Virus win32 Adware-gen[Adw]
Fermé
rapiette
-
16 sept. 2010 à 19:47
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 21 sept. 2010 à 12:25
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 21 sept. 2010 à 12:25
A voir également:
- Virus win32 Adware-gen[Adw]
- Adw cleaner gratuit - Télécharger - Antivirus & Antimalwares
- Evo-gen virus huawei - Forum Huawei
- Hacktool win32 autokms ✓ - Forum Virus
- Puadimanager win32 ✓ - Forum Virus
- Svchost.exe virus - Guide
8 réponses
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
16 sept. 2010 à 20:04
16 sept. 2010 à 20:04
slt colle nous le rapport d'avast ou sinon donne le nom de l'infection trouvée et les fichiers infectés
puis
Télécharge OTL de OLDTimer ici :
http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/
et enregistre le sur ton Bureau.
Double clic sur OTL.exe pour le lancer.
Coche les 2 cases Lop et Purity
Coche la case devant "scan all users"
Clic sur Run Scan.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
Pour me le transmettre clique sur ce lien :
http://www.cijoint.fr/
Clique sur Parcourir et cherche le fichier ci-dessus.
Clique sur Ouvrir.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
puis
Télécharge OTL de OLDTimer ici :
http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/
et enregistre le sur ton Bureau.
Double clic sur OTL.exe pour le lancer.
Coche les 2 cases Lop et Purity
Coche la case devant "scan all users"
Clic sur Run Scan.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
Pour me le transmettre clique sur ce lien :
http://www.cijoint.fr/
Clique sur Parcourir et cherche le fichier ci-dessus.
Clique sur Ouvrir.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
17 sept. 2010 à 10:14
17 sept. 2010 à 10:14
ok c'est mieux
colle le rapport de nettoyage avec le logiciel AD REMOVER
et colle un rapport OTL en suivant
colle le rapport de nettoyage avec le logiciel AD REMOVER
et colle un rapport OTL en suivant
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
Modifié par jlpjlp le 17/09/2010 à 10:50
Modifié par jlpjlp le 17/09/2010 à 10:50
ok
désactive le compte utilisateur
https://www.baudelet.net/windows-vista/uac-controle-comptes-utilisateurs.htm
puis avec le bouton droit sur le logiciel AD REMOVER et choisis l'option : Executer en tant qu'administrateur et lance la procédure de nettoyage
a plus
désactive le compte utilisateur
https://www.baudelet.net/windows-vista/uac-controle-comptes-utilisateurs.htm
puis avec le bouton droit sur le logiciel AD REMOVER et choisis l'option : Executer en tant qu'administrateur et lance la procédure de nettoyage
a plus
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
17 sept. 2010 à 13:50
17 sept. 2010 à 13:50
télécharge le logiciel navilog et colle le rapport obtenu a la place de ad remover
voici le rapport de navilog
Fix Navipromo version 4.0.9 commencé le 17/09/2010 14:19:24,10
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\navilog1
Mise à jour le 21.06.2010 à 18h00 par IL-MAFIOSO
Microsoft® Windows Vista(TM) Édition Familiale Basique ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual-Core Processor TK-55 )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : fleur ( Not Administrator ! )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090211-0] 4.8.1335 (Activated)
C:\ (Local Disk) - NTFS - Total:51 Go (Free:11 Go)
D:\ (Local Disk) - NTFS - Total:50 Go (Free:50 Go)
E:\ (CD or DVD)
Recherche executée en mode normal
Nettoyage exécuté au redémarrage de l'ordinateur
C:\Windows\prefetch\GAVNK9AB.EXE-E7696107.pf supprimé !
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\fleur\AppData\Local\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
C:\ProgramData\cerasus.media trouvé ! Infection Lop possible non traitée par cet outil !
*** Scan terminé 17/09/2010 14:34:38,75 ***
Et voici le lien pour le rapport OTL
http://www.cijoint.fr/cjlink.php?file=cj201009/cijDv9rAYe.txt
merci vraiment pour ton aide
Fix Navipromo version 4.0.9 commencé le 17/09/2010 14:19:24,10
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
Outil exécuté depuis C:\navilog1
Mise à jour le 21.06.2010 à 18h00 par IL-MAFIOSO
Microsoft® Windows Vista(TM) Édition Familiale Basique ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual-Core Processor TK-55 )
BIOS : PhoenixBIOS 4.0 Release 6.1
USER : fleur ( Not Administrator ! )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1335 [VPS 090211-0] 4.8.1335 (Activated)
C:\ (Local Disk) - NTFS - Total:51 Go (Free:11 Go)
D:\ (Local Disk) - NTFS - Total:50 Go (Free:50 Go)
E:\ (CD or DVD)
Recherche executée en mode normal
Nettoyage exécuté au redémarrage de l'ordinateur
C:\Windows\prefetch\GAVNK9AB.EXE-E7696107.pf supprimé !
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\fleur\AppData\Local\Temp effectué !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
C:\ProgramData\cerasus.media trouvé ! Infection Lop possible non traitée par cet outil !
*** Scan terminé 17/09/2010 14:34:38,75 ***
Et voici le lien pour le rapport OTL
http://www.cijoint.fr/cjlink.php?file=cj201009/cijDv9rAYe.txt
merci vraiment pour ton aide
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
17 sept. 2010 à 16:34
17 sept. 2010 à 16:34
aie aie aie ... il y en a...
branche tous tes supports externes (clés usb...) puis colle un rapport de nettoyage avec le logiciel usbfix
puis télécharge malwarebyte antimalware, mets le à jour et colle un rapport de nettoyage (analyse rapide)
puis remets un rapport OTL tout neuf et dis nous si ton pc va mieux
branche tous tes supports externes (clés usb...) puis colle un rapport de nettoyage avec le logiciel usbfix
puis télécharge malwarebyte antimalware, mets le à jour et colle un rapport de nettoyage (analyse rapide)
puis remets un rapport OTL tout neuf et dis nous si ton pc va mieux
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
18 sept. 2010 à 09:35
18 sept. 2010 à 09:35
fais tout ce qui est indiqué au dessus car même avec avast il restera des infections
pour virer ce qui est en quarantaine , il suffit d'aller dans le dossier quarantaine d'avast et de supprimer tout ce qui est dedans
pour virer ce qui est en quarantaine , il suffit d'aller dans le dossier quarantaine d'avast et de supprimer tout ce qui est dedans
voici le rapport d'OTL apré malwarebytes
OTL logfile created on: 18/09/2010 11:55:26 - Run 2
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\fleur\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
766,00 Mb Total Physical Memory | 76,00 Mb Available Physical Memory | 10,00% Memory free
2,00 Gb Paging File | 0,00 Gb Available in Paging File | 15,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51,14 Gb Total Space | 12,00 Gb Free Space | 23,47% Space Free | Partition Type: NTFS
Drive D: | 50,89 Gb Total Space | 50,62 Gb Free Space | 99,48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC-DE-FLEUR
Current User Name: fleur
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2010/09/18 11:54:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\fleur\Desktop\OTL.exe
PRC - [2010/09/17 14:35:49 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\fleur\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2010/09/07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/02 11:18:24 | 000,986,472 | ---- | M] (Badoo) -- C:\ProgramData\Badoo\Badoo Desktop\1.1.101.725\Badoo.Desktop.exe
PRC - [2010/06/21 15:04:12 | 001,959,768 | ---- | M] (Secure Digital Services Limited) -- C:\Program Files\OfferBox\OfferBox.exe
PRC - [2010/06/07 15:32:12 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2010/05/26 19:28:14 | 002,913,576 | ---- | M] (Guillemot Corporation S.A.) -- C:\Program Files\Hercules\Deluxe Optical Glass\XtrCtrl.exe
PRC - [2010/05/07 17:37:06 | 000,267,536 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\mswinext.exe
PRC - [2010/04/16 18:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2010/02/24 18:12:30 | 000,318,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
PRC - [2010/02/24 18:12:30 | 000,242,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/11/24 11:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
PRC - [2009/09/04 17:09:46 | 000,032,838 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
PRC - [2009/09/04 17:09:46 | 000,028,762 | ---- | M] (MyWebSearch.com) -- C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
PRC - [2009/09/04 17:09:46 | 000,024,688 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/19 09:33:19 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
PRC - [2007/09/14 15:32:46 | 000,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2007/09/14 11:06:48 | 000,454,656 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2007/08/29 11:35:38 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2007/08/15 11:21:38 | 000,772,616 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2007/07/06 05:06:52 | 004,669,440 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/07/03 11:40:10 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/06/28 18:50:52 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007/06/13 16:54:36 | 000,135,168 | R--- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2007/06/11 14:54:58 | 001,286,144 | ---- | M] (CyberLink) -- C:\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2007/04/26 15:24:30 | 000,118,464 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
PRC - [2007/04/26 15:24:28 | 000,257,736 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
PRC - [2007/04/26 15:24:08 | 000,151,552 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer\Acer Arcade\PCMService.exe
PRC - [2007/04/26 15:23:20 | 001,076,832 | ---- | M] (Cyberlink) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
PRC - [2007/04/25 16:34:30 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
PRC - [2007/04/25 16:33:36 | 000,457,216 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
PRC - [2007/04/23 09:53:48 | 000,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2007/02/09 07:35:54 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2007/01/26 14:24:42 | 000,050,688 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe
PRC - [2006/11/24 12:57:54 | 000,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2004/12/02 11:40:48 | 000,217,088 | ---- | M] (CASIO COMPUTER CO.,LTD.) -- C:\Program Files\CASIO\Photo Loader\Plauto.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2010/09/18 11:54:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\fleur\Desktop\OTL.exe
MOD - [2010/08/22 11:47:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\mfc80FRA.dll
MOD - [2010/08/22 11:46:58 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll
MOD - [2010/08/22 11:46:55 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll
MOD - [2010/08/22 11:46:55 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll
MOD - [2010/06/07 15:31:56 | 000,023,864 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll
MOD - [2009/09/04 17:09:46 | 000,045,134 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\mwsoestb.dll
MOD - [2009/09/04 17:09:45 | 000,024,685 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\f3hkstub.dll
MOD - [2009/04/11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/19 09:34:02 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
MOD - [2008/01/19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2007/04/25 16:31:00 | 000,028,672 | ---- | M] () -- C:\Windows\System32\BatchCrypto.dll
MOD - [2007/04/25 16:30:44 | 000,063,488 | ---- | M] () -- C:\Windows\System32\ShowErrMsg.dll
MOD - [2007/04/25 16:30:40 | 000,286,720 | ---- | M] (HiTRUST) -- C:\Windows\System32\sysenv.dll
MOD - [2007/03/17 05:19:08 | 000,237,568 | ---- | M] (HiTRSUT) -- C:\Windows\System32\keyManager.dll
MOD - [2007/02/12 16:02:08 | 000,094,208 | ---- | M] (HiTRUST Inc.) -- C:\Windows\System32\MSNChatHook.dll
MOD - [2006/11/29 21:30:18 | 000,401,408 | ---- | M] (HiTRUST) -- C:\Windows\System32\CryptoAPI.dll
MOD - [2006/07/11 18:35:38 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\SweetIM\Messenger\MSVCR71.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Planificateur LiveUpdate automatique)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/24 18:12:30 | 000,242,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/09/25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/09/04 17:09:46 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe -- (MyWebSearchService)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/01/19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/09/14 15:32:46 | 000,167,936 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2007/07/03 11:40:10 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/06/28 18:50:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/06/13 16:54:36 | 000,135,168 | R--- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2007/04/26 15:24:30 | 000,118,464 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2007/04/26 15:24:28 | 000,257,736 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2007/04/26 15:23:20 | 001,076,832 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2007/04/25 16:34:30 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/04/23 09:53:48 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007/01/26 14:24:42 | 000,050,688 | ---- | M] () [Auto | Running] -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService)
SRV - [2006/11/24 12:57:54 | 000,107,008 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\System32\Drivers\Lxarscan.sys -- (LXARScan)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/09/07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 16:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/09/07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/04/28 07:44:02 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009/04/22 15:46:42 | 003,482,112 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009/04/11 06:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2009/02/09 00:42:42 | 000,099,968 | ---- | M] (Guillemot Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hxctlflt.sys -- (hxctlflt)
DRV - [2008/12/03 21:12:00 | 007,606,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2007/11/18 04:39:50 | 001,040,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/08/04 07:39:25 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2007/07/18 13:32:40 | 001,841,312 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/06/18 12:03:32 | 000,737,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/06/14 04:33:26 | 000,154,624 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/05/17 03:05:10 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/05/17 02:46:50 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/05/17 02:46:36 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/05/17 02:46:26 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/05/17 02:46:20 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/05/16 14:47:44 | 000,032,256 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2007/04/25 16:34:44 | 000,016,680 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PSDNServ.sys -- (PSDNServ)
DRV - [2007/04/25 16:34:40 | 000,060,712 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\psdvdisk.sys -- (psdvdisk)
DRV - [2007/04/25 16:34:38 | 000,020,776 | ---- | M] (HiTRUST) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/12/07 19:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006/11/02 15:29:36 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr)
DRV - [2006/11/02 15:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\PROGRA~1\LAUNCH~1\DPortIO.sys -- (DritekPortIO)
DRV - [2006/11/02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 09:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
IE - HKLM\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = https://www.acer.com/worldwide/selection.html [binary data]
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.acer.com/worldwide/selection.html [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = https://www.acer.com/worldwide/selection.html [binary data]
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.acer.com/worldwide/selection.html [binary data]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE =
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2542115
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 26 97 F8 B8 28 CB 01 [binary data]
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\Firefox [2010/09/06 16:27:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/09/06 16:30:39 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (OfferBox) - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll (Secure Digital Services Limited)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\Toolbar\WebBrowser: (Softonic_France Toolbar) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Acer Tour] File not found
O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)
O4 - HKLM..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe File not found
O4 - HKLM..\Run: [avast5] C:\Programmes\Alwil Software\Avast5\AvastUI.exe File not found
O4 - HKLM..\Run: [CamserviceOG] C:\Program Files\Hercules\Deluxe Optical Glass\XtrCtrl.exe (Guillemot Corporation S.A.)
O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Programmes\MyWebSearch\bar\1.bin\M3SRCHMN.EXE File not found
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Plugin] C:\Programmes\MyWebSearch\bar\1.bin\M3PLUGIN.DLL File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Acer\Acer Arcade\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd File not found
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000..\Run: [Acer Tour Reminder] File not found
O4 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.1.101.725\Badoo.Desktop.exe (Badoo)
O4 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe (MyWebSearch.com)
O4 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000..\Run: [Windows System Guard] C:\Users\Public\msnd.exe File not found
O4 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/CursorManiaInitialSetup1.0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.extrafilm.fr/ImageUploader5.cab (Reg Error: Key error.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\fleur\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\fleur\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/09/18 10:20:56 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/09/18 10:20:56 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{101e9bf1-8254-11dd-aa05-806e6f6e6963}\Shell\AutoRun\command - "" = C:\Windows\explorer.exe -- [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{101e9bf1-8254-11dd-aa05-806e6f6e6963}\Shell\explore\Command - "" = C:\Windows\explorer.exe -- [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{101e9bf1-8254-11dd-aa05-806e6f6e6963}\Shell\open\Command - "" = C:\Windows\explorer.exe -- [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{5ea4a5e3-2fdd-11de-ab49-001b386e67d3}\Shell\Auto\command - "" = AdobeR.exe e
O33 - MountPoints2\{89faed63-12d9-11de-bfc3-001b386e67d3}\Shell\AutoRun\command - "" = VIRTUAL_OPTICIAN.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2100/02/08 17:03:54 | 000,053,248 | ---- | C] (Silitek Corp.) -- C:\Program Files\ACMonitor_X73.exe
[2010/09/18 11:53:48 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\fleur\Desktop\OTL.exe
[2010/09/18 10:43:56 | 000,000,000 | ---D | C] -- C:\Users\fleur\AppData\Roaming\Malwarebytes
[2010/09/18 10:42:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/09/18 10:42:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/09/18 10:42:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/09/18 10:42:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/18 10:21:39 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/09/18 10:21:11 | 000,000,000 | ---D | C] -- C:\Program Files\Softonic_France
[2010/09/18 10:20:56 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010/09/17 14:07:02 | 000,000,000 | ---D | C] -- C:\Navilog1
[2010/09/17 14:07:00 | 000,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2010/09/15 18:02:56 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010/09/15 17:07:32 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/09/08 13:07:48 | 000,000,000 | ---D | C] -- C:\Users\fleur\AppData\Roaming\skypePM
[2010/09/08 13:04:11 | 000,000,000 | ---D | C] -- C:\Users\fleur\AppData\Roaming\Skype
[2010/09/08 12:51:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/09/08 12:51:20 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/09/08 12:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/09/06 16:27:32 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2010/09/06 16:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer
[2010/09/06 16:23:38 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010/09/06 16:23:37 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010/09/06 16:23:36 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010/09/06 16:22:02 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2010/09/06 16:07:49 | 000,000,000 | ---D | C] -- C:\Users\fleur\AppData\Local\Windows Live
[2010/09/03 15:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Badoo
[2010/09/01 11:10:11 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM
[2010/09/01 11:10:08 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM
[2010/08/22 12:01:07 | 000,000,000 | ---D | C] -- C:\Users\fleur\Documents\Hercules webcam
[2010/08/22 11:51:37 | 021,479,424 | ---- | C] (Macrovision Corporation) -- C:\Users\fleur\Documents\HWSE_SE_v3.4.exe
[2010/08/22 11:50:05 | 034,518,600 | ---- | C] (Macrovision Corporation) -- C:\Users\fleur\Documents\HOPGL_v3.4.0.0.exe
[2010/08/22 11:46:17 | 000,374,056 | ---- | C] (Guillemot Corporation S.A.) -- C:\Windows\System32\HWLMSET2.exe
[2010/08/22 10:16:55 | 000,291,328 | ---- | C] (Sonix) -- C:\Windows\System32\vsnp2uvc.dll
[2010/08/22 10:16:52 | 000,184,320 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2010/08/22 10:16:51 | 000,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2010/08/22 10:16:46 | 000,099,968 | ---- | C] (Guillemot Corporation) -- C:\Windows\System32\drivers\hxctlflt.sys
[2010/08/22 10:16:46 | 000,000,000 | ---D | C] -- C:\Program Files\Hercules
[2010/08/22 10:15:42 | 000,000,000 | ---D | C] -- C:\Users\fleur\AppData\Roaming\InstallShield
[2007/08/04 07:45:29 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010/09/18 12:03:03 | 003,932,160 | -HS- | M] () -- C:\Users\fleur\NTUSER.DAT
[2010/09/18 11:54:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\fleur\Desktop\OTL.exe
[2010/09/18 11:24:40 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/18 10:42:35 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/18 10:38:20 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/09/18 10:21:00 | 002,695,680 | ---- | M] () -- C:\Users\fleur\Desktop\Softonic_France.exe
[2010/09/18 10:20:34 | 000,388,227 | ---- | M] () -- C:\Users\fleur\Desktop\MKV.exe
[2010/09/18 10:12:39 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/18 10:12:39 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/18 09:59:54 | 000,291,640 | ---- | M] () -- C:\Users\fleur\Desktop\SoftonicDownloader85590.exe
[2010/09/18 09:24:13 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/18 08:19:06 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{BE818365-35A4-4749-B888-9C2DF4D79D23}.job
[2010/09/18 08:16:11 | 000,042,111 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/09/18 08:15:47 | 000,042,111 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/09/18 08:15:20 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\Registry Reviver-fleur-Startup.job
[2010/09/18 08:12:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/18 08:12:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/18 08:12:31 | 804,052,992 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/17 19:42:13 | 000,524,288 | -HS- | M] () -- C:\Users\fleur\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2010/09/17 19:42:13 | 000,065,536 | -HS- | M] () -- C:\Users\fleur\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2010/09/17 19:41:19 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/09/17 15:54:21 | 002,721,327 | -H-- | M] () -- C:\Users\fleur\AppData\Local\IconCache.db
[2010/09/17 14:54:07 | 000,011,768 | ---- | M] () -- C:\Users\fleur\Documents\http.docx
[2010/09/17 14:18:28 | 000,231,564 | ---- | M] () -- C:\Users\fleur\Desktop\Navilog1.exe
[2010/09/17 11:38:00 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2010/09/17 11:34:46 | 000,071,456 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2010/09/17 11:34:41 | 000,008,224 | ---- | M] () -- C:\Users\fleur\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/09/17 11:32:21 | 000,299,360 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/09/17 10:28:01 | 000,002,687 | ---- | M] () -- C:\Users\fleur\Desktop\Microsoft Office Word 2007.lnk
[2010/09/15 10:29:24 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/09/15 00:30:45 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/09/14 19:08:45 | 000,000,680 | ---- | M] () -- C:\Users\fleur\AppData\Local\d3d9caps.dat
[2010/09/10 23:23:31 | 000,011,781 | ---- | M] () -- C:\Users\fleur\Documents\PLANNING SEPTEMBRE.xlsx
[2010/09/08 13:02:02 | 000,001,959 | ---- | M] () -- C:\Users\fleur\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/09/08 12:51:48 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/09/07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/09/07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010/09/07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/09/07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/09/07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/09/07 16:47:30 | 000,050,768 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/09/07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/09/04 21:11:31 | 000,049,152 | ---- | M] () -- C:\Users\fleur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/25 11:55:24 | 000,011,193 | ---- | M] () -- C:\Users\fleur\Documents\Ce Rêve Bleu.docx
[2010/08/23 17:39:10 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/08/23 17:39:09 | 001,495,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/23 17:39:09 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/23 17:39:09 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/08/23 17:39:09 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/22 12:00:47 | 000,002,011 | ---- | M] () -- C:\Users\Public\Desktop\Webcam Station Evolution SE.lnk
[2010/08/22 11:51:37 | 021,479,424 | ---- | M] (Macrovision Corporation) -- C:\Users\fleur\Documents\HWSE_SE_v3.4.exe
[2010/08/22 11:50:12 | 034,518,600 | ---- | M] (Macrovision Corporation) -- C:\Users\fleur\Documents\HOPGL_v3.4.0.0.exe
[2010/08/22 11:19:23 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2100/02/23 15:35:34 | 000,000,768 | ---- | C] () -- C:\Program Files\x73_lut.dat
[2100/02/08 16:53:34 | 000,001,437 | ---- | C] () -- C:\Program Files\gtx73.ini
[2010/09/18 10:42:35 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/18 10:20:29 | 002,695,680 | ---- | C] () -- C:\Users\fleur\Desktop\Softonic_France.exe
[2010/09/18 10:20:29 | 000,388,227 | ---- | C] () -- C:\Users\fleur\Desktop\MKV.exe
[2010/09/18 09:59:35 | 000,291,640 | ---- | C] () -- C:\Users\fleur\Desktop\SoftonicDownloader85590.exe
[2010/09/17 14:18:17 | 000,231,564 | ---- | C] () -- C:\Users\fleur\Desktop\Navilog1.exe
[2010/09/17 11:38:00 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/09/17 11:26:49 | 000,011,768 | ---- | C] () -- C:\Users\fleur\Documents\http.docx
[2010/09/10 23:20:50 | 000,011,781 | ---- | C] () -- C:\Users\fleur\Documents\PLANNING SEPTEMBRE.xlsx
[2010/09/08 13:02:02 | 000,001,975 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/09/08 13:02:02 | 000,001,959 | ---- | C] () -- C:\Users\fleur\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/09/08 12:51:47 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/08/25 11:55:21 | 000,011,193 | ---- | C] () -- C:\Users\fleur\Documents\Ce Rêve Bleu.docx
[2010/08/22 12:00:47 | 000,002,011 | ---- | C] () -- C:\Users\Public\Desktop\Webcam Station Evolution SE.lnk
[2010/08/22 11:46:17 | 000,015,144 | ---- | C] () -- C:\Windows\System32\HWLMSET2PS.dll
[2010/08/22 10:16:53 | 003,482,112 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2010/08/22 10:16:53 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2010/08/22 10:16:53 | 000,013,022 | ---- | C] () -- C:\Windows\snp2uvc.src
[2010/08/22 10:16:52 | 000,027,264 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2010/07/01 13:25:42 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010/07/01 13:25:42 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010/06/16 11:51:41 | 000,000,680 | ---- | C] () -- C:\Users\fleur\AppData\Local\d3d9caps.dat
[2010/03/18 16:59:31 | 000,000,123 | ---- | C] () -- C:\Windows\System32\QVPMON.INI
[2009/10/22 19:30:44 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/31 09:56:02 | 000,258,048 | ---- | C] () -- C:\Users\fleur\AppData\Local\mrxetafl.exe
[2009/05/06 09:33:15 | 000,042,111 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/05/06 09:33:12 | 000,042,111 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/12/02 20:29:45 | 000,031,007 | ---- | C] () -- C:\Users\fleur\AppData\Roaming\UserTile.png
[2008/04/23 18:55:05 | 000,077,824 | ---- | C] () -- C:\Windows\System32\HPZIDS01.dll
[2008/04/23 18:50:50 | 000,012,067 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/02/13 20:03:24 | 000,049,152 | ---- | C] () -- C:\Users\fleur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/12 22:29:03 | 000,027,335 | ---- | C] () -- C:\Users\fleur\AppData\Roaming\nvModes.001
[2008/02/12 22:24:25 | 000,027,335 | ---- | C] () -- C:\Users\fleur\AppData\Roaming\nvModes.dat
[2008/02/11 21:56:44 | 000,000,280 | ---- | C] () -- C:\Users\fleur\AppData\Roaming\wklnhst.dat
[2007/11/21 13:43:43 | 000,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI
[2007/11/21 13:43:42 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2007/08/04 18:09:35 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007/08/04 07:58:40 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007/08/04 07:58:40 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007/08/04 07:57:50 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2007/08/04 07:45:26 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2007/08/04 07:04:04 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/08/04 07:00:54 | 000,000,775 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2007/04/25 16:33:22 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007/04/25 16:32:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007/04/25 16:32:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007/04/25 16:31:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007/04/25 16:30:52 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007/04/25 16:30:44 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/12/25 15:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/10/12 09:42:26 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXARICO.DLL
[2001/10/12 09:42:22 | 000,000,643 | ---- | C] () -- C:\Windows\LEXSTAT.INI
[2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[2001/07/20 11:48:06 | 000,008,116 | ---- | C] () -- C:\Program Files\OSLO3071b2.USB
[2000/12/05 16:56:34 | 000,114,688 | ---- | C] () -- C:\Program Files\lxarscan.dll
[2000/01/11 13:50:48 | 000,000,047 | ---- | C] () -- C:\Program Files\ACMonitor_X73.ini
[color=#E56717]========== LOP Check ==========[/color]
[2009/03/09 18:57:37 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\7Wonders
[2009/04/05 14:31:35 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Abra Academy2
[2009/03/02 12:56:46 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Age of Japan
[2009/04/19 03:36:57 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Alawar
[2009/03/03 15:08:48 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Ancient Quest of Saqqarah__bfg
[2009/11/07 16:08:54 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Artogon
[2009/03/19 16:33:07 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Big Fish Games
[2009/10/07 13:42:57 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\blg
[2009/02/12 20:06:00 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\BloodTies
[2009/04/06 10:26:04 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\cerasus.media
[2009/07/22 18:51:18 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Coyotes Tale
[2009/07/13 18:33:28 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Dreamsdwell Stories
[2009/07/03 18:15:25 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\EnchantedCavern
[2010/04/23 14:49:40 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\ExtraFilm
[2009/02/11 11:26:13 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Flood Light Games
[2009/01/23 15:50:42 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\FloodLightGames
[2009/03/04 18:07:51 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Friday's games
[2009/07/13 17:32:09 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\GameInvest
[2009/04/01 10:20:44 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\GAMEON
[2009/03/29 18:50:32 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Gogii Games
[2010/01/15 13:03:34 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Icones
[2009/02/01 12:30:09 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Image Zone Express
[2009/06/25 14:49:55 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\ITTNord
[2009/02/05 19:35:49 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Little Worlds Online
[2009/03/23 17:28:01 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Magic Academy
[2009/09/15 11:05:54 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Meridian93
[2009/01/25 12:57:49 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\monsterz
[2009/02/15 12:16:38 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\MysteryStudio
[2010/09/17 10:07:03 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\OfferBox
[2009/01/25 11:33:52 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\OpenAlchemist
[2009/03/12 15:03:13 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\panoramik
[2008/12/02 20:29:44 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\PeerNetworking
[2009/05/13 17:32:18 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\PlayFirst
[2009/02/19 16:12:01 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Playrix Entertainment
[2009/02/01 12:30:08 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Printer Info Cache
[2009/07/02 20:20:28 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\QSGames
[2009/02/06 17:54:08 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\SecretIslandEng
[2009/07/18 15:
OTL logfile created on: 18/09/2010 11:55:26 - Run 2
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\fleur\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
766,00 Mb Total Physical Memory | 76,00 Mb Available Physical Memory | 10,00% Memory free
2,00 Gb Paging File | 0,00 Gb Available in Paging File | 15,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 51,14 Gb Total Space | 12,00 Gb Free Space | 23,47% Space Free | Partition Type: NTFS
Drive D: | 50,89 Gb Total Space | 50,62 Gb Free Space | 99,48% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: PC-DE-FLEUR
Current User Name: fleur
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2010/09/18 11:54:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\fleur\Desktop\OTL.exe
PRC - [2010/09/17 14:35:49 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\fleur\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2010/09/07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/09/02 11:18:24 | 000,986,472 | ---- | M] (Badoo) -- C:\ProgramData\Badoo\Badoo Desktop\1.1.101.725\Badoo.Desktop.exe
PRC - [2010/06/21 15:04:12 | 001,959,768 | ---- | M] (Secure Digital Services Limited) -- C:\Program Files\OfferBox\OfferBox.exe
PRC - [2010/06/07 15:32:12 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2010/05/26 19:28:14 | 002,913,576 | ---- | M] (Guillemot Corporation S.A.) -- C:\Program Files\Hercules\Deluxe Optical Glass\XtrCtrl.exe
PRC - [2010/05/07 17:37:06 | 000,267,536 | ---- | M] (Microsoft Corp.) -- C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\mswinext.exe
PRC - [2010/04/16 18:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2010/02/24 18:12:30 | 000,318,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
PRC - [2010/02/24 18:12:30 | 000,242,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/11/24 11:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
PRC - [2009/09/04 17:09:46 | 000,032,838 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
PRC - [2009/09/04 17:09:46 | 000,028,762 | ---- | M] (MyWebSearch.com) -- C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
PRC - [2009/09/04 17:09:46 | 000,024,688 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
PRC - [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/19 09:33:19 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\p2phost.exe
PRC - [2007/09/14 15:32:46 | 000,167,936 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2007/09/14 11:06:48 | 000,454,656 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2007/08/29 11:35:38 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2007/08/15 11:21:38 | 000,772,616 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2007/07/06 05:06:52 | 004,669,440 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/07/03 11:40:10 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/06/28 18:50:52 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007/06/13 16:54:36 | 000,135,168 | R--- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2007/06/11 14:54:58 | 001,286,144 | ---- | M] (CyberLink) -- C:\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2007/04/26 15:24:30 | 000,118,464 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
PRC - [2007/04/26 15:24:28 | 000,257,736 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
PRC - [2007/04/26 15:24:08 | 000,151,552 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer\Acer Arcade\PCMService.exe
PRC - [2007/04/26 15:23:20 | 001,076,832 | ---- | M] (Cyberlink) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
PRC - [2007/04/25 16:34:30 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
PRC - [2007/04/25 16:33:36 | 000,457,216 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
PRC - [2007/04/23 09:53:48 | 000,024,576 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2007/02/09 07:35:54 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2007/01/26 14:24:42 | 000,050,688 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe
PRC - [2006/11/24 12:57:54 | 000,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe
PRC - [2004/12/02 11:40:48 | 000,217,088 | ---- | M] (CASIO COMPUTER CO.,LTD.) -- C:\Program Files\CASIO\Photo Loader\Plauto.exe
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - [2010/09/18 11:54:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\fleur\Desktop\OTL.exe
MOD - [2010/08/22 11:47:00 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\mfc80FRA.dll
MOD - [2010/08/22 11:46:58 | 001,093,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll
MOD - [2010/08/22 11:46:55 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll
MOD - [2010/08/22 11:46:55 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll
MOD - [2010/06/07 15:31:56 | 000,023,864 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\mgAdaptersProxy.dll
MOD - [2009/09/04 17:09:46 | 000,045,134 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\mwsoestb.dll
MOD - [2009/09/04 17:09:45 | 000,024,685 | ---- | M] (MyWebSearch.com) -- C:\Program Files\MyWebSearch\bar\1.bin\f3hkstub.dll
MOD - [2009/04/11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/19 09:34:02 | 000,798,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
MOD - [2008/01/19 09:33:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2007/04/25 16:31:00 | 000,028,672 | ---- | M] () -- C:\Windows\System32\BatchCrypto.dll
MOD - [2007/04/25 16:30:44 | 000,063,488 | ---- | M] () -- C:\Windows\System32\ShowErrMsg.dll
MOD - [2007/04/25 16:30:40 | 000,286,720 | ---- | M] (HiTRUST) -- C:\Windows\System32\sysenv.dll
MOD - [2007/03/17 05:19:08 | 000,237,568 | ---- | M] (HiTRSUT) -- C:\Windows\System32\keyManager.dll
MOD - [2007/02/12 16:02:08 | 000,094,208 | ---- | M] (HiTRUST Inc.) -- C:\Windows\System32\MSNChatHook.dll
MOD - [2006/11/29 21:30:18 | 000,401,408 | ---- | M] (HiTRUST) -- C:\Windows\System32\CryptoAPI.dll
MOD - [2006/07/11 18:35:38 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\SweetIM\Messenger\MSVCR71.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Auto | Stopped] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Planificateur LiveUpdate automatique)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/04/28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/24 18:12:30 | 000,242,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/09/25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/09/04 17:09:46 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe -- (MyWebSearchService)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/01/19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/09/14 15:32:46 | 000,167,936 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2007/07/03 11:40:10 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/06/28 18:50:52 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/06/13 16:54:36 | 000,135,168 | R--- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2007/04/26 15:24:30 | 000,118,464 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2007/04/26 15:24:28 | 000,257,736 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2007/04/26 15:23:20 | 001,076,832 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2007/04/25 16:34:30 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/04/23 09:53:48 | 000,024,576 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007/01/26 14:24:42 | 000,050,688 | ---- | M] () [Auto | Running] -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService)
SRV - [2006/11/24 12:57:54 | 000,107,008 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Windows\System32\Drivers\Lxarscan.sys -- (LXARScan)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/09/07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 16:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/09/07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/04/28 07:44:02 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009/04/22 15:46:42 | 003,482,112 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009/04/11 06:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) Pilote USB audio (WDM)
DRV - [2009/02/09 00:42:42 | 000,099,968 | ---- | M] (Guillemot Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hxctlflt.sys -- (hxctlflt)
DRV - [2008/12/03 21:12:00 | 007,606,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2007/11/18 04:39:50 | 001,040,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/08/04 07:39:25 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2007/07/18 13:32:40 | 001,841,312 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/06/18 12:03:32 | 000,737,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/06/14 04:33:26 | 000,154,624 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/05/17 03:05:10 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/05/17 02:46:50 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/05/17 02:46:36 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/05/17 02:46:26 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/05/17 02:46:20 | 000,207,360 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/05/16 14:47:44 | 000,032,256 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2007/04/25 16:34:44 | 000,016,680 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PSDNServ.sys -- (PSDNServ)
DRV - [2007/04/25 16:34:40 | 000,060,712 | ---- | M] (HiTRUST) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\psdvdisk.sys -- (psdvdisk)
DRV - [2007/04/25 16:34:38 | 000,020,776 | ---- | M] (HiTRUST) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/12/07 19:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006/11/02 15:29:36 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr)
DRV - [2006/11/02 15:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\PROGRA~1\LAUNCH~1\DPortIO.sys -- (DritekPortIO)
DRV - [2006/11/02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 11:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2006/11/02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2006/11/02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2006/11/02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 09:41:49 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2006/11/02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
IE - HKLM\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = https://www.acer.com/worldwide/selection.html [binary data]
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.acer.com/worldwide/selection.html [binary data]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = https://www.acer.com/worldwide/selection.html [binary data]
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.acer.com/worldwide/selection.html [binary data]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE =
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = https://search.yahoo.com/web{searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2542115
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = https://www.msn.com/fr-fr?ocid=iehp
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = fr
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 26 97 F8 B8 28 CB 01 [binary data]
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\URLSearchHook: {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\Firefox [2010/09/06 16:27:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/09/06 16:30:39 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (OfferBox) - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - C:\Program Files\OfferBox\OfferBoxBHO.dll (Secure Digital Services Limited)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Softonic_France Toolbar) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\Toolbar\WebBrowser: (Softonic_France Toolbar) - {4DAAC69C-CBA7-45E2-9BC8-1044483D3352} - C:\Program Files\Softonic_France\tbSof1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Acer Tour] File not found
O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)
O4 - HKLM..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe File not found
O4 - HKLM..\Run: [avast5] C:\Programmes\Alwil Software\Avast5\AvastUI.exe File not found
O4 - HKLM..\Run: [CamserviceOG] C:\Program Files\Hercules\Deluxe Optical Glass\XtrCtrl.exe (Guillemot Corporation S.A.)
O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Programmes\MyWebSearch\bar\1.bin\M3SRCHMN.EXE File not found
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Plugin] C:\Programmes\MyWebSearch\bar\1.bin\M3PLUGIN.DLL File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Acer\Acer Arcade\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SetPanel] C:\Acer\APanel\APanel.cmd File not found
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000..\Run: [Acer Tour Reminder] File not found
O4 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000..\Run: [Badoo Desktop] C:\ProgramData\Badoo\Badoo Desktop\1.1.101.725\Badoo.Desktop.exe (Badoo)
O4 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000..\Run: [CollaborationHost] C:\Windows\System32\p2phost.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe (MyWebSearch.com)
O4 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000..\Run: [Windows System Guard] C:\Users\Public\msnd.exe File not found
O4 - HKU\S-1-5-21-2614442015-997072146-1627410186-1000..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/CursorManiaInitialSetup1.0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.extrafilm.fr/ImageUploader5.cab (Reg Error: Key error.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\fleur\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\fleur\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/09/18 10:20:56 | 000,000,000 | RHSD | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/09/18 10:20:56 | 000,000,000 | RHSD | M] - D:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{101e9bf1-8254-11dd-aa05-806e6f6e6963}\Shell\AutoRun\command - "" = C:\Windows\explorer.exe -- [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{101e9bf1-8254-11dd-aa05-806e6f6e6963}\Shell\explore\Command - "" = C:\Windows\explorer.exe -- [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{101e9bf1-8254-11dd-aa05-806e6f6e6963}\Shell\open\Command - "" = C:\Windows\explorer.exe -- [2009/04/11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
O33 - MountPoints2\{5ea4a5e3-2fdd-11de-ab49-001b386e67d3}\Shell\Auto\command - "" = AdobeR.exe e
O33 - MountPoints2\{89faed63-12d9-11de-bfc3-001b386e67d3}\Shell\AutoRun\command - "" = VIRTUAL_OPTICIAN.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2100/02/08 17:03:54 | 000,053,248 | ---- | C] (Silitek Corp.) -- C:\Program Files\ACMonitor_X73.exe
[2010/09/18 11:53:48 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\fleur\Desktop\OTL.exe
[2010/09/18 10:43:56 | 000,000,000 | ---D | C] -- C:\Users\fleur\AppData\Roaming\Malwarebytes
[2010/09/18 10:42:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/09/18 10:42:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/09/18 10:42:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/09/18 10:42:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/18 10:21:39 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010/09/18 10:21:11 | 000,000,000 | ---D | C] -- C:\Program Files\Softonic_France
[2010/09/18 10:20:56 | 000,000,000 | RHSD | C] -- C:\autorun.inf
[2010/09/17 14:07:02 | 000,000,000 | ---D | C] -- C:\Navilog1
[2010/09/17 14:07:00 | 000,000,000 | ---D | C] -- C:\Program Files\Navilog1
[2010/09/15 18:02:56 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010/09/15 17:07:32 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/09/08 13:07:48 | 000,000,000 | ---D | C] -- C:\Users\fleur\AppData\Roaming\skypePM
[2010/09/08 13:04:11 | 000,000,000 | ---D | C] -- C:\Users\fleur\AppData\Roaming\Skype
[2010/09/08 12:51:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/09/08 12:51:20 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/09/08 12:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/09/06 16:27:32 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2010/09/06 16:25:08 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer
[2010/09/06 16:23:38 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010/09/06 16:23:37 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010/09/06 16:23:36 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010/09/06 16:22:02 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2010/09/06 16:07:49 | 000,000,000 | ---D | C] -- C:\Users\fleur\AppData\Local\Windows Live
[2010/09/03 15:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Badoo
[2010/09/01 11:10:11 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM
[2010/09/01 11:10:08 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM
[2010/08/22 12:01:07 | 000,000,000 | ---D | C] -- C:\Users\fleur\Documents\Hercules webcam
[2010/08/22 11:51:37 | 021,479,424 | ---- | C] (Macrovision Corporation) -- C:\Users\fleur\Documents\HWSE_SE_v3.4.exe
[2010/08/22 11:50:05 | 034,518,600 | ---- | C] (Macrovision Corporation) -- C:\Users\fleur\Documents\HOPGL_v3.4.0.0.exe
[2010/08/22 11:46:17 | 000,374,056 | ---- | C] (Guillemot Corporation S.A.) -- C:\Windows\System32\HWLMSET2.exe
[2010/08/22 10:16:55 | 000,291,328 | ---- | C] (Sonix) -- C:\Windows\System32\vsnp2uvc.dll
[2010/08/22 10:16:52 | 000,184,320 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2010/08/22 10:16:51 | 000,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2010/08/22 10:16:46 | 000,099,968 | ---- | C] (Guillemot Corporation) -- C:\Windows\System32\drivers\hxctlflt.sys
[2010/08/22 10:16:46 | 000,000,000 | ---D | C] -- C:\Program Files\Hercules
[2010/08/22 10:15:42 | 000,000,000 | ---D | C] -- C:\Users\fleur\AppData\Roaming\InstallShield
[2007/08/04 07:45:29 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010/09/18 12:03:03 | 003,932,160 | -HS- | M] () -- C:\Users\fleur\NTUSER.DAT
[2010/09/18 11:54:13 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\fleur\Desktop\OTL.exe
[2010/09/18 11:24:40 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/09/18 10:42:35 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/18 10:38:20 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/09/18 10:21:00 | 002,695,680 | ---- | M] () -- C:\Users\fleur\Desktop\Softonic_France.exe
[2010/09/18 10:20:34 | 000,388,227 | ---- | M] () -- C:\Users\fleur\Desktop\MKV.exe
[2010/09/18 10:12:39 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/18 10:12:39 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/18 09:59:54 | 000,291,640 | ---- | M] () -- C:\Users\fleur\Desktop\SoftonicDownloader85590.exe
[2010/09/18 09:24:13 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/09/18 08:19:06 | 000,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{BE818365-35A4-4749-B888-9C2DF4D79D23}.job
[2010/09/18 08:16:11 | 000,042,111 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/09/18 08:15:47 | 000,042,111 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/09/18 08:15:20 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\Registry Reviver-fleur-Startup.job
[2010/09/18 08:12:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/18 08:12:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/18 08:12:31 | 804,052,992 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/17 19:42:13 | 000,524,288 | -HS- | M] () -- C:\Users\fleur\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2010/09/17 19:42:13 | 000,065,536 | -HS- | M] () -- C:\Users\fleur\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2010/09/17 19:41:19 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/09/17 15:54:21 | 002,721,327 | -H-- | M] () -- C:\Users\fleur\AppData\Local\IconCache.db
[2010/09/17 14:54:07 | 000,011,768 | ---- | M] () -- C:\Users\fleur\Documents\http.docx
[2010/09/17 14:18:28 | 000,231,564 | ---- | M] () -- C:\Users\fleur\Desktop\Navilog1.exe
[2010/09/17 11:38:00 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2010/09/17 11:34:46 | 000,071,456 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2010/09/17 11:34:41 | 000,008,224 | ---- | M] () -- C:\Users\fleur\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/09/17 11:32:21 | 000,299,360 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/09/17 10:28:01 | 000,002,687 | ---- | M] () -- C:\Users\fleur\Desktop\Microsoft Office Word 2007.lnk
[2010/09/15 10:29:24 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/09/15 00:30:45 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2010/09/14 19:08:45 | 000,000,680 | ---- | M] () -- C:\Users\fleur\AppData\Local\d3d9caps.dat
[2010/09/10 23:23:31 | 000,011,781 | ---- | M] () -- C:\Users\fleur\Documents\PLANNING SEPTEMBRE.xlsx
[2010/09/08 13:02:02 | 000,001,959 | ---- | M] () -- C:\Users\fleur\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/09/08 12:51:48 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/09/07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/09/07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010/09/07 16:52:25 | 000,046,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010/09/07 16:52:03 | 000,165,584 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010/09/07 16:47:46 | 000,023,376 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010/09/07 16:47:30 | 000,050,768 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010/09/07 16:47:07 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010/09/04 21:11:31 | 000,049,152 | ---- | M] () -- C:\Users\fleur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/25 11:55:24 | 000,011,193 | ---- | M] () -- C:\Users\fleur\Documents\Ce Rêve Bleu.docx
[2010/08/23 17:39:10 | 000,679,042 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/08/23 17:39:09 | 001,495,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/08/23 17:39:09 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/08/23 17:39:09 | 000,126,626 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/08/23 17:39:09 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/08/22 12:00:47 | 000,002,011 | ---- | M] () -- C:\Users\Public\Desktop\Webcam Station Evolution SE.lnk
[2010/08/22 11:51:37 | 021,479,424 | ---- | M] (Macrovision Corporation) -- C:\Users\fleur\Documents\HWSE_SE_v3.4.exe
[2010/08/22 11:50:12 | 034,518,600 | ---- | M] (Macrovision Corporation) -- C:\Users\fleur\Documents\HOPGL_v3.4.0.0.exe
[2010/08/22 11:19:23 | 000,001,891 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2100/02/23 15:35:34 | 000,000,768 | ---- | C] () -- C:\Program Files\x73_lut.dat
[2100/02/08 16:53:34 | 000,001,437 | ---- | C] () -- C:\Program Files\gtx73.ini
[2010/09/18 10:42:35 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/18 10:20:29 | 002,695,680 | ---- | C] () -- C:\Users\fleur\Desktop\Softonic_France.exe
[2010/09/18 10:20:29 | 000,388,227 | ---- | C] () -- C:\Users\fleur\Desktop\MKV.exe
[2010/09/18 09:59:35 | 000,291,640 | ---- | C] () -- C:\Users\fleur\Desktop\SoftonicDownloader85590.exe
[2010/09/17 14:18:17 | 000,231,564 | ---- | C] () -- C:\Users\fleur\Desktop\Navilog1.exe
[2010/09/17 11:38:00 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/09/17 11:26:49 | 000,011,768 | ---- | C] () -- C:\Users\fleur\Documents\http.docx
[2010/09/10 23:20:50 | 000,011,781 | ---- | C] () -- C:\Users\fleur\Documents\PLANNING SEPTEMBRE.xlsx
[2010/09/08 13:02:02 | 000,001,975 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/09/08 13:02:02 | 000,001,959 | ---- | C] () -- C:\Users\fleur\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/09/08 12:51:47 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/08/25 11:55:21 | 000,011,193 | ---- | C] () -- C:\Users\fleur\Documents\Ce Rêve Bleu.docx
[2010/08/22 12:00:47 | 000,002,011 | ---- | C] () -- C:\Users\Public\Desktop\Webcam Station Evolution SE.lnk
[2010/08/22 11:46:17 | 000,015,144 | ---- | C] () -- C:\Windows\System32\HWLMSET2PS.dll
[2010/08/22 10:16:53 | 003,482,112 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2010/08/22 10:16:53 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2010/08/22 10:16:53 | 000,013,022 | ---- | C] () -- C:\Windows\snp2uvc.src
[2010/08/22 10:16:52 | 000,027,264 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2010/07/01 13:25:42 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010/07/01 13:25:42 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010/06/16 11:51:41 | 000,000,680 | ---- | C] () -- C:\Users\fleur\AppData\Local\d3d9caps.dat
[2010/03/18 16:59:31 | 000,000,123 | ---- | C] () -- C:\Windows\System32\QVPMON.INI
[2009/10/22 19:30:44 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/31 09:56:02 | 000,258,048 | ---- | C] () -- C:\Users\fleur\AppData\Local\mrxetafl.exe
[2009/05/06 09:33:15 | 000,042,111 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/05/06 09:33:12 | 000,042,111 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/12/02 20:29:45 | 000,031,007 | ---- | C] () -- C:\Users\fleur\AppData\Roaming\UserTile.png
[2008/04/23 18:55:05 | 000,077,824 | ---- | C] () -- C:\Windows\System32\HPZIDS01.dll
[2008/04/23 18:50:50 | 000,012,067 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/02/13 20:03:24 | 000,049,152 | ---- | C] () -- C:\Users\fleur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/12 22:29:03 | 000,027,335 | ---- | C] () -- C:\Users\fleur\AppData\Roaming\nvModes.001
[2008/02/12 22:24:25 | 000,027,335 | ---- | C] () -- C:\Users\fleur\AppData\Roaming\nvModes.dat
[2008/02/11 21:56:44 | 000,000,280 | ---- | C] () -- C:\Users\fleur\AppData\Roaming\wklnhst.dat
[2007/11/21 13:43:43 | 000,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI
[2007/11/21 13:43:42 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2007/08/04 18:09:35 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007/08/04 07:58:40 | 000,076,584 | ---- | C] () -- C:\Windows\System32\drivers\int15.sys
[2007/08/04 07:58:40 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2007/08/04 07:57:50 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2007/08/04 07:45:26 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll
[2007/08/04 07:04:04 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/08/04 07:00:54 | 000,000,775 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2007/04/25 16:33:22 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll
[2007/04/25 16:32:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll
[2007/04/25 16:32:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll
[2007/04/25 16:31:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll
[2007/04/25 16:30:52 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll
[2007/04/25 16:30:44 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll
[2006/12/25 15:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001/12/26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/10/12 09:42:26 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXARICO.DLL
[2001/10/12 09:42:22 | 000,000,643 | ---- | C] () -- C:\Windows\LEXSTAT.INI
[2001/09/03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[2001/07/20 11:48:06 | 000,008,116 | ---- | C] () -- C:\Program Files\OSLO3071b2.USB
[2000/12/05 16:56:34 | 000,114,688 | ---- | C] () -- C:\Program Files\lxarscan.dll
[2000/01/11 13:50:48 | 000,000,047 | ---- | C] () -- C:\Program Files\ACMonitor_X73.ini
[color=#E56717]========== LOP Check ==========[/color]
[2009/03/09 18:57:37 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\7Wonders
[2009/04/05 14:31:35 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Abra Academy2
[2009/03/02 12:56:46 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Age of Japan
[2009/04/19 03:36:57 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Alawar
[2009/03/03 15:08:48 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Ancient Quest of Saqqarah__bfg
[2009/11/07 16:08:54 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Artogon
[2009/03/19 16:33:07 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Big Fish Games
[2009/10/07 13:42:57 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\blg
[2009/02/12 20:06:00 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\BloodTies
[2009/04/06 10:26:04 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\cerasus.media
[2009/07/22 18:51:18 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Coyotes Tale
[2009/07/13 18:33:28 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Dreamsdwell Stories
[2009/07/03 18:15:25 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\EnchantedCavern
[2010/04/23 14:49:40 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\ExtraFilm
[2009/02/11 11:26:13 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Flood Light Games
[2009/01/23 15:50:42 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\FloodLightGames
[2009/03/04 18:07:51 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Friday's games
[2009/07/13 17:32:09 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\GameInvest
[2009/04/01 10:20:44 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\GAMEON
[2009/03/29 18:50:32 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Gogii Games
[2010/01/15 13:03:34 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Icones
[2009/02/01 12:30:09 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Image Zone Express
[2009/06/25 14:49:55 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\ITTNord
[2009/02/05 19:35:49 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Little Worlds Online
[2009/03/23 17:28:01 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Magic Academy
[2009/09/15 11:05:54 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Meridian93
[2009/01/25 12:57:49 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\monsterz
[2009/02/15 12:16:38 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\MysteryStudio
[2010/09/17 10:07:03 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\OfferBox
[2009/01/25 11:33:52 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\OpenAlchemist
[2009/03/12 15:03:13 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\panoramik
[2008/12/02 20:29:44 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\PeerNetworking
[2009/05/13 17:32:18 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\PlayFirst
[2009/02/19 16:12:01 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Playrix Entertainment
[2009/02/01 12:30:08 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\Printer Info Cache
[2009/07/02 20:20:28 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\QSGames
[2009/02/06 17:54:08 | 000,000,000 | ---D | M] -- C:\Users\fleur\AppData\Roaming\SecretIslandEng
[2009/07/18 15:
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
18 sept. 2010 à 12:29
18 sept. 2010 à 12:29
ok
on voit des infections ...
mais je voulais un rapport usbfix et malwarebyte avant
pour usbfix tente de désactiver le compte utilisateur comme ceci:
https://www.baudelet.net/windows-vista/uac-controle-comptes-utilisateurs.htm
ensuite branche tous tes supports externes (clé usb ...)
et ensuite Puis cliquer avec le bouton droit sur le raccourci de usbfix situé sur ton bureau et choisir d'exécuter en administrateur
bref colle les rapport malwarebyte et usbfix (si il passe pas tu diras on fera autrement)
on voit des infections ...
mais je voulais un rapport usbfix et malwarebyte avant
pour usbfix tente de désactiver le compte utilisateur comme ceci:
https://www.baudelet.net/windows-vista/uac-controle-comptes-utilisateurs.htm
ensuite branche tous tes supports externes (clé usb ...)
et ensuite Puis cliquer avec le bouton droit sur le raccourci de usbfix situé sur ton bureau et choisir d'exécuter en administrateur
bref colle les rapport malwarebyte et usbfix (si il passe pas tu diras on fera autrement)
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
21 sept. 2010 à 12:25
21 sept. 2010 à 12:25
fais malwarebyte vant puis retente usbfix
17 sept. 2010 à 10:00
menace: Win32:Adware-gen[Adw]
17 sept. 2010 à 10:47