Doriarella
Participant
Nombre d'articles : 83

Bonjour,

Peux-tu me donner un conseil pour ce vieux PC de 2006 que j’ai complètement réinstaller, suite à quoi, j’ai choppé les 6 malwares qui sont l’objet du sujet que nous essayons de traiter:
Après toutes les mises à jour Windows, j’ai réussi à stabiliser Internet Explorer 8 qui s’interrompait sans cesse en le réinitialisant avec l’aide de Microsoft, mais ça m’a désactivé les Toolbars d’Avira et du coup je n’ai plus de protection Web.
Faut-il essayer de réinstaller cette “terrible” Toolbar ou désinstaller Avira Free pour mettre un autre antivirus ?
Que me conseillerais-tu comme bon antivirus gratuit ?

Voici donc mon rapport ZHPDiag :

~ Rapport de ZHPDiag v2013.10.13.35 – Nicolas Coolman (13/10/2013)
~ Lancé par Alice (14/10/2013 03:41:18)
~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
~ Forums gratuits d’Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found

—\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)

—\ Informations sur les produits Windows
~ Langage: Français
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

—\ Logiciels de protection du système
Avira Free Antivirus v13.0.0.4042
Malwarebytes Anti-Malware version 1.75.0.1300

—\ Logiciels d’optimisation du système
CCleaner v4.06 =>Piriform Ltd

—\ Logiciels de partage PeerToPeer

—\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
Adobe Reader XI

—\ Informations sur le système
~ Processor: x86 Family 15 Model 72 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 894 MB (52% free)
System Restore: Activé (Enable)
System drive C: has 26 GB (58%) free of 44 GB

—\ Mode de connexion au système
~ Computer Name: ACER-3FAFADAADF
~ User Name: Alice
~ All Users Names: SUPPORT_388945a0, HelpAssistant, ASPNET, Alice, Administrateur,
~ Unselected Option: None
Logged in as Administrator

—\ Variables d’environnement
~ System Unit : C:
~ %AppZHP% : C:Documents and SettingsAliceApplication DataZHP
~ %AppData% : C:Documents and SettingsAliceApplication Data
~ %Desktop% : C:Documents and SettingsAliceBureau
~ %Favorites% : C:Documents and SettingsAliceFavoris
~ %LocalAppData% : C:Documents and SettingsAliceLocal SettingsApplication Data
~ %StartMenu% : C:Documents and SettingsAliceMenu Démarrer
~ %Windir% : C:WINDOWS
~ %System% : C:WINDOWSsystem32

—\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 26 Go of 44 Go)
D: Hard drive, Flash drive, Thumb drive (Free 44 Go of 44 Go)
E: CD-ROM drive (Not Inserted)

—\ Etat du Centre de Sécurité Windows
~ Security Center: 31 Legitimates Filtered in 00mn 00s

—\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] – (.Microsoft Corporation – Explorateur Windows.) (.13/04/2008 – 18:34:04.) — C:WINDOWSExplorer.exe [1037824]
[MD5.F8DD21FC65131E064FBF11F01E4F4BFD] – (.Microsoft Corporation – Internet Extensions for Win32.) (.23/09/2013 – 19:23:34.) — C:WINDOWSsystem32wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] – (.Microsoft Corporation – Application d’ouverture de session Windows NT.) (.13/04/2008 – 18:34:30.) — C:WINDOWSsystem32Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.17/08/2011 – 14:49:54.) — C:WINDOWSsystem32DriversAFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] – (.Microsoft Corporation – IDE/ATAPI Port Driver.) (.13/04/2008 – 10:40:32.) — C:WINDOWSsystem32Driversatapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] – (.Microsoft Corporation – CD-ROM File System Driver.) (.13/04/2008 – 11:14:22.) — C:WINDOWSsystem32DriversCdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.13/04/2008 – 10:40:48.) — C:WINDOWSsystem32DriversCdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] – (.Microsoft Corporation – Pilote de cryptographie FIPS.) (.13/04/2008 – 17:57:40.) — C:WINDOWSsystem32DriversFips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] – (.Windows (R) Server 2003 DDK provider – High Definition Audio Bus Driver v1.0a.) (.13/04/2008 – 08:36:06.) — C:WINDOWSsystem32DriversHDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] – (.Microsoft Corporation – Pilote de port i8042.) (.13/04/2008 – 18:00:54.) — C:WINDOWSsystem32Driversi8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] – (.Microsoft Corporation – IMAPI Kernel Driver.) (.13/04/2008 – 10:41:00.) — C:WINDOWSsystem32DriversImapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] – (.Microsoft Corporation – IP Network Address Translator.) (.13/04/2008 – 10:57:16.) — C:WINDOWSsystem32DriversIpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] – (.Microsoft Corporation – IPSec Driver.) (.13/04/2008 – 11:19:44.) — C:WINDOWSsystem32DriversIPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.15/07/2011 – 14:29:32.) — C:WINDOWSsystem32DriversMRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] – (.Microsoft Corporation – MBT Transport driver.) (.13/04/2008 – 11:21:02.) — C:WINDOWSsystem32DriversnetBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] – (.Microsoft Corporation – NT File System Driver.) (.13/04/2008 – 11:15:54.) — C:WINDOWSsystem32Driversntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] – (.Microsoft Corporation – Pilote de port parallèle.) (.13/04/2008 – 18:09:42.) — C:WINDOWSsystem32DriversParport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.13/04/2008 – 11:19:44.) — C:WINDOWSsystem32DriversRasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.13/04/2008 – 10:32:52.) — C:WINDOWSsystem32Driversrdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] – (.Microsoft Corporation – Pilote de filtre audio Livre rouge.) (.13/04/2008 – 17:57:36.) — C:WINDOWSsystem32Driversredbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.13/04/2008 – 17:56:06.) — C:WINDOWSsystem32Driversvolsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s

—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/9
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 1/80
~ Mes Documents (My Documents) : 1/40
~ Mon Bureau (My Desktop) : 0/38
~ Menu demarrer (Programs) : 1/48
~ Hidden Files: Scanned in 00mn 00s

—\ Processus lancés
[MD5.B2906F9E62A6AC6AD7F5F35DE9656098] – (.ATI Technologies Inc. – ATI External Event Utility EXE Module.) — C:WINDOWSsystem32Ati2evxx.exe [401408] [PID.996]
[MD5.8769E2D1072B62AB071F166F03B3E3DC] – (.Avira Operations GmbH & Co. KG – Avira Scheduler.) — C:Program FilesAviraAntiVir Desktopsched.exe [84024] [PID.1756]
[MD5.9C69E6A25F5500501B14AF43311F8D8B] – (.Microsoft Corporation – Media Center Tray Applet.) — C:WINDOWSehomeehtray.exe [64512] [PID.188]
[MD5.33F7659872C1C2CE295FBD1754B63957] – (.Realtek Semiconductor Corp. – Realtek HD Audio Control Panel.) — C:WINDOWSRTHDCPL.exe [16248320] [PID.268]
[MD5.3B743D7A1B3C2162D475D4E34E5C6070] – (.Pas de propriétaire – Acer ePower Management DMC.) — C:AcerEmpowering TechnologyePowerePower_DMC.exe [421888] [PID.300]
[MD5.59307A84CACE50B66089DBD5F74EA17A] – (.Synaptics, Inc. – Synaptics TouchPad Enhancements.) — C:Program FilesSynapticsSynTPSynTPEnh.exe [761946] [PID.340]
[MD5.3FD55016CA34850ED208F1A0D3FFD2DE] – (.Dritek System Inc. – Acer Launch Manager Keyboard Application.) — C:Program FilesLaunch ManagerLManager.exe [602112] [PID.356]
[MD5.C67E00C1DCA52FB369DC54E9EE653D47] – (.Acer Inc. – eRecovery agent.) — C:AcerEmpowering TechnologyeRecoveryeRAgent.exe [413696] [PID.372]
[MD5.72292AE254AD01236143E750D8952D03] – (.Adobe Systems Incorporated – Adobe Photo Downloader 3.0 component.) — C:Program FilesAdobePhotoshop Elements 5.0apdproxy.exe [67752] [PID.400]
[MD5.DB3F7F19F942D3CE4E1A0E8D9FF541FB] – (.Avira Operations GmbH & Co. KG – Avira System Tray Tool.) — C:Program FilesAviraAntiVir Desktopavgnt.exe [347192] [PID.408]
[MD5.C9FB758B994B96E8858D6F7D1F96142D] – (.APN – Ask Toolbar Notifier.) — C:Program FilesAskPartnerNetworkToolbarUpdaterTBNotifier.exe [1673680] [PID.428] =>Toolbar.Ask
[MD5.DAEFB050AC8FEE4F1097FCF7CB97220E] – (.Microsoft Corporation – Media Center Media Status Aggregator Servic.) — C:WINDOWSeHomeehmsas.exe [46592] [PID.476]
[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] – (.Microsoft Corporation – Windows Messenger.) — C:Program FilesMessengermsmsgs.exe [1695232] [PID.548]
[MD5.64C4C17BF6A40FF1CD21205E6FD415B8] – (.ATI Technologies Inc. – CLI Application (Command Line Interface).) — C:Program FilesATI TechnologiesATI.ACECLI.exe [45056] [PID.560]
[MD5.CC5CB8DC9144F3D3F86BC9FEA6843EAA] – (.Acer Inc. – Acer Empowering Techonology Framework Launc.) — C:AcerEmpowering TechnologyAcer.Empowering.Framework.Launcher.exe [45056] [PID.736]
[MD5.3CAABC2D0F87413EB1E0C7E0B3245E67] – (.Acer Inc. – Pas de description.) — C:AcerEmpowering TechnologyePerformanceMemCheck.exe [28672] [PID.2476]
[MD5.63AB43534CBF5D7F3EB81DFDC8161490] – (…) — C:Program FilesAdobePhotoshop Elements 5.0PhotoshopElementsFileAgent.exe [108712] [PID.2612]
[MD5.AD1D13E6326E0B8DA2A7BE13B39A8FE0] – (.Avira Operations GmbH & Co. KG – Avira On-Access Service.) — C:Program FilesAviraAntiVir Desktopavguard.exe [108088] [PID.2680]
[MD5.6D46AB4C073FE2692FD72D1808CA2260] – (.APN LLC. – APN Updater.) — C:Program FilesAskPartnerNetworkToolbarapnmcp.exe [164816] [PID.2724]
[MD5.D039A0C347632622934906BD59A4E1EA] – (.Microsoft Corporation – Media Center Receiver Service.) — C:WINDOWSeHomeehRecvr.exe [237568] [PID.2760]
[MD5.980EEEA91776357518892C5544768E2B] – (.Microsoft Corporation – Service de planification Media Center.) — C:WINDOWSeHomeehSched.exe [103424] [PID.2776]
[MD5.AB8134127F786C9603817B5318DCEEAA] – (.Hewlett-Packard Company – Pas de description.) — C:Program FilesFichiers communsLightScribeLSSrvc.exe [73728] [PID.2836]
[MD5.65085456FD9A74D7F1A999520C299ECB] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes’ Anti-Malwarembamscheduler.exe [418376] [PID.3024]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes’ Anti-Malwarembamservice.exe [701512] [PID.3044]
[MD5.D1D5DAB39DCB4BE0359943738D87409B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes’ Anti-Malwarembamgui.exe [532040] [PID.3304]
[MD5.F30BF9FC4275156F2AE96FCDF1ED5EE4] – (.Avira Operations GmbH & Co. KG – Avira Shadow Copy Service.) — C:Program FilesAviraAntiVir Desktopavshadow.exe [76856] [PID.3968]
[MD5.07E1BF2B3776AA67A621DED3810C1626] – (.Avira Operations GmbH & Co. KG – Avira WebGuard Service.) — C:Program FilesAviraAntiVir DesktopAVWEBGRD.exe [815160] [PID.3988]
[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] – (.Microsoft Corporation – COM Surrogate.) — C:WINDOWSsystem32dllhost.exe [5120] [PID.3640]
[MD5.2176B4590387405E5F2405C3CEF0C02A] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8078848] [PID.2260]
~ Processes Running: Scanned in 00mn 02s

—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultPreferences
~ Google Browser: 1 Legitimates Filtered in 00mn 39s

—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyHttp1.1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
R5 – HKLMSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKLMSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s

—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:WINDOWSsystem32userinit.exe,
F2 – REG:system.ini: Shell=C:WINDOWSexplorer.exe
F2 – REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL “sysdm.cpl”
~ Keys: Scanned in 00mn 00s

—\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20

—\ Internet Explorer Toolbars (O3)
O3 – Toolbar: Avira SearchFree Toolbar – [HKLM]{41564952-412D-5637-00A7-7A786E7484D7} . (.APN LLC. – Passport.) — C:Program FilesAskPartnerNetworkToolbarAVIRA-V7Passport.dll =>Toolbar.Avira
O3 – ToolbarWebBrowser: (no name) – [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 – ToolbarWebBrowser: (no name) – [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
O3 – ToolbarWebBrowser: (no name) – [HKCU]{41564952-412D-5637-00A7-7A786E7484D7} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

—\ Autres liens utilisateurs (O4)
O4 – GSProgram [AllUsers]: Windows Messenger.lnk . (.Microsoft Corporation – Windows Messenger.) — C:Program FilesMessengermsmsgs.exe
O4 – GSProgram [Alice]: Lecteur Windows Media.lnk . (.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
O4 – GSProgram [Alice]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSProgram [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet ExplorerIEXPLORE.exe
O4 – GSProgram [Administrateur]: Lecteur Windows Media.lnk . (.Microsoft Corporation – Lecteur Windows Media.) — C:Program FilesWindows Media Playerwmplayer.exe =>.Microsoft Corporation
~ Global Startup: 15 Legitimates Filtered in 00mn 00s

—\ Applications lancées au démarrage du sytème (O4)
O4 – GSProgram [AllUsers]: Acer Empowering Technology.lnk . (.Acer Inc. – Acer Empowering Techonology Framework Launc.) — C:AcerEmpowering TechnologyAcer.Empowering.Framework.Launcher.exe
O4 – HKLM..Run: [ehTray] . (.Microsoft Corporation – Media Center Tray Applet.) — C:WINDOWSehomeehtray.exe
O4 – HKLM..Run: [LaunchApp] Clé orpheline
O4 – HKLM..Run: [AzMixerSel] . (.Realtek Semiconductor Corp. – Azalia Mixer Selector.) — C:Program FilesRealtekInstallShieldAzMixerSel.exe
O4 – HKLM..Run: [ntiMUI] . (…) — C:Program FilesNewTech InfosystemsNTI CD & DVD-Maker 7ntiMUI.exe
O4 – HKLM..Run: [Acer ePresentation HPD] . (.Pas de propriétaire – AcerePre Application.) — C:AcerEmpowering TechnologyePresentationePresentation.exe
O4 – HKLM..Run: [IMJPMIG8.1] . (.Microsoft Corporation – Microsoft IME.) — C:WINDOWSIMEimjp8_1IMJPMIG.exe
O4 – HKLM..Run: [MSPY2002] . (…) — C:WINDOWSsystem32IMEPINTLGNTImScInst.exe
O4 – HKLM..Run: [PHIME2002ASync] . (.Microsoft Corporation – ???????? 2002a.) — C:WINDOWSsystem32IMETINTLGNTTINTSETP.exe
O4 – HKLM..Run: [PHIME2002A] . (.Microsoft Corporation – ???????? 2002a.) — C:WINDOWSsystem32IMETINTLGNTTINTSETP.exe
O4 – HKLM..Run: [RTHDCPL] . (.Realtek Semiconductor Corp. – Realtek HD Audio Control Panel.) — C:WINDOWSRTHDCPL.exe =>.Realtek Semiconductor Corp
O4 – HKLM..Run: [SkyTel] . (.Realtek Semiconductor Corp. – Realtek Voice Manager.) — C:WINDOWSSkyTel.exe =>.Realtek Semiconductor Corp
O4 – HKLM..Run: [Alcmtr] . (.Realtek Semiconductor Corp. – Realtek Azalia Audio – Event Monitor.) — C:WINDOWSALCMTR.exe
O4 – HKLM..Run: [ePower_DMC] . (.Pas de propriétaire – Acer ePower Management DMC.) — C:AcerEmpowering TechnologyePowerePower_DMC.exe
O4 – HKLM..Run: [Boot] . (…) — C:AcerEmpowering TechnologyePowerBoot.exe
O4 – HKLM..Run: [SynTPEnh] . (.Synaptics, Inc. – Synaptics TouchPad Enhancements.) — C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 – HKLM..Run: [LManager] . (.Dritek System Inc. – Acer Launch Manager Keyboard Application.) — C:Program FilesLaunch ManagerLManager.exe
O4 – HKLM..Run: [ATICCC] . (…) — C:Program FilesATI TechnologiesATI.ACECLIStart.exe
O4 – HKLM..Run: [eRecoveryService] . (.Acer Inc. – eRecovery agent.) — C:AcerEmpowering TechnologyeRecoveryeRAgent.exe
O4 – HKLM..Run: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program FilesFichiers communsAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
O4 – HKLM..Run: [Adobe Photo Downloader] . (.Adobe Systems Incorporated – Adobe Photo Downloader 3.0 component.) — C:Program FilesAdobePhotoshop Elements 5.0apdproxy.exe
O4 – HKLM..Run: [avgnt] . (.Avira Operations GmbH & Co. KG – Avira System Tray Tool.) — C:Program FilesAviraAntiVir Desktopavgnt.exe
O4 – HKLM..Run: [ApnTBMon] . (.APN – Ask Toolbar Notifier.) — C:Program FilesAskPartnerNetworkToolbarUpdaterTBNotifier.exe =>Toolbar.Ask
O4 – HKCU..Run: [CTFMON.EXE] . (.Microsoft Corporation – CTF Loader.) — C:WINDOWSsystem32ctfmon.exe
O4 – HKCU..Run: [MSMSGS] . (.Microsoft Corporation – Windows Messenger.) — C:Program FilesMessengermsmsgs.exe
O4 – HKUSS-1-5-18..Run: [CTFMON.EXE] . (.Microsoft Corporation – CTF Loader.) — C:WINDOWSsystem32CTFMON.exe
O4 – HKUSS-1-5-19..Run: [CTFMON.EXE] . (.Microsoft Corporation – CTF Loader.) — C:WINDOWSsystem32CTFMON.exe
O4 – HKUSS-1-5-20..Run: [CTFMON.EXE] . (.Microsoft Corporation – CTF Loader.) — C:WINDOWSsystem32CTFMON.exe
O4 – HKUSS-1-5-21-1222565020-3402336239-1393892285-1005..Run: [CTFMON.EXE] . (.Microsoft Corporation – CTF Loader.) — C:WINDOWSsystem32ctfmon.exe
O4 – HKUSS-1-5-21-1222565020-3402336239-1393892285-1005..Run: [MSMSGS] . (.Microsoft Corporation – Windows Messenger.) — C:Program FilesMessengermsmsgs.exe
~ Application: Scanned in 00mn 00s

—\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
O9 – Extra button: &Envoyer à OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation – Microsoft Office OneNote Internet Explorer Add-in.) — C:Program FilesMICROS~2Office12ONBttnIE.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (…) — C:Program FilesMicrosoft OfficeOffice12REFBARH.ICO
O9 – Extra button: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} — Clé orpheline
O9 – Extra button: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation – Windows Messenger.) — C:Program FilesMessengermsmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s

—\ Objets ActiveX (Downloaded Program Files)(O16)
O16 – DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} ((no name)) – http://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab” onclick=”window.open(this.href);return false;
~ Objets ActiveX: Scanned in 00mn 00s

—\ Modification Domaine/Adresses DNS (O17)
O17 – HKLMSystemCCSServicesTcpip..{07DC3C58-0E3F-40A3-84C8-D6BF5140AE0E}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 – HKLMSystemCS1ServicesTcpip..{07DC3C58-0E3F-40A3-84C8-D6BF5140AE0E}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 – HKLMSystemCS2ServicesTcpip..{07DC3C58-0E3F-40A3-84C8-D6BF5140AE0E}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 89.2.0.1 89.2.0.2
~ Domain: Scanned in 00mn 00s

—\ Protocole additionnel (O18)
O18 – Handler: wia – {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation – WIA Scripting Layer.) — C:WINDOWSsystem32wiascr.dll
O18 – Filter: text/xml – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesFichiers communsMicrosoft SharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

—\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 – Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. – ATI External Event Utility DLL Module.) — C:WINDOWSsystem32Ati2evxx.dll
O20 – Winlogon Notify: crypt32chain . (.Microsoft Corporation – Crypto API32.) — C:WINDOWSsystem32crypt32.dll
O20 – Winlogon Notify: cryptnet . (.Microsoft Corporation – Crypto Network Related API.) — C:WINDOWSsystem32cryptnet.dll
O20 – Winlogon Notify: cscdll . (.Microsoft Corporation – Agent réseau hors connexion.) — C:WINDOWSsystem32cscdll.dll
O20 – Winlogon Notify: dimsntfy . (.Microsoft Corporation – DIMS Notification Handler.) — C:WINDOWSsystem32dimsntfy.dll
O20 – Winlogon Notify: ScCertProp . (.Microsoft Corporation – DLL commune de réception des notifications.) — C:WINDOWSsystem32wlnotify.dll
O20 – Winlogon Notify: Schedule . (.Microsoft Corporation – DLL commune de réception des notifications.) — C:WINDOWSsystem32wlnotify.dll
O20 – Winlogon Notify: sclgntfy . (.Microsoft Corporation – DLL secondaire de notification de service d.) — C:WINDOWSsystem32sclgntfy.dll
O20 – Winlogon Notify: SensLogn . (.Microsoft Corporation – DLL commune de réception des notifications.) — C:WINDOWSsystem32WlNotify.dll
O20 – Winlogon Notify: termsrv . (.Microsoft Corporation – DLL commune de réception des notifications.) — C:WINDOWSsystem32wlnotify.dll
O20 – Winlogon Notify: wlballoon . (.Microsoft Corporation – DLL commune de réception des notifications.) — C:WINDOWSsystem32wlnotify.dll
~ Winlogon: Scanned in 00mn 00s

—\ Liste des services NT non Microsoft et non désactivés (O23)
O23 – Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. – APN Updater.) – C:Program FilesAskPartnerNetworkToolbarapnmcp.exe
O23 – Service: (MBAMService) . (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) – C:Program FilesMalwarebytes’ Anti-Malwarembamservice.exe
~ Services: 10 Legitimates Filtered in 00mn 09s

—\ Enumération Active Desktop & MHTML Editor (O24)
O24 – Desktop General: BackupWallPaper – .(…) – C:WindowsWebWallpaperAcer.bmp
O24 – Desktop General: WallPaper – .(…) – C:WindowsWebWallpaperAcer.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s

—\ HKCU & HKLM Software Keys
[HKCUSoftwareAskPartnerNetwork]
[HKLMSoftwareAskPartnerNetwork]
[HKLMSoftwareTEXTware A/S]
~ Key Software: 145 Legitimates Filtered in 00mn 00s

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 – CFD: 12/10/2013 – 02:26:22 – [3,228] —-D C:Program FilesTEXTware
O43 – CFD: 12/10/2013 – 07:10:44 – [9,956] —-D C:Program FilesAskPartnerNetwork
O43 – CFD: 12/10/2013 – 07:10:44 – [0,783] —-D C:Documents and SettingsAll UsersApplication DataAskPartnerNetwork
O43 – CFD: 13/10/2013 – 00:12:00 – [0] —-D C:Documents and SettingsAll UsersApplication DataAPN
O43 – CFD: 12/10/2013 – 03:29:30 – [0] —-D C:Documents and SettingsAliceLocal SettingsApplication Data.SIPPS
~ Program Folder: 98 Legitimates Filtered in 00mn 05s

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.4E62F28838D07ADD88EE668FE75EE68D] – 11/10/2013 – 02:15:52 —A- . (…) — C:WINDOWSGVista.exe [633446]
O44 – LFC:[MD5.C1EEC2F7ABE39469D03AE5C5C62D1FD0] – 11/10/2013 – 02:15:53 —A- . (…) — C:WINDOWSAntiV.EXE [589824]
O44 – LFC:[MD5.59A19AB5FDD804121737758DB90EBB8B] – 11/10/2013 – 02:15:53 —A- . (…) — C:WINDOWSAntiV.INI [2790]
O44 – LFC:[MD5.24BCB56893AD1C611912893BBF5244EF] – 11/10/2013 – 02:15:54 —A- . (…) — C:WINDOWSCLEANUP.CMD [991]
O44 – LFC:[MD5.76669A64D2E6E21C81B0EED2F12D600C] – 11/10/2013 – 02:15:57 —A- . (…) — C:WINDOWSEMEAPAGE.EXE [159821]
O44 – LFC:[MD5.C1026A45EE866826BD463C1FC91168ED] – 11/10/2013 – 02:15:57 —A- . (…) — C:WINDOWSEMEAPAGE.INI [84]
O44 – LFC:[MD5.F1CFD87B0891DBF3E012829B1758BFB0] – 11/10/2013 – 02:15:58 —A- . (…) — C:WINDOWSHotFix.bat [903]
O44 – LFC:[MD5.4B718D109217E78FA6781A64B56D932C] – 11/10/2013 – 02:25:06 —A- . (…) — C:WINDOWSsystem32$winnt$.inf [37441]
O44 – LFC:[MD5.A60423F0F71BAE47B9AFB9680F917B33] – 11/10/2013 – 02:27:40 —A- . (…) — C:RHDSetup.log [559]
O44 – LFC:[MD5.7171E197044E987B1094F4E98021720F] – 11/10/2013 – 02:33:32 —A- . (…) — C:WINDOWSLManager.UNI [83]
O44 – LFC:[MD5.C1EDCC75FF20871AC6B1CB8D7AD082E9] – 11/10/2013 – 02:46:28 —A- . (…) — C:WINDOWSsystem32Acer EULA.txt [7549]
O44 – LFC:[MD5.FF4CBFD9DC16A3334D50EC5DE7C65B6C] – 11/10/2013 – 02:46:28 —A- . (…) — C:WINDOWSsystem32ClearEvent.exe [16384]
O44 – LFC:[MD5.F0A3381C068FD9797D0508322A2C9E42] – 11/10/2013 – 02:46:28 —A- . (…) — C:WINDOWSsystem32setup.iss [552]
O44 – LFC:[MD5.70727E4147ABC5CF9BF8362FB4F4A911] – 11/10/2013 – 02:52:16 —A- . (…) — C:WINDOWSGridV.UNI [92]
O44 – LFC:[MD5.4E4743BF83581C88B20759EDFBB225EA] – 11/10/2013 – 02:52:26 —A- . (…) — C:WINDOWSALaunch.ini [81]
O44 – LFC:[MD5.1DF5191C4F1F3A0E03961D66379B3640] – 11/10/2013 – 20:49:48 —A- . (…) — C:WINDOWSSEC120.PNF [2948]
O44 – LFC:[MD5.7794C3221F670DE270586A2CF6E68383] – 11/10/2013 – 20:50:42 RSHA- . (…) — C:ntldr [252240]
O44 – LFC:[MD5.905CB655E93D39C97E078A3C4C884F31] – 11/10/2013 – 20:50:54


. (…) — C:WINDOWSsystem32Driversnetwlan5.img [67866]
O44 – LFC:[MD5.3194C32E8A2403073B812183355E25C6] – 11/10/2013 – 20:50:55


. (…) — C:WINDOWSsystem32Driverscxthsfs2.cty [129045]
O44 – LFC:[MD5.8E59F9BE251C8AE32A1CEB068B3F96B1] – 11/10/2013 – 20:50:56


. (…) — C:WINDOWSsystem32Driversativmc20.cod [64352]
O44 – LFC:[MD5.8AC96E7871FC19BDD4DC21172F672EF8] – 11/10/2013 – 20:57:24 —A- . (…) — C:WINDOWSSEC13EC.PNF [8840]
O44 – LFC:[MD5.5C174F8108BAB900D3AB1DF1A29A58E5] – 11/10/2013 – 21:03:00 —A- . (…) — C:WINDOWSsystem32spupdwxp.log [90]
O44 – LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] – 11/10/2013 – 21:03:06 —A- . (…) — C:WINDOWSWMSysPr9.prx [316640]
O44 – LFC:[MD5.7D99A501FFF82838E48001EFB5485430] – 12/10/2013 – 01:26:23 —A- . (.TEXTware A/S – Illuminator Kernel.) — C:WINDOWSsystem32ILLKRN.DLL [160768]
O44 – LFC:[MD5.BE5F8368C87DA4F261A1B69CF6276AD8] – 12/10/2013 – 01:26:23 —A- . (.TEXTware A/S – Illuminator Parser.) — C:WINDOWSsystem32Illprs.dll [199168]
O44 – LFC:[MD5.F4F81FE11FE0A04ED2CCC1916769D01D] – 12/10/2013 – 01:26:24 —A- . (…) — C:WINDOWSsystem32ILXTBS.DLL [143360]
O44 – LFC:[MD5.7B4686A01EEF3F571AEEDB9100719D88] – 12/10/2013 – 01:26:24 —A- . (.TEXTware A/S – HTML Viewer.) — C:WINDOWSsystem32HTML.ILX [434688]
O44 – LFC:[MD5.E4A5D2EB9F8B58A046FD59F42DDED463] – 12/10/2013 – 01:26:24 —A- . (.TEXTware A/S – Illuminator PlugIn.) — C:WINDOWSsystem32TWATBS.ILX [62464]
O44 – LFC:[MD5.D62AE0BC8EEF7D4FEEE4963E5118EB0A] – 12/10/2013 – 01:26:24 —A- . (.TEXTware A/S – Pas de description.) — C:WINDOWSsystem32ListBox.ILX [81920]
O44 – LFC:[MD5.466D8731BC5C4AD1C5628C80C2BCFB0A] – 12/10/2013 – 01:26:25 —A- . (…) — C:WINDOWSsystem32ASpell.ILX [305152]
O44 – LFC:[MD5.4FA2C0DC19266EFB344EFCEBC28EE760] – 12/10/2013 – 01:26:25 —A- . (…) — C:WINDOWSsystem32Bass.ILX [52224]
O44 – LFC:[MD5.9E8D8A2A068E01B6F54A822E4F756DE9] – 12/10/2013 – 01:26:25 —A- . (…) — C:WINDOWSsystem32PolyHot.ILX [47104]
O44 – LFC:[MD5.4AFD52E2BDA5BC49FD8B0E439069F086] – 12/10/2013 – 01:26:25 —A- . (…) — C:WINDOWSsystem32TWAIED02.DLL [18432]
O44 – LFC:[MD5.C0EEB726654FF7D8A0F4500848A21BC1] – 12/10/2013 – 01:26:25 —A- . (…) — C:WINDOWSsystem32TwaBcu.ILX [28672]
O44 – LFC:[MD5.4644D2C5DFAA0A10F4FA79911A2458BF] – 12/10/2013 – 01:26:25 —A- . (…) — C:WINDOWSsystem32WavRecpk4.bpl [17408]
O44 – LFC:[MD5.960C3FC5D1BE0D190D3F97B88A65C754] – 12/10/2013 – 01:26:25 —A- . (…) — C:WINDOWSsystem32bass.dll [99092]
O44 – LFC:[MD5.80C61F596F8689BFDDBAA72F457986A9] – 12/10/2013 – 01:26:25 —A- . (.Polar – Polar SpellChecker ActiveX Control Module.) — C:WINDOWSsystem32polspell.dll [70656]
O44 – LFC:[MD5.A784B3BFAF8C56B95BEFF8AC4D00E779] – 12/10/2013 – 01:26:25 —A- . (.TEXTware A/S – Illuminator MPegPlayer.) — C:WINDOWSsystem32MPegPlay.ILX [162304]
O44 – LFC:[MD5.F3605BECD45BF268A015389D918DAB52] – 12/10/2013 – 01:26:25 —A- . (.TEXTware A/S – Illuminator PlugIn.) — C:WINDOWSsystem32Textv.ILX [140288]
O44 – LFC:[MD5.FF9F5C6E86452027F69675FD2F7E66B7] – 12/10/2013 – 01:26:25 —A- . (.TEXTware A/S – Pas de description.) — C:WINDOWSsystem32Whelp.ILX [36352]
O44 – LFC:[MD5.CA44D04708FECD41F2465636D3965FAF] – 12/10/2013 – 01:26:26 —A- . (…) — C:WINDOWSsystem32QFClient.ILX [48128]
O44 – LFC:[MD5.2B17E36156517FC8B5673AB844B33680] – 12/10/2013 – 01:26:26 —A- . (…) — C:WINDOWSsystem32TWABTE32.TBM [258048]
O44 – LFC:[MD5.A1E49C7D9447614D79AA9F0FD4086EC5] – 12/10/2013 – 01:26:26 —A- . (…) — C:WINDOWSsystem32TWATBS32.VBX [114688]
O44 – LFC:[MD5.2BDC73513C3FE7B3EC5316AC476C79E4] – 12/10/2013 – 01:26:26 —A- . (…) — C:WINDOWSsystem32TWAVBX32.DLL [147456]
O44 – LFC:[MD5.428168B1BD467884618C49C06A3D6A7D] – 12/10/2013 – 01:26:26 —A- . (.TEXTware A/S – TwaBcu01.) — C:WINDOWSsystem32TwaBcu01.dll [69632]
O44 – LFC:[MD5.FFAA8EBDE18C937336E7D882CBACFC1A] – 12/10/2013 – 01:26:32 —A- . (…) — C:WINDOWSTEXTware.ini [63]
O44 – LFC:[MD5.597ECD1EC5F5B3E0212B3407651AD730] – 12/10/2013 – 01:32:38 —A- . (…) — C:WINDOWSODBCINST.INI [4205]
O44 – LFC:[MD5.5866F5AC5FA90002CC1275789B715A60] – 12/10/2013 – 02:43:54 —A- . (…) — C:WINDOWSNeroDigital.ini [116]
O44 – LFC:[MD5.4A46D7FB7433CD7AD0AFD4BE5A2D34CC] – 12/10/2013 – 02:53:44 —A- . (…) — C:WINDOWSsystem32TZLog.log [6144]
O44 – LFC:[MD5.2B65C8D167F74D2F7AFE7A3CA1A7937A] – 13/10/2013 – 01:12:16 —A- . (…) — C:UsbFix [Scan 2] ACER-3FAFADAADF.txt [7159]
O44 – LFC:[MD5.BA60B3E63D88BEEC318034529D593AC6] – 13/10/2013 – 07:11:28 —A- . (…) — C:UsbFix [Scan 3] ACER-3FAFADAADF.txt [7018]
O44 – LFC:[MD5.F6D14EAB791E48A49760B2EB3426DAE9] – 13/10/2013 – 07:15:04 —A- . (…) — C:UsbFix [Clean 1] ACER-3FAFADAADF.txt [6351]
O44 – LFC:[MD5.43DB477EE7036732645E1FD10EB8F2E1] – 13/10/2013 – 07:45:40 —A- . (…) — C:UsbFix [Scan 4] ACER-3FAFADAADF.txt [7017]
O44 – LFC:[MD5.AE653F2B8D1A319934C41BED68A3700F] – 13/10/2013 – 08:08:18 —A- . (…) — C:drwtsn32.log [16900]
O44 – LFC:[MD5.8715347D6B7B2E3A7CFE5ADF2D510CE3] – 13/10/2013 – 08:27:04 —A- . (…) — C:WINDOWSwin.ini [477]
O44 – LFC:[MD5.B54EA4CA2CF631EBC8D510C3DD7F0A05] – 13/10/2013 – 23:58:32 —A- . (…) — C:WINDOWSwiaservc.log [50]
O44 – LFC:[MD5.419F98A890C96B0EE6A243482A93CAC2] – 14/10/2013 – 02:26:14 —A- . (…) — C:WINDOWSwiadebug.log [159]
O44 – LFC:[MD5.40935A0663A94C26A60C38A368ED26A5] – 14/10/2013 – 02:27:00 —A- . (…) — C:WINDOWSModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt [4122]
~ Files: 391 Legitimates Filtered in 00mn 09s

—\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 – LFCP:[MD5.9352113E58ABDC48350E3123DDD2E1CA] – 12/10/2013 – 05:34:02 —A- – C:WINDOWSPrefetchAUTORUN.EXE-055703AF.pf
O45 – LFCP:[MD5.400A94E5C1E75C0781841D4422686EEC] – 12/10/2013 – 05:34:16 —A- – C:WINDOWSPrefetchTHE SIMS 2 DOUBLE DELUXE_CODE-1117FA0C.pf
O45 – LFCP:[MD5.C3E03E0DA280797AB9FAC9BEC0C95800] – 12/10/2013 – 17:20:02 —A- – C:WINDOWSPrefetchLYRICSBUDDY-1-ENABLER.EXE-32DEC2C2.pf =>Adware.AddLyrics
O45 – LFCP:[MD5.1F46B1BFD349CE4025A72995BDC5B0A6] – 12/10/2013 – 21:46:44 —A- – C:WINDOWSPrefetchLYRICSBUDDY-1-CODEDOWNLOADER.-37EB4EBF.pf =>Adware.AddLyrics
O45 – LFCP:[MD5.1F829D5695B6DE60C58B6CBBF8114176] – 12/10/2013 – 22:03:00 —A- – C:WINDOWSPrefetchLYRICSBUDDY-1-BG.EXE-1B696D3F.pf =>Adware.AddLyrics
O45 – LFCP:[MD5.326EAFE798F5E33FC5F77124584892F5] – 13/10/2013 – 04:48:50 —A- – C:WINDOWSPrefetchBOOT.EXE-358A5EE6.pf
O45 – LFCP:[MD5.2969EADC421FB9D795D528E2AF03E788] – 13/10/2013 – 04:49:00 —A- – C:WINDOWSPrefetchCASPOL.EXE-25914F74.pf
O45 – LFCP:[MD5.2BB3BCE6B3213311F77D6B40F8808E11] – 13/10/2013 – 04:50:58 —A- – C:WINDOWSPrefetchSERVICELOCATOR.EXE-0B4CC2EC.pf
O45 – LFCP:[MD5.E6FE3CABC9E4DBEC2C047EF07F1472EA] – 13/10/2013 – 04:51:06 —A- – C:WINDOWSPrefetchTOOLBAR.EXE-3B812A9B.pf
O45 – LFCP:[MD5.BC99D6EA33BEBB7D7E91E7E47D1819B9] – 13/10/2013 – 09:00:12 —A- – C:WINDOWSPrefetchOFFERCAST_AVIRAV7_.EXE-37EAF9E2.pf
O45 – LFCP:[MD5.DFC0D39EF0AC7F25EADD409D470C7B85] – 13/10/2013 – 09:04:38 —A- – C:WINDOWSPrefetchTBNOTIFIER.EXE-314E8EDE.pf
O45 – LFCP:[MD5.87535B04A450AE836FDBF7BD0F3B7B40] – 14/10/2013 – 02:26:46 —A- – C:WINDOWSPrefetchAPNMCP.EXE-2DD2CB13.pf
O45 – LFCP:[MD5.F0BE413D916D89E520EC08544D95797A] – 14/10/2013 – 02:26:46 —A- – C:WINDOWSPrefetchFXSSVC.EXE-140862E7.pf
O45 – LFCP:[MD5.A3692A21B15E835A39B67295ECD44CDF] – 14/10/2013 – 02:27:04 —A- – C:WINDOWSPrefetchSCNODVIS.EXE-17E99A96.pf
~ Prefetcher: 130 Legitimates Filtered in 00mn 00s

—\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 – SEH:ShellExecuteHooks – URL Exec Hook – {AEB6717E-7E19-11d0-97EE-00C04FD91972} – shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s

—\ Export de clé d’application autorisée (O47)
O47 – AAKE:Key Export SP – “C:Program FilesAdobePhotoshop Elements 5.0AdobePhotoshopElementsMediaServer.exe” [Disabled] .(.Pas de propriétaire.) — C:Program FilesAdobePhotoshop Elements 5.0AdobePhotoshopElementsMediaServer.exe
~ Keys Export: 6 Legitimates Filtered in 00mn 00s

—\ Image File Execution Options (IFEO) (O50)
O50 – IFEO:Image File Execution Options – Your Image File Name Here without a path – ntsd -d
~ IFEO: Scanned in 00mn 00s

—\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 – MWPS:[HKLM…PoliciesSystem] – “InstallVisualStyle”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “InstallTheme”=1
~ MWPS: 7 Legitimates Filtered in 00mn 00s

—\ Liste des pilotes du système (SDL) (O58)
O58 – SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] – 10/08/2004 – 19:00:00 —A- . (.Parallel Technologies, Inc. – Parallel Technologies DirectParallel IO Library.) — C:WINDOWSsystem32Driversptilink.sys [17792]
O58 – SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] – 10/08/2004 – 19:00:00 —A- . (…) — C:WINDOWSsystem32ansi.sys [9037]
~ Drivers: 7 Legitimates Filtered in 00mn 00s

—\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 – LFC: 11/10/2013 – 03:42:38 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataApplicationHistoryLockMon.exe.7987f3da.ini.inuse [0]
O61 – LFC: 11/10/2013 – 03:42:38 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataMicrosoftInternet ExplorerServicessearch_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico [894]
O61 – LFC: 11/10/2013 – 03:42:38 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataMicrosoftInternet Explorerbrndlog.bak [7915]
O61 – LFC: 11/10/2013 – 03:42:38 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataMicrosoftWindows Media10.0WMSDKNS.XML [12787]
O61 – LFC: 11/10/2013 – 03:42:38 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataMicrosoftWindows Media10.0WMSDKNSD.XML [53]
O61 – LFC: 11/10/2013 – 03:42:39 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication Datafusioncache.dat [128]
O61 – LFC: 11/10/2013 – 03:42:55 —A- . (…) — C:Documents and SettingsAliceMenu DémarrerProgrammesAccessoiresCarnet d’adresses.lnk [682]
O61 – LFC: 11/10/2013 – 03:42:55 —A- . (…) — C:Documents and SettingsAliceMenu DémarrerProgrammesAccessoiresDivertissementLecteur Windows Media.lnk [712] =>.Microsoft Corporation
O61 – LFC: 11/10/2013 – 03:42:55 —A- . (…) — C:Documents and SettingsAliceMenu DémarrerProgrammesAccessoiresOutils systèmeInternet Explorer (sans module complémentaire).lnk [741]
O61 – LFC: 11/10/2013 – 03:42:55 —A- . (…) — C:Documents and SettingsAliceMenu DémarrerProgrammesAccessoiresVisite guidée de Windows XP.lnk [1435]
O61 – LFC: 11/10/2013 – 03:42:55 —A- . (…) — C:Documents and SettingsAliceMenu DémarrerProgrammesLecteur Windows Media.lnk [700] =>.Microsoft Corporation
O61 – LFC: 11/10/2013 – 03:43:12 —A- . (…) — C:Documents and SettingsAliceFavorisLiensHotmail.url [113]
O61 – LFC: 11/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisGuide des stations de radio.url [197]
O61 – LFC: 11/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisMSN.com.url [119]
O61 – LFC: 11/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisMicrosoft WebsitesIE Add-on site.url [133]
O61 – LFC: 11/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisMicrosoft WebsitesIE site on Microsoft.com.url [133]
O61 – LFC: 11/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisMicrosoft WebsitesMicrosoft At Home.url [133]
O61 – LFC: 11/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisMicrosoft WebsitesMicrosoft At Work.url [133]
O61 – LFC: 11/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisMicrosoft WebsitesMicrosoft Store.url [134]
O61 – LFC: 11/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureauLecteur Windows Media.lnk [694] =>.Microsoft Corporation
O61 – LFC: 11/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureauMicrosoft Fix it.url [123]
O61 – LFC: 11/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureauRaccourci vers Connexion réseau sans fil.lnk [384]
O61 – LFC: 11/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceFavorisLinksSuggested Sites.url [302]
O61 – LFC: 11/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceFavorisLinksWeb Slice Gallery.url [226]
O61 – LFC: 11/10/2013 – 03:43:16 —A- . (…) — C:Documents and SettingsAliceApplication DataMicrosoftInternet ExplorerQuick LaunchLaunch Internet Explorer Browser.lnk [723]
O61 – LFC: 11/10/2013 – 03:43:16 —A- . (…) — C:Documents and SettingsAliceApplication DataMicrosoftInternet ExplorerQuick LaunchMedia Center.lnk [1386]
O61 – LFC: 11/10/2013 – 03:43:16 —A- . (…) — C:Documents and SettingsAliceApplication DataMicrosoftInternet Explorerbrndlog.txt [10390]
O61 – LFC: 11/10/2013 – 03:43:16 —A- . (…) — C:Documents and SettingsAliceApplication DataMicrosoftMMCdfrg [3952]
O61 – LFC: 11/10/2013 – 03:43:16 –H– . (…) — C:Documents and SettingsAliceApplication DataMicrosoftLastFlashConfig.WFC [1714]
O61 – LFC: 11/10/2013 – 03:43:18 —A- . (…) — C:Documents and SettingsAliceApplication DataMicrosoftTemplatesNormal.dotm [15605]
O61 – LFC: 11/10/2013 – 03:43:19 —A- . (…) — C:Documents and SettingsAliceApplication DataMicrosoftAddress BookAlice.wab [176604]
O61 – LFC: 11/10/2013 – 03:43:19 —A- . (…) — C:Documents and SettingsAliceApplication DataMicrosoftAddress BookAlice.wab~ [176604]
O61 – LFC: 12/10/2013 – 03:42:55 —A- . (…) — C:Documents and SettingsAliceMes documentsavira_free_antivirus.exe [2296952]
O61 – LFC: 12/10/2013 – 03:43:12 —A- . (…) — C:Documents and SettingsAliceFavorisLiensAntivir – Télécharger Antivir (gratuit).url [1979]
O61 – LFC: 12/10/2013 – 03:43:12 —A- . (…) — C:Documents and SettingsAliceFavorisLiensL’installation d’Avira Free Antivirus a réussi!.url [5595]
O61 – LFC: 12/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensDefraggler – Télécharger.url [631]
O61 – LFC: 12/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensVirus autorun.inf Aie! [Résolu].url [2417]
O61 – LFC: 12/10/2013 – 03:43:21 —A- . (…) — C:Documents and SettingsAliceApplication DataCambridgeENF001CPENF001CP.INI [1515]
O61 – LFC: 12/10/2013 – 03:43:21 —A- . (…) — C:Documents and SettingsAliceApplication DataCambridgeENF001CPENF001CP.ntf [2955]
O61 – LFC: 12/10/2013 – 03:43:21 —A- . (…) — C:Documents and SettingsAliceApplication DataCambridgeENF001CPFRE001CP.INI [1426]
O61 – LFC: 12/10/2013 – 03:43:21 —A- . (…) — C:Documents and SettingsAliceApplication DataCambridgeENF001CPFRE001CP.ntf [2760]
O61 – LFC: 12/10/2013 – 03:43:21 —A- . (…) — C:Documents and SettingsAliceApplication DataCambridgeENF001CPaddictEF.cfg [506]
O61 – LFC: 12/10/2013 – 03:43:21 —A- . (…) — C:Documents and SettingsAliceApplication DataCambridgeENF001CPaddictFE.cfg [506]
O61 – LFC: 12/10/2013 – 03:43:21 —A- . (…) — C:Documents and SettingsAliceApplication Datavlcml.xspf [304]
O61 – LFC: 12/10/2013 – 03:43:21 —A- . (…) — C:Documents and SettingsAliceApplication Datavlcvlcrc [83997]
O61 – LFC: 12/10/2013 – 03:43:22 —A- . (…) — C:Documents and SettingsAlicedefault.pls [172]
O61 – LFC: 13/10/2013 – 03:42:38 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataMicrosoftInternet Explorerbrndlog.txt [6601]
O61 – LFC: 13/10/2013 – 03:42:38 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataMicrosoftInternet Explorerframeiconcache.dat [28438]
O61 – LFC: 13/10/2013 – 03:42:38 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataMicrosoftInternet Explorertabiconcache.dat [7226]
O61 – LFC: 13/10/2013 – 03:42:39 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultExtension RulesLOCK [0]
O61 – LFC: 13/10/2013 – 03:42:39 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultpreferences [159911]
O61 – LFC: 13/10/2013 – 03:42:40 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultCookies [56320]
O61 – LFC: 13/10/2013 – 03:42:40 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultExtension RulesCURRENT [16]
O61 – LFC: 13/10/2013 – 03:42:40 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultExtension RulesLOG [142]
O61 – LFC: 13/10/2013 – 03:42:40 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultExtension RulesLOG.old [142]
O61 – LFC: 13/10/2013 – 03:42:40 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultFavicons [40960]
O61 – LFC: 13/10/2013 – 03:42:40 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultHistory [114688]
O61 – LFC: 13/10/2013 – 03:42:40 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultOrigin Bound Certs [16384]
O61 – LFC: 13/10/2013 – 03:42:40 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultShortcuts [12288]
O61 – LFC: 13/10/2013 – 03:42:40 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultUser StyleSheetsCustom.css [0]
O61 – LFC: 13/10/2013 – 03:42:40 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultWeb Data [73728]
O61 – LFC: 13/10/2013 – 03:42:52 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultLogin Data [12288]
O61 – LFC: 13/10/2013 – 03:42:52 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultREADME [180]
O61 – LFC: 13/10/2013 – 03:42:52 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultSession StorageCURRENT [16]
O61 – LFC: 13/10/2013 – 03:42:52 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultSession StorageLOCK [0]
O61 – LFC: 13/10/2013 – 03:42:52 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultSession StorageLOG [263]
O61 – LFC: 13/10/2013 – 03:42:52 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultSession StorageLOG.old [261]
O61 – LFC: 13/10/2013 – 03:42:52 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultSession StorageMANIFEST-000010 [170]
O61 – LFC: 13/10/2013 – 03:42:52 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultSync DataSyncData.sqlite3 [167936]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultBookmarks [8297]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultBookmarks.bak [7246]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultGPUCachedata_0 [8192]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultGPUCachedata_1 [270336]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultGPUCachedata_2 [8192]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultGPUCachedata_3 [8192]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultGPUCacheindex [262512]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultGoogle Profile.ico [181623]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultIndexedDBhttps_docs.google.com_0.indexeddb.leveldbCURRENT [16]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultIndexedDBhttps_docs.google.com_0.indexeddb.leveldbLOCK [0]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultIndexedDBhttps_docs.google.com_0.indexeddb.leveldbLOG [47]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultIndexedDBhttps_docs.google.com_0.indexeddb.leveldbMANIFEST-000002 [32]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultManaged Mode Settings [8]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultQuotaManager [13312]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultTransportSecurity [1272]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataDefaultdatabasesDatabases.db [7168]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataLocal State [42567]
O61 – LFC: 13/10/2013 – 03:42:53 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataSafe Browsing Cookies [6144]
O61 – LFC: 13/10/2013 – 03:42:54 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataSafe Browsing Bloom [3523680]
O61 – LFC: 13/10/2013 – 03:42:54 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataSafe Browsing Bloom Prefix Set [551826]
O61 – LFC: 13/10/2013 – 03:42:54 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataSafe Browsing Csd Whitelist [135236]
O61 – LFC: 13/10/2013 – 03:42:54 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataSafe Browsing Download [1076264]
O61 – LFC: 13/10/2013 – 03:42:54 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataSafe Browsing Download Whitelist [19592]
O61 – LFC: 13/10/2013 – 03:42:54 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataGoogleChromeUser DataSafe Browsing Extension Blacklist [6608]
O61 – LFC: 13/10/2013 – 03:42:55 —A- . (…) — C:Documents and SettingsAliceMenu DémarrerProgrammesAccessoiresBloc-notes.lnk [1427] =>.Microsoft Corporation
O61 – LFC: 13/10/2013 – 03:42:55 —A- . (…) — C:Documents and SettingsAliceMenu DémarrerProgrammesAccessoiresOutils systèmeInternet Explorer (Aucun module complémentaire).lnk [741]
O61 – LFC: 13/10/2013 – 03:42:55 —A- . (…) — C:Documents and SettingsAliceMenu DémarrerProgrammesInternet Explorer.lnk [711]
O61 – LFC: 13/10/2013 – 03:42:57 —A- . (…) — C:Documents and SettingsAliceMes documentscc_20131013_043236.reg [176978]
O61 – LFC: 13/10/2013 – 03:42:57 —A- . (.Alice.) — C:Documents and SettingsAliceMes documentsBienvenue sur SosVirus.doc [101376]
O61 – LFC: 13/10/2013 – 03:43:12 —A- . (…) — C:Documents and SettingsAliceFavorisLiensGalerie de composants Web Slice.url [226]
O61 – LFC: 13/10/2013 – 03:43:12 —A- . (…) — C:Documents and SettingsAliceMes documentsavast_free_antivirus_setup.exe [131918888]
O61 – LFC: 13/10/2013 – 03:43:12 —A- . (…) — C:Documents and SettingsAliceVoisinage réseauSharedDocs sur Acer-3fafadaadftarget.lnk [558]
O61 – LFC: 13/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensAOL.fr E-mail gratuit, Actualité, Météo, Sport et Culture sur AOL.url [725]
O61 – LFC: 13/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensAV10 Mode d’emploi pour la désinstallation manuelle.url [306]
O61 – LFC: 13/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensCPU-Z – Télécharger CPU-Z (gratuit).url [308]
O61 – LFC: 13/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensMalekal’s forum • AdwCleaner Programmes utiles.url [3604]
O61 – LFC: 13/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensNettoyage PC portable Acer Aspire 1640, 1650, 1680, 1690, 3000, 3630, 5000, 5510…url [259]
O61 – LFC: 13/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensSOS Virus – Instructions à suivre avant d’ouvrir un sujet.url [869]
O61 – LFC: 13/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensSOS Virus – UsbFix – Tutoriel UsbFix [Recherche].url [889]
O61 – LFC: 13/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensSites suggérés.url [302]
O61 – LFC: 13/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensTester son materiel avec des logiciels.url [2891]
O61 – LFC: 13/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensTélécharger AdwCleaner – 01net.com – Telecharger.url [10718]
O61 – LFC: 13/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensTélécharger CrystalDiskInfo – Logithèque PC Astuces.url [3904]
O61 – LFC: 13/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensTélécharger Safari – 01net.com – Telecharger.url [777]
O61 – LFC: 13/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensUsbFix – Télécharger UsbFix (gratuit).url [310]
O61 – LFC: 13/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensadwcleaner se débarrasser facilement des Adware, toolbar, etc. Plug’n Geek.url [4082]
O61 – LFC: 13/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensavast! – Wikipédia.url [251]
O61 – LFC: 13/10/2013 – 03:43:13 —A- . (…) — C:Documents and SettingsAliceFavorisLiensavast! Uninstall Utility Download aswClear for avast! Removal.url [254]
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureauAdwCleaner[S0].txt [1317]
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureauChrome.txt [149]
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureauCrystalDiskInfo.lnk [1551]
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureauMBAM-log-2013-10-13 (03-16-56).txt [3236]
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureauMicrosoft Office Word 2007.lnk [2575]
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureauSosVirus Forum Gratuit.lnk [1669]
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureauUsbFix Faire un Don.lnk [1685]
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureauUsbFix [Clean 1] ACER-3FAFADAADF.txt [6351]
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureauUsbFix [Scan 2] ACER-3FAFADAADF.txt [7159]
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureauUsbFix [Scan 3] ACER-3FAFADAADF.txt [7018]
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureauUsbFix [Scan 4] ACER-3FAFADAADF.txt [7017]
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureauZHPDiag.lnk [1431] =>.Nicolas Coolman
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureauZHPFix.lnk [1536] =>.Nicolas Coolman
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureaumbam-log-2013-10-13 (02-36-20).txt [3234]
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceBureaumbam-log-2013-10-13 (03-21-53)après mise en quarantaine.txt [2188]
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceFavorisSites Web MicrosoftMicrosoft Store.url [134]
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (…) — C:Documents and SettingsAliceFavorisSites Web MicrosoftSite Internet Explorer sur Microsoft.com.url [133]
O61 – LFC: 13/10/2013 – 03:43:14 —A- . (.Alice.) — C:Documents and SettingsAliceBureauBienvenue sur SosVirus.doc [101376]
O61 – LFC: 13/10/2013 – 03:43:15 -S-A- . (…) — C:Documents and SettingsAliceApplication DataMicrosoftCryptoRSAS-1-5-21-1222565020-3402336239-1393892285-1005932a2db58c237abd381d22df4c63a04a_7adec50b-f935-4a12-9e21-d272bae9b3f5 [87]
O61 – LFC: 13/10/2013 – 03:43:16 —A- . (…) — C:Documents and SettingsAliceApplication DataMicrosoftInternet ExplorerQuick LaunchDémarrer Internet Explorer.lnk [723]
O61 – LFC: 13/10/2013 – 03:43:16 -SHA- . (…) — C:Documents and SettingsAliceApplication DataMicrosoftInternet ExplorerDesktop.htt [2570]
O61 – LFC: 13/10/2013 – 03:43:16 -SHA- . (…) — C:Documents and SettingsAliceApplication DataMicrosoftInternet ExplorerUserDataindex.dat [32768]
O61 – LFC: 13/10/2013 – 03:43:22 —A- . (…) — C:Documents and SettingsAliceRecentMes images.lnk [373]
O61 – LFC: 13/10/2013 – 03:43:22 —A- . (…) — C:Documents and SettingsAliceUserData6JUZI16FoWindowsUpdate[1].xml [28]
O61 – LFC: 13/10/2013 – 03:43:22 —A- . (…) — C:Documents and SettingsAliceUserDataindex.dat [32768]
O61 – LFC: 13/10/2013 – 03:43:22 -SHA- . (…) — C:Documents and SettingsAliceIECompatCacheindex.dat [16384]
O61 – LFC: 13/10/2013 – 03:43:22 -SHA- . (…) — C:Documents and SettingsAliceIETldCacheindex.dat [262144]
O61 – LFC: 13/10/2013 – 03:43:22 -SHA- . (…) — C:Documents and SettingsAlicePrivacIEindex.dat [786432]
O61 – LFC: 14/10/2013 – 03:42:38 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataApplicationHistoryAcer.Empowering.Framework.Launcher.exe.7c55249b.ini.inuse [0]
O61 – LFC: 14/10/2013 – 03:42:38 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataApplicationHistorycli.exe.c88dbd71.ini.inuse [0]
O61 – LFC: 14/10/2013 – 03:42:38 —A- . (…) — C:Documents and SettingsAliceLocal SettingsApplication DataApplicationHistoryePower_DMC.exe.3ca0acde.ini.inuse [0]
O61 – LFC: 14/10/2013 – 03:43:21 —A- . (…) — C:Documents and SettingsAliceApplication DataZHPLog.txt [55235] =>.Nicolas Coolman
O61 – LFC: 14/10/2013 – 03:43:21 —A- . (…) — C:Documents and SettingsAliceApplication DataZHPTestsZHPDiag.txt [3190] =>.Nicolas Coolman
O61 – LFC: 14/10/2013 – 03:43:21 —A- . (…) — C:Documents and SettingsAliceApplication DataZHPZHPDiag.txt [38023] =>.Nicolas Coolman
~ 35 Fichiers temporaires (Temporary files)
~ 41 Fichiers cookies (Cookies files)
~ Files: 815 Legitimates Filtered in 00mn 47s

—\ Liste des outils de désinfection (LATC) (O63)
O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – http://www.usbfix.net” onclick=”window.open(this.href);return false;.) [HKLM] — Usbfix
O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

—\ Liste les services legacy du registre (LALS) (O64)
O64 – Services: CurCS – 24/09/2013 – C:Program FilesAskPartnerNetworkToolbarapnmcp.exe (APNMCP) .(.APN LLC. – APN Updater.) – LEGACY_APNMCP
~ Legacy: 177 Legitimates Filtered in 00mn 02s

—\ Menu de démarrage Internet (SMI) (O68)
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
~ Keys: Scanned in 00mn 00s