Ahem, petit con.
Résolu/Fermé
A voir également:
- Ahem, petit con.
- Excel trier du plus grand au plus petit - Guide
- Petit 3 ✓ - Forum Word
- Petit 2 clavier iphone ✓ - Forum iPhone
- Petit colis distribution - Forum Consommation & Internet
- Petit 1 comme ² ✓ - Forum Windows
4 réponses
Voilà pour ce qui est du Log :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Petis at 2009-12-05 03:39:45
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 45 GB (49%) free of 91 GB
Total RAM: 2046 MB (12% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:39:58, on 05/12/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16916)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\Petis\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Acer\Acer VCM\VC.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\conime.exe
C:\Users\Petis\AppData\Local\Temp\wscsvc32.exe
C:\Users\Petis\Downloads\HiJackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\AntiMalware\antimalware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Users\Petis\Downloads\RSIT.exe
C:\Users\Petis\Downloads\Petis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [TELEPHONESURPCAGENT] "C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe" -run "C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON SX110 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE /FU "C:\Windows\TEMP\E_SE46B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [richtx64.exe] C:\Users\Petis\AppData\Local\Temp\richtx64.exe
O4 - HKCU\..\Run: [AntiMalware] "C:\Program Files\AntiMalware\antimalware.exe" -noscan
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O13 - Gopher Prefix:
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (qsax Control) - https://www.bitdefender.com/toolbox/
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Logfile of random's system information tool 1.06 (written by random/random)
Run by Petis at 2009-12-05 03:39:45
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 45 GB (49%) free of 91 GB
Total RAM: 2046 MB (12% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:39:58, on 05/12/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16916)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\Petis\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Acer\Acer VCM\VC.exe
C:\Program Files\Acer\Acer VCM\acp2HID.exe
C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\conime.exe
C:\Users\Petis\AppData\Local\Temp\wscsvc32.exe
C:\Users\Petis\Downloads\HiJackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\AntiMalware\antimalware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Users\Petis\Downloads\RSIT.exe
C:\Users\Petis\Downloads\Petis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [TELEPHONESURPCAGENT] "C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe" -run "C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EPSON SX110 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE /FU "C:\Windows\TEMP\E_SE46B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [richtx64.exe] C:\Users\Petis\AppData\Local\Temp\richtx64.exe
O4 - HKCU\..\Run: [AntiMalware] "C:\Program Files\AntiMalware\antimalware.exe" -noscan
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O13 - Gopher Prefix:
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} (System Requirements Lab Class) - http://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (qsax Control) - https://www.bitdefender.com/toolbox/
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Et voici pour ce qui est du Info :
info.txt logfile of random's system information tool 1.06 2009-12-05 03:40:03
======Uninstall list======
-->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{31403E22-2FDB-452F-AE9E-20854633226D}\Setup.exe" -uninst
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall
Acer Arcade Deluxe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\setup.exe" -uninstall
Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x040c -removeonly -u
Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{AA047D7C-5E7C-4878-B75C-77589151B563}\setup.exe -runfromtemp -l0x0009 -removeonly
Acer eAudio Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57265292-228A-41FA-9AEC-4620CBCC2739}\Setup.EXE" -uninstall
Acer eDataSecurity Management-->MsiExec.exe /X{AEEAE013-92F1-4515-B278-139F1A692A36}
Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x40c -removeonly
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x40c -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x40c -removeonly
Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x40c -removeonly
Acer eSettings Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -l0x40c -removeonly
Acer GridVista-->C:\Windows\UnInst32.exe GridV.UNI
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x40c -removeonly
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c -removeonly
Acer VCM-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}\setup.exe" -l0x40c -removeonly
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Aion-->"C:\Program Files\InstallShield Installation Information\{DDBBBF44-3B29-42A0-A2BE-200085CAEEDF}\setup.exe" -runfromtemp -l0x0009 -removeonly
ALUpdate-->"C:\Program Files\ESTsoft\ALUpdate\unins000.exe"
ALZip-->"C:\Program Files\ESTsoft\ALZip\unins000.exe"
AntiMalware-->C:\Program Files\AntiMalware\Uninstall.exe
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240
Désinstaller l'imprimante EPSON SX110 Series-->C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSFBE.EXE /R /APD /P:"EPSON SX110 Series"
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
Epson Stylus SX110_TX110 Manuel-->C:\Program Files\EPSON\TPMANUAL\ESSX110_TX110\FRA\USE_G\DOCUNINS.EXE
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe -U -Ic:\Release\Foxconn\51338\AcrZUn32z.inf
HijackThis 2.0.2-->"C:\Users\Petis\Downloads\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Intel® Turbo Memory et Intel Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
K-Lite Codec Pack 5.1.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Launch Manager-->C:\Windows\UnInst32.exe QtZgAcer.UNI
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NCsoft Launcher-->C:\Program Files\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x040c -removeonly
NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly
NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\Setup.exe" -l0x40c anything
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB960003)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB959997)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {9EAC3AEC-5C81-4856-A05B-DE9DC236D740}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab-->MsiExec.exe /I{9EBDAF91-DADA-47CE-94F2-F5B004007934}
Téléphone sur PC 1.0.0-->"C:\Program Files\Orange\Telephone sur PC\uninst.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Office 2007 (KB934391)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Office System 2007 Setup (KB929722)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D8E9BEBD-655F-467D-8176-CA9959C140A3}
VLC media player 1.0.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WIDCOMM Bluetooth Software 6.0.1.4900-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Winbond CIR Drivers-->MsiExec.exe /X{427967BF-09F8-46D5-9275-37001CCBBA5D}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
======Security center information======
AV: AntiVir Desktop (disabled)
AV: AntiMalware (outdated)
AS: AntiVir Desktop (disabled)
AS: Windows Defender
======System event log======
Computer Name: PC-de-Petis
Event Code: 4
Message: Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante existante car il n’a pas pu lire les informations de configuration dans la clé de Registre S-1-5-18\Printers\Connections. Le spouleur d’impression n’a pas pu ouvrir la clé de Registre. Ceci peut se produire si la clé de Registre est endommagée ou absente, ou si le Registre est momentanément indisponible.
Record Number: 57427
Source Name: Microsoft-Windows-SpoolerWin32SPL
Time Written: 20091205021121.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Petis
Event Code: 20
Message: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80070643 : Mise à jour de sécurité pour Microsoft Office 2007 (KB951550).
Record Number: 57428
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20091205021146.345000-000
Event Type: Erreur
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-Petis
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {42BA80D6-8FEA-460B-9CCB-B1A5E1C44007}
Utilisateur : PC-de-Petis\Petis
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : service:AVP
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 57434
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091205022024.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Petis
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {722855B4-8DA3-4893-8CA2-2FF43029183C}
Utilisateur : PC-de-Petis\Petis
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : driver:klbg
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 57435
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091205022118.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Petis
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {E5A0B965-AED3-47CE-86FF-AE263D5DAF17}
Utilisateur : PC-de-Petis\Petis
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : ieext:HKLM\Software\Microsoft\Internet Explorer\Extensions\{4248FE82-7FCB-46AC-B270-339F08212110}
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 57459
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091205022200.000000-000
Event Type: Avertissement
User:
=====Application event log=====
Computer Name: PC-de-Petis
Event Code: 8193
Message: Échec de la création d’un point de restauration sur le volume (Processus = C:\Windows\system32\msiexec.exe /V ; Description = Kaspersky Internet Security 2010 est installé. ; Hr = 0x81000109).
Record Number: 11137
Source Name: System Restore
Time Written: 20091205021954.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Petis
Event Code: 12290
Message: Avertissement du service de cliché instantané des volumes : ASR writer Error 0x80070565. hr = 0x00000000.
Opération :
Événement OnIdentify
Données du rédacteur en cours de collecte
Contexte :
Contexte d’exécution: ASR Writer
ID de classe du rédacteur: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Nom du rédacteur: ASR Writer
ID d’instance du rédacteur: {8ff8f0a9-320b-42d5-8c6b-e01ca45e9c7e}
Record Number: 11138
Source Name: VSS
Time Written: 20091205022131.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Petis
Event Code: 8193
Message: Échec de la création d’un point de restauration sur le volume (Processus = C:\Windows\system32\DrvInst.exe "4" "0" "C:\Users\Petis\{f508e505-0c2f-4116-9ca3-af9681a96240}\klim6.inf" "0" "6ab1482c7" "00000638" "WinSta0\Default" "000004F0" "208" "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\KLIMX86" ; Description = Installation du package de pilote logiciel : Kaspersky Lab Service réseau ; Hr = 0x81000109).
Record Number: 11139
Source Name: System Restore
Time Written: 20091205022135.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Petis
Event Code: 1000
Message: Application défaillante avp.exe, version 9.0.0.736, horodatage 0x4adde5e1, module défaillant avp.exe, version 9.0.0.736, horodatage 0x4adde5e1, code d’exception 0x80000003, décalage d’erreur 0x00032d00, ID du processus 0xfb4, heure de début de l’application 0x01ca7551ccb86dc0.
Record Number: 11142
Source Name: Application Error
Time Written: 20091205022232.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Petis
Event Code: 1
Message: L’application (Acrobat Reader 7.*, du fournisseur Adobe) a le problème suivant : Acrobat Reader 7.* présente un problème de compatibilité connu avec cette version de Windows. Pour une mise à jour compatible avec cette version de Windows, contactez Adobe.
Record Number: 11144
Source Name: Microsoft-Windows-ApplicationExperienceInfrastructure
Time Written: 20091205023411.146000-000
Event Type: Avertissement
User: PC-de-Petis\Petis
=====Security event log=====
Computer Name: PC-de-Petis
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume3\Windows\System32\drivers\klif.sys
Record Number: 10664
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091205023956.562000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Petis
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume3\Windows\System32\drivers\klmouflt.sys
Record Number: 10665
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091205023956.997000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Petis
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume3\Windows\System32\drivers\klmouflt.sys
Record Number: 10666
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091205023957.039000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Petis
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume3\Windows\System32\drivers\klmouflt.sys
Record Number: 10667
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091205023957.086000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Petis
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume3\Windows\System32\drivers\klmouflt.sys
Record Number: 10668
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091205023957.126000-000
Event Type: Échec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ESTsoft\ALZip
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-12-05 03:40:03
======Uninstall list======
-->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{31403E22-2FDB-452F-AE9E-20854633226D}\Setup.exe" -uninst
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall
Acer Arcade Deluxe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\setup.exe" -uninstall
Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x040c -removeonly -u
Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{AA047D7C-5E7C-4878-B75C-77589151B563}\setup.exe -runfromtemp -l0x0009 -removeonly
Acer eAudio Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57265292-228A-41FA-9AEC-4620CBCC2739}\Setup.EXE" -uninstall
Acer eDataSecurity Management-->MsiExec.exe /X{AEEAE013-92F1-4515-B278-139F1A692A36}
Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x40c -removeonly
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x40c -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x40c -removeonly
Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x40c -removeonly
Acer eSettings Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -l0x40c -removeonly
Acer GridVista-->C:\Windows\UnInst32.exe GridV.UNI
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x40c -removeonly
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c -removeonly
Acer VCM-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}\setup.exe" -l0x40c -removeonly
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Aion-->"C:\Program Files\InstallShield Installation Information\{DDBBBF44-3B29-42A0-A2BE-200085CAEEDF}\setup.exe" -runfromtemp -l0x0009 -removeonly
ALUpdate-->"C:\Program Files\ESTsoft\ALUpdate\unins000.exe"
ALZip-->"C:\Program Files\ESTsoft\ALZip\unins000.exe"
AntiMalware-->C:\Program Files\AntiMalware\Uninstall.exe
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240
Désinstaller l'imprimante EPSON SX110 Series-->C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSFBE.EXE /R /APD /P:"EPSON SX110 Series"
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
Epson Stylus SX110_TX110 Manuel-->C:\Program Files\EPSON\TPMANUAL\ESSX110_TX110\FRA\USE_G\DOCUNINS.EXE
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe -U -Ic:\Release\Foxconn\51338\AcrZUn32z.inf
HijackThis 2.0.2-->"C:\Users\Petis\Downloads\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Intel® Turbo Memory et Intel Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
K-Lite Codec Pack 5.1.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Launch Manager-->C:\Windows\UnInst32.exe QtZgAcer.UNI
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
NCsoft Launcher-->C:\Program Files\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x040c -removeonly
NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly
NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1036 CDM7
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\Setup.exe" -l0x40c anything
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB960003)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F04F8702-18D0-458D-921E-146FB7CD38CF}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB959997)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {9EAC3AEC-5C81-4856-A05B-DE9DC236D740}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
System Requirements Lab-->MsiExec.exe /I{9EBDAF91-DADA-47CE-94F2-F5B004007934}
Téléphone sur PC 1.0.0-->"C:\Program Files\Orange\Telephone sur PC\uninst.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Office 2007 (KB934391)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Office System 2007 Setup (KB929722)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D8E9BEBD-655F-467D-8176-CA9959C140A3}
VLC media player 1.0.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WIDCOMM Bluetooth Software 6.0.1.4900-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Winbond CIR Drivers-->MsiExec.exe /X{427967BF-09F8-46D5-9275-37001CCBBA5D}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
======Security center information======
AV: AntiVir Desktop (disabled)
AV: AntiMalware (outdated)
AS: AntiVir Desktop (disabled)
AS: Windows Defender
======System event log======
Computer Name: PC-de-Petis
Event Code: 4
Message: Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante existante car il n’a pas pu lire les informations de configuration dans la clé de Registre S-1-5-18\Printers\Connections. Le spouleur d’impression n’a pas pu ouvrir la clé de Registre. Ceci peut se produire si la clé de Registre est endommagée ou absente, ou si le Registre est momentanément indisponible.
Record Number: 57427
Source Name: Microsoft-Windows-SpoolerWin32SPL
Time Written: 20091205021121.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Petis
Event Code: 20
Message: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80070643 : Mise à jour de sécurité pour Microsoft Office 2007 (KB951550).
Record Number: 57428
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20091205021146.345000-000
Event Type: Erreur
User: AUTORITE NT\SYSTEM
Computer Name: PC-de-Petis
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {42BA80D6-8FEA-460B-9CCB-B1A5E1C44007}
Utilisateur : PC-de-Petis\Petis
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : service:AVP
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 57434
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091205022024.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Petis
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {722855B4-8DA3-4893-8CA2-2FF43029183C}
Utilisateur : PC-de-Petis\Petis
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : driver:klbg
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 57435
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091205022118.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Petis
Event Code: 3004
Message: L’agent de protection en temps réel Windows Defender a détecté des modifications. Microsoft vous recommande d’analyser les logiciels responsables de ces modifications, à la recherche de risques potentiels. Vous pouvez vous servir des informations relatives au fonctionnement de ces programmes pour autoriser ou non leur exécution, ou pour les supprimer de l’ordinateur. N’autorisez les modifications que si vous faites confiance au programme ou à l’éditeur de logiciel. Windows Defender ne peut pas annuler les modifications que vous autorisez.
Pour plus d’informations, consultez les données suivantes :
Non applicable
ID d’analyse : {E5A0B965-AED3-47CE-86FF-AE263D5DAF17}
Utilisateur : PC-de-Petis\Petis
Nom : Unknown
ID :
ID de gravité :
ID de catégorie :
Chemin d’accès trouvé : ieext:HKLM\Software\Microsoft\Internet Explorer\Extensions\{4248FE82-7FCB-46AC-B270-339F08212110}
Type d’alerte : Logiciel non classifié
Type de détection :
Record Number: 57459
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20091205022200.000000-000
Event Type: Avertissement
User:
=====Application event log=====
Computer Name: PC-de-Petis
Event Code: 8193
Message: Échec de la création d’un point de restauration sur le volume (Processus = C:\Windows\system32\msiexec.exe /V ; Description = Kaspersky Internet Security 2010 est installé. ; Hr = 0x81000109).
Record Number: 11137
Source Name: System Restore
Time Written: 20091205021954.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Petis
Event Code: 12290
Message: Avertissement du service de cliché instantané des volumes : ASR writer Error 0x80070565. hr = 0x00000000.
Opération :
Événement OnIdentify
Données du rédacteur en cours de collecte
Contexte :
Contexte d’exécution: ASR Writer
ID de classe du rédacteur: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Nom du rédacteur: ASR Writer
ID d’instance du rédacteur: {8ff8f0a9-320b-42d5-8c6b-e01ca45e9c7e}
Record Number: 11138
Source Name: VSS
Time Written: 20091205022131.000000-000
Event Type: Avertissement
User:
Computer Name: PC-de-Petis
Event Code: 8193
Message: Échec de la création d’un point de restauration sur le volume (Processus = C:\Windows\system32\DrvInst.exe "4" "0" "C:\Users\Petis\{f508e505-0c2f-4116-9ca3-af9681a96240}\klim6.inf" "0" "6ab1482c7" "00000638" "WinSta0\Default" "000004F0" "208" "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\KLIMX86" ; Description = Installation du package de pilote logiciel : Kaspersky Lab Service réseau ; Hr = 0x81000109).
Record Number: 11139
Source Name: System Restore
Time Written: 20091205022135.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Petis
Event Code: 1000
Message: Application défaillante avp.exe, version 9.0.0.736, horodatage 0x4adde5e1, module défaillant avp.exe, version 9.0.0.736, horodatage 0x4adde5e1, code d’exception 0x80000003, décalage d’erreur 0x00032d00, ID du processus 0xfb4, heure de début de l’application 0x01ca7551ccb86dc0.
Record Number: 11142
Source Name: Application Error
Time Written: 20091205022232.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Petis
Event Code: 1
Message: L’application (Acrobat Reader 7.*, du fournisseur Adobe) a le problème suivant : Acrobat Reader 7.* présente un problème de compatibilité connu avec cette version de Windows. Pour une mise à jour compatible avec cette version de Windows, contactez Adobe.
Record Number: 11144
Source Name: Microsoft-Windows-ApplicationExperienceInfrastructure
Time Written: 20091205023411.146000-000
Event Type: Avertissement
User: PC-de-Petis\Petis
=====Security event log=====
Computer Name: PC-de-Petis
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume3\Windows\System32\drivers\klif.sys
Record Number: 10664
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091205023956.562000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Petis
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume3\Windows\System32\drivers\klmouflt.sys
Record Number: 10665
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091205023956.997000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Petis
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume3\Windows\System32\drivers\klmouflt.sys
Record Number: 10666
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091205023957.039000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Petis
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume3\Windows\System32\drivers\klmouflt.sys
Record Number: 10667
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091205023957.086000-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Petis
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume3\Windows\System32\drivers\klmouflt.sys
Record Number: 10668
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091205023957.126000-000
Event Type: Échec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ESTsoft\ALZip
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
-----------------EOF-----------------
Je rajoute le scan en ligne par BitDefender, possiblement intéressant. Quoiqu'il en soit ca deviens lourd ce spam de pubs, je file me coucher. Merci d'avance pour votre aide !
BitDefender QuickScan Beta 32-bit v0.9.8.2
------------------------------------------
Scan date: Sat Dec 05 03:25:28 2009
Machine ID: C0533D5D
Process wscsvc32.exe (7736) - Gen:Trojan.Heur.6u0@vfFa8dckx
Found 1 infected file!
------------------------
C:\Users\Petis\AppData\Local\Temp\wscsvc32.exe - Gen:Trojan.Heur.6u0@vfFa8dckx
Processes
---------
<unsigned> eDataSecurity System Loader( Load and prepare envi 3252 C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
<unsigned> Acer eLock Management 400 C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
<unsigned> acer eNet Management Service 720 C:\Acer\Empowering Technology\eNet\eNet Service.exe
<unsigned> Acer eNet Tray 4556 C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
<unsigned> Acer ePower Management DMC 4644 C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
<unsigned> eRecovery agent 4696 C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
<unsigned> MobilityService.exe 1512 C:\Acer\Mobility Center\MobilityService.exe
<unsigned> Acer VCM 4428 C:\Program Files\Acer\Acer VCM\AcerVCM.exe
<unsigned> CP2 HID Agent 4392 C:\Program Files\Acer\Acer VCM\acp2HID.exe
<unsigned> Acer Video Enhancement 3388 C:\Program Files\Acer\Acer VCM\VC.exe
<unsigned> antimalware.exe 5748 C:\Program Files\AntiMalware\antimalware.exe
<unsigned> Antivirus System Tray Tool 4204 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
<unsigned> Antivirus On-Access Service 2012 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
<unsigned> Antivirus Scheduler 1772 C:\Program Files\Avira\AntiVir Desktop\sched.exe
<unsigned> LSSrvc.exe 1344 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
<unsigned> RichVideo Module 2064 C:\Program Files\CyberLink\Shared Files\RichVideo.exe
<unsigned> TelephoneSurPCAgent.exe 4344 C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe
<unsigned> Skype Extras Manager 5348 C:\Program Files\Skype\Plugin Manager\skypePM.exe
<unsigned> winampa.exe 4316 C:\Program Files\Winamp\winampa.exe
<unsigned> Windows Live Messenger 1212 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
<unsigned> Realtek HD Audio Data Rerouter 5180 C:\Users\Petis\AppData\Local\Temp\RtkBtMnt.exe
<unsigned> Windows Security Center 7736 C:\Users\Petis\AppData\Local\Temp\wscsvc32.exe
<verified> eDataSecurity Service 124 C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
<verified> CyberLink PlayMovie Resident Program 4112 C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
<verified> Event Monitor User Notification Tool 3768 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
<verified> RAID Monitor 768 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
<verified> Internet Explorer 5768 C:\Program Files\Internet Explorer\iexplore.exe
<verified> Java(TM) Platform SE binary 4284 C:\Program Files\Java\jre6\bin\jusched.exe
<verified> Launch Manager 1280 C:\Program Files\Launch Manager\QtZgAcer.EXE
<verified> Firefox 5492 C:\Program Files\Mozilla Firefox\firefox.exe
<verified> Telephone Sur PC 2820 C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe
<verified> Skype 4352 C:\Program Files\Skype\Phone\Skype.exe
<verified> Steam 732897 4336 C:\Program Files\Steam\Steam.exe
<verified> Synaptics TouchPad Enhancements 3892 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
<verified> Bluetooth Tray Application 4448 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
<verified> Windows Defender User Interface 2920 C:\Program Files\Windows Defender\MSASCui.exe
<verified> Messenger Sharing USN Journal Reader Service 5064 C:\Program Files\Windows Live\Messenger\usnsvc.exe
<verified> Windows Media Player 5012 C:\Program Files\Windows Media Player\wmplayer.exe
<verified> Service Partage réseau du Lecteur Windows Media 4064 C:\Program Files\Windows Media Player\wmpnetwk.exe
<verified> Application de configuration du service Partage ré 4084 C:\Program Files\Windows Media Player\wmpnscfg.exe
<verified> Volet Windows 4324 C:\Program Files\Windows Sidebar\sidebar.exe
<verified> HijackThis 4552 C:\Users\Petis\Downloads\HiJackThis.exe
<verified> Explorateur Windows 3612 C:\Windows\Explorer.EXE
<verified> HD Audio Control Panel 3436 C:\Windows\RtHDVCpl.exe
<verified> Console IME 4832 C:\Windows\system32\conime.exe
<verified> Processus d'exécuttion client-serveur 604 C:\Windows\system32\csrss.exe
<verified> Processus d'exécuttion client-serveur 668 C:\Windows\system32\csrss.exe
<verified> Modem Audio Service 2460 C:\Windows\system32\DRIVERS\xaudio.exe
<verified> Gestionnaire de fenêtres du Bureau 3992 C:\Windows\system32\Dwm.exe
<verified> Processus de l’autorité de sécurité locale 716 C:\Windows\system32\lsass.exe
<verified> Service du gestionnaire de session locale 724 C:\Windows\system32\lsm.exe
<verified> Installateur Windows® 4160 C:\Windows\system32\msiexec.exe
<verified> Bloc-notes 6156 C:\Windows\system32\NOTEPAD.EXE
<verified> NVIDIA Driver Helper Service, Version 186.81 1600 C:\Windows\system32\nvvsvc.exe
<verified> NVIDIA Driver Helper Service, Version 186.81 924 C:\Windows\system32\nvvsvc.exe
<verified> Microsoft Windows Search Indexer 2352 C:\Windows\system32\SearchIndexer.exe
<verified> Applications Services et Contrôleur 704 C:\Windows\system32\services.exe
<verified> Service de gestion des licences Microsoft 1376 C:\Windows\system32\SLsvc.exe
<verified> Windows Session Manager 528 C:\Windows\System32\smss.exe
<verified> Application sous-système spouleur 4052 C:\Windows\System32\spoolsv.exe
<verified> Processus hôte pour les services Windows 1516 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 1412 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 1940 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 2296 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 1100 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 2324 C:\Windows\System32\svchost.exe
<verified> Processus hôte pour les services Windows 864 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 1072 C:\Windows\System32\svchost.exe
<verified> Processus hôte pour les services Windows 1048 C:\Windows\System32\svchost.exe
<verified> Processus hôte pour les services Windows 1016 C:\Windows\System32\svchost.exe
<verified> Processus hôte pour les services Windows 2024 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 952 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 1792 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 7696 C:\Windows\System32\svchost.exe
<verified> Moteur du Planificateur de tâches 2596 C:\Windows\system32\taskeng.exe
<verified> Moteur du Planificateur de tâches 980 C:\Windows\system32\taskeng.exe
<verified> Service de cliché instantané de volumes Microsoft® 7240 C:\Windows\system32\vssvc.exe
<verified> Application de démarrage de Windows 656 C:\Windows\system32\wininit.exe
<verified> Application d'ouverture de session Windows 1132 C:\Windows\system32\winlogon.exe
<verified> Windows Update 6992 C:\Windows\system32\wuauclt.exe
Network activity
----------------
Process msnmsgr.exe (1212) connected on port 1863 (MSN) - sn1msg2010815.phx.gbl
Process msnmsgr.exe (1212) connected on port 443 (HTTP over SSL) - sn1msg2010636.phx.gbl
Process msnmsgr.exe (1212) connected on port 443 (HTTP over SSL) - sn1msg1010536.phx.gbl
Process msnmsgr.exe (1212) connected on port 443 (HTTP over SSL) - sn1msg1020236.phx.gbl
Process msnmsgr.exe (1212) connected on port 443 (HTTP over SSL) - by2msg4010720.phx.gbl
Process msnmsgr.exe (1212) connected on port 443 (HTTP over SSL) - sn1msg2010837.phx.gbl
Process msnmsgr.exe (1212) connected on port 443 (HTTP over SSL) - by2msg4010501.phx.gbl
Process jusched.exe (4284) connected on port 80 (HTTP) - 77.67.41.186
Process Skype.exe (4352) connected on port 58067 - 92-249-226-162.pool.digikabel.hu
Process firefox.exe (5492) connected on port 80 (HTTP) - wy-in-f147.1e100.net
Process firefox.exe (5492) connected on port 80 (HTTP) - wy-in-f105.1e100.net
Process firefox.exe (5492) connected on port 80 (HTTP) - wy-in-f113.1e100.net
Process firefox.exe (5492) connected on port 80 (HTTP) - ww-in-f138.1e100.net
Process firefox.exe (5492) connected on port 80 (HTTP) - a92-123-228-20.deploy.akamaitechnologies.com
Process firefox.exe (5492) connected on port 80 (HTTP) - a92-123-8-100.deploy.akamaitechnologies.com
Process firefox.exe (5492) connected on port 80 (HTTP) - channel47-09-01-snc1.facebook.com
Process antimalware.exe (5748) connected on port 80 (HTTP) - static.182.151.46.78.clients.your-server.de
Process iexplore.exe (5768) connected on port 80 (HTTP) - a92-123-12-20.deploy.akamaitechnologies.com
Process iexplore.exe (5768) connected on port 80 (HTTP) - ww-in-f138.1e100.net
Process iexplore.exe (5768) connected on port 80 (HTTP) - a92-123-12-20.deploy.akamaitechnologies.com
Process iexplore.exe (5768) connected on port 80 (HTTP) - 91.199.104.31
Process wininit.exe (656) listens on ports: 49152 (RPC)
Process services.exe (704) listens on ports: 49157 (RPC)
Process lsass.exe (716) listens on ports: 49154 (RPC)
Process svchost.exe (952) listens on ports: 135 (RPC)
Process svchost.exe (1048) listens on ports: 49153 (RPC)
Process svchost.exe (1100) listens on ports: 49156 (RPC)
Process svchost.exe (1412) listens on ports: 49155 (RPC)
Process TelephoneSurPC.exe (2820) listens on ports: 5080
Process VC.exe (3388) listens on ports: 3825
Process wmpnetwk.exe (4064) listens on ports: 554 (RTSP)
Process Skype.exe (4352) listens on ports: 80 (HTTP), 443 (HTTP over SSL), 55404
Autoruns and critical files
---------------------------
<unsigned> Acer Tour Reminder C:\Acer\AcerTour\Reminder.exe
<unsigned> Notification tool for RealTek audio chip C:\Acer\Empowering Technology\eAudio\eAudio.exe
<unsigned> eDataSecurity System Loader( Load and prepare envi C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
<unsigned> WR_PopUp C:\Acer\WR_PopUp\WarReg_PopUp.exe
<unsigned> Adobe Acrobat SpeedLauncher C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
<unsigned> antimalware.exe C:\Program Files\AntiMalware\antimalware.exe
<unsigned> Antivirus System Tray Tool C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
<unsigned> TelephoneSurPCAgent.exe C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe
<unsigned> winampa.exe C:\Program Files\Winamp\winampa.exe
<unsigned> Windows Live Messenger C:\Program Files\Windows Live\Messenger\msnmsgr.exe
<unsigned> richtx64.exe C:\Users\Petis\AppData\Local\Temp\richtx64.exe
<unsigned> eNMSwWatcher Dynamic Link Library C:\Windows\System32\eNetHook.dll
<verified> CyberLink PlayMovie Resident Program C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
<verified> Event Monitor User Notification Tool C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
<verified> Intel(R) Flash Cache Logic Chip OROM Update Applic C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
<verified> Java(TM) Platform SE binary C:\Program Files\Java\jre6\bin\jusched.exe
<verified> Kaspersky Anti-Virus C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
<verified> Kaspersky OE plugin loader c:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll
<verified> Mozilla 3 Virtual Keyboard c:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll
<verified> Launch Manager C:\Program Files\Launch Manager\QtZgAcer.EXE
<verified> Skype C:\Program Files\Skype\Phone\Skype.exe
<verified> Steam 732897 C:\Program Files\Steam\Steam.exe
<verified> Synaptics TouchPad Enhancements C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
<verified> Windows Defender User Interface C:\Program Files\Windows Defender\MSASCui.exe
<verified> Volet Windows C:\Program Files\Windows Sidebar\sidebar.exe
<verified> The utilities for device installation C:\Windows\PLFSet.dll
<verified> HD Audio Control Panel C:\Windows\RtHDVCpl.exe
<verified> Bibliothèque de l'interface utilisateur du navigat C:\Windows\System32\browseui.dll
<verified> Logon Visualizer C:\Windows\system32\klogon.dll
<verified> NVIDIA Display Properties Extension C:\Windows\system32\NvCpl.dll
<verified> EPSON Status Monitor 3 C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE
<verified> Application d'ouverture de session Userinit c:\windows\system32\userinit.exe
<verified> Contrôleur de site Web C:\Windows\System32\webcheck.dll
Browser plugins
---------------
<unsigned> ActiveToolBand Module C:\Windows\System32\ActiveToolBand.dll
<unsigned> eDStoolbar Module c:\windows\system32\edstoolbar.dll
<verified> Adobe Acrobat IE Helper Version 7.0 for ActiveX C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
<verified> WindowsLiveLogin.dll C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
<verified> Java(TM) Platform SE binary c:\program files\java\jre6\bin\jp2ssv.dll
<verified> IE Virtual Keyboard c:\program files\kaspersky lab\kaspersky internet security 2010\ievkbd.dll
<verified> WebToolBar component c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
<verified> NPRuntime Script Plug-in Library for Java(TM) Depl C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
<verified> Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
<verified> BitDefender QuickScan C:\Windows\Downloaded Program Files\qsax.ocx
<verified> Windows Presentation Foundation (WPF) plug-in for c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
<verified> Internet Explorer C:\Windows\System32\ieframe.dll
<verified> NPSWF32.dll C:\Windows\System32\Macromed\Flash\NPSWF32.dll
<verified> Fournisseur de service Sockets 2.0 de Microsoft Wi C:\Windows\System32\mswsock.dll
<verified> Fournisseur Shim d'affectation de noms de messager C:\Windows\System32\NapiNSP.dll
<verified> Network Location Awareness 2 C:\Windows\System32\nlaapi.dll
<verified> Fournisseur d’espace de noms PNRP C:\Windows\System32\pnrpnsp.dll
<verified> LDAP RnR Provider DLL C:\Windows\System32\winrnr.dll
<verified> Windows Sockets Helper DLL C:\Windows\System32\wshbth.dll
Scan
----
The following file(s) must be uploaded for server-side scanning:
C:\Program Files\Orange\Telephone sur PC\ALERT_UI_SOUND.dll
C:\Program Files\Orange\Telephone sur PC\SP_UI_ALERTPREFERENCESPANEL.dll
C:\Program Files\Orange\Telephone sur PC\CallController.dll
C:\Program Files\Orange\Telephone sur PC\SP_CTRL_RESOURCES.dll
C:\Program Files\Orange\Telephone sur PC\SP_CTRL_API.dll
C:\Program Files\Orange\Telephone sur PC\ftlvideobench.dll
C:\Program Files\Orange\Telephone sur PC\AB_UI_ADDRESSBOOK.dll
C:\Program Files\Orange\Telephone sur PC\SOFTPHONE_CTRL.dll
C:\Program Files\Orange\Telephone sur PC\econf.dll
C:\Program Files\Orange\Telephone sur PC\AV_CTRL_AUDIOVIDEO.dll
C:\Program Files\Orange\Telephone sur PC\SP_CTRL_SKIN.dll
C:\Program Files\Orange\Telephone sur PC\ALERT_UI_TOASTER.dll
C:\Program Files\Orange\Telephone sur PC\CodecController.dll
C:\Program Files\Orange\Telephone sur PC\PAV_UI_DTMF.dll
C:\Program Files\Orange\Telephone sur PC\UI_QT_LIBRARY.dll
C:\Program Files\Orange\Telephone sur PC\CH_UI_CALLHISTORY.dll
C:\Program Files\Orange\Telephone sur PC\PRO_CTRL_GENERIC.dll
C:\Program Files\Orange\Telephone sur PC\AV_LOW_SIPCALL.dll
C:\Program Files\Orange\Telephone sur PC\PAV_LOW_DTMF.dll
C:\Program Files\Orange\Telephone sur PC\DCAM.dll
C:\Program Files\Orange\Telephone sur PC\ALERT_CTRL_SOUND.dll
C:\Program Files\Orange\Telephone sur PC\AV_LOW_CONFIG.dll
C:\Program Files\Orange\Telephone sur PC\UI_QT_WIDGET.dll
C:\Program Files\Orange\Telephone sur PC\CFG_UI_AUDIOVIDEO.dll
C:\Program Files\Orange\Telephone sur PC\SP_UI_SCREEN_INFORMATION.dll
C:\Program Files\Orange\Telephone sur PC\SP_CTRL_PHONENUMBER.dll
C:\Program Files\Orange\Telephone sur PC\CFG_CTRL_AUDIOVIDEO.dll
C:\Program Files\Orange\Telephone sur PC\MODULELOADER.dll
C:\Program Files\Orange\Telephone sur PC\ECONFTOOLS.dll
C:\Program Files\Orange\Telephone sur PC\SP_UI_KEYPAD.dll
C:\Program Files\Orange\Telephone sur PC\SP_UI_CALLCOMMANDS.dll
C:\Program Files\Orange\Telephone sur PC\SP_UI_ADVANCED_AV.dll
C:\Program Files\Orange\Telephone sur PC\AV_LOW_SIP.dll
C:\Program Files\Orange\Telephone sur PC\DTMF_CTRL.dll
C:\Program Files\Orange\Telephone sur PC\ftcore.dll
C:\Users\Petis\AppData\Local\Temp\H8SRTddaf.tmp
C:\Program Files\Orange\Telephone sur PC\SP_UI_TALKINGPC.dll
C:\Program Files\Orange\Telephone sur PC\XML_PREFERENCES.dll
C:\Program Files\Orange\Telephone sur PC\ftmaudiocaptureplayback.dll
C:\Program Files\Orange\Telephone sur PC\AV_KER_AUDIOVIDEO.dll
C:\Program Files\Orange\Telephone sur PC\CONTACT_CTRL.dll
C:\Program Files\Orange\Telephone sur PC\ALERT_CTRL_TOASTER.dll
C:\Program Files\Orange\Telephone sur PC\SP_UI_PANEL_PREFERENCES.dll
C:\Program Files\Orange\Telephone sur PC\CH_CTRL_CALLHISTORY.dll
C:\Program Files\Orange\Telephone sur PC\PRO_CTRL_PROFILE.dll
Upload started - 45 file(s)
Upload: C:\Program Files\Orange\Telephone sur PC\PRO_CTRL_GENERIC.dll - 8192 bytes, hash: 378bd42b18a5ae83a4dfa5bfc55390e2
Upload: C:\Program Files\Orange\Telephone sur PC\PAV_LOW_DTMF.dll - 13824 bytes, hash: b6f78433b8b92c1083a3da0d8256fe22
Upload: C:\Program Files\Orange\Telephone sur PC\ECONFTOOLS.dll - 13824 bytes, hash: 7ba20866a924c374a93d385767e185a9
Upload: C:\Program Files\Orange\Telephone sur PC\PAV_UI_DTMF.dll - 15360 bytes, hash: be0da51d712f14c192ec2b57009004fa
Upload: C:\Program Files\Orange\Telephone sur PC\SP_CTRL_PHONENUMBER.dll - 17408 bytes, hash: d974e90822c0b9a39a5d9aea282bd735
Upload: C:\Program Files\Orange\Telephone sur PC\SP_CTRL_RESOURCES.dll - 17408 bytes, hash: f5b29ae19c2742a8ec4fc0dd933d9852
Upload: C:\Program Files\Orange\Telephone sur PC\ALERT_CTRL_TOASTER.dll - 20992 bytes, hash: bda6d8d39ac84825cf201d1be1285de1
Upload: C:\Program Files\Orange\Telephone sur PC\MODULELOADER.dll - 23552 bytes, hash: b26f4a9d6c2d78d56042fddd4140134c
Upload: C:\Program Files\Orange\Telephone sur PC\DTMF_CTRL.dll - 24064 bytes, hash: 9169794e2bdea37a2fc743fa1e4b7e04
Upload: C:\Program Files\Orange\Telephone sur PC\ftlvideobench.dll - 30720 bytes, hash: 3fa9a12360768cb859c15c4651eb1532
Upload: C:\Program Files\Orange\Telephone sur PC\DCAM.dll - 30720 bytes, hash: 12f57264edf1adc317b415f9d0914aef
Upload: C:\Program Files\Orange\Telephone sur PC\SP_CTRL_SKIN.dll - 31744 bytes, hash: 5aebb63a98cbf93820ba5b9de51c7b43
Upload: C:\Program Files\Orange\Telephone sur PC\UI_QT_WIDGET.dll - 32256 bytes, hash: 229884ec8d1ef24fb0cd9d9f53616161
Upload: C:\Program Files\Orange\Telephone sur PC\SP_UI_KEYPAD.dll - 34304 bytes, hash: 62439406410e23b0f9af2ec56cc818bc
Upload: C:\Program Files\Orange\Telephone sur PC\AV_LOW_CONFIG.dll - 42496 bytes, hash: 263c01cd309697472f1116fee68914b9
Upload: C:\Program Files\Orange\Telephone sur PC\SOFTPHONE_CTRL.dll - 45056 bytes, hash: 9e867d5193fc531f4a2f9da2371c8b30
Upload: C:\Program Files\Orange\Telephone sur PC\SP_CTRL_API.dll - 53248 bytes, hash: 6da31fedd0e74df00f268e53c76aaac9
Upload: C:\Program Files\Orange\Telephone sur PC\XML_PREFERENCES.dll - 53248 bytes, hash: 1999d3d974a7b11cb63706ca83bfdb0b
Upload: C:\Program Files\Orange\Telephone sur PC\SP_UI_ALERTPREFERENCESPANEL.dll - 57344 bytes, hash: 22d56bcb61b38c90ea26efbc99dd4428
Upload: C:\Program Files\Orange\Telephone sur PC\ALERT_UI_TOASTER.dll - 69632 bytes, hash: ab603cb345d2272bbbc483d75852f08e
Upload: C:\Program Files\Orange\Telephone sur PC\ALERT_CTRL_SOUND.dll - 69632 bytes, hash: 3c58b546ddd1348c397aa0592b684fa6
Upload: C:\Program Files\Orange\Telephone sur PC\SP_UI_ADVANCED_AV.dll - 73728 bytes, hash: 3fcfa2cd89bdc40d958f54843a1ef316
Upload: C:\Program Files\Orange\Telephone sur PC\CFG_CTRL_AUDIOVIDEO.dll - 77824 bytes, hash: 76b8573b9b16c7bbe8a88235f11bbe15
Upload: C:\Program Files\Orange\Telephone sur PC\CFG_UI_AUDIOVIDEO.dll - 86016 bytes, hash: ec93c04920dd2a01af179dea30b63f6e
Upload: C:\Program Files\Orange\Telephone sur PC\AV_LOW_SIP.dll - 86016 bytes, hash: e843a08aab787b253af9924cc513045f
Upload: C:\Program Files\Orange\Telephone sur PC\SP_UI_PANEL_PREFERENCES.dll - 90112 bytes, hash: 42987106ffb90624efd277e0656243e6
Upload: C:\Program Files\Orange\Telephone sur PC\AV_LOW_SIPCALL.dll - 94208 bytes, hash: 0fa85964442f23cfcef2a31bca3a343e
Upload: C:\Program Files\Orange\Telephone sur PC\ALERT_UI_SOUND.dll - 106496 bytes, hash: 22dabfbf3d078a9ffdc77fcc9ac8cfa0
Upload: C:\Program Files\Orange\Telephone sur PC\SP_UI_CALLCOMMANDS.dll - 118784 bytes, hash: d5332429228bf48ca48f842b5066062f
Upload: C:\Program Files\Orange\Telephone sur PC\ftcore.dll - 118784 bytes, hash: 81cfb3253965d87e59b57c0c77f60e8d
Upload: C:\Program Files\Orange\Telephone sur PC\AV_CTRL_AUDIOVIDEO.dll - 126976 bytes, hash: cf9ac5e0c7d9889ca2ddd47f9741c3ee
Upload: C:\Program Files\Orange\Telephone sur PC\AV_KER_AUDIOVIDEO.dll - 135168 bytes, hash: 4f58b07f5e32741985fa64cc7a04c9e0
Upload: C:\Program Files\Orange\Telephone sur PC\CONTACT_CTRL.dll - 143360 bytes, hash: d084942598705cc1b9400d82cfd3b82e
Upload: C:\Program Files\Orange\Telephone sur PC\CH_CTRL_CALLHISTORY.dll - 151552 bytes, hash: 01f97f5d8e8cc81073193f39387d6914
Upload: C:\Program Files\Orange\Telephone sur PC\CH_UI_CALLHISTORY.dll - 155648 bytes, hash: 287a181c153ee72137820b829ec9c485
Upload: C:\Program Files\Orange\Telephone sur PC\AB_UI_ADDRESSBOOK.dll - 204800 bytes, hash: e8e83de35b7516a4c8f9307a5d45d8c2
Upload: C:\Program Files\Orange\Telephone sur PC\PRO_CTRL_PROFILE.dll - 204800 bytes, hash: 4eb41c40c23d1c5e46f8a4d225695ca5
Upload: C:\Program Files\Orange\Telephone sur PC\SP_UI_TALKINGPC.dll - 253952 bytes, hash: 9cf9a5d9c8fc6fa78d1484ec9ff3514c
Upload: C:\Program Files\Orange\Telephone sur PC\SP_UI_SCREEN_INFORMATION.dll - 294912 bytes, hash: c61b1f4ab8705b663f766f155a7efc6f
Upload: C:\Program Files\Orange\Telephone sur PC\ftmaudiocaptureplayback.dll - 315392 bytes, hash: 4930557c400ee10f193a6737870b1ff2
Upload: C:\Program Files\Orange\Telephone sur PC\econf.dll - 323584 bytes, hash: 9072a62ece6e8494f478d6ebf952043b
Upload: C:\Program Files\Orange\Telephone sur PC\CallController.dll - 454656 bytes, hash: 234cd0a5493b16d250389c0d5576591c
Upload: C:\Program Files\Orange\Telephone sur PC\CodecController.dll - 503808 bytes, hash: cb5e8c3d25b7de08211e16e6e0268b92
Upload: C:\Users\Petis\AppData\Local\Temp\H8SRTddaf.tmp - 681472 bytes, hash: 0abf5f361e11b2e82e511ebf56bbcb2d
Upload: C:\Program Files\Orange\Telephone sur PC\UI_QT_LIBRARY.dll - 757760 bytes, hash: fe162d00bc0f26083047667b013dbaa5
Upload speed - 27 KB/s
Upload finished - 45 uploaded, 0 failed
The uploaded file(s) were found clean.
Scan finished - communication took 226 sec
Total traffic - 6.10 MB sent, 4.24 KB recvd
Scanned 2048 files and modules - 436 seconds
BitDefender QuickScan Beta 32-bit v0.9.8.2
------------------------------------------
Scan date: Sat Dec 05 03:25:28 2009
Machine ID: C0533D5D
Process wscsvc32.exe (7736) - Gen:Trojan.Heur.6u0@vfFa8dckx
Found 1 infected file!
------------------------
C:\Users\Petis\AppData\Local\Temp\wscsvc32.exe - Gen:Trojan.Heur.6u0@vfFa8dckx
Processes
---------
<unsigned> eDataSecurity System Loader( Load and prepare envi 3252 C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
<unsigned> Acer eLock Management 400 C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
<unsigned> acer eNet Management Service 720 C:\Acer\Empowering Technology\eNet\eNet Service.exe
<unsigned> Acer eNet Tray 4556 C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
<unsigned> Acer ePower Management DMC 4644 C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
<unsigned> eRecovery agent 4696 C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
<unsigned> MobilityService.exe 1512 C:\Acer\Mobility Center\MobilityService.exe
<unsigned> Acer VCM 4428 C:\Program Files\Acer\Acer VCM\AcerVCM.exe
<unsigned> CP2 HID Agent 4392 C:\Program Files\Acer\Acer VCM\acp2HID.exe
<unsigned> Acer Video Enhancement 3388 C:\Program Files\Acer\Acer VCM\VC.exe
<unsigned> antimalware.exe 5748 C:\Program Files\AntiMalware\antimalware.exe
<unsigned> Antivirus System Tray Tool 4204 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
<unsigned> Antivirus On-Access Service 2012 C:\Program Files\Avira\AntiVir Desktop\avguard.exe
<unsigned> Antivirus Scheduler 1772 C:\Program Files\Avira\AntiVir Desktop\sched.exe
<unsigned> LSSrvc.exe 1344 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
<unsigned> RichVideo Module 2064 C:\Program Files\CyberLink\Shared Files\RichVideo.exe
<unsigned> TelephoneSurPCAgent.exe 4344 C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe
<unsigned> Skype Extras Manager 5348 C:\Program Files\Skype\Plugin Manager\skypePM.exe
<unsigned> winampa.exe 4316 C:\Program Files\Winamp\winampa.exe
<unsigned> Windows Live Messenger 1212 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
<unsigned> Realtek HD Audio Data Rerouter 5180 C:\Users\Petis\AppData\Local\Temp\RtkBtMnt.exe
<unsigned> Windows Security Center 7736 C:\Users\Petis\AppData\Local\Temp\wscsvc32.exe
<verified> eDataSecurity Service 124 C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
<verified> CyberLink PlayMovie Resident Program 4112 C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
<verified> Event Monitor User Notification Tool 3768 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
<verified> RAID Monitor 768 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
<verified> Internet Explorer 5768 C:\Program Files\Internet Explorer\iexplore.exe
<verified> Java(TM) Platform SE binary 4284 C:\Program Files\Java\jre6\bin\jusched.exe
<verified> Launch Manager 1280 C:\Program Files\Launch Manager\QtZgAcer.EXE
<verified> Firefox 5492 C:\Program Files\Mozilla Firefox\firefox.exe
<verified> Telephone Sur PC 2820 C:\Program Files\Orange\Telephone sur PC\TelephoneSurPC.exe
<verified> Skype 4352 C:\Program Files\Skype\Phone\Skype.exe
<verified> Steam 732897 4336 C:\Program Files\Steam\Steam.exe
<verified> Synaptics TouchPad Enhancements 3892 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
<verified> Bluetooth Tray Application 4448 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
<verified> Windows Defender User Interface 2920 C:\Program Files\Windows Defender\MSASCui.exe
<verified> Messenger Sharing USN Journal Reader Service 5064 C:\Program Files\Windows Live\Messenger\usnsvc.exe
<verified> Windows Media Player 5012 C:\Program Files\Windows Media Player\wmplayer.exe
<verified> Service Partage réseau du Lecteur Windows Media 4064 C:\Program Files\Windows Media Player\wmpnetwk.exe
<verified> Application de configuration du service Partage ré 4084 C:\Program Files\Windows Media Player\wmpnscfg.exe
<verified> Volet Windows 4324 C:\Program Files\Windows Sidebar\sidebar.exe
<verified> HijackThis 4552 C:\Users\Petis\Downloads\HiJackThis.exe
<verified> Explorateur Windows 3612 C:\Windows\Explorer.EXE
<verified> HD Audio Control Panel 3436 C:\Windows\RtHDVCpl.exe
<verified> Console IME 4832 C:\Windows\system32\conime.exe
<verified> Processus d'exécuttion client-serveur 604 C:\Windows\system32\csrss.exe
<verified> Processus d'exécuttion client-serveur 668 C:\Windows\system32\csrss.exe
<verified> Modem Audio Service 2460 C:\Windows\system32\DRIVERS\xaudio.exe
<verified> Gestionnaire de fenêtres du Bureau 3992 C:\Windows\system32\Dwm.exe
<verified> Processus de l’autorité de sécurité locale 716 C:\Windows\system32\lsass.exe
<verified> Service du gestionnaire de session locale 724 C:\Windows\system32\lsm.exe
<verified> Installateur Windows® 4160 C:\Windows\system32\msiexec.exe
<verified> Bloc-notes 6156 C:\Windows\system32\NOTEPAD.EXE
<verified> NVIDIA Driver Helper Service, Version 186.81 1600 C:\Windows\system32\nvvsvc.exe
<verified> NVIDIA Driver Helper Service, Version 186.81 924 C:\Windows\system32\nvvsvc.exe
<verified> Microsoft Windows Search Indexer 2352 C:\Windows\system32\SearchIndexer.exe
<verified> Applications Services et Contrôleur 704 C:\Windows\system32\services.exe
<verified> Service de gestion des licences Microsoft 1376 C:\Windows\system32\SLsvc.exe
<verified> Windows Session Manager 528 C:\Windows\System32\smss.exe
<verified> Application sous-système spouleur 4052 C:\Windows\System32\spoolsv.exe
<verified> Processus hôte pour les services Windows 1516 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 1412 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 1940 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 2296 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 1100 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 2324 C:\Windows\System32\svchost.exe
<verified> Processus hôte pour les services Windows 864 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 1072 C:\Windows\System32\svchost.exe
<verified> Processus hôte pour les services Windows 1048 C:\Windows\System32\svchost.exe
<verified> Processus hôte pour les services Windows 1016 C:\Windows\System32\svchost.exe
<verified> Processus hôte pour les services Windows 2024 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 952 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 1792 C:\Windows\system32\svchost.exe
<verified> Processus hôte pour les services Windows 7696 C:\Windows\System32\svchost.exe
<verified> Moteur du Planificateur de tâches 2596 C:\Windows\system32\taskeng.exe
<verified> Moteur du Planificateur de tâches 980 C:\Windows\system32\taskeng.exe
<verified> Service de cliché instantané de volumes Microsoft® 7240 C:\Windows\system32\vssvc.exe
<verified> Application de démarrage de Windows 656 C:\Windows\system32\wininit.exe
<verified> Application d'ouverture de session Windows 1132 C:\Windows\system32\winlogon.exe
<verified> Windows Update 6992 C:\Windows\system32\wuauclt.exe
Network activity
----------------
Process msnmsgr.exe (1212) connected on port 1863 (MSN) - sn1msg2010815.phx.gbl
Process msnmsgr.exe (1212) connected on port 443 (HTTP over SSL) - sn1msg2010636.phx.gbl
Process msnmsgr.exe (1212) connected on port 443 (HTTP over SSL) - sn1msg1010536.phx.gbl
Process msnmsgr.exe (1212) connected on port 443 (HTTP over SSL) - sn1msg1020236.phx.gbl
Process msnmsgr.exe (1212) connected on port 443 (HTTP over SSL) - by2msg4010720.phx.gbl
Process msnmsgr.exe (1212) connected on port 443 (HTTP over SSL) - sn1msg2010837.phx.gbl
Process msnmsgr.exe (1212) connected on port 443 (HTTP over SSL) - by2msg4010501.phx.gbl
Process jusched.exe (4284) connected on port 80 (HTTP) - 77.67.41.186
Process Skype.exe (4352) connected on port 58067 - 92-249-226-162.pool.digikabel.hu
Process firefox.exe (5492) connected on port 80 (HTTP) - wy-in-f147.1e100.net
Process firefox.exe (5492) connected on port 80 (HTTP) - wy-in-f105.1e100.net
Process firefox.exe (5492) connected on port 80 (HTTP) - wy-in-f113.1e100.net
Process firefox.exe (5492) connected on port 80 (HTTP) - ww-in-f138.1e100.net
Process firefox.exe (5492) connected on port 80 (HTTP) - a92-123-228-20.deploy.akamaitechnologies.com
Process firefox.exe (5492) connected on port 80 (HTTP) - a92-123-8-100.deploy.akamaitechnologies.com
Process firefox.exe (5492) connected on port 80 (HTTP) - channel47-09-01-snc1.facebook.com
Process antimalware.exe (5748) connected on port 80 (HTTP) - static.182.151.46.78.clients.your-server.de
Process iexplore.exe (5768) connected on port 80 (HTTP) - a92-123-12-20.deploy.akamaitechnologies.com
Process iexplore.exe (5768) connected on port 80 (HTTP) - ww-in-f138.1e100.net
Process iexplore.exe (5768) connected on port 80 (HTTP) - a92-123-12-20.deploy.akamaitechnologies.com
Process iexplore.exe (5768) connected on port 80 (HTTP) - 91.199.104.31
Process wininit.exe (656) listens on ports: 49152 (RPC)
Process services.exe (704) listens on ports: 49157 (RPC)
Process lsass.exe (716) listens on ports: 49154 (RPC)
Process svchost.exe (952) listens on ports: 135 (RPC)
Process svchost.exe (1048) listens on ports: 49153 (RPC)
Process svchost.exe (1100) listens on ports: 49156 (RPC)
Process svchost.exe (1412) listens on ports: 49155 (RPC)
Process TelephoneSurPC.exe (2820) listens on ports: 5080
Process VC.exe (3388) listens on ports: 3825
Process wmpnetwk.exe (4064) listens on ports: 554 (RTSP)
Process Skype.exe (4352) listens on ports: 80 (HTTP), 443 (HTTP over SSL), 55404
Autoruns and critical files
---------------------------
<unsigned> Acer Tour Reminder C:\Acer\AcerTour\Reminder.exe
<unsigned> Notification tool for RealTek audio chip C:\Acer\Empowering Technology\eAudio\eAudio.exe
<unsigned> eDataSecurity System Loader( Load and prepare envi C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
<unsigned> WR_PopUp C:\Acer\WR_PopUp\WarReg_PopUp.exe
<unsigned> Adobe Acrobat SpeedLauncher C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
<unsigned> antimalware.exe C:\Program Files\AntiMalware\antimalware.exe
<unsigned> Antivirus System Tray Tool C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
<unsigned> TelephoneSurPCAgent.exe C:\Program Files\Orange\Telephone sur PC\TelephoneSurPCAgent.exe
<unsigned> winampa.exe C:\Program Files\Winamp\winampa.exe
<unsigned> Windows Live Messenger C:\Program Files\Windows Live\Messenger\msnmsgr.exe
<unsigned> richtx64.exe C:\Users\Petis\AppData\Local\Temp\richtx64.exe
<unsigned> eNMSwWatcher Dynamic Link Library C:\Windows\System32\eNetHook.dll
<verified> CyberLink PlayMovie Resident Program C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
<verified> Event Monitor User Notification Tool C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
<verified> Intel(R) Flash Cache Logic Chip OROM Update Applic C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
<verified> Java(TM) Platform SE binary C:\Program Files\Java\jre6\bin\jusched.exe
<verified> Kaspersky Anti-Virus C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
<verified> Kaspersky OE plugin loader c:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll
<verified> Mozilla 3 Virtual Keyboard c:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll
<verified> Launch Manager C:\Program Files\Launch Manager\QtZgAcer.EXE
<verified> Skype C:\Program Files\Skype\Phone\Skype.exe
<verified> Steam 732897 C:\Program Files\Steam\Steam.exe
<verified> Synaptics TouchPad Enhancements C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
<verified> Windows Defender User Interface C:\Program Files\Windows Defender\MSASCui.exe
<verified> Volet Windows C:\Program Files\Windows Sidebar\sidebar.exe
<verified> The utilities for device installation C:\Windows\PLFSet.dll
<verified> HD Audio Control Panel C:\Windows\RtHDVCpl.exe
<verified> Bibliothèque de l'interface utilisateur du navigat C:\Windows\System32\browseui.dll
<verified> Logon Visualizer C:\Windows\system32\klogon.dll
<verified> NVIDIA Display Properties Extension C:\Windows\system32\NvCpl.dll
<verified> EPSON Status Monitor 3 C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE
<verified> Application d'ouverture de session Userinit c:\windows\system32\userinit.exe
<verified> Contrôleur de site Web C:\Windows\System32\webcheck.dll
Browser plugins
---------------
<unsigned> ActiveToolBand Module C:\Windows\System32\ActiveToolBand.dll
<unsigned> eDStoolbar Module c:\windows\system32\edstoolbar.dll
<verified> Adobe Acrobat IE Helper Version 7.0 for ActiveX C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
<verified> WindowsLiveLogin.dll C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
<verified> Java(TM) Platform SE binary c:\program files\java\jre6\bin\jp2ssv.dll
<verified> IE Virtual Keyboard c:\program files\kaspersky lab\kaspersky internet security 2010\ievkbd.dll
<verified> WebToolBar component c:\program files\kaspersky lab\kaspersky internet security 2010\klwtbbho.dll
<verified> NPRuntime Script Plug-in Library for Java(TM) Depl C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
<verified> Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
<verified> BitDefender QuickScan C:\Windows\Downloaded Program Files\qsax.ocx
<verified> Windows Presentation Foundation (WPF) plug-in for c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
<verified> Internet Explorer C:\Windows\System32\ieframe.dll
<verified> NPSWF32.dll C:\Windows\System32\Macromed\Flash\NPSWF32.dll
<verified> Fournisseur de service Sockets 2.0 de Microsoft Wi C:\Windows\System32\mswsock.dll
<verified> Fournisseur Shim d'affectation de noms de messager C:\Windows\System32\NapiNSP.dll
<verified> Network Location Awareness 2 C:\Windows\System32\nlaapi.dll
<verified> Fournisseur d’espace de noms PNRP C:\Windows\System32\pnrpnsp.dll
<verified> LDAP RnR Provider DLL C:\Windows\System32\winrnr.dll
<verified> Windows Sockets Helper DLL C:\Windows\System32\wshbth.dll
Scan
----
The following file(s) must be uploaded for server-side scanning:
C:\Program Files\Orange\Telephone sur PC\ALERT_UI_SOUND.dll
C:\Program Files\Orange\Telephone sur PC\SP_UI_ALERTPREFERENCESPANEL.dll
C:\Program Files\Orange\Telephone sur PC\CallController.dll
C:\Program Files\Orange\Telephone sur PC\SP_CTRL_RESOURCES.dll
C:\Program Files\Orange\Telephone sur PC\SP_CTRL_API.dll
C:\Program Files\Orange\Telephone sur PC\ftlvideobench.dll
C:\Program Files\Orange\Telephone sur PC\AB_UI_ADDRESSBOOK.dll
C:\Program Files\Orange\Telephone sur PC\SOFTPHONE_CTRL.dll
C:\Program Files\Orange\Telephone sur PC\econf.dll
C:\Program Files\Orange\Telephone sur PC\AV_CTRL_AUDIOVIDEO.dll
C:\Program Files\Orange\Telephone sur PC\SP_CTRL_SKIN.dll
C:\Program Files\Orange\Telephone sur PC\ALERT_UI_TOASTER.dll
C:\Program Files\Orange\Telephone sur PC\CodecController.dll
C:\Program Files\Orange\Telephone sur PC\PAV_UI_DTMF.dll
C:\Program Files\Orange\Telephone sur PC\UI_QT_LIBRARY.dll
C:\Program Files\Orange\Telephone sur PC\CH_UI_CALLHISTORY.dll
C:\Program Files\Orange\Telephone sur PC\PRO_CTRL_GENERIC.dll
C:\Program Files\Orange\Telephone sur PC\AV_LOW_SIPCALL.dll
C:\Program Files\Orange\Telephone sur PC\PAV_LOW_DTMF.dll
C:\Program Files\Orange\Telephone sur PC\DCAM.dll
C:\Program Files\Orange\Telephone sur PC\ALERT_CTRL_SOUND.dll
C:\Program Files\Orange\Telephone sur PC\AV_LOW_CONFIG.dll
C:\Program Files\Orange\Telephone sur PC\UI_QT_WIDGET.dll
C:\Program Files\Orange\Telephone sur PC\CFG_UI_AUDIOVIDEO.dll
C:\Program Files\Orange\Telephone sur PC\SP_UI_SCREEN_INFORMATION.dll
C:\Program Files\Orange\Telephone sur PC\SP_CTRL_PHONENUMBER.dll
C:\Program Files\Orange\Telephone sur PC\CFG_CTRL_AUDIOVIDEO.dll
C:\Program Files\Orange\Telephone sur PC\MODULELOADER.dll
C:\Program Files\Orange\Telephone sur PC\ECONFTOOLS.dll
C:\Program Files\Orange\Telephone sur PC\SP_UI_KEYPAD.dll
C:\Program Files\Orange\Telephone sur PC\SP_UI_CALLCOMMANDS.dll
C:\Program Files\Orange\Telephone sur PC\SP_UI_ADVANCED_AV.dll
C:\Program Files\Orange\Telephone sur PC\AV_LOW_SIP.dll
C:\Program Files\Orange\Telephone sur PC\DTMF_CTRL.dll
C:\Program Files\Orange\Telephone sur PC\ftcore.dll
C:\Users\Petis\AppData\Local\Temp\H8SRTddaf.tmp
C:\Program Files\Orange\Telephone sur PC\SP_UI_TALKINGPC.dll
C:\Program Files\Orange\Telephone sur PC\XML_PREFERENCES.dll
C:\Program Files\Orange\Telephone sur PC\ftmaudiocaptureplayback.dll
C:\Program Files\Orange\Telephone sur PC\AV_KER_AUDIOVIDEO.dll
C:\Program Files\Orange\Telephone sur PC\CONTACT_CTRL.dll
C:\Program Files\Orange\Telephone sur PC\ALERT_CTRL_TOASTER.dll
C:\Program Files\Orange\Telephone sur PC\SP_UI_PANEL_PREFERENCES.dll
C:\Program Files\Orange\Telephone sur PC\CH_CTRL_CALLHISTORY.dll
C:\Program Files\Orange\Telephone sur PC\PRO_CTRL_PROFILE.dll
Upload started - 45 file(s)
Upload: C:\Program Files\Orange\Telephone sur PC\PRO_CTRL_GENERIC.dll - 8192 bytes, hash: 378bd42b18a5ae83a4dfa5bfc55390e2
Upload: C:\Program Files\Orange\Telephone sur PC\PAV_LOW_DTMF.dll - 13824 bytes, hash: b6f78433b8b92c1083a3da0d8256fe22
Upload: C:\Program Files\Orange\Telephone sur PC\ECONFTOOLS.dll - 13824 bytes, hash: 7ba20866a924c374a93d385767e185a9
Upload: C:\Program Files\Orange\Telephone sur PC\PAV_UI_DTMF.dll - 15360 bytes, hash: be0da51d712f14c192ec2b57009004fa
Upload: C:\Program Files\Orange\Telephone sur PC\SP_CTRL_PHONENUMBER.dll - 17408 bytes, hash: d974e90822c0b9a39a5d9aea282bd735
Upload: C:\Program Files\Orange\Telephone sur PC\SP_CTRL_RESOURCES.dll - 17408 bytes, hash: f5b29ae19c2742a8ec4fc0dd933d9852
Upload: C:\Program Files\Orange\Telephone sur PC\ALERT_CTRL_TOASTER.dll - 20992 bytes, hash: bda6d8d39ac84825cf201d1be1285de1
Upload: C:\Program Files\Orange\Telephone sur PC\MODULELOADER.dll - 23552 bytes, hash: b26f4a9d6c2d78d56042fddd4140134c
Upload: C:\Program Files\Orange\Telephone sur PC\DTMF_CTRL.dll - 24064 bytes, hash: 9169794e2bdea37a2fc743fa1e4b7e04
Upload: C:\Program Files\Orange\Telephone sur PC\ftlvideobench.dll - 30720 bytes, hash: 3fa9a12360768cb859c15c4651eb1532
Upload: C:\Program Files\Orange\Telephone sur PC\DCAM.dll - 30720 bytes, hash: 12f57264edf1adc317b415f9d0914aef
Upload: C:\Program Files\Orange\Telephone sur PC\SP_CTRL_SKIN.dll - 31744 bytes, hash: 5aebb63a98cbf93820ba5b9de51c7b43
Upload: C:\Program Files\Orange\Telephone sur PC\UI_QT_WIDGET.dll - 32256 bytes, hash: 229884ec8d1ef24fb0cd9d9f53616161
Upload: C:\Program Files\Orange\Telephone sur PC\SP_UI_KEYPAD.dll - 34304 bytes, hash: 62439406410e23b0f9af2ec56cc818bc
Upload: C:\Program Files\Orange\Telephone sur PC\AV_LOW_CONFIG.dll - 42496 bytes, hash: 263c01cd309697472f1116fee68914b9
Upload: C:\Program Files\Orange\Telephone sur PC\SOFTPHONE_CTRL.dll - 45056 bytes, hash: 9e867d5193fc531f4a2f9da2371c8b30
Upload: C:\Program Files\Orange\Telephone sur PC\SP_CTRL_API.dll - 53248 bytes, hash: 6da31fedd0e74df00f268e53c76aaac9
Upload: C:\Program Files\Orange\Telephone sur PC\XML_PREFERENCES.dll - 53248 bytes, hash: 1999d3d974a7b11cb63706ca83bfdb0b
Upload: C:\Program Files\Orange\Telephone sur PC\SP_UI_ALERTPREFERENCESPANEL.dll - 57344 bytes, hash: 22d56bcb61b38c90ea26efbc99dd4428
Upload: C:\Program Files\Orange\Telephone sur PC\ALERT_UI_TOASTER.dll - 69632 bytes, hash: ab603cb345d2272bbbc483d75852f08e
Upload: C:\Program Files\Orange\Telephone sur PC\ALERT_CTRL_SOUND.dll - 69632 bytes, hash: 3c58b546ddd1348c397aa0592b684fa6
Upload: C:\Program Files\Orange\Telephone sur PC\SP_UI_ADVANCED_AV.dll - 73728 bytes, hash: 3fcfa2cd89bdc40d958f54843a1ef316
Upload: C:\Program Files\Orange\Telephone sur PC\CFG_CTRL_AUDIOVIDEO.dll - 77824 bytes, hash: 76b8573b9b16c7bbe8a88235f11bbe15
Upload: C:\Program Files\Orange\Telephone sur PC\CFG_UI_AUDIOVIDEO.dll - 86016 bytes, hash: ec93c04920dd2a01af179dea30b63f6e
Upload: C:\Program Files\Orange\Telephone sur PC\AV_LOW_SIP.dll - 86016 bytes, hash: e843a08aab787b253af9924cc513045f
Upload: C:\Program Files\Orange\Telephone sur PC\SP_UI_PANEL_PREFERENCES.dll - 90112 bytes, hash: 42987106ffb90624efd277e0656243e6
Upload: C:\Program Files\Orange\Telephone sur PC\AV_LOW_SIPCALL.dll - 94208 bytes, hash: 0fa85964442f23cfcef2a31bca3a343e
Upload: C:\Program Files\Orange\Telephone sur PC\ALERT_UI_SOUND.dll - 106496 bytes, hash: 22dabfbf3d078a9ffdc77fcc9ac8cfa0
Upload: C:\Program Files\Orange\Telephone sur PC\SP_UI_CALLCOMMANDS.dll - 118784 bytes, hash: d5332429228bf48ca48f842b5066062f
Upload: C:\Program Files\Orange\Telephone sur PC\ftcore.dll - 118784 bytes, hash: 81cfb3253965d87e59b57c0c77f60e8d
Upload: C:\Program Files\Orange\Telephone sur PC\AV_CTRL_AUDIOVIDEO.dll - 126976 bytes, hash: cf9ac5e0c7d9889ca2ddd47f9741c3ee
Upload: C:\Program Files\Orange\Telephone sur PC\AV_KER_AUDIOVIDEO.dll - 135168 bytes, hash: 4f58b07f5e32741985fa64cc7a04c9e0
Upload: C:\Program Files\Orange\Telephone sur PC\CONTACT_CTRL.dll - 143360 bytes, hash: d084942598705cc1b9400d82cfd3b82e
Upload: C:\Program Files\Orange\Telephone sur PC\CH_CTRL_CALLHISTORY.dll - 151552 bytes, hash: 01f97f5d8e8cc81073193f39387d6914
Upload: C:\Program Files\Orange\Telephone sur PC\CH_UI_CALLHISTORY.dll - 155648 bytes, hash: 287a181c153ee72137820b829ec9c485
Upload: C:\Program Files\Orange\Telephone sur PC\AB_UI_ADDRESSBOOK.dll - 204800 bytes, hash: e8e83de35b7516a4c8f9307a5d45d8c2
Upload: C:\Program Files\Orange\Telephone sur PC\PRO_CTRL_PROFILE.dll - 204800 bytes, hash: 4eb41c40c23d1c5e46f8a4d225695ca5
Upload: C:\Program Files\Orange\Telephone sur PC\SP_UI_TALKINGPC.dll - 253952 bytes, hash: 9cf9a5d9c8fc6fa78d1484ec9ff3514c
Upload: C:\Program Files\Orange\Telephone sur PC\SP_UI_SCREEN_INFORMATION.dll - 294912 bytes, hash: c61b1f4ab8705b663f766f155a7efc6f
Upload: C:\Program Files\Orange\Telephone sur PC\ftmaudiocaptureplayback.dll - 315392 bytes, hash: 4930557c400ee10f193a6737870b1ff2
Upload: C:\Program Files\Orange\Telephone sur PC\econf.dll - 323584 bytes, hash: 9072a62ece6e8494f478d6ebf952043b
Upload: C:\Program Files\Orange\Telephone sur PC\CallController.dll - 454656 bytes, hash: 234cd0a5493b16d250389c0d5576591c
Upload: C:\Program Files\Orange\Telephone sur PC\CodecController.dll - 503808 bytes, hash: cb5e8c3d25b7de08211e16e6e0268b92
Upload: C:\Users\Petis\AppData\Local\Temp\H8SRTddaf.tmp - 681472 bytes, hash: 0abf5f361e11b2e82e511ebf56bbcb2d
Upload: C:\Program Files\Orange\Telephone sur PC\UI_QT_LIBRARY.dll - 757760 bytes, hash: fe162d00bc0f26083047667b013dbaa5
Upload speed - 27 KB/s
Upload finished - 45 uploaded, 0 failed
The uploaded file(s) were found clean.
Scan finished - communication took 226 sec
Total traffic - 6.10 MB sent, 4.24 KB recvd
Scanned 2048 files and modules - 436 seconds