avant)

Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

File::
c:\windows\System32\geyekrvgndgdlq.dll

Enregistre ce fichier sous le nom CFscript

Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe

Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

_______________________

puis refais malwarebyte pour voir si encore present et colle le rapport

Réponse 36 / 121

Mel80

Alors, j'ai fait ce que tu m'as dit et pendant l'analyse, j'ai reçu le message suivant :

ComboFix has detected the presence of rootkit activity and needs to reboot the machine. Kindly note down on paper, the name of each file. We may need it later.
globalroot\systemroot\System32\geyekrvgndgdlq.dll

L'ordinateur a ensuite redémarré, le logiciel ComboFix a fait les 'recherches' puis a fait redémarrer l'ordinateur à nouveau et au démarrage, j'ai reçu (comme la dernière fois) plein de messages de ce tupe:

logonUI.exe - Image incorrecte :
globalroot\systemroot\System32\geyekrvgndgdlq.dll n'est pas conçu pour s'exécuter sous Windows où il contient une erreur. Installez à nouveau le programme à l'aide du support d'installation d'origine ou bien contactez votre administrateur système ou le fournisseur du logiciel pour obtenir du support.

J'ai reçu ce message sans exagérer une centaine de fois avec des titres de fichiers différents tels que :
logonUI.exe
userinit.exe
dwm.exe
explorer.exe
CF2231.exe
conime.exe
chcp.exe
grep.ctexe
...

Et après celà, Malwarebytes trouve toujours la même infection globalroot\systemroot\System32\geyekrvgndgdlq.dll !!

J'envois le rapport de ComboFix..

Réponse 37 / 121

Mel80

ComboFix 09-07-24.01 - Rouvillain 25/07/2009 20:05.4.4 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.33.1036.18.3327.2437 [GMT 2:00]
Running from: c:\users\Rouvillain\Desktop\ComboFix.exe
Command switches used :: c:\users\Rouvillain\Desktop\CFscript.txt
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Kaspersky Anti-Virus *disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point

FILE ::
"c:\windows\System32\geyekrvgndgdlq.dll"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\System32\geyekrvgndgdlq.dll

.
((((((((((((((((((((((((( Files Created from 2009-06-25 to 2009-07-25 )))))))))))))))))))))))))))))))
.

2009-07-25 18:15 . 2009-07-25 18:15 -------- d-----w- c:\users\Elodie\AppData\Local\temp
2009-07-25 10:12 . 2009-07-25 10:12 -------- d-----w- c:\progra~2\Kaspersky Lab Setup Files
2009-07-23 20:56 . 2009-07-23 20:56 -------- d-----w- c:\progra~2\Simply Super Software
2009-07-23 14:45 . 2009-07-24 16:00 -------- d-----w- c:\program files\trend micro
2009-07-23 12:55 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-23 12:55 . 2009-07-24 17:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-23 12:55 . 2009-07-23 12:55 -------- d-----w- c:\progra~2\Malwarebytes
2009-07-23 12:55 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-23 12:54 . 2009-07-23 12:54 3775176 ----a-w- c:\users\Public\mbam-setup.exe
2009-07-22 22:26 . 2009-07-22 22:26 -------- d-sh--w- C:\found.000
2009-07-20 17:16 . 2009-07-24 11:27 -------- d-----w- c:\program files\a-squared Anti-Malware
2009-07-20 17:06 . 2009-07-20 17:16 59412480 ----a-w- c:\users\Public\a2AntiMalwareSetup.exe
2009-07-20 17:02 . 2009-07-20 17:05 23975176 ----a-w- c:\users\Public\sdsetup.exe
2009-07-20 14:14 . 2009-03-24 14:07 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-07-20 14:07 . 2009-07-20 14:18 -------- d-----w- c:\users\Public\backups
2009-07-20 13:36 . 2008-06-19 15:24 28544 ----a-w- c:\windows\system32\drivers\pavboot.sys
2009-07-20 13:36 . 2009-07-20 13:36 -------- d-----w- c:\program files\Panda Security
2009-07-19 19:25 . 2009-07-25 14:58 -------- d-----w- c:\program files\CCleaner
2009-07-19 18:07 . 2009-06-22 14:58 13312 ----a-w- c:\windows\system32\drivers\snetcfg.exe
2009-07-19 18:07 . 2009-05-14 09:58 61440 ----a-w- c:\windows\system32\ndisapi.dll
2009-07-19 18:07 . 2009-07-23 13:45 -------- d-----w- c:\program files\Common Files\Uninstall
2009-07-19 17:04 . 2009-07-19 17:06 -------- d-----w- c:\users\Public\Photos anniv' Pauline
2009-07-17 11:13 . 2009-07-17 12:00 -------- d-----w- c:\users\Public\Musique
2009-07-17 11:09 . 2009-07-21 20:55 -------- d-----w- c:\users\Public\Jeux DS
2009-07-17 10:01 . 2009-05-21 08:56 -------- d-----w- c:\users\Public\eng
2009-07-17 10:01 . 2009-07-17 10:01 6955522 ----a-w- c:\users\Public\DSone_SDHC_V3.0_sp8_eng.zip
2009-07-15 10:15 . 2009-06-15 15:29 156160 ----a-w- c:\windows\system32\t2embed.dll
2009-07-15 10:15 . 2009-06-15 15:23 24064 ----a-w- c:\windows\system32\lpk.dll
2009-07-15 10:15 . 2009-06-15 15:22 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-15 10:15 . 2009-06-15 15:21 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-15 10:15 . 2009-06-15 15:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-07-15 10:15 . 2009-06-15 13:03 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-14 16:07 . 2009-07-14 16:07 -------- dc----w- C:\Boonty

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-25 18:22 . 2006-11-02 15:48 699984 ----a-w- c:\windows\system32\perfh00C.dat
2009-07-25 18:22 . 2006-11-02 15:48 121814 ----a-w- c:\windows\system32\perfc00C.dat
2009-07-25 17:52 . 2009-04-29 15:15 -------- d-----w- c:\progra~2\Google Updater
2009-07-24 10:47 . 2008-07-29 15:31 -------- d-----w- c:\program files\Norton Security Scan
2009-07-24 10:41 . 2008-07-17 18:08 -------- d-----w- c:\program files\BoontyGames
2009-07-24 10:40 . 2009-03-14 20:51 -------- d-----w- c:\program files\Zylom Games
2009-07-21 16:59 . 2009-03-01 16:38 -------- d-----w- c:\program files\VSO
2009-07-19 20:21 . 2008-11-02 12:54 -------- d-----w- c:\users\Elodie\AppData\Roaming\OpenOffice.org2
2009-07-16 10:23 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-07-15 16:00 . 2007-05-06 19:09 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-07-06 08:13 . 2008-05-08 11:46 7484 ----a-w- c:\users\Elodie\AppData\Local\d3d9caps.dat
2009-06-28 11:23 . 2008-05-24 15:45 -------- d-----w- c:\users\Elodie\AppData\Roaming\LimeWire
2009-06-13 09:56 . 2007-05-06 19:18 -------- d-----w- c:\progra~2\Microsoft Help
2009-06-13 09:55 . 2007-05-06 19:20 -------- d-----w- c:\program files\Microsoft Works
2009-06-12 15:39 . 2008-05-04 12:26 105528 ----a-w- c:\users\Elodie\AppData\Local\GDIPFONTCACHEV1.DAT
2009-06-07 21:52 . 2009-06-07 21:52 -------- d-----w- c:\progra~2\Grey Alien Games
2009-06-07 15:35 . 2009-05-23 16:41 -------- d-----w- c:\progra~2\HipSoft
2009-06-07 13:08 . 2009-04-18 16:05 -------- d-----w- c:\program files\bfgclient
2009-05-30 17:52 . 2009-05-30 17:52 -------- d-----w- c:\progra~2\Gogii
2009-05-30 15:12 . 2009-04-29 15:15 -------- d-----w- c:\program files\Google
2009-05-23 12:05 . 2008-08-08 19:59 8224 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-05-09 13:40 . 2008-11-02 12:55 1 ----a-w- c:\users\Elodie\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2009-04-30 12:52 . 2009-06-14 14:08 292352 ----a-w- c:\windows\system32\psisdecd.dll
2009-04-30 12:44 . 2009-06-14 14:08 1244672 ----a-w- c:\windows\system32\mcmde.dll
2009-04-30 12:42 . 2009-06-14 14:08 428032 ----a-w- c:\windows\system32\EncDec.dll
2009-04-28 13:03 . 2009-04-28 13:03 230432 -c--a-w- C:\PA7302.DAT
2008-05-31 21:41 . 2008-05-31 21:41 774144 ----a-w- c:\program files\RngInterstitial.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-05-23 1232896]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2009-06-25 1578736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer Empowering Technology Monitor"="c:\acer\Empowering Technology\SysMonitor.exe" [2007-01-24 319488]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"PlayMovie"="c:\program files\Acer Arcade Live\Acer PlayMovie\PMVService.exe" [2007-07-13 178280]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]
"SystrayORAHSS"="c:\program files\OrangeHSS\Systray\SystrayApp.exe" [2006-12-12 90112]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-05-31 185896]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2007-07-03 64000]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-07-06 4669440]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-02-15 151552]

c:\users\Elodie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]

c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-5-6 528384]
Lancement rapide d'Adobe Reader.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
PCM Media Sharing.lnk - c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-5-6 200812]
ScanPanel.lnk - c:\program files\ScanPanel\ScnPanel.exe [2008-7-25 1732608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\K:\0autocheck autochk *

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{3949DEB9-8DD8-42E4-A506-7B9F4A231291}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A033DC2D-F311-40C6-91FC-22337523B865}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F726BF72-BF4E-4B4F-B9FE-4CDF4E903131}"= c:\program files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe:Acer Arcade Live
"{51674872-C1F2-4F6E-9B9C-A757F38BE2C6}"= c:\program files\Acer Arcade Live\SlideShow DVD\Component\CLSLDVD.exe:SlideShow DVD workprocess
"{00717E99-5B5E-4D82-B899-5B920CE145A9}"= c:\program files\Acer Arcade Live\Acer DV Magician\Component\ARAWP.exe:DV Magician ARA workprocess
"{F90A806B-AED4-4244-AC78-EA10F3E4F0E6}"= c:\program files\Acer Arcade Live\Acer DV Magician\Component\DVAX2Process.exe:DV Magician AVAX workprocess
"{2EACCE03-44AD-4451-AFA5-833B35CC35B9}"= c:\program files\Acer Arcade Live\Acer DVDivine\DVDivine.exe:DVDivine
"{39E7738E-3D11-43B9-835D-D16D2F3B2B0D}"= c:\program files\Acer Arcade Live\Acer HomeMedia\HomeMedia.exe:HomeMedia
"{59B339AA-E6E9-43D5-A0ED-DAC81D658E12}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\HomeMedia Connect.exe:HomeMedia Connect
"{B70C9DFF-8065-445C-8092-F386899335A3}"= c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE:HomeMedia Connect Service
"{9F52794C-B028-4208-88E2-1D78370B9A3B}"= c:\program files\Acer Arcade Live\Acer VideoMagician\VideoMagician.exe:VideoMagician
"{DCB45B20-FA20-4095-9016-E7F74A52FD4B}"= c:\program files\Acer Arcade Live\Acer PlayMovie\PlayMovie.exe:Acer PlayMovie
"{A374BCC4-D6BE-418F-8E7C-B6C07284B3E6}"= c:\program files\Acer Arcade Live\Acer PlayMovie\PMVService.exe:Acer PlayMovie Resident Program
"{F0F76D77-4063-4396-AF0F-C9DBEA96F77D}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{A9AD6B6D-BF59-4C65-9C6F-635ADFB19461}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{781C8B61-197B-47FE-A4DF-51B52DC8FA6E}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{B885E36F-6409-420C-AB3F-78A3510481E1}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{8891F40A-06A6-45B5-B57D-1C6BC4D9321E}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{98C04AAB-2961-4C33-AB7C-18A1ED042E88}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{4360709E-DF39-4239-9378-AC9804D93FCF}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{5871D7C5-6183-491C-8D34-6F210FCE59F0}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{AE7BDAFE-BA85-4D42-84D5-12F4A95BFA5C}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{E106A2D7-4784-48D6-9A13-49CBE30C9BE8}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{43BAD9D9-E0B3-4DF9-88CD-577F58C607D1}"= UDP:27760:BitComet 27760 TCP
"{07226393-181B-4F03-8D02-71235858B79B}"= TCP:27760:BitComet 27760 UDP
"TCP Query User{5137E0B5-766B-4993-A075-6DEEA24AC510}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{949AECEC-8445-47B2-8E52-A49FEE8D5455}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{A7684022-ABF6-44DE-A9D8-2839615A1505}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{64C253C9-5181-4546-B4B8-FFB4F498D7BC}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"= c:\program files\OrangeHSS\Connectivity\ConnectivityManager.exe:*:enabled:CSS

R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [20/07/2009 15:36 28544]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Live\Acer PlayMovie\000.fcl [04/05/2008 12:55 39408]
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [06/05/2007 21:33 266343]
R2 SampleScanner;USB-Flachbettscanner;c:\windows\System32\drivers\ArtecGT.sys [25/07/2008 16:23 18120]
S2 gupdate1c9c8de20341bb7;Service Google Update (gupdate1c9c8de20341bb7);c:\program files\Google\Update\GoogleUpdate.exe [29/04/2009 17:21 133104]
S3 PAC7302;PAC7302 VGA USB Camera;c:\windows\System32\drivers\PAC7302.SYS [21/08/2008 16:16 457856]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\System32\drivers\PCAMp50.sys [23/05/2008 19:33 28224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://fr.fr.acer.yahoo.com
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mWindow Title =
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-25 20:18
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(2232)
geyekrvgndgdlq.dll 10000000 32768 \\?\globalroot\systemroot\system32\geyekrvgndgdlq.dll
c:\progra~1\ArcSoft\PHOTOI~1\share\pihook.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\Ati2evxx.exe
c:\windows\System32\audiodg.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\progra~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\ArcSoft\Magic-i 3\uMgiSvr.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\System32\Ati2evxx.exe
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\windows\System32\WUDFHost.exe
c:\windows\System32\conime.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2009-07-25 20:33 - machine was rebooted
ComboFix-quarantined-files.txt 2009-07-25 18:33

Pre-Run: 39 169 716 224 octets libres
Post-Run: 39 168 897 024 octets libres

219 --- E O F --- 2009-07-24 17:23

Réponse 38 / 121

jlpjlp Messages postés 51580 Date d'inscription Statut Contributeur sécurité Dernière intervention 5 040

ok refais malwarebyte pour voir

Réponse 39 / 121

Mel80

Trojan.TDSS toujours présent.. Toujours le même rapport .. :-S

Avant de poster ici pour demander de l'aide, j'avais parcouru quelques forums et des fois, des problèmes semblaient résolus grâce à la suppression de certaines lignes dans Hijackthis. Mais moi j'y connais rien donc je ne sais pas si ça peut être utile ou pas dans mon cas ??

Réponse 40 / 121

jlpjlp Messages postés 51580 Date d'inscription Statut Contributeur sécurité Dernière intervention 5 040

Pour fusionner:

http://img.photobucket.com/albums/v666/sUBs/CFScript.gif

_______________

Ferme tous tes navigateurs (donc copie ou imprime les instructions avant)

Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

Rootkit::
c:\windows\System32\geyekrvgndgdlq.dll

Enregistre ce fichier sous le nom CFscript

Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe

Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

_______________________

puis verifie si encore present

si cela persiste :

A)- Effectuer un eScan Antivirus Toolkit < https://www.malekal.com/tutorial-escan-antivirus-toolkit/ >

À exécuter en mode sans échec (< http://www.coupdepoucepc.com/modules/news/article.php?storyid=253 > ) et restauration système désactivée (< http://www.libellules.ch/desactiver_restauration.php > afin de pouvoir effectuer un nettoyage complet.

Étape 1:

Télécharge eScan Antivirus Toolkit ici:

http://www.spywareinfo.dk/download/mwav.exe

Sauvegarde-le sur ton Bureau.
Avant de lancer le programme, il faut le mettre à jour tel qu'indiqué à l'étape 2.

Étape 2:

Voici comment mettre l'outil à jour :

1.) Double-clique le fichier mwav.exe qui se trouve sur le Bureau > puis [Exécuter]
Dézippe les fichiers dans le nouveau dossier suggéré (C:\Kaspersky)
< https://www.hiboox.com >
Le programme va se lancer, et tu dois le quitter (clique sur "Exit" puis "Exit").
< https://www.hiboox.com >

2.) Double-clique sur le Poste de travail, puis double-clique sur le lecteur principal (habituellement C:\), double-clique sur le dossier "Kaspersky" ; ensuite, double-clique sur le fichier kavupd.exe.
< https://www.hiboox.com >
Tu verras maintenant une fenêtre DOS apparaître, et la mise à jour se complètera en quelques minutes

3.) Lorsque la mise à jour sera complétée, tu verras "Press any key to continue" ; tape sur une clé pour continuer. Deux nouveaux répertoires (dossiers) ont été créés lors de la mise à jour (C:\Bases et C:\Downloads).

4.) Sélectionne/copie tous les fichiers présents dans le dossier C:\Downloads, puis colle-les dans le dossier C:\Kaspersky. Accepte à l'invite de remplacer les fichiers existants.

Ne pas lancer le scan tout de suite !

Étape 3:

•- Désactive la restauration système :
"Démarrer"> clic droit sur "Poste de Travail"> "Propriétés système"> onglet "Restauration du système"> cocher la case "Désactiver la Restauration du système" > [Appliquer] >OK
Pour la suite, tu n’auras pas accès à Internet, ni donc à CCM ; copie ou imprime donc la procédure suivante pour ne rien oublier .

•- Redémarre en mode Sans Échec :
1) Redémarre ton ordi
2) Tapote la touche F8 immédiatement, juste après le "Bip"
3) Tu verras un écran avec options de démarrage apparaître
4) Choisi la première option : Sans Échec, et valide avec "Entrée"
5) Choisi ton compte régulier, et non Administrateur

Étape 4:

Du mode Sans Échec, voici comment utiliser le programme :

1.) Pour lancer "eScan Antivirus Toolkit", trouve le fichier « mwavscan.com » situé dans le dossier C:\Kaspersky

2.) Double-clique sur « mwavscan.com » ; l'interface d'eScan va apparaître à l'écran.

3.) Coche les options comme indiquées sur cette page < https://www.malekal.com/fichiers/eScan/eScan3.png > ; c’est-à-dire:

- Il est très important de bien cocher ces boîtes sous Scan Option : Memory, Registry, Startup Folders, System Folders, Services.

4.) Coche la boîte Drive, ce qui donne accès à une nouvelle boîte Drive (bouton rond) juste dessous ; coche ce bouton "Drive" (très important..), et tu verras une nouvelle boîte de navigation apparaître à la droite. Clique sur la petite flèche de cette boîte and choisi la lettre de ton disque dur, habituellement C:\.

5.) Juste au-dessous, assure-toi que Scan All Files est coché, (et non "Program Files").

6.) Puis en bas à droite, clic sur « Scan Clean » et laisse l’outil vérifier tout le disque dur (ça peut être long..). Lorsque terminé, tu verras « Scan Completed ». Ne pas quitter tout de suite !

7.) Ouvre un nouveau fichier Bloc notes (clique sur "Démarrer" >> "Programmes" >>"Accessoires" >> "Bloc notes"), puis copie/colle tout le contenu de la fenêtre « Virus Log Information » (la deuxième, au bas) dans le fichier texte, et sauvegarde-le sur le bureau ( pour le retrouver facilement – donne-lui un nom, par ex KAS -).

(eScan génère également un rapport complet dans le dossier C:\Kaspersky (nommé mwav.log), mais il est trop lourd pour poster sur le forum).

Ferme le programme.

Redémarre ton PC en mode Normal.

Ensuite réactive ta restauration système
Clic droit sur « Poste de travail », puis sur « Propriétés »,
Vas sur l’onglet « Restauration système »
Tu décoches la case « Désactiver la restauration »
Termine par [Appliquer] [OK]

Poste (copie/colle) le rapport que tu as sauvegardé dans ta prochaine réponse.

Discussions similaires

L'adresse mémoire ne peut pas être 'Read' ou 'Written'

Mémoire "validée" (ram)

Memoire video dedié 128 MB

combien d'espace memoire occupe un entier ...

L'état de la mémoire ne peut pas etre read

Votre réponse

Discussions similaires