> Tous les forums > Forum Sécurité
 ralentissement PC, nettoyage de printemps
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
gav91190
  Posté le 13/05/2010 @ 15:41 
Aller en bas de la page 
Petit astucien

Bonjour,

Mon pc me paraissant un peu plus lent depuis quelque temps (surtout au niveau de l'affichage des pages dans firefox et parfois l'impression qu'il travail pour rien), je me suis dit que j'allais faire un pti nettoyage. J'ai passé un coup de Ccleaner, MBAM, et un scan pandaonline apparament rien d'affolant sur les rapport si ce n'est quelques cookies... J'ai également fait les mises à jour JRE et adobe reader.

Cependant j'ai fait un scan hijackthis et j'ai eu l'impression d'avoir pas mal de chose dans la partie "service", je suis loin d'être un expert dans la lecture de ces rapports, donc je m'en remet à vous, si jamais quelque chose vous saute aux yeux.

Log HijackThis

Logfile of random's system information tool 1.07 (written by random/random)
Run by MOI at 2010-05-13 15:20:10
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 38 GB (28%) free of 138 GB
Total RAM: 3066 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:20:15, on 13/05/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Users\MOI\Downloads\keystate_keystate_anglais_294450.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\MOI\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\MOI.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/7
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Uninstall Adobe Download Manager] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1noarp
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: keystate_keystate_anglais_294450.lnk = C:\Users\MOI\Downloads\keystate_keystate_anglais_294450.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll,-101 (getPlusHelper) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 21436 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-30 61440]
"Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-04-24 250192]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"dellsupportcenter"=C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [2009-05-21 206064]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-04-14 2790472]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2010-03-26 142120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall Adobe Download Manager"=C:\Windows\system32\rundll32.exe [2006-11-02 44544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]

C:\Users\MOI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dell Dock.lnk - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
keystate_keystate_anglais_294450.lnk - C:\Users\MOI\Downloads\keystate_keystate_anglais_294450.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"ForceActiveDesktopOn"=
"NoActiveDesktopChanges"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c8d372b-cb7d-11de-83c8-0026b90485b9}]
shell\AutoRun\command - mbvd.exe
shell\open\command - mbvd.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{576e6f61-1c95-11df-807b-0026b90485b9}]
shell\AutoRun\command - H:\laucher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9042ae10-e0b6-11de-a910-0026b90485b9}]
shell\AutoRun\command - H:\q3kku.exe
shell\open\command - H:\q3kku.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b69be0ec-af87-11de-80ae-0026b90485b9}]
shell\AutoRun\command - F:\2sm66r.exe
shell\open\command - F:\2sm66r.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8a88031-f21e-11de-9397-0026b90485b9}]
shell\AutoRun\command - F:\Vodaphone_uninstaller.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8a8804b-f21e-11de-9397-0026b90485b9}]
shell\AutoRun\command - F:\Vodaphone_uninstaller.exe


======File associations======

.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-05-13 15:20:10 ----D---- C:\rsit
2010-05-13 15:07:42 ----D---- C:\ProgramData\NOS
2010-05-13 15:07:42 ----D---- C:\Program Files (x86)\NOS
2010-05-13 14:52:43 ----D---- C:\Program Files (x86)\Trend Micro
2010-05-12 10:54:01 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2010-04-17 20:28:27 ----D---- C:\Users\MOI\AppData\Roaming\DivX
2010-04-16 19:49:57 ----D---- C:\Windows\SysWOW64\spool
2010-04-16 19:49:57 ----D---- C:\Program Files (x86)\Windows Portable Devices
2010-04-16 16:01:15 ----A---- C:\Windows\SysWOW64\WMPhoto.dll
2010-04-16 16:01:13 ----A---- C:\Windows\SysWOW64\XpsRasterService.dll
2010-04-16 16:01:13 ----A---- C:\Windows\SysWOW64\XpsGdiConverter.dll
2010-04-16 16:01:13 ----A---- C:\Windows\SysWOW64\WindowsCodecsExt.dll
2010-04-16 16:01:13 ----A---- C:\Windows\SysWOW64\WindowsCodecs.dll
2010-04-16 16:01:13 ----A---- C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2010-04-16 16:01:13 ----A---- C:\Windows\SysWOW64\dxdiagn.dll
2010-04-16 16:01:13 ----A---- C:\Windows\SysWOW64\d3d10warp.dll
2010-04-16 16:01:13 ----A---- C:\Windows\SysWOW64\d2d1.dll
2010-04-16 16:01:12 ----A---- C:\Windows\SysWOW64\xpsservices.dll
2010-04-16 16:01:12 ----A---- C:\Windows\SysWOW64\XpsPrint.dll
2010-04-16 16:01:12 ----A---- C:\Windows\SysWOW64\OpcServices.dll
2010-04-16 16:01:12 ----A---- C:\Windows\SysWOW64\dxgi.dll
2010-04-16 16:01:12 ----A---- C:\Windows\SysWOW64\dxdiag.exe
2010-04-16 16:01:12 ----A---- C:\Windows\SysWOW64\d3d11.dll
2010-04-16 16:01:12 ----A---- C:\Windows\SysWOW64\d3d10level9.dll
2010-04-16 16:01:12 ----A---- C:\Windows\SysWOW64\d3d10core.dll
2010-04-16 16:01:12 ----A---- C:\Windows\SysWOW64\d3d10_1core.dll
2010-04-16 16:01:11 ----A---- C:\Windows\SysWOW64\DWrite.dll
2010-04-16 16:01:11 ----A---- C:\Windows\SysWOW64\d3d10_1.dll
2010-04-16 16:01:11 ----A---- C:\Windows\SysWOW64\d3d10.dll
2010-04-16 16:00:45 ----A---- C:\Windows\SysWOW64\WPDShextAutoplay.exe
2010-04-16 16:00:40 ----A---- C:\Windows\SysWOW64\WPDShServiceObj.dll
2010-04-16 16:00:40 ----A---- C:\Windows\SysWOW64\wpdshext.dll
2010-04-16 16:00:40 ----A---- C:\Windows\SysWOW64\PortableDeviceTypes.dll
2010-04-16 16:00:40 ----A---- C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
2010-04-16 16:00:40 ----A---- C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
2010-04-16 16:00:40 ----A---- C:\Windows\SysWOW64\PortableDeviceApi.dll
2010-04-16 16:00:39 ----A---- C:\Windows\SysWOW64\WPDSp.dll
2010-04-16 16:00:39 ----A---- C:\Windows\SysWOW64\PortableDeviceWMDRM.dll
2010-04-16 15:59:49 ----A---- C:\Windows\SysWOW64\UIAutomationCore.dll
2010-04-16 15:59:49 ----A---- C:\Windows\SysWOW64\oleaccrc.dll
2010-04-16 15:59:49 ----A---- C:\Windows\SysWOW64\oleacc.dll
2010-04-16 15:58:51 ----A---- C:\Windows\SysWOW64\UIAnimation.dll
2010-04-16 15:58:50 ----A---- C:\Windows\SysWOW64\UIRibbonRes.dll
2010-04-16 15:58:49 ----A---- C:\Windows\SysWOW64\UIRibbon.dll
2010-04-16 15:34:37 ----A---- C:\Windows\SysWOW64\gameux.dll
2010-04-16 15:34:36 ----A---- C:\Windows\SysWOW64\GameUXLegacyGDFs.dll
2010-04-16 15:34:36 ----A---- C:\Windows\SysWOW64\Apphlpdm.dll
2010-04-15 15:54:45 ----D---- C:\Windows\SysWOW64\vi-VN
2010-04-15 15:54:45 ----D---- C:\Windows\SysWOW64\eu-ES
2010-04-15 15:54:45 ----D---- C:\Windows\SysWOW64\ca-ES
2010-04-14 10:07:19 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2010-04-14 10:07:19 ----D---- C:\Program Files (x86)\iTunes
2010-04-14 10:04:23 ----D---- C:\Program Files (x86)\QuickTime
2010-04-14 10:00:14 ----D---- C:\Program Files (x86)\Bonjour
2010-04-14 09:52:05 ----A---- C:\Windows\SysWOW64\vbscript.dll
2010-04-14 09:50:46 ----A---- C:\Windows\SysWOW64\wintrust.dll
2010-04-14 09:50:43 ----A---- C:\Windows\SysWOW64\cabview.dll

======List of files/folders modified in the last 1 months======

2010-05-13 15:20:15 ----D---- C:\Windows\Prefetch
2010-05-13 15:20:10 ----D---- C:\Windows\Temp
2010-05-13 15:15:11 ----SHD---- C:\Windows\Installer
2010-05-13 15:14:44 ----D---- C:\Windows\SysWOW64
2010-05-13 15:13:25 ----SHD---- C:\Config.Msi
2010-05-13 15:12:33 ----SHD---- C:\System Volume Information
2010-05-13 15:10:54 ----D---- C:\Windows\System32
2010-05-13 15:10:33 ----RD---- C:\Program Files
2010-05-13 15:07:42 ----RD---- C:\Program Files (x86)
2010-05-13 15:07:42 ----HD---- C:\ProgramData
2010-05-13 14:55:42 ----D---- C:\Windows\Debug
2010-05-13 14:55:42 ----D---- C:\Windows
2010-05-13 14:52:45 ----SD---- C:\Users\MOI\AppData\Roaming\Microsoft
2010-05-13 11:32:09 ----D---- C:\Windows\SysWOW64\drivers
2010-05-13 11:04:10 ----D---- C:\Windows\winsxs
2010-05-12 21:33:54 ----D---- C:\Program Files (x86)\Windows Mail
2010-05-12 21:33:46 ----D---- C:\ProgramData\Microsoft Help
2010-05-09 20:39:10 ----D---- C:\Windows\inf
2010-05-09 19:12:01 ----HD---- C:\Program Files (x86)\Tbpuoimpywesxr
2010-05-09 19:12:01 ----AD---- C:\ProgramData\TEMP
2010-05-09 19:00:22 ----D---- C:\Users\MOI\AppData\Roaming\Canon
2010-05-08 10:10:56 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-04-30 20:01:54 ----D---- C:\Users\MOI\AppData\Roaming\vlc
2010-04-28 18:34:40 ----RSD---- C:\Windows\Fonts
2010-04-17 20:33:47 ----D---- C:\Windows\rescache
2010-04-17 10:21:49 ----D---- C:\Windows\Microsoft.NET
2010-04-17 10:21:47 ----RSD---- C:\Windows\assembly
2010-04-16 19:49:58 ----D---- C:\Windows\SysWOW64\fr-FR
2010-04-16 19:49:57 ----D---- C:\Windows\SysWOW64\wbem
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\zh-TW
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\zh-HK
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\zh-CN
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\uk-UA
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\tr-TR
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\th-TH
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\sv-SE
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\sr-Latn-CS
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\sl-SI
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\sk-SK
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\ru-RU
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\ro-RO
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\pt-PT
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\pt-BR
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\pl-PL
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\nl-NL
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\nb-NO
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\lv-LV
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\lt-LT
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\ko-KR
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\ja-JP
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\it-IT
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\hu-HU
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\hr-HR
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\he-IL
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\fi-FI
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\et-EE
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\es-ES
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\en-US
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\el-GR
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\de-DE
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\da-DK
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\cs-CZ
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\bg-BG
2010-04-16 19:49:54 ----D---- C:\Windows\SysWOW64\ar-SA
2010-04-16 15:58:41 ----D---- C:\Windows\AppPatch
2010-04-15 16:02:50 ----SHD---- C:\boot
2010-04-15 16:02:15 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2010-04-15 15:55:41 ----D---- C:\Program Files (x86)\Windows Sidebar
2010-04-15 15:55:41 ----D---- C:\Program Files (x86)\Windows Media Player
2010-04-15 15:55:41 ----D---- C:\Program Files (x86)\Windows Calendar
2010-04-15 15:55:40 ----D---- C:\Windows\servicing
2010-04-15 15:55:40 ----D---- C:\Program Files (x86)\Windows Photo Gallery
2010-04-15 15:55:40 ----D---- C:\Program Files (x86)\Common Files\System
2010-04-15 15:55:39 ----D---- C:\Windows\ehome
2010-04-15 15:55:32 ----D---- C:\Windows\SysWOW64\XPSViewer
2010-04-15 15:55:31 ----D---- C:\Windows\SysWOW64\oobe
2010-04-15 15:55:31 ----D---- C:\Windows\SysWOW64\migration
2010-04-15 15:55:31 ----D---- C:\Windows\SysWOW64\fr
2010-04-15 15:55:31 ----D---- C:\Windows\SysWOW64\AdvancedInstallers
2010-04-15 15:55:30 ----D---- C:\Windows\SysWOW64\setup
2010-04-15 15:55:29 ----D---- C:\Windows\SysWOW64\SLUI
2010-04-15 15:55:29 ----D---- C:\Windows\SysWOW64\manifeststore
2010-04-15 15:55:28 ----D---- C:\Windows\SysWOW64\migwiz
2010-04-15 15:55:13 ----D---- C:\Windows\IME
2010-04-15 10:42:29 ----D---- C:\Users\MOI\AppData\Roaming\Apple Computer
2010-04-14 18:47:03 ----A---- C:\Windows\SysWOW64\aswBoot.exe
2010-04-14 10:07:27 ----D---- C:\Program Files (x86)\Common Files\Apple

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys []
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys []
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys []
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 BCM43XX;Pilote de la carte réseau local sans fil Wireless de Dell; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys []
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys []
R3 OA008Ufd;Creative Camera OA008 Upper Filter Driver; C:\Windows\system32\DRIVERS\OA008Ufd.sys []
R3 OA008Vid;Creative Camera OA008 Function Driver; C:\Windows\system32\DRIVERS\OA008Vid.sys []
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys []
S3 auuf06nk;auuf06nk; C:\Windows\SysWOW64\drivers\auuf06nk.sys []
S3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys []
S3 e1express;Pilote de la connexion réseau Intel(R) PRO/1000 PCI Express; C:\Windows\system32\DRIVERS\e1e6032e.sys []
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys []
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2005-08-02 32512]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\SysWOW64\drivers\LMIRfsClientNP.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe []
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-03-19 144672]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-02-12 345376]
R2 DockLoginService;Dock Login Service; C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 sprtsvc_DellSupportCenter;SupportSoft Sprocket Service (DellSupportCenter); C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe [2009-05-21 206064]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe []
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE C:\Windows\System32\bcmwltry.exe []
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-03-26 660256]
S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-09-24 133104]
S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-30 89920]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 getPlusHelper;@C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2008-03-24 74384]

-----------------EOF-----------------

Publicité
gav91190
 Posté le 13/05/2010 à 15:41 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

suite et fin

INFO

info.txt logfile of random's system information tool 1.06 2010-05-13 15:20:18

======Uninstall list======

-->C:\Windows\CtDrvIns.exe -uninstall -script OA008.uns -unsext NTamd64 -plugin OA008Pin.dll -pluginres OA008Pin.crl -nodisconprompt -langid 0x040C
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BC12448A-0B41-4E11-B242-B1129512F5B7}\setup.exe" -l0x40c
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Download Manager-->"C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.3.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}
Advanced Audio FX Engine-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x40c /remove
Apple Application Support-->MsiExec.exe /I{553255F3-78FD-40F1-A6F8-6882140265FE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x40c
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Canon MP Navigator EX 2.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 2.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 2.0\uninst.ini
Canon Utilities My Printer-->C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini
Catalyst Control Center - Branding-->MsiExec.exe /I{E481DB0E-52F2-4EE0-9BDA-9EE173FA6EA2}
CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
Dell DataSafe Online-->MsiExec.exe /X{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}
Dell Getting Started Guide-->MsiExec.exe /I{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}
Dell Support Center (Logiciel de support)-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
Dell Video Chat-->C:\Program Files (x86)\Dell Video Chat\uninst.exe
Dell Webcam Central-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BC12448A-0B41-4E11-B242-B1129512F5B7}\setup.exe" -l0x40c /remove
DivX Codec-->C:\Program Files (x86)\DivX\DivXCodecUninstall.exe /CODEC
DivX Plus Web Player-->C:\Program Files (x86)\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{08C0729E-3E50-11DF-9D81-005056806466}
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Live! Cam Avatar Creator-->C:\Program Files (x86)\InstallShield Installation Information\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}\setup.exe -runfromtemp -l0x040c -removeonly /remove
Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files (x86)\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Default Manager-->MsiExec.exe /X{095B1DCF-5E8B-47EC-9B18-481918A731DB}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-040C-1000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mozilla Firefox (3.6.3)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.24)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Panda ActiveScan 2.0-->C:\Program Files (x86)\Panda Security\ActiveScan 2.0\as2uninst.exe
PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe
PowerDVD-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -l0x40c -cluninstall
QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
Roxio Creator Audio-->MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
Roxio Creator Copy-->MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
Roxio Creator Data-->MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}
Roxio Creator DE-->C:\ProgramData\Uninstall\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}\setup.exe /x {09760D42-E223-42AD-8C3E-55B47D0DDAC3}
Roxio Creator DE-->MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}
Roxio Creator Tools-->MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB978380)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {667A88D1-0369-4070-A62A-70672D68A9BF}
Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D1003E86}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB980470)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {34573F17-DADE-4D0D-835F-A54A1DE8AC1F}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
SFR - Media Center-->C:\Program Files (x86)\SFR\Media Center\uninstall.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB981715)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Outlook 2007 Junk Email Filter (kb981726)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {2C69BACE-1151-41C0-8C8D-F6026D510BD4}
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VLC media player 1.0.2-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Winamax-->"C:\Winamax\unins000.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}
Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}
Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}
Windows Live Movie Maker-->MsiExec.exe /X{53B20C18-D8D4-4588-8737-9BBFE303C354}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: laptop-A
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\Harddisk1\DR5 lors d'une opération de pagination.
Record Number: 106189
Source Name: disk
Time Written: 20100218173647.094668-000
Event Type: Avertissement
User:

Computer Name: laptop-A
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\Harddisk1\DR5 lors d'une opération de pagination.
Record Number: 106188
Source Name: disk
Time Written: 20100218173647.094668-000
Event Type: Avertissement
User:

Computer Name: laptop-A
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\Harddisk1\DR5 lors d'une opération de pagination.
Record Number: 106187
Source Name: disk
Time Written: 20100218173647.094668-000
Event Type: Avertissement
User:

Computer Name: laptop-A
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\Harddisk1\DR5 lors d'une opération de pagination.
Record Number: 106186
Source Name: disk
Time Written: 20100218173647.094668-000
Event Type: Avertissement
User:

Computer Name: laptop-A
Event Code: 51
Message: Une erreur a été détectée sur le périphérique \Device\Harddisk1\DR5 lors d'une opération de pagination.
Record Number: 106185
Source Name: disk
Time Written: 20100218173647.094668-000
Event Type: Avertissement
User:

=====Application event log=====

Computer Name: PC-de-Adrien
Event Code: 11500
Message: Produit : Java(TM) 6 Update 15 -- Erreur 1500. Une autre installation est en cours. Vous devez la terminer avant de poursuivre cette installation.
Record Number: 957
Source Name: MsiInstaller
Time Written: 20090922161615.000000-000
Event Type: Erreur
User: LAPTOP-A\Adrien

Computer Name: PC-de-Adrien
Event Code: 10010
Message: Impossible de redémarrer l’application « C:\Program Files (x86)\Internet Explorer\iexplore.exe » (pid 5748) - Le SID de l’application ne correspond pas à celui du conducteur..
Record Number: 937
Source Name: Microsoft-Windows-RestartManager
Time Written: 20090922161515.751200-000
Event Type: Avertissement
User: LAPTOP-A\Adrien

Computer Name: PC-de-Adrien
Event Code: 10005
Message: Produit : Windows Live Communications Platform -- Windows Installer a rencontré une erreur inattendue lors de l’installation de ce package. Il s’agit peut-être d’un problème lié au package. Le code d’erreur est 2762. Les arguments sont : , ,
Record Number: 923
Source Name: MsiInstaller
Time Written: 20090922160417.000000-000
Event Type: Erreur
User: LAPTOP-A\Adrien

Computer Name: PC-de-Adrien
Event Code: 10005
Message: Produit : Windows Live Communications Platform -- Windows Installer a rencontré une erreur inattendue lors de l’installation de ce package. Il s’agit peut-être d’un problème lié au package. Le code d’erreur est 2762. Les arguments sont : , ,
Record Number: 922
Source Name: MsiInstaller
Time Written: 20090922160417.000000-000
Event Type: Erreur
User: LAPTOP-A\Adrien

Computer Name: PC-de-Adrien
Event Code: 10005
Message: Produit : Windows Live Mail -- Windows Installer a rencontré une erreur inattendue lors de l’installation de ce package. Il s’agit peut-être d’un problème lié au package. Le code d’erreur est 2762. Les arguments sont : , ,
Record Number: 918
Source Name: MsiInstaller
Time Written: 20090922160413.000000-000
Event Type: Erreur
User: LAPTOP-A\Adrien

=====Security event log=====

Computer Name: laptop-A
Event Code: 1100
Message: Le service d’enregistrement des événements a été arrêté.
Record Number: 12023
Source Name: Microsoft-Windows-Eventlog
Time Written: 20091216205826.007800-000
Event Type: Succès de l'audit
User:

Computer Name: laptop-A
Event Code: 4647
Message: Fermeture de session initiée par l’utilisateur :

Sujet :
ID de sécurité : S-1-5-21-125549095-711646788-4173801983-1000
Nom du compte : Adrien
Domaine du compte : LAPTOP-A
ID d’ouverture de session : 0x5ab8d

Cet événement est généré lorsqu’une fermeture de session est initiée, mais que le nombre de références du jeton n’étant pas zéro, la session ouverte ne peut pas être supprimée. Aucune autre activité initiée par l’utilisateur ne peut se produire. Cet événement peut être interprété comme un événement de fermeture de session.
Record Number: 12022
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091216205824.043066-000
Event Type: Succès de l'audit
User:

Computer Name: laptop-A
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7

Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 12021
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091216192107.186866-000
Event Type: Succès de l'audit
User:

Computer Name: laptop-A
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : LAPTOP-A$
Domaine du compte : MSHOME
ID d’ouverture de session : 0x3e7

Type d’ouverture de session : 5

Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x27c
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -

Informations détaillées sur l’authentification :
Processus d’ouverture de session : Advapi
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 12020
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091216192107.186866-000
Event Type: Succès de l'audit
User:

Computer Name: laptop-A
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : LAPTOP-A$
Domaine du compte : MSHOME
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Compte dont les informations d’identification ont été utilisées :
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost

Informations sur le processus :
ID du processus : 0x27c
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Adresse du réseau : -
Port : -

Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 12019
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091216192107.186866-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared\;C:\Program Files (x86)\Common Files\MDL Shared\ISIS;C:\Program Files (x86)\Common Files\DivX Shared\;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\34FB5F65-FFEB-4B61-BF0E-A6A76C450FAA\TraceFormat
"DFSTRACINGON"=FALSE
"RoxioCentral"=C:\Program Files (x86)\Common Files\Roxio Shared\10.0\Roxio Central36\
"asl.log"=Destination=file;OnFirstLog=command,environment
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Merci d'avance.

gav91190
 Posté le 14/05/2010 à 11:52 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

je viens de remarquer également que le gestionnaire des taches est "desactivé" alors que la clef registre pour la desactivation de celui ci a la valeur 0 ...

pear
 Posté le 14/05/2010 à 12:39 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

Bonjour,

Prévention:
Désactiver l'autorun sur tous les lecteur (USB, CD, DVD, SATA, Firewire, etc.
Pour cela,sous Xp :
Copier/coller ,dans le bloc notes,ce qui suit ,(en vert)sans ligne blanche au début.mais une à la fin.
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion­\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion­\Policies\Explorer]
"NoDriveTypeAutoRun"=dword:000000ff
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"


Sous Vista/7
Copier/coller ce qui suiten vertdans le bloc notes,sans ligne blanche au début.mais une à la fin.
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers]
"DisableAutoplay"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"


Fichier ->Enregistrez sous..
Clic sur bureau à gauche
Dans type de fichier->Tous les fichiers
Dans Nom-> regis.reg.
Allez sur le bureau
Cliquez droit sur le fichier ->fusionner
Acceptez la modification du Régistre




Télécharger Usb Fix de C_XX & Chiquitine29, sur le bureau

Installez le.
Vous devez désactiver la protection en temps réel de votre Antivirus qui peut considérer certains composants de ce logiciel comme néfastes.
* Pour cela, faites un clic droit sur l'icône de l'antivirus en bas à droite à côté de l'horloge puis Disable Guard ou Shield ou Résident...
TéléchargerOpen-Config de Lopp Blanc
Si vous êtes sous Vista et 7, si l'UAC est activé il faut le lancer en mode "Administrateur".

image
en vert c'est bon, en rouge on peut déverrouiller.
Un clic sur le bouton "Déverrouiller la configuration" va permettre de corriger tous les points en rouge,


Si vous êtes Sous Vista:
Désactivez le contrôle des comptes utilisateurs (Vous le réactiverez par la suite):
http://www.zebulon.fr/astuces/220-desactiver-l-uac-dans-vista.html
- Démarrer puis panneau de configuration->"Comptes d'utilisateurs"
- Cliquer ensuite sur désactiver et valider.


Lancer l'installation avec les paramètres par défault
Brancher les périphériques externes (clé USB, disque dur externe, etc...) sans les ouvrir
Faire un Clic-droit sur le raccourci Usbfix sur le bureau et choisir "Exécuter en tant qu'administrateur".

Lancer l' option 1(Recherche)
le rapport UsbFix.txt est sauvegardé à la racine du disque .
Faites en un copier/coller dans le bloc notes pour le poster.

Ensuite,
Lancer l'option 2(Suppression)
Le bureau disparait et le pc redémarre
Patientez le temps du scan.
le rapport UsbFix.txt est sauvegardé à la racine du disque
Faites en un copier/coller dans le bloc notes pour le poster.


Vaccination
Pour vous éviter une infection ultérieure:
Lancer l' Option 3 (vaccination)



Pour Désinstaller
Double clic sur le raccourci UsbFix sur le bureau
Lancer l' option 5 ( Désinstaller ) ....



Postez les rapports avant et après nettoyage.

Rsit, comme Hijackthis, ne connait pas les OS 64 bits, d'où les "File Missing"

Lancez cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman
Il ne nécessite aucune installation.
- Il peut être lancé depuis n'importe quelle unité de disque.
- Il peut être lancé d'une clé USB.

image
Cliquez sur le tournevis
Dans la fenêtre qui s'ouvre, cochez tout.
Clic sur la Loupe pour lancer le scan
Au bout d'un moment ,vous pouvez avoir à Accepter Sysinternal->I agree
Postez en le rapport qui apparait en cliquant l'appareil photo.

gav91190
 Posté le 14/05/2010 à 14:04 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Bonjour, merci pour la réponse, le gestionnaire de tache est revenu. voilà les rapports. (rapports ZHP trop long pour etre posté, je les heberge ?).

nettoyage



############################## | UsbFix V6.113 |

User : Adrien (Administrateurs) # LAPTOP-A
Update on 13/05/2010 by El Desaparecido , C_XX & Chimay8
Start at: 12:49:33 | 14/05/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Pentium(R) Dual-Core CPU T4200 @ 2.00GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 64-bit) # Service Pack 2
Internet Explorer 8.0.6001.18904
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 134,36 Go (39,26 Go free) [OS] # NTFS
D:\ -> Disque fixe local # 14,65 Go (6,44 Go free) [RECOVERY] # NTFS
E:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM

################## | Elements infectieux |

D:\autorun.inf

################## | Registre |



############################## | UsbFix V6.113 |

User : Adrien (Administrateurs) # LAPTOP-A
Update on 13/05/2010 by El Desaparecido , C_XX & Chimay8
Start at: 12:59:11 | 14/05/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Pentium(R) Dual-Core CPU T4200 @ 2.00GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 64-bit) # Service Pack 2
Internet Explorer 8.0.6001.18904
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 134,36 Go (39,23 Go free) [OS] # NTFS
D:\ -> Disque fixe local # 14,65 Go (6,44 Go free) [RECOVERY] # NTFS
E:\ -> Disque CD-ROM
G:\ -> Disque CD-ROM

################## | Elements infectieux |

Supprimé ! C:\$Recycle.Bin\S-1-5-21-125549095-711646788-4173801983-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-125549095-711646788-4173801983-500
Supprimé ! D:\autorun.inf
Supprimé ! D:\$Recycle.Bin\S-1-5-21-125549095-711646788-4173801983-1000
Supprimé ! D:\$Recycle.Bin\S-1-5-21-125549095-711646788-4173801983-500

################## | Registre |


################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{2c8d372b-cb7d-11de-83c8-0026b90485b9}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{576e6f61-1c95-11df-807b-0026b90485b9}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9042ae10-e0b6-11de-a910-0026b90485b9}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{b69be0ec-af87-11de-80ae-0026b90485b9}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{c8a88031-f21e-11de-9397-0026b90485b9}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{c8a8804b-f21e-11de-9397-0026b90485b9}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[23/09/2009 18:56|--a------|1024] C:\.rnd
[11/04/2009 08:36|-rahs----|333257] C:\bootmgr
[05/02/2008 05:51|--a------|546872] C:\bootmgr.efi
[15/09/2009 16:36|-rah-----|3663] C:\dell.sdr
[26/10/2009 10:32|--ah-----|340108] C:\emmanuelledusch3564083623.xml
[11/02/2010 16:46|--a------|1274] C:\HeadVideo.log
[?|?|?] C:\hiberfil.sys
[22/09/2009 18:10|--ah-----|12148] C:\MessageLog.xsl
[02/12/2006 06:37|--a------|904704] C:\msdia80.dll
[22/03/2010 17:43|--a------|23] C:\msdos.sys
[?|?|?] C:\pagefile.sys
[14/05/2010 13:03|--a------|2338] C:\UsbFix.txt
[17/04/2009 22:59|---hs----|7374] D:\Desktop.ini
[24/03/2009 00:26|---hs----|77824] D:\Info.exe
[20/03/2010 11:05|--ahs----|232] D:\Master.log
[16/04/2009 00:51|---hs----|117213] D:\protect.chinese simplified
[16/04/2009 00:54|---hs----|117667] D:\protect.chinese traditional
[16/04/2009 18:10|---hs----|116238] D:\protect.danish
[16/04/2009 17:55|---hs----|119790] D:\protect.dutch
[17/04/2009 19:19|---hs----|47233] D:\protect.english
[16/04/2009 18:10|---hs----|116015] D:\protect.french
[16/04/2009 17:58|---hs----|116305] D:\protect.german
[16/04/2009 17:59|---hs----|115710] D:\protect.italian
[16/04/2009 18:00|---hs----|117842] D:\protect.japanese
[16/04/2009 18:00|---hs----|124495] D:\protect.korean
[16/04/2009 18:02|---hs----|116195] D:\protect.norwegian
[16/04/2009 18:03|---hs----|116564] D:\protect.portuguese brazilian
[16/04/2009 18:04|---hs----|116363] D:\protect.spanish
[16/04/2009 18:05|---hs----|116404] D:\protect.swedish
[22/09/2009 17:37|---hs----|214] D:\ST_InstallBackup.ini

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
# D:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).

################## | Upload |

Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_LAPTOP-A.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.113 ! |

-----------------------------------------------------------------------

pear
 Posté le 14/05/2010 à 15:12 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

Le rapport ZhpDiag peut être posté en 2 ou 3 morceaux.

gav91190
 Posté le 14/05/2010 à 17:18 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

ok je vais faire comme ça, voilà le rapport après nettoyage.

Rapport de ZHPDiag v1.25.1421 par Nicolas Coolman, Update du 06/05/2010
Run by Adrien at 14/05/2010 13:50:03
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Contact : nicolascoolman@yahoo.fr

---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18904
MFIE: Mozilla Firefox (3.6.3)

---\\ System Information
Platform : Windows (TM) Vista Home Premium (6.0.6002)
Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3066 MB (52% free)
System drive C: has 39 GB (29%) free of 134 GB

---\\ Logged in mode
Computer Name: LAPTOP-A
User Name: Adrien
Unselected Option: None
Logged in as Administrator

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 39 Go of 134 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 6 Go of 15 Go)
E:\ CD-ROM drive (Not Inserted)
G:\ CD-ROM drive (Not Inserted)


---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK


---\\ Processus lancés
[MD5.2659F9B422673A98D5629FA3294F5DF3] - (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440]
[MD5.33A8CC84A281B4C7F7FBAA6DC3CA26A4] - (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [250192]
[MD5.F91F52F4EA5D88DAB6245682A16F3A72] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [36272]
[MD5.DB1DB28467111A24664933AB8908CBCE] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [952768]
[MD5.00D1FB0073B4A8BD2989EA8FF4CC792B] - (.SupportSoft, Inc. - Dell Support Center Updates.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064]
[MD5.8DE8DEFE523C005C5F88852E2493D67D] - (.ALWIL Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2790472]
[MD5.ED7A6D40B20DC34BE06F4AE196AE7D50] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe [421888]
[MD5.59C0BDCFE273334D3133C7F2B57A2A13] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [142120]
[MD5.9C5A0F070196B601D629F5BA9AA921F8] - (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe [1555968]
[MD5.18B4B12358EFCF68D76812058A26181F] - (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3883856]
[MD5.65437DAD4F238EA9549408A783002222] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe [138240]
[MD5.9E35FF7F943AE0FB89192BFE058B7FD4] - (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe [1233920]
[MD5.CDA9F1373805AF88F6FA4F2064BBA24D] - (.Microsoft Corporation - Processus hôte pour les services Windows.) -- C:\Windows\system32\svchost.exe [27648]
[MD5.A6FB9DB8F1A86861D955FD6975977AE0] - (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe [89600]
[MD5.ACB095E7E1663F1B83A41C22C5D75F90] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672]
[MD5.00DACE1D9A0DA60215022C6B1FAC1673] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [918528]
[MD5.57E6D33E74C6D3F198890DB4933644A7] - (.ALWIL Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384]
[MD5.A065F048E9E23E6C026A7BB548D126A7] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe [345376]
[MD5.0840ABBBDF438691EE65A20040635CBE] - (.Stardock Corporation - Dock Login Service.) -- C:\Program Files\Dell\DellDock\DockLogin.exe [155648]
[MD5.626A24ED1228580B9518C01930936DF9] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104]
[MD5.40348DCEC0712ED42231C5F90A69A690] - (.Microsoft Corporation - Processus de l’autorité de sécurité locale.) -- C:\Windows\system32\lsass.exe [11264]
[MD5.271077B91D7AD1B616F8AFDFE8E3F981] - (.Microsoft Corporation - Microsoft SeaPort Search Enhancement Broker.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [240512]
[MD5.A9A27A8E257B45A604FDAD4F26FE7241] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [2582016]
[MD5.EADA445EAEDD1D7DF4C5EB42B3612729] - (.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\System32\spoolsv.exe [268288]
[MD5.D630B6F2E8379B6F10DC16E82A426552] - (.SupportSoft, Inc. - SupportSoft Agent Service.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe [206064]
[MD5.C5DF63AE2693C9B6B01B4A2E6C1C64AC] - (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe [268288]
[MD5.1471323B5D211FA07FD5A2730AC515C9] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\WLTRYSVC.exe [32768]
[MD5.A2AC37A1EEF83BD9E912B0EFCBEA06BD] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) -- C:\Windows\system32\SearchIndexer.exe [597504]


---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=explorer.exe


---\\ Pages de recherche d'Internet Explorer (R1)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896


---\\ Internet Explorer URLSearchHook (R3)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)) -- C:\Windows\SysWOW64\ieframe.dll


---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll


---\\ Applications démarrées automatiquement par le registre (O4)
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [dellsupportcenter] . (.SupportSoft, Inc. - Dell Support Center Updates.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
O4 - HKLM\..\Run: [avast5] . (.ALWIL Software - avast! Antivirus.) -- C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - Global Startup: Dell Dock.lnk . (.Stardock Corporation - Dell Dock.) -- C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: keystate_keystate_anglais_294450.lnk . (.Paul Heinrich - Caps & NumLock Indicator.) -- C:\Users\Adrien\Downloads\keystate_keystate_anglais_294450.exe


---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~2\Office12\EXCEL.exe


---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~2\MICROS~2\Office12\REFBARH.ICO


---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll


---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab


---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\SysWOW64\webcheck.dll


---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll


---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Pas de propriétaire - Pas de description.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - Apple Mobile Device Service.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (Ati External Event Utility) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.ALWIL Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) . (.Stardock Corporation - Dock Login Service.) - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: C:\Windows\system32\samsrv.dll (SamSs) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\lsass.exe
O23 - Service: C:\Windows\system32\SLsvc.exe (slsvc) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\SLsvc.exe
O23 - Service: C:\Windows\system32\spoolsv.exe (Spooler) . (.Pas de propriétaire - Pas de description.) - C:\Windows\System32\spoolsv.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) . (.SupportSoft, Inc. - SupportSoft Agent Service.) - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Audio Service (STacSV) . (.Pas de propriétaire - Pas de description.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) . (.Pas de propriétaire - Pas de description.) - C:\Windows\System32\WLTRYSVC.exe


---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job


---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Pas de propriétaire - Pas de description.) -- "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r45.) -- C:\Windows\SysWow64\Macromed\Flash\Flash10e.ocx


---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: Ancilliary Function Driver for Winsock (AFD) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: Pilote de CD-ROM (cdrom) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\i8042prt.sys
O41 - Driver: Pilote de la classe Clavier (kbdclass) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\kbdclass.sys
O41 - Driver: Pilote HID de clavier (kbdhid) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\kbdhid.sys
O41 - Driver: Pilote de la classe Souris (mouclass) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\mouclass.sys
O41 - Driver: NetBIOS Interface (NetBIOS) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: NETBT (netbt) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: NSI proxy service (nsiproxy) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: Remote Access Auto Connection Driver (RasAcd) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\rasacd.sys
O41 - Driver: Redirected Buffering Sub Sysytem (rdbss) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: RDPCDD (RDPCDD) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: RDP Encoder Mirror Driver (RDPENCDD) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: Pilote de périphérique terminal (TermDD) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: Remote Access IPv6 ARP Driver (Wanarpv6) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\DRIVERS\wanarp.sys


---\\ Logiciels installés (O42)
O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM]
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM]
O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM]
O42 - Logiciel: Adobe Reader 9.3.2 - Français - (.Adobe Systems Incorporated.) [HKLM]
O42 - Logiciel: Advanced Audio FX Engine - (.Creative Technology Ltd.) [HKLM]
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM]
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM]
O42 - Logiciel: Assassin's Creed - (.Ubisoft.) [HKLM]
O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM]
O42 - Logiciel: Canon MP Navigator EX 2.0 - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Canon Utilities My Printer - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM]
O42 - Logiciel: Dell DataSafe Online - (.Dell, Inc..) [HKLM]
O42 - Logiciel: Dell Getting Started Guide - (.Dell Inc..) [HKLM]
O42 - Logiciel: Dell Support Center (Logiciel de support) - (.Dell.) [HKLM]
O42 - Logiciel: Dell Video Chat - (.SightSpeed Inc..) [HKLM]
O42 - Logiciel: Dell Webcam Central - (.Creative Technology Ltd.) [HKLM]
O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM]
O42 - Logiciel: DivX Plus Web Player - (.DivX,Inc..) [HKLM]
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM]
O42 - Logiciel: Google Earth - (.Google.) [HKLM]
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Live! Cam Avatar Creator - (.Creative Technology Ltd.) [HKLM]
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM]
O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM]
O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB953297) - (.Pas de propriétaire.) [HKLM]
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM]
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM]
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Mozilla Firefox (3.6.3) - (.Mozilla.) [HKLM]
O42 - Logiciel: Mozilla Thunderbird (2.0.0.24) - (.Mozilla.) [HKLM]
O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM]
O42 - Logiciel: Panda ActiveScan 2.0 - (.Panda Security.) [HKLM]
O42 - Logiciel: PowerDVD - (.Dell.) [HKLM]
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM]
O42 - Logiciel: Roxio Creator Audio - (.Roxio.) [HKLM]
O42 - Logiciel: Roxio Creator Copy - (.Roxio.) [HKLM]
O42 - Logiciel: Roxio Creator DE - (.Roxio.) [HKLM]
O42 - Logiciel: Roxio Creator Data - (.Roxio.) [HKLM]
O42 - Logiciel: Roxio Creator Tools - (.Roxio.) [HKLM]
O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM]
O42 - Logiciel: Roxio Update Manager - (.Roxio.) [HKLM]
O42 - Logiciel: SFR - Media Center - (.SFR.) [HKLM]
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB978380) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB978382) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB972363) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB980470) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613) - (.Microsoft.) [HKLM]
O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM]
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM]
O42 - Logiciel: Update for 2007 Microsoft Office System (KB981715) - (.Microsoft.) [HKLM]
O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Update for Microsoft Office InfoPath 2007 (KB976416) - (.Microsoft.) [HKLM]
O42 - Logiciel: Update for Microsoft Office Word 2007 (KB974561) - (.Microsoft.) [HKLM]
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb981726) - (.Microsoft.) [HKLM]
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM]
O42 - Logiciel: VLC media player 1.0.2 - (.VideoLAN Team.) [HKLM]
O42 - Logiciel: Winamax - (.winamax.) [HKLM]
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM]
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM]
O42 - Logiciel: avast! Free Antivirus - (.Alwil Software.) [HKLM]
O42 - Logiciel: µTorrent - (.Pas de propriétaire.) [HKLM]

---\\ HKCU & HKLM Software Keys
[HKCU\Software\ABSoft]
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\Advanced Chemistry Development (ACD)]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Audacity]
[HKCU\Software\BitTorrent]
[HKCU\Software\Broadcom]
[HKCU\Software\Bugsplat]
[HKCU\Software\CDDB]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Creative Tech]
[HKCU\Software\DT Soft]
[HKCU\Software\Dell Computer Corporation]
[HKCU\Software\Dell]
[HKCU\Software\DivXNetworks]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IDT]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Kolor]
[HKCU\Software\Livestation]
[HKCU\Software\LogMeIn]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Netscape]
[HKCU\Software\Neuf]
[HKCU\Software\ODBC]
[HKCU\Software\Orange]
[HKCU\Software\PDFCreator]
[HKCU\Software\POV-Ray]
[HKCU\Software\Patchou]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Roxio]
[HKCU\Software\SFR]
[HKCU\Software\STOIK Noise Autofix 1.6]
[HKCU\Software\Sonic]
[HKCU\Software\SupportSoft]
[HKCU\Software\Synaptics]
[HKCU\Software\Sysinternals]
[HKCU\Software\Trend Micro]
[HKCU\Software\Trolltech]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\X-Ways AG]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\fobstudio]
[HKCU\Software\keyhole.com]
[HKLM\Software\ALWIL Software]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Adobe]
[HKLM\Software\Advanced Chemistry Development (ACD)]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\BcmSetup]
[HKLM\Software\CDDB]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Creative Tech]
[HKLM\Software\Creative]
[HKLM\Software\CyberLink]
[HKLM\Software\DT Soft]
[HKLM\Software\Dell Computer Corporation]
[HKLM\Software\Dell]
[HKLM\Software\Digital River]
[HKLM\Software\DivXNetworks]
[HKLM\Software\EA GAMES]
[HKLM\Software\Giganology]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfeeInstaller]
[HKLM\Software\MicroVision]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Neuf]
[HKLM\Software\ODBC]
[HKLM\Software\PC-Doctor]
[HKLM\Software\PDFCreator]
[HKLM\Software\Panda Software]
[HKLM\Software\Patchou]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\SightSpeed Inc]
[HKLM\Software\SoftThinks]
[HKLM\Software\Sonic]
[HKLM\Software\SupportSoft]
[HKLM\Software\TrendMicro]
[HKLM\Software\Ubisoft]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows]
[HKLM\Software\mozilla.org]


---\\ Contenu des dossiers Fichiers Communs (O43)
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Adobe Photoshop CS4 FR Portable - Majax31
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Apple Software Update
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\ATI Technologies
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Banana Security
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Bonjour
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Canon
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\CCleaner
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Creative
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Creative Live! Cam
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\CyberLink
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\DAEMON Tools Lite
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Dell
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Dell DataSafe Online
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Dell Support Center
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Dell Video Chat
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Dell Webcam
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\DivX
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Giganology
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Google
O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Internet Explorer
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\iTunes
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Java
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Lenovo
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\LogMeIn
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Messenger Plus! Live
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Office
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft Works
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Microsoft.NET
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Mozilla Thunderbird
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\MSBuild
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Panda Security
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\PDFCreator
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\QuickTime
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Reference Assemblies
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Roxio
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\SFR
O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\Tbpuoimpywesxr
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Trend Micro
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Ubisoft
O43 - CFD:Common File Directory --H-D- C:\Program Files (x86)\Uninstall Information
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\uTorrent
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\VideoLAN
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\WinConfig
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Calendar
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Collaboration
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Defender
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Live
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Live SkyDrive
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Mail
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Media Player
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows NT
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Photo Gallery
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Windows Sidebar
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\WorldOfGoo
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\ZHPDiag
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Apple
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\DivX Shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Java
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Reallusion
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Roxio Shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Services
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\supportsoft
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\SureThing Shared
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\System
O43 - CFD:Common File Directory ----D- C:\Program Files (x86)\Common Files\Windows Live

gav91190
 Posté le 14/05/2010 à 17:19 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.8143E54AA137ACC50F082D23966F0362] - 14/05/2010 - 12:03:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\UsbFix_Upload_Me_LAPTOP-A.zip [2025]
O44 - LFC:[MD5.00000000000000000000000000000000] - 14/05/2010 - 12:02:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [1563597]
O44 - LFC:[MD5.209A9D93D62DEA0C988D68B9D680F222] - 14/05/2010 - 11:58:37 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.18454AF108EC8AF09533FF96FA1E2A32] - 13/05/2010 - 16:13:53 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\PFRO.log [418]
O44 - LFC:[MD5.A4E54A645B56B0B6961591E4F8102D80] - 13/05/2010 - 14:10:39 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\SysNative\java.exe [165888]
O44 - LFC:[MD5.B2AFE404EDA76D0FB751C769ECA93940] - 13/05/2010 - 14:10:39 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\SysNative\javaw.exe [165888]
O44 - LFC:[MD5.51D259F8A59B914702AFDCE8799F70C3] - 13/05/2010 - 14:10:39 ---A- . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\Windows\SysNative\javaws.exe [182784]
O44 - LFC:[MD5.2717B5A2B4F8FB2E3781D8EBB0AA3633] - 13/05/2010 - 14:10:37 ---A- . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\SysNative\deployJava1.dll [455680]
O44 - LFC:[MD5.FCD1C371F0C2FC811561973A7DF89EB8] - 09/05/2010 - 19:39:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\PerfStringBackup.INI [1684862]
O44 - LFC:[MD5.236707FD6ACABDEA20FCB60BD3A1FC01] - 09/05/2010 - 19:39:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc009.dat [129012]
O44 - LFC:[MD5.79F33D13241AE09F7707A295810F6D3E] - 09/05/2010 - 19:39:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfc00C.dat [158666]
O44 - LFC:[MD5.486DCC90175632C2E33345A641B9C7D3] - 09/05/2010 - 19:39:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh009.dat [655218]
O44 - LFC:[MD5.05644E5CF132348013CEAAF7F49A3032] - 09/05/2010 - 19:39:10 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\perfh00C.dat [747666]
O44 - LFC:[MD5.C5CD02376FCD168EE699C192DE5D67CA] - 29/04/2010 - 06:01:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\SysNative\FNTCACHE.DAT [391784]
O44 - LFC:[MD5.8272C88E0567816882D40803571A6E2F] - 16/04/2010 - 14:34:36 ---A- . (.Microsoft - Legacy GDF resource DLL.) -- C:\Windows\System32\GameUXLegacyGDFs.dll [4240384]
O44 - LFC:[MD5.8272C88E0567816882D40803571A6E2F] - 16/04/2010 - 14:34:35 ---A- . (.Microsoft - Legacy GDF resource DLL.) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll [4240384]
O44 - LFC:[MD5.FCD1C371F0C2FC811561973A7DF89EB8] - 15/04/2010 - 15:02:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1576042]


---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:Last File Created Prefetch 05/05/2010 - 06:35:50 ---A- C:\Windows\Prefetch\AgCx_S1_S-1-5-21-125549095-711646788-4173801983-1000.snp.db
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 05:49:44 ---A- C:\Windows\Prefetch\SYNTPHELPER.EXE-C8D211B9.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 07:46:26 ---A- C:\Windows\Prefetch\AgCx_SC1.db.trx
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 07:47:26 ---A- C:\Windows\Prefetch\AgCx_SC1.db
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 08:30:18 ---A- C:\Windows\Prefetch\THUNDERBIRD.EXE-69F6F4B4.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 08:54:55 ---A- C:\Windows\Prefetch\IEXPLORE.EXE-A033F7A0.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 09:53:42 ---A- C:\Windows\Prefetch\SPRTCMD.EXE-E9B532BB.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 09:53:53 ---A- C:\Windows\Prefetch\WSCRIPT.EXE-7DB9834D.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 09:54:31 ---A- C:\Windows\Prefetch\WMIPRVSE.EXE-39F97B2D.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 09:54:57 ---A- C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-766EFF52.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 09:59:03 ---A- C:\Windows\Prefetch\DSC.EXE-C28D022F.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 11:16:20 ---A- C:\Windows\Prefetch\WMPNSCFG.EXE-18FC9E64.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 11:42:19 ---A- C:\Windows\Prefetch\NOTEPAD.EXE-C5670914.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 11:54:30 ---A- C:\Windows\Prefetch\DLLHOST.EXE-4B6CB38A.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 11:54:34 ---A- C:\Windows\Prefetch\VERCLSID.EXE-AB0FD091.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 11:55:59 ---A- C:\Windows\Prefetch\CONSENT.EXE-40419367.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 11:56:04 ---A- C:\Windows\Prefetch\DLLHOST.EXE-6389524F.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 11:57:38 ---A- C:\Windows\Prefetch\AgRobust.db
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 11:57:38 ---A- C:\Windows\Prefetch\PfSvPerfStats.bin
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 11:57:40 ---A- C:\Windows\Prefetch\AgGlFaultHistory.db
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 11:57:40 ---A- C:\Windows\Prefetch\AgGlFgAppHistory.db
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 11:57:40 ---A- C:\Windows\Prefetch\AgGlGlobalHistory.db
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 11:59:54 ---A- C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:00:38 ---A- C:\Windows\Prefetch\SWREG.EXE-4558CA6E.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:01:14 ---A- C:\Windows\Prefetch\SPRTSVC.EXE-775E66AB.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:01:16 ---A- C:\Windows\Prefetch\EGWREG.COM-46049BCC.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:03:03 ---A- C:\Windows\Prefetch\WMIADAP.EXE-BB21CD77.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:03:12 ---A- C:\Windows\Prefetch\FINDSTR.EXE-5986D423.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:11:49 ---A- C:\Windows\Prefetch\WERMGR.EXE-F439C551.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:11:50 ---A- C:\Windows\Prefetch\WERCON.EXE-C87ACD13.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:13:59 ---A- C:\Windows\Prefetch\TASKENG.EXE-35FA9C06.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:25:55 ---A- C:\Windows\Prefetch\Layout.ini
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:35:00 ---A- C:\Windows\Prefetch\GOOGLEUPDATE.EXE-0E1E7B82.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:35:29 ---A- C:\Windows\Prefetch\VSSVC.EXE-6C8F0C66.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:35:30 ---A- C:\Windows\Prefetch\SVCHOST.EXE-6A249820.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:35:39 ---A- C:\Windows\Prefetch\MODE.COM-5FB49C3B.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:35:48 ---A- C:\Windows\Prefetch\FIREFOX.EXE-359C61A4.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:36:07 ---A- C:\Windows\Prefetch\MSNMSGR.EXE-0A3C12F9.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:36:12 ---A- C:\Windows\Prefetch\WLCOMM.EXE-81BAE51F.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:36:21 ---A- C:\Windows\Prefetch\FIND.EXE-66A35B26.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:36:22 ---A- C:\Windows\Prefetch\ECHOX.EXE-EDE49489.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:36:22 ---A- C:\Windows\Prefetch\SWXCACLS.COM-81F9AB07.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:36:31 ---A- C:\Windows\Prefetch\CONIME.EXE-4691AE88.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:36:41 ---A- C:\Windows\Prefetch\CSCRIPT.EXE-FCD9ABA9.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:37:07 ---A- C:\Windows\Prefetch\USBFIX.EXE-EBD21C78.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:37:17 ---A- C:\Windows\Prefetch\GO.EXE-9F5F9B7B.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:37:20 ---A- C:\Windows\Prefetch\SETPATH.EXE-F783002B.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:37:21 ---A- C:\Windows\Prefetch\FSUM.EXE-A9B0DF85.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:39:40 ---A- C:\Windows\Prefetch\AgGlUAD_S-1-5-21-125549095-711646788-4173801983-1000.db
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:39:41 ---A- C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-125549095-711646788-4173801983-1000.db
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:44:02 ---A- C:\Windows\Prefetch\LADS.EXE-E07AE0E5.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:44:04 ---A- C:\Windows\Prefetch\SETACL.EXE-BC6C89FD.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:44:04 ---A- C:\Windows\Prefetch\SUBINACL.EXE-3DCC0576.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:47:44 ---A- C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-44162447.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:47:44 ---A- C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-69C456C3.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:47:57 ---A- C:\Windows\Prefetch\NOTEPAD.EXE-032BB3D8.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:48:34 ---A- C:\Windows\Prefetch\SIGCHECK.EXE-86EEDBEE.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:48:39 ---A- C:\Windows\Prefetch\CMD.EXE-6D6290C5.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:49:01 ---A- C:\Windows\Prefetch\WMIPRVSE.EXE-E8B8DD29.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:49:21 ---A- C:\Windows\Prefetch\MBR.EXE-8BFEEB6E.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:49:28 ---A- C:\Windows\Prefetch\DLLHOST.EXE-63B92852.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:49:53 ---A- C:\Windows\Prefetch\LOGONUI.EXE-F639BD7E.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:49:56 ---A- C:\Windows\Prefetch\TASKMGR.EXE-4C8500BA.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:50:06 ---A- C:\Windows\Prefetch\RUNDLL32.EXE-9D45D411.pf
O45 - LFCP:Last File Created Prefetch 14/05/2010 - 12:50:10 ---A- C:\Windows\Prefetch\ZHPDIAG.EXE-6A1D0894.pf


---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\SysWOW64\l3codeca.acm" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll
O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll
O52 - TDSD: \drivers.desc\"C:\Windows\SysWOW64\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)
O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.9.1 Codec" . (.Pas de propriétaire - Pas de description.) -- (.not file.)


---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=credssp.dll


---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0


---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=255
O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=255
O56 - MWPE:[HKCU\...\Policies\Explorer] - "HonorAutoRunSetting"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\Policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoActiveDesktopChanges"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=255
O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=255
O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=0


---\\ Liste des Drivers Système (SDL) (O58)
O58 - SDL:[MD5.F14215E37CF124104575073F782111D2] - 21/01/2008 - 03:46:53 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys
O58 - SDL:[MD5.7D05A75E3066861A6610F7EE04FF085C] - 21/01/2008 - 03:46:54 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys
O58 - SDL:[MD5.820A201FE08A0C345B3BEDBC30E1A77C] - 21/01/2008 - 03:46:54 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (X64).) -- C:\Windows\system32\drivers\adpu160m.sys
O58 - SDL:[MD5.9B4AB6854559DC168FBB4C24FC52E794] - 21/01/2008 - 03:47:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys
O58 - SDL:[MD5.9544C2C55541C0C6BFD7B489D0E7D430] - 28/04/2009 - 12:34:10 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys
O58 - SDL:[MD5.BA8417D4765F3988FF921F30F630E303] - 21/01/2008 - 03:46:52 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys
O58 - SDL:[MD5.9D41C435619733B34CC16A511E644B11] - 21/01/2008 - 03:47:00 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys
O58 - SDL:[MD5.5A1408B8F58CE21F6A46BB8CA0C297F3] - 14/04/2010 - 17:31:03 ---A- . (.ALWIL Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys
O58 - SDL:[MD5.199CCBB4A91BEC33E190EC35CCBCEE0F] - 14/04/2010 - 17:31:27 ---A- . (.ALWIL Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys
O58 - SDL:[MD5.4088EC72890EC83844E9C562E1CAEE63] - 14/04/2010 - 17:31:42 ---A- . (.ALWIL Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys
O58 - SDL:[MD5.BDA2F93CB8623D1E42BC781B731F9CC6] - 14/04/2010 - 17:35:31 ---A- . (.ALWIL Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys
O58 - SDL:[MD5.E2415EEDDB4BF338FB6DB561462425F6] - 14/04/2010 - 17:35:51 ---A- . (.ALWIL Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys
O58 - SDL:[MD5.CEF278088637401F07A0064B0B900A32] - 26/11/2008 - 22:45:50 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys
O58 - SDL:[MD5.A7C9995BA861FCE78B2CEAAE61D39FD7] - 21/12/2008 - 19:34:48 ---A- . (.Broadcom Corporation - Broadcom iLine10(tm) PCI Network Adapter Proxy Protocol Driver.) -- C:\Windows\system32\drivers\bcm42rly.sys
O58 - SDL:[MD5.912012B708A7D8E8CE2EE55AFB663DFF] - 16/12/2008 - 17:56:52 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL664.SYS
O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 18/09/2006 - 22:30:15 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys
O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 18/09/2006 - 22:30:15 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys
O58 - SDL:[MD5.F0F0BA4D815BE446AA6A4583CA3BCA9B] - 02/11/2006 - 09:43:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys
O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 18/09/2006 - 22:30:18 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys
O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 18/09/2006 - 22:30:18 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys
O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 19/09/2006 - 12:42:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys
O58 - SDL:[MD5.E5D5499A1C50A54B5161296B6AFE6192] - 21/01/2008 - 03:46:50 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys
O58 - SDL:[MD5.B8CB9FAF353FF1F49BEE7A898F28E835] - 21/03/2009 - 00:55:10 ---A- . (.Creative Technology Ltd. - Advanced Audio FX Driver (64-bit).) -- C:\Windows\system32\drivers\CtAudDrv.sys
O58 - SDL:[MD5.0D260D60FC1302E482850BB8F432D8D5] - 12/03/2009 - 17:47:46 ---A- . (.Creative Technology Ltd. - Video Class Upper Filter Driver (64-bit).) -- C:\Windows\system32\drivers\CtClsFlt.sys
O58 - SDL:[MD5.222CB641B4B8A1D1126F8033F9FD6A00] - 02/11/2006 - 12:50:06 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys
O58 - SDL:[MD5.17D40652EF3E55EEAE187A89DF40965A] - 21/01/2008 - 03:46:55 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\e1e6032e.sys
O58 - SDL:[MD5.264CEE7B031A9D6C827F3D0CB031F2FE] - 21/01/2008 - 03:46:56 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G6032E.sys
O58 - SDL:[MD5.C4636D6E10469404AB5308D9FD45ED07] - 21/01/2008 - 03:46:59 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys
O58 - SDL:[MD5.84D3088475BD9BC56ED76D6E0F740A63] - 09/08/2007 - 04:10:54 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\system32\drivers\ewdcsc.sys
O58 - SDL:[MD5.61C24DDECE47288753EB85CF4F32EDB6] - 17/03/2008 - 11:58:30 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbfake.sys
O58 - SDL:[MD5.C8F3119AD72A507D12EF389DF4C266EF] - 17/03/2008 - 11:06:14 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbmdm.sys
O58 - SDL:[MD5.18FA0E750B1A617FB523358491948C52] - 22/01/2008 - 15:11:40 ---A- . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\Windows\system32\drivers\ewusbnet.sys
O58 - SDL:[MD5.E403AACF8C7BB11375122D2464560311] - 18/05/2009 - 13:17:08 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys
O58 - SDL:[MD5.D7109A1E6BD2DFDBCBA72A6BC626A13B] - 21/01/2008 - 03:46:59 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys
O58 - SDL:[MD5.3E3BF3627D886736D0B4E90054F929F6] - 21/01/2008 - 03:46:59 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys
O58 - SDL:[MD5.8C3951AD2FE886EF76C7B5027C3125D3] - 02/11/2006 - 13:02:39 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys
O58 - SDL:[MD5.63C766CDC609FF8206CB447A65ABBA4A] - 02/11/2006 - 13:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys
O58 - SDL:[MD5.1281FE73B17664631D12F643CBEA3F59] - 02/11/2006 - 13:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys
O58 - SDL:[MD5.EB5C7891B9E6E4A1A4428F2160B12B53] - 07/10/2008 - 18:49:52 ---A- . (.Broadcom Corporation - Broadcom NetLink (TM) Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\k57nd60a.sys
O58 - SDL:[MD5.413ECDCFAD9A82804D3674C8D7EEC24E] - 11/08/2008 - 11:40:32 ---A- . (.LogMeIn, Inc. - LogMeIn Mirror Miniport Driver.) -- C:\Windows\system32\drivers\lmimirr.sys
O58 - SDL:[MD5.C57D3FAA50E6F395759FFB7C709BD944] - 11/08/2008 - 11:40:58 ---A- . (.LogMeIn, Inc. - LogMeIn Rfs Drivemap Driver.) -- C:\Windows\system32\drivers\LMIRfsDriver.sys
O58 - SDL:[MD5.ACBE1AF32D3123E330A07BFBC5EC4A9B] - 21/01/2008 - 03:46:51 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys
O58 - SDL:[MD5.799FFB2FC4729FA46D2157C0065B3525] - 21/01/2008 - 03:46:56 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys
O58 - SDL:[MD5.F445FF1DAAD8A226366BFAF42551226B] - 21/01/2008 - 03:47:01 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys
O58 - SDL:[MD5.E330051CCE41EB4522E5DCEBC15ADCEA] - 29/04/2010 - 14:39:28 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys
O58 - SDL:[MD5.5C5CD6AACED32FB26C3FB34B3DCF972F] - 21/01/2008 - 03:46:59 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys
O58 - SDL:[MD5.859BC2436B076C77C159ED694ACFE8F8] - 21/01/2008 - 03:46:56 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys
O58 - SDL:[MD5.1CEF7B3825F0C62C40D6C1484BBE3762] - 16/03/2008 - 14:47:38 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\system32\drivers\mod7700.sys
O58 - SDL:[MD5.3C200630A89EF2C0864D515B7A75802E] - 02/11/2006 - 13:02:24 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys
O58 - SDL:[MD5.4AC08BD6AF2DF42E0C3196D826C8AEA7] - 02/11/2006 - 13:03:03 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys
O58 - SDL:[MD5.2C040B7ADA5B06F6FACADAC8514AA034] - 21/01/2008 - 03:46:54 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys
O58 - SDL:[MD5.F7EA0FE82842D05EDA3EFDD376DBFDBA] - 21/01/2008 - 03:46:54 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys
O58 - SDL:[MD5.4CE9F703D1DD69FB656D1953E9C88103] - 28/05/2009 - 01:49:00 ---A- . (.Creative Technology Ltd. - Advanced Audio FX Driver (64-bit).) -- C:\Windows\system32\drivers\OA008Afx.sys
O58 - SDL:[MD5.404B0121AE1A75D9A63B6934EB07C258] - 06/03/2009 - 06:33:58 ---A- . (.Creative Technology Ltd. - Video Class Upper Filter Driver (64-bit).) -- C:\Windows\system32\drivers\OA008Ufd.sys
O58 - SDL:[MD5.126885007E8F601861165FC77C93F1BE] - 06/05/2009 - 16:03:00 ---A- . (.Creative Technology Ltd. - Video Capture Device Driver (64-bit).) -- C:\Windows\system32\drivers\OA008Vid.sys
O58 - SDL:[MD5.8A0F8A9580D9F2FC512A35D5709088A9] - 30/06/2009 - 08:37:16 ---A- . (.Panda Security, S.L. - Panda Boot Driver.) -- C:\Windows\system32\drivers\pavboot64.sys
O58 - SDL:[MD5.0B83F4E681062F3839BE2EC1D98FD94A] - 21/01/2008 - 03:46:52 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys
O58 - SDL:[MD5.E1C80F8D4D1E39EF9595809C1369BF2A] - 02/11/2006 - 12:50:27 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys
O58 - SDL:[MD5.D13D70FAC45FC1DF69F88559B1F72F0A] - 15/09/2008 - 18:11:00 ---A- . (.REDC - RICOH MMC Driver.) -- C:\Windows\system32\drivers\rimmpx64.sys
O58 - SDL:[MD5.BB9EDC55B0B8CB4FCD713428820E0776] - 15/09/2008 - 18:10:58 ---A- . (.REDC - RICOH MS Driver.) -- C:\Windows\system32\drivers\rimspx64.sys
O58 - SDL:[MD5.481C3FDEACAAE04B74C58288DBC91DF9] - 15/09/2008 - 18:11:04 ---A- . (.REDC - RICOH xD SM Driver.) -- C:\Windows\system32\drivers\rixdpx64.sys
O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 30/09/2006 - 00:51:44 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys
O58 - SDL:[MD5.3A2F769FAB9582BC720E11EA1DFB184D] - 21/01/2008 - 03:47:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys
O58 - SDL:[MD5.00000000000000000000000000000000] - 12/12/2009 - 02:50:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\sptd.sys
O58 - SDL:[MD5.BA16447226ABFD342E130D2F24F73D32] - 19/03/2009 - 17:26:24 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\system32\drivers\stwrt64.sys
O58 - SDL:[MD5.2F26A2C6FC96B29BEFF5D8ED74E6625B] - 02/11/2006 - 13:02:52 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys
O58 - SDL:[MD5.A909667976D3BCCD1DF813FED517D837] - 02/11/2006 - 13:02:37 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys
O58 - SDL:[MD5.36887B56EC2D98B9C362F6AE4DE5B7B0] - 02/11/2006 - 13:02:47 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys
O58 - SDL:[MD5.79A93EC9D224B1F43C0E2F023D61DCA3] - 25/11/2008 - 15:56:58 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys
O58 - SDL:[MD5.697F0446134CDC8F99E69306184FBBB4] - 21/01/2008 - 03:46:56 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys
O58 - SDL:[MD5.31707F09846056651EA2C37858F5DDB0] - 02/11/2006 - 12:50:54 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys
O58 - SDL:[MD5.85E5E43ED5B48C8376281BAB519271B7] - 21/01/2008 - 03:46:52 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series x64 Windows Driver.) -- C:\Windows\system32\drivers\ulsata2.sys
O58 - SDL:[MD5.9E58997A211C8C9AC9E6CFFA53614A73] - 28/08/2009 - 18:42:52 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl64.sys
O58 - SDL:[MD5.8294B6C3FDB6C33F24E150DE647ECDAA] - 21/01/2008 - 03:46:50 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys
O58 - SDL:[MD5.A68F455ED2673835209318DD61BFBB0E] - 21/01/2008 - 03:47:25 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys
O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys
O58 - SDL:[MD5.D21FEE8DB254BA762656878168AC1DB6] - 02/08/2005 - 16:10:14 ---A- . (.CACE Technologies - npf.) -- C:\Windows\SysWOW64\drivers\npf.sys

gav91190
 Posté le 14/05/2010 à 17:20 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC:Last File Created 11/05/2010 - 06:01:13 ---A- C:\Users\Adrien\AppData\Roaming\Apple Computer\Logs\asl.070059_11May10.log [4636]
O61 - LFC:Last File Created 11/05/2010 - 16:17:49 ---A- C:\Users\Adrien\AppData\Roaming\Apple Computer\Logs\asl.171735_11May10.log [4686]
O61 - LFC:Last File Created 11/05/2010 - 16:29:24 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\Images\MsgPlus_Img0361.png [492]
O61 - LFC:Last File Created 11/05/2010 - 16:37:30 ---A- C:\Users\Adrien\Documents\cocktail mai.xlsx [11395]
O61 - LFC:Last File Created 11/05/2010 - 16:38:25 ---A- C:\Users\All Users\CanonBJ\IJPrinter\CNMWindows\Canon MP240 series Printer\Drvlog\Canon MP240 series Printer\drvlog2 [372]
O61 - LFC:Last File Created 11/05/2010 - 16:40:07 ---A- C:\Users\All Users\CanonBJ\IJPrinter\CNMWindows\Canon MP240 series Printer\Drvlog\Canon MP240 series Printer\drvlog1 [372]
O61 - LFC:Last File Created 11/05/2010 - 16:40:44 ---A- C:\Users\All Users\CanonBJ\IJPrinter\CNMWindows\Canon MP240 series Printer\Canon MP240 series Printer\0002\cnmsm_Adrien.dat [305]
O61 - LFC:Last File Created 12/05/2010 - 09:45:39 ---A- C:\Users\Adrien\AppData\Roaming\Apple Computer\Logs\asl.104536_12May10.log [4146]
O61 - LFC:Last File Created 12/05/2010 - 09:52:44 ---A- C:\Users\All Users\Dell\HWDiags\PCDsysinfo.xml [967315]
O61 - LFC:Last File Created 12/05/2010 - 10:23:14 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\Images\MsgPlus_Img0316.png [494]
O61 - LFC:Last File Created 12/05/2010 - 10:24:33 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\Images\MsgPlus_Img1024.png [504]
O61 - LFC:Last File Created 12/05/2010 - 11:13:48 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\missmetis2@hotmail.fr.html [11530]
O61 - LFC:Last File Created 12/05/2010 - 11:13:48 ---A- C:\Users\Adrien\Documents\Mes fichiers reçus\gav911902876938873\Historique\missmetis2468500272.xml [5680]
O61 - LFC:Last File Created 12/05/2010 - 11:24:25 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\jujufa@hotmail.fr.html [49660]
O61 - LFC:Last File Created 12/05/2010 - 11:27:37 ---A- C:\Users\Adrien\Documents\Mes fichiers reçus\gav911902876938873\Historique\jujufa1543494297.xml [52435]
O61 - LFC:Last File Created 12/05/2010 - 12:15:39 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\Images\MsgPlus_Img2505.png [2505]
O61 - LFC:Last File Created 12/05/2010 - 12:17:19 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\Images\MsgPlus_Img2308.png [2308]
O61 - LFC:Last File Created 12/05/2010 - 12:23:42 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\leonard53@hotmail.fr.html [45588]
O61 - LFC:Last File Created 12/05/2010 - 12:23:42 --HA- C:\Users\Adrien\Documents\Mes fichiers reçus\gav911902876938873\Historique\leonard533482212297.xml [265131]
O61 - LFC:Last File Created 12/05/2010 - 12:43:34 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\Images\MsgPlus_Img2328.png [2328]
O61 - LFC:Last File Created 12/05/2010 - 12:46:54 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\Images\MsgPlus_Img0848.png [848]
O61 - LFC:Last File Created 12/05/2010 - 12:47:28 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\fabartichaut@hotmail.com.html [48948]
O61 - LFC:Last File Created 12/05/2010 - 12:48:11 --HA- C:\Users\Adrien\Documents\Mes fichiers reçus\gav911902876938873\Historique\fabartichaut944429081.xml [692430]
O61 - LFC:Last File Created 12/05/2010 - 16:45:46 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\Images\MsgPlus_Img0540.png [540]
O61 - LFC:Last File Created 12/05/2010 - 20:00:35 ---A- C:\Users\Adrien\AppData\Roaming\Apple Computer\Logs\asl.210024_12May10.log [4502]
O61 - LFC:Last File Created 12/05/2010 - 20:04:24 ---A- C:\Users\Adrien\AppData\Local\Temp\plugtmp\plugin-crossdomain.xml [445]
O61 - LFC:Last File Created 12/05/2010 - 20:04:24 ---A- C:\Users\Adrien\AppData\Local\Temp\plugtmp\plugin-videoad.php [1826]
O61 - LFC:Last File Created 12/05/2010 - 20:04:26 ---A- C:\Users\Adrien\AppData\Local\Temp\plugtmp\plugin-videoad_impression.php [2]
O61 - LFC:Last File Created 12/05/2010 - 20:04:26 ---A- C:\Users\Adrien\AppData\Local\Temp\plugtmp\plugin-videolink.php [894]
O61 - LFC:Last File Created 12/05/2010 - 20:31:14 ---A- C:\Users\Adrien\AppData\Local\Temp\plugtmp\plugin-videoad_impression-1.php [2]
O61 - LFC:Last File Created 13/05/2010 - 09:50:46 ---A- C:\Users\Adrien\AppData\Roaming\Apple Computer\Logs\asl.105037_13May10.log [4416]
O61 - LFC:Last File Created 13/05/2010 - 09:52:25 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop.neuf.fr\filterlog.html [9522]
O61 - LFC:Last File Created 13/05/2010 - 09:52:29 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Local Folders\Sent [35909198]
O61 - LFC:Last File Created 13/05/2010 - 09:55:50 ---A- C:\Users\Adrien\AppData\Local\SupportSoft\dellsupportcenter\Adrien\state\logs\sprtcmd.log;2 [2104958]
O61 - LFC:Last File Created 13/05/2010 - 10:27:50 ---A- C:\Users\Adrien\AppData\Local\Temp\Low\Windows Live Toolbar\wlto000.sqm [120]
O61 - LFC:Last File Created 13/05/2010 - 10:30:10 ---A- C:\Users\Adrien\AppData\Local\Temp\_PR315C.tmp [14423609]
O61 - LFC:Last File Created 13/05/2010 - 10:30:25 ---A- C:\Users\Adrien\AppData\Local\Temp\PSSysChk.log [26981]
O61 - LFC:Last File Created 13/05/2010 - 10:31:48 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\Images\MsgPlus_Img5636.png [509]
O61 - LFC:Last File Created 13/05/2010 - 10:49:31 ---A- C:\Users\Adrien\AppData\Local\Temp\Low\Windows Live Toolbar\wlto001.sqm [120]
O61 - LFC:Last File Created 13/05/2010 - 10:57:39 ---A- C:\Users\Adrien\Music\iTunes\iTunes Library Genius.itdb [2859008]
O61 - LFC:Last File Created 13/05/2010 - 11:29:32 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\Images\MsgPlus_Img0478.png [478]
O61 - LFC:Last File Created 13/05/2010 - 12:18:52 ---A- C:\Users\Adrien\AppData\Local\Temp\stadistic.log [17]
O61 - LFC:Last File Created 13/05/2010 - 13:38:36 ---A- C:\Users\Adrien\AppData\Local\Temp\Low\Windows Live Toolbar\wlto002.sqm [120]
O61 - LFC:Last File Created 13/05/2010 - 13:38:42 ---A- C:\Users\All Users\Alwil Software\Avast5\ScriptShield.ini [29]
O61 - LFC:Last File Created 13/05/2010 - 13:38:43 ---A- C:\Users\All Users\Alwil Software\Avast5\AntiSpamShield.ini [29]
O61 - LFC:Last File Created 13/05/2010 - 13:52:45 R--A- C:\Users\Adrien\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe [388096]
O61 - LFC:Last File Created 13/05/2010 - 14:05:28 ---A- C:\Users\Adrien\Downloads\RSIT.exe [824681]
O61 - LFC:Last File Created 13/05/2010 - 14:09:26 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref [4908357]
O61 - LFC:Last File Created 13/05/2010 - 14:09:28 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\link.txt [126]
O61 - LFC:Last File Created 13/05/2010 - 14:09:28 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\news.txt [60]
O61 - LFC:Last File Created 13/05/2010 - 14:09:29 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\config.dat [740]
O61 - LFC:Last File Created 13/05/2010 - 14:09:29 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\local.dat [87]
O61 - LFC:Last File Created 13/05/2010 - 14:10:53 ---A- C:\Users\Adrien\AppData\Local\Temp\java_install.log [28101]
O61 - LFC:Last File Created 13/05/2010 - 14:12:39 ---A- C:\Users\Adrien\AppData\Local\Temp\jusched.log [1520]
O61 - LFC:Last File Created 13/05/2010 - 14:13:08 ---A- C:\Users\Adrien\AppData\Local\Temp\java_install_reg.log [3491]
O61 - LFC:Last File Created 13/05/2010 - 14:14:50 ---A- C:\Users\Adrien\AppData\Local\Temp\~F442.tmp [278]
O61 - LFC:Last File Created 13/05/2010 - 14:15:13 ---A- C:\Users\Adrien\AppData\Local\Temp\MSI827e.LOG [462]
O61 - LFC:Last File Created 13/05/2010 - 14:17:08 ---A- C:\Users\Adrien\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-05-13 (15-17-08).txt [1047]
O61 - LFC:Last File Created 13/05/2010 - 14:26:07 ---A- C:\Users\Adrien\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents [3072]
O61 - LFC:Last File Created 13/05/2010 - 14:47:46 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\TqdsX+BbarqgpInXcEZy16HReSA= [5278]
O61 - LFC:Last File Created 13/05/2010 - 15:00:50 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\Rs6KGcI0cJS7l9Oie+lDUntsfNk= [2932]
O61 - LFC:Last File Created 13/05/2010 - 15:46:04 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\licere@msn.com.html [281476]
O61 - LFC:Last File Created 13/05/2010 - 15:46:04 --HA- C:\Users\Adrien\Documents\Mes fichiers reçus\gav911902876938873\Historique\licere312107283.xml [636408]
O61 - LFC:Last File Created 13/05/2010 - 15:48:26 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\niko1612@hotmail.fr.html [12814]
O61 - LFC:Last File Created 13/05/2010 - 15:48:26 ---A- C:\Users\Adrien\Documents\Mes fichiers reçus\gav911902876938873\Historique\niko16123105905299.xml [5176]
O61 - LFC:Last File Created 13/05/2010 - 16:13:02 ---A- C:\Users\All Users\Alwil Software\Avast5\log\AshWebSv.ws.ori [618]
O61 - LFC:Last File Created 13/05/2010 - 16:14:19 ---A- C:\Users\All Users\Alwil Software\Avast5\log\AshWebSv.ws [0]
O61 - LFC:Last File Created 13/05/2010 - 16:48:17 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\2LmpAgmMEOzfoaXLMovCs4NtC4A= [2713]
O61 - LFC:Last File Created 13/05/2010 - 16:57:20 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\cookies.txt [1563]
O61 - LFC:Last File Created 13/05/2010 - 17:02:27 ---A- C:\Users\Adrien\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [89088]
O61 - LFC:Last File Created 13/05/2010 - 17:19:01 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\m+7PGpEsdCdIShTU5NQCit1Lb2Fw= [2473]
O61 - LFC:Last File Created 13/05/2010 - 17:54:35 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\ZXEHQtVJ2FxOwJU2mrXuEjBT+azE= [2703]
O61 - LFC:Last File Created 13/05/2010 - 18:15:45 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\gKWO+MFmHiIiEOVbtNVuttVjZck= [29736]
O61 - LFC:Last File Created 13/05/2010 - 18:38:06 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\9WloELSpDYuKf2F1JVnrMIIzVOI0= [1815]
O61 - LFC:Last File Created 13/05/2010 - 18:38:37 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\hEGHWUR1bFrhMpl8hud1ib8OOgw= [2079]
O61 - LFC:Last File Created 13/05/2010 - 19:16:00 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\MQJmKX0fdatjpx9k2kssr2FCCZmw= [23742]
O61 - LFC:Last File Created 13/05/2010 - 20:02:56 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop.free.fr\Inbox [6678870]
O61 - LFC:Last File Created 13/05/2010 - 20:03:26 ---A- C:\Users\Adrien\AppData\Local\Temp\répartion chambres.xls [28160]
O61 - LFC:Last File Created 13/05/2010 - 20:03:29 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\downloads.rdf [2225]
O61 - LFC:Last File Created 13/05/2010 - 20:04:34 ---A- C:\Users\Adrien\AppData\Roaming\Microsoft\Office\Excel12.pip [1560]
O61 - LFC:Last File Created 13/05/2010 - 20:12:55 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Local Folders\Stage [21740328]
O61 - LFC:Last File Created 13/05/2010 - 20:13:07 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Local Folders\Trash [1374135]
O61 - LFC:Last File Created 13/05/2010 - 20:13:13 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Local Folders\Inbox [61019561]
O61 - LFC:Last File Created 13/05/2010 - 20:13:13 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Local Folders\Sncf [1184811]
O61 - LFC:Last File Created 13/05/2010 - 20:14:37 ---A- C:\Users\All Users\Messenger Plus!\Promotions\Listing.dat [678]
O61 - LFC:Last File Created 13/05/2010 - 20:14:39 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\localstore.rdf [32806]
O61 - LFC:Last File Created 13/05/2010 - 21:13:48 ---A- C:\Users\Adrien\AppData\Local\Temp\TFRE5B4.tmp [10225]
O61 - LFC:Last File Created 13/05/2010 - 21:14:05 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\vXvXhuhRwjkz9Qwz9AOfG2fyDpg= [1798]
O61 - LFC:Last File Created 13/05/2010 - 21:14:34 --HA- C:\Users\Adrien\AppData\Local\IconCache.db [2184115]
O61 - LFC:Last File Created 14/05/2010 - 05:48:37 ---A- C:\Users\Adrien\AppData\Local\ATI\ACE\Manifest.Bin [15219]
O61 - LFC:Last File Created 14/05/2010 - 05:48:37 ---A- C:\Users\Adrien\AppData\Local\ATI\ACE\Manifest.xml [14134]
O61 - LFC:Last File Created 14/05/2010 - 05:48:39 ---A- C:\Users\Adrien\AppData\Local\Temp\AdobeARM.log [3268]
O61 - LFC:Last File Created 14/05/2010 - 05:48:45 ---A- C:\Users\Adrien\AppData\Roaming\Microsoft\IdentityCRL\Production\MetaConfig.xml [163]
O61 - LFC:Last File Created 14/05/2010 - 05:49:31 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Nouvelles et Blogs\chemistry [311763]
O61 - LFC:Last File Created 14/05/2010 - 05:49:32 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Nouvelles et Blogs\Scientific American [2996215]
O61 - LFC:Last File Created 14/05/2010 - 05:54:12 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Local Folders\Dell.msf [3356]
O61 - LFC:Last File Created 14/05/2010 - 05:54:12 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Local Folders\Drafts.msf [1698]
O61 - LFC:Last File Created 14/05/2010 - 05:54:12 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Local Folders\Junk.msf [2760]
O61 - LFC:Last File Created 14/05/2010 - 05:54:12 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Local Folders\McAfee Anti-Spam.msf [2480]
O61 - LFC:Last File Created 14/05/2010 - 05:54:12 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Local Folders\Sent.msf [76728]
O61 - LFC:Last File Created 14/05/2010 - 05:54:12 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Local Folders\Sncf.msf [9718]
O61 - LFC:Last File Created 14/05/2010 - 05:54:12 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Local Folders\Stage.msf [19798]
O61 - LFC:Last File Created 14/05/2010 - 05:54:12 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Local Folders\Unsent Messages.msf [1554]
O61 - LFC:Last File Created 14/05/2010 - 05:54:12 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Local Folders\archive.msf [11813]
O61 - LFC:Last File Created 14/05/2010 - 05:54:12 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Nouvelles et Blogs\chemistry.msf [29136]
O61 - LFC:Last File Created 14/05/2010 - 05:54:12 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop3.live.com\Drafts.msf [1867]
O61 - LFC:Last File Created 14/05/2010 - 05:54:12 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop3.live.com\McAfee Anti-Spam.msf [2397]
O61 - LFC:Last File Created 14/05/2010 - 05:54:12 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop3.live.com\Sent.msf [72685]
O61 - LFC:Last File Created 14/05/2010 - 05:54:12 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop3.live.com\cours.msf [11819]
O61 - LFC:Last File Created 14/05/2010 - 05:54:13 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Nouvelles et Blogs\Scientific American.msf [230881]
O61 - LFC:Last File Created 14/05/2010 - 05:54:13 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop.free.fr\Drafts.msf [2038]
O61 - LFC:Last File Created 14/05/2010 - 05:54:13 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop.free.fr\McAfee Anti-Spam.msf [3981]
O61 - LFC:Last File Created 14/05/2010 - 05:54:13 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop.free.fr\Sent.msf [11577]
O61 - LFC:Last File Created 14/05/2010 - 05:59:10 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\blocklist.xml [1378]
O61 - LFC:Last File Created 14/05/2010 - 05:59:10 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\extensions.rdf [10208]
O61 - LFC:Last File Created 14/05/2010 - 06:00:35 ---A- C:\Users\Adrien\Downloads\gpedit.zip [766100]
O61 - LFC:Last File Created 14/05/2010 - 06:05:19 ---A- C:\Users\Adrien\Downloads\process-explorer_process_explorer_12.02_anglais_14566.zip [1728943]
O61 - LFC:Last File Created 14/05/2010 - 06:09:24 ---A- C:\Users\Adrien\Videos\DivX Movies\Temporary Downloaded Files\3bc3329c14f3431854d894307573f5e7_0.ddat [735691096]
O61 - LFC:Last File Created 14/05/2010 - 06:09:24 ---A- C:\Users\Adrien\Videos\DivX Movies\Temporary Downloaded Files\3bc3329c14f3431854d894307573f5e7_0.dinfo [553]
O61 - LFC:Last File Created 14/05/2010 - 06:09:24 ---A- C:\Users\Adrien\Videos\DivX Movies\Temporary Downloaded Files\3bc3329c14f3431854d894307573f5e7_0.dmsk [5747730]
O61 - LFC:Last File Created 14/05/2010 - 06:41:11 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\U7ow22F5GPkYYz8QSJf9Uq2r4pIM= [2960]
O61 - LFC:Last File Created 14/05/2010 - 07:47:44 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Local Folders\Trash.msf [33390]
O61 - LFC:Last File Created 14/05/2010 - 07:47:44 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Nouvelles et Blogs\Trash.msf [92587]
O61 - LFC:Last File Created 14/05/2010 - 07:47:44 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop.free.fr\Inbox.msf [34502]
O61 - LFC:Last File Created 14/05/2010 - 07:47:44 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop.free.fr\Trash.msf [29385]
O61 - LFC:Last File Created 14/05/2010 - 07:47:44 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop.neuf.fr\Trash.msf [1500]
O61 - LFC:Last File Created 14/05/2010 - 07:47:44 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\cert8.db [65536]
O61 - LFC:Last File Created 14/05/2010 - 07:47:44 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\key3.db [16384]
O61 - LFC:Last File Created 14/05/2010 - 07:47:44 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\prefs.js [14546]
O61 - LFC:Last File Created 14/05/2010 - 07:47:44 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\virtualFolders.dat [10]
O61 - LFC:Last File Created 14/05/2010 - 08:54:08 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\9kimy7T1uYDZ41LTKm97q8mjqNM= [1824]
O61 - LFC:Last File Created 14/05/2010 - 09:07:17 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\KwZMDT5+QIlLl8ny1VF+zaHUIWw= [2889]
O61 - LFC:Last File Created 14/05/2010 - 09:11:44 ---A- C:\Users\Adrien\Music\iTunes\iTunes Library Extras.itdb [106496]
O61 - LFC:Last File Created 14/05/2010 - 09:12:00 ---A- C:\Users\Adrien\Music\iTunes\iTunes Music Library.xml [1741894]
O61 - LFC:Last File Created 14/05/2010 - 09:13:10 ---A- C:\Users\Adrien\AppData\Roaming\Adobe\Flash Player\AssetCache\KJN3CKBA\1C04C61346A1FA3139A37D860ED92632AA13DECF.heu [149]
O61 - LFC:Last File Created 14/05/2010 - 09:36:22 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\NUA9Sht0kZqI4CaXz1AseadUcKw= [29992]
O61 - LFC:Last File Created 14/05/2010 - 09:48:45 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\gcNrF2FysIJERL4KkUEYXKN2FpgXo= [19113]
O61 - LFC:Last File Created 14/05/2010 - 09:51:24 ---A- C:\Users\Adrien\AppData\Local\SupportSoft\dellsupportcenter\Adrien\data\manifest.xml [632324]
O61 - LFC:Last File Created 14/05/2010 - 09:53:43 ---A- C:\Users\All Users\SupportSoft\DellSupportCenter\SYSTEM\data\manifest.xml [632324]
O61 - LFC:Last File Created 14/05/2010 - 09:57:23 ---A- C:\Users\All Users\SupportSoft\DellSupportCenter\SYSTEM\cache\mshome\system\_WMI.xml [11993]
O61 - LFC:Last File Created 14/05/2010 - 09:57:26 ---A- C:\Users\All Users\SupportSoft\DellSupportCenter\SYSTEM\state\logs\sprtcmd.log;1 [2097156]
O61 - LFC:Last File Created 14/05/2010 - 09:58:55 ---A- C:\Users\All Users\SupportSoft\DellSupportCenter\SYSTEM\cache\laptop-a\adrien\a91c277d-7014-46ae-93b6-a6863cfcea0a.cab [17795]
O61 - LFC:Last File Created 14/05/2010 - 09:58:58 ---A- C:\Users\Adrien\AppData\Local\SupportSoft\dellsupportcenter\Adrien\state\logs\sprtcmd.log;1 [2110875]
O61 - LFC:Last File Created 14/05/2010 - 09:59:03 ---A- C:\Users\Adrien\AppData\Local\SupportSoft\dellsupportcenter\Adrien\state\databags\gs_agent.minibcont.History.xml [92]
O61 - LFC:Last File Created 14/05/2010 - 11:08:42 ---A- C:\Users\Adrien\AppData\Local\Temp\TFRF2CE.tmp [10225]
O61 - LFC:Last File Created 14/05/2010 - 11:10:52 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\2Fturpnl8ZZ2FMgrK07CaLNM19H7M= [24473]
O61 - LFC:Last File Created 14/05/2010 - 11:11:38 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\3RAjvAtTVW8MFMhEIJvmAjkQMTo= [27424]
O61 - LFC:Last File Created 14/05/2010 - 11:13:15 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\2Fty0pOcom+sPl4VnAKLSXN+0X3E= [789]
O61 - LFC:Last File Created 14/05/2010 - 11:16:20 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\YCrwS84cAOJeYk7c0aRpjMYDU3U= [28227]
O61 - LFC:Last File Created 14/05/2010 - 11:23:06 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\sidonie_54@hotmail.com.html [133318]
O61 - LFC:Last File Created 14/05/2010 - 11:26:17 --HA- C:\Users\Adrien\Documents\Mes fichiers reçus\gav911902876938873\Historique\sidonie_54454130434.xml [1533276]
O61 - LFC:Last File Created 14/05/2010 - 11:40:46 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop3.live.com\Inbox [277522180]
O61 - LFC:Last File Created 14/05/2010 - 11:40:46 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop3.live.com\Trash [185026806]
O61 - LFC:Last File Created 14/05/2010 - 11:40:53 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop3.live.com\Trash.msf [428942]
O61 - LFC:Last File Created 14/05/2010 - 11:43:06 ---A- C:\Users\Adrien\AppData\Local\ATI\ACE\Profiles.xml [41454]
O61 - LFC:Last File Created 14/05/2010 - 11:43:06 ---A- C:\Users\All Users\ATI\ACE\Profiles.xml [188]
O61 - LFC:Last File Created 14/05/2010 - 11:44:54 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\Images\MsgPlus_Img0932.png [932]
O61 - LFC:Last File Created 14/05/2010 - 11:46:02 ---A- C:\Users\Adrien\Downloads\Open-config.exe [195920]
O61 - LFC:Last File Created 14/05/2010 - 11:46:23 ---A- C:\Users\All Users\open-config\open-config.rest [807]
O61 - LFC:Last File Created 14/05/2010 - 11:47:56 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\marine.wassen@gmx.net.html [90258]
O61 - LFC:Last File Created 14/05/2010 - 11:48:08 --HA- C:\Users\Adrien\Documents\Mes fichiers reçus\gav911902876938873\Historique\marine.wassen3798620156.xml [1398636]
O61 - LFC:Last File Created 14/05/2010 - 11:50:13 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Nouvelles et Blogs\feeds.rdf [1386]
O61 - LFC:Last File Created 14/05/2010 - 11:50:15 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Nouvelles et Blogs\feeditems.rdf [18801]
O61 - LFC:Last File Created 14/05/2010 - 11:50:37 ---A- C:\Users\Adrien\Downloads\ZHPDiag 1.25.14.exe [1579175]
O61 - LFC:Last File Created 14/05/2010 - 11:54:00 ---A- C:\Users\All Users\Alwil Software\Avast5\BehaviorShield.ini [29]
O61 - LFC:Last File Created 14/05/2010 - 11:54:01 ---A- C:\Users\All Users\Alwil Software\Avast5\FileSystemShield.ini [284]
O61 - LFC:Last File Created 14/05/2010 - 11:54:01 ---A- C:\Users\All Users\Alwil Software\Avast5\IMShield.ini [29]
O61 - LFC:Last File Created 14/05/2010 - 11:54:02 ---A- C:\Users\All Users\Alwil Software\Avast5\EmailShield.ini [612]
O61 - LFC:Last File Created 14/05/2010 - 11:54:02 ---A- C:\Users\All Users\Alwil Software\Avast5\NetworkShield.ini [29]
O61 - LFC:Last File Created 14/05/2010 - 11:54:02 ---A- C:\Users\All Users\Alwil Software\Avast5\P2PShield.ini [29]
O61 - LFC:Last File Created 14/05/2010 - 11:54:02 ---A- C:\Users\All Users\Alwil Software\Avast5\WebShield.ini [29]
O61 - LFC:Last File Created 14/05/2010 - 11:55:11 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop.free.fr\popstate.dat [137]
O61 - LFC:Last File Created 14/05/2010 - 11:55:12 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\Local Folders\Inbox.msf [51456]
O61 - LFC:Last File Created 14/05/2010 - 11:55:12 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop.neuf.fr\popstate.dat [7352]
O61 - LFC:Last File Created 14/05/2010 - 11:55:14 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop3.live.com\Inbox.msf [50689]
O61 - LFC:Last File Created 14/05/2010 - 11:55:14 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\Mail\pop3.live.com\popstate.dat [344]
O61 - LFC:Last File Created 14/05/2010 - 11:55:14 ---A- C:\Users\Adrien\AppData\Roaming\Thunderbird\Profiles\7wi4chf5.default\panacea.dat [21192]
O61 - LFC:Last File Created 14/05/2010 - 11:57:17 ---A- C:\Users\Adrien\Music\iTunes\iTunes Library.itl [275955]
O61 - LFC:Last File Created 14/05/2010 - 11:57:17 --HA- C:\Users\Adrien\Music\iTunes\sentinel [8]
O61 - LFC:Last File Created 14/05/2010 - 11:57:18 ---A- C:\Users\Adrien\AppData\Local\Apple Computer\iTunes\iTunesPrefs.xml [349459]
O61 - LFC:Last File Created 14/05/2010 - 11:57:18 ---A- C:\Users\Adrien\AppData\Roaming\Apple Computer\iTunes\iTunesPrefs.xml [174606]
O61 - LFC:Last File Created 14/05/2010 - 11:57:27 ---A- C:\Users\Adrien\AppData\Local\SupportSoft\dellsupportcenter\Adrien\state\logs\sprtcmd.log [205339]
O61 - LFC:Last File Created 14/05/2010 - 11:57:46 ---A- C:\Users\All Users\Alwil Software\Avast5\Log.db [53248]
O61 - LFC:Last File Created 14/05/2010 - 11:58:48 ---A- C:\Users\All Users\Alwil Software\Avast5\avast5.ini [5788]
O61 - LFC:Last File Created 14/05/2010 - 11:58:48 ---A- C:\Users\All Users\Alwil Software\Avast5\log\Chest.log [6546]
O61 - LFC:Last File Created 14/05/2010 - 11:58:48 ---A- C:\Users\All Users\Alwil Software\Avast5\log\selfdef.log [277192]
O61 - LFC:Last File Created 14/05/2010 - 11:58:49 ---A- C:\Users\All Users\Alwil Software\Avast5\report\BehaviorShield.txt [14529]
O61 - LFC:Last File Created 14/05/2010 - 11:58:49 ---A- C:\Users\All Users\Alwil Software\Avast5\report\EmailShield.txt [14529]
O61 - LFC:Last File Created 14/05/2010 - 11:58:49 ---A- C:\Users\All Users\Alwil Software\Avast5\report\FileSystemShield.txt [14679]
O61 - LFC:Last File Created 14/05/2010 - 11:58:49 ---A- C:\Users\All Users\Alwil Software\Avast5\report\IMShield.txt [14529]
O61 - LFC:Last File Created 14/05/2010 - 11:58:49 ---A- C:\Users\All Users\Alwil Software\Avast5\report\NetworkShield.txt [14529]
O61 - LFC:Last File Created 14/05/2010 - 11:58:49 ---A- C:\Users\All Users\Alwil Software\Avast5\report\P2PShield.txt [14529]
O61 - LFC:Last File Created 14/05/2010 - 11:58:50 ---A- C:\Users\All Users\Alwil Software\Avast5\report\WebShield.txt [14529]
O61 - LFC:Last File Created 14/05/2010 - 11:59:03 ---A- C:\Users\All Users\Alwil Software\Avast5\log\Mail.log [244650]
O61 - LFC:Last File Created 14/05/2010 - 11:59:07 ---A- C:\Users\All Users\Alwil Software\Avast5\log\Setup.log [5508206]
O61 - LFC:Last File Created 14/05/2010 - 12:01:13 ---A- C:\Users\All Users\SupportSoft\DellSupportCenter\SYSTEM\state\logs\sprtcmd.log [156687]
O61 - LFC:Last File Created 14/05/2010 - 12:01:13 ---A- C:\Users\All Users\SupportSoft\DellSupportCenter\SYSTEM\updates\updates.state [203]
O61 - LFC:Last File Created 14/05/2010 - 12:03:12 ---A- C:\Users\Adrien\AppData\Local\Temp\Adrien.bmp [31832]
O61 - LFC:Last File Created 14/05/2010 - 12:03:39 ---A- C:\Users\All Users\Dell\DellDock\startup_log.txt [2250]
O61 - LFC:Last File Created 14/05/2010 - 12:11:02 ---A- C:\Users\All Users\Alwil Software\Avast5\log\aswAr.log [90866]
O61 - LFC:Last File Created 14/05/2010 - 12:28:32 ---A- C:\Users\All Users\Alwil Software\Avast5\db1ca35cf9b1efeb4-3058e4f9.dat [3302328]
O61 - LFC:Last File Created 14/05/2010 - 12:28:32 ---A- C:\Users\All Users\Alwil Software\Avast5\db1cadba7c8b901e8-e856e063.dat [258840]
O61 - LFC:Last File Created 14/05/2010 - 12:36:00 ---A- C:\Users\Adrien\Tracing\WindowsLiveMessenger-uccapi-0.uccapilog [0]
O61 - LFC:Last File Created 14/05/2010 - 12:41:07 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\21IVWDU0udlMmN8+uIVuMZygOjE= [24925]
O61 - LFC:Last File Created 14/05/2010 - 12:45:18 ---A- C:\Users\Adrien\Documents\Mes Historiques de Conversation\mai 2010\mln_j@hotmail.fr.html [491178]
O61 - LFC:Last File Created 14/05/2010 - 12:45:18 --HA- C:\Users\Adrien\Documents\Mes fichiers reçus\gav911902876938873\Historique\mln_j4284186260.xml [2592304]
O61 - LFC:Last File Created 14/05/2010 - 12:47:09 ---A- C:\Users\Adrien\AppData\Local\Temp\MessengerCache\VIrFQ64t5uGFPWLoSsvrYrWLP4k= [23540]
O61 - LFC:Last File Created 14/05/2010 - 12:49:23 ---A- C:\Users\All Users\Alwil Software\Avast5\log\usntr.log [2341894]


---\\ Liste des outils de nettoyage (LATC) (O63)
O63 - Logiciel: ZHPDiag 1.25 - (.Nicolas Coolman.)
O63 - Logiciel: HiJackThis - (.Trend Micro.)
O63 - Logiciel: RSIT - (.random/random.)
O63 - Logiciel: UsbFix - (.El Desaparecido.)


---\\ Liste des services Legacy (LALS) (O64)
O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys - Ancilliary Function Driver for Winsock (AFD) .(.Pas de propriétaire - Pas de description.) - LEGACY_AFD
O64 - Services: CurCS - aswFsBlk - aswFsBlk (aswFsBlk) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt (aswMonFlt) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - aswRdr - aswRdr (aswRdr) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWRDR
O64 - Services: CurCS - aswSP - aswSP (aswSP) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWSP
O64 - Services: CurCS - avast! Network Shield Support - avast! Network Shield Support (aswTdi) .(.Pas de propriétaire - Pas de description.) - LEGACY_ASWTDI
O64 - Services: CurCS - C:\Windows\system32\drivers\atapi.sys - Canal IDE (atapi) .(.Pas de propriétaire - Pas de description.) - LEGACY_ATAPI
O64 - Services: CurCS - C:\Windows\system32\drivers\BCM42RLY.sys - BCM42RLY (BCM42RLY) .(.Pas de propriétaire - Pas de description.) - LEGACY_BCM42RLY
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\bowser.sys - Bowser (bowser) .(.Pas de propriétaire - Pas de description.) - LEGACY_BOWSER
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_CDFS
O64 - Services: CurCS - C:\Windows\system32\CLFS.sys - Common Log (CLFS) (CLFS) .(.Pas de propriétaire - Pas de description.) - LEGACY_CLFS
O64 - Services: CurCS - C:\Windows\system32\drivers\crcdisk.sys - Crcdisk Filter Driver (crcdisk) .(.Pas de propriétaire - Pas de description.) - LEGACY_CRCDISK
O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Pas de propriétaire - Pas de description.) - LEGACY_DFSC
O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Pas de propriétaire - Pas de description.) - LEGACY_DXGKRNL
O64 - Services: CurCS - FAT12/16/32 File System Driver - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT
O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys - File Information FS MiniFilter (FileInfo) .(.Pas de propriétaire - Pas de description.) - LEGACY_FILEINFO
O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys - FltMgr (FltMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_FLTMGR
O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC
O64 - Services: CurCS - C:\Windows\system32\drivers\HTTP.sys - HTTP (HTTP) .(.Pas de propriétaire - Pas de description.) - LEGACY_HTTP
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ipnat.sys - IP Network Address Translator (IPNAT) .(.Pas de propriétaire - Pas de description.) - LEGACY_IPNAT
O64 - Services: CurCS - C:\Windows\system32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Pas de propriétaire - Pas de description.) - LEGACY_KSECDD
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Pas de propriétaire - Pas de description.) - LEGACY_LLTDIO
O64 - Services: CurCS - C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys - LogMeIn Kernel Information Provider (LMIInfo) .(.Pas de propriétaire - Pas de description.) - LEGACY_LMIINFO
O64 - Services: CurCS - C:\Windows\system32\drivers\LMIRfsDriver.sys - LogMeIn Remote File System Driver (LMIRfsDriver) .(.Pas de propriétaire - Pas de description.) - LEGACY_LMIRFSDRIVER
O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys - UAC File Virtualization (luafv) .(.Pas de propriétaire - Pas de description.) - LEGACY_LUAFV
O64 - Services: CurCS - C:\Windows\system32\Drivers\MFEAVFK.sys - McAfee Inc. mfeavfk (mfeavfk) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEAVFK
O64 - Services: CurCS - C:\Windows\system32\Drivers\MFEHIDK.sys - McAfee Inc. mfehidk (mfehidk) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEHIDK
O64 - Services: CurCS - C:\Windows\system32\Drivers\MFEHIDK01.sys - McAfee Inc. (mfehidk01) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFEHIDK01
O64 - Services: CurCS - C:\Windows\system32\Drivers\MFESMFK.sys - McAfee Inc. mfesmfk (mfesmfk) .(.Pas de propriétaire - Pas de description.) - LEGACY_MFESMFK
O64 - Services: CurCS - C:\Windows\system32\drivers\modem.sys - modem (modem) .(.Pas de propriétaire - Pas de description.) - LEGACY_MODEM
O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys - Mount Point Manager (MountMgr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MOUNTMGR
O64 - Services: CurCS - C:\Windows\system32\Drivers\MPFP.sys - MPFP (MPFP) .(.Pas de propriétaire - Pas de description.) - LEGACY_MPFP
O64 - Services: CurCS - C:\Windows\system32\drivers\mrxdav.sys - WebDav Client Redirector Driver (MRxDAV) .(.Pas de propriétaire - Pas de description.) - LEGACY_MRXDAV
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb.sys - SMB MiniRedirector Wrapper and Engine (mrxsmb) .(.Pas de propriétaire - Pas de description.) - LEGACY_MRXSMB
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb10.sys - SMB 1.x MiniRedirector (mrxsmb10) .(.Pas de propriétaire - Pas de description.) - LEGACY_MRXSMB10
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\mrxsmb20.sys - SMB 2.0 MiniRedirector (mrxsmb20) .(.Pas de propriétaire - Pas de description.) - LEGACY_MRXSMB20
O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS
O64 - Services: CurCS - C:\Windows\system32\drivers\msisadrv.sys - Pilote de classe ISA/EISA (msisadrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSISADRV
O64 - Services: CurCS - C:\Windows\system32\Drivers\mup.sys - Mup (Mup) .(.Pas de propriétaire - Pas de description.) - LEGACY_MUP
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\nwifi.sys - Filtre NativeWiFi (NativeWifiP) .(.Pas de propriétaire - Pas de description.) - LEGACY_NATIVEWIFIP
O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys - NDIS System Driver (NDIS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDIS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ndisuio.sys - NDIS Usermode I/O Protocol (Ndisuio) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDISUIO
O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Pas de propriétaire - Pas de description.) - LEGACY_NETBIOS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\netbt.sys - NETBT (netbt) .(.Pas de propriétaire - Pas de description.) - LEGACY_NETBT
O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS
O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys - NSI proxy service (nsiproxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NSIPROXY
O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS
O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL
O64 - Services: CurCS - C:\Windows\system32\drivers\pavboot64.sys - pavboot (pavboot) .(.Pas de propriétaire - Pas de description.) - LEGACY_PAVBOOT
O64 - Services: CurCS - C:\Windows\system32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Pas de propriétaire - Pas de description.) - LEGACY_PEAUTH
O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (PSched) .(.Pas de propriétaire - Pas de description.) - LEGACY_PSCHED
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rasacd.sys - Remote Access Auto Connection Driver (RasAcd) .(.Pas de propriétaire - Pas de description.) - LEGACY_RASACD
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rdbss.sys - Redirected Buffering Sub Sysytem (rdbss) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDBSS
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys - RDPCDD (RDPCDD) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPCDD
O64 - Services: CurCS - C:\Windows\system32\drivers\rdpencdd.sys - RDP Encoder Mirror Driver (RDPENCDD) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPENCDD
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Pas de propriétaire - Pas de description.) - LEGACY_RSPNDR
O64 - Services: CurCS - Security Driver - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV
O64 - Services: CurCS - Security Processor Loader Driver - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR
O64 - Services: CurCS - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPTD
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv.sys - srv (srv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SRV
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srv2.sys - srv2 (srv2) .(.Pas de propriétaire - Pas de description.) - LEGACY_SRV2
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Pas de propriétaire - Pas de description.) - LEGACY_SRVNET
O64 - Services: CurCS - C:\Windows\system32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Pas de propriétaire - Pas de description.) - LEGACY_TCPIPREG
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\udfs.sys - udfs (udfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_UDFS
O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Pas de propriétaire - Pas de description.) - LEGACY_VGASAVE
O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys - Dynamic Volume Manager (volmgrx) .(.Pas de propriétaire - Pas de description.) - LEGACY_VOLMGRX
O64 - Services: CurCS - C:\Windows\system32\drivers\volsnap.sys - Volumes de stockage (volsnap) .(.Pas de propriétaire - Pas de description.) - LEGACY_VOLSNAP
O64 - Services: CurCS - C:\Windows\system32\DRIVERS\wanarp.sys - Remote Access IPv6 ARP Driver (Wanarpv6) .(.Pas de propriétaire - Pas de description.) - LEGACY_WANARPV6
O64 - Services: CurCS - C:\Windows\system32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Pas de propriétaire - Pas de description.) - LEGACY_WDF01000


---\\ Observateur d'évènement d'application (OEA) (O66)
O66 - EventLog: ID=11316 (MsiInstaller) - (.Pas de propriétaire - Pas de description.) -- C:\Users
O66 - EventLog: ID=59 (SideBySide) - (.Pas de propriétaire - Pas de description.) -- F:\Data\Virtual\SXS\Manifests\VmX.dll_ (.not file.)


---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\SysWOW64\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\SysWOW64\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe


---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe


---\\ Recherche d'infection Master Boot Record (O80)
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
Run by Adrien at 14/05/2010 13:54:56
device: opened successfully
user: MBR read successfully
kernel: error reading MBR



End of the scan (1040 lines in 04mn 53s)

Voilà voilà, je pense qu'il y a tout ^^

Publicité
pear
 Posté le 14/05/2010 à 19:12 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

A part cette vérification, je ne vois rien d'anormal.

Poste de travail->Outils ->Options des dossiers ->Affichage
Cocher "Afficher les dossiers cachés"
Décocher" Masquer les extension des fichiers dont le type est connus "ainsi que "Masquer les fichiers protégés du système d exploitation"
--> un message dit que cela peut endommager le système, ne pas en tenir compte, valider par oui.

Rendez vous à cette adresse:
Cliquez sur parcourir pour trouver ces fichiers
C:\Program Files(x86)\Tbpuoimpywesxr

et cliquez sur "envoyer le fichier"
Copiez /collez la réponse dans votre prochain message.
Note: il peut arriver que le fichier ait déjà été analysé. Si c'est le cas, cliquez sur le bouton Reanalyse file now



Téléchargez CCleaner
et installez le
à l'installation penser à decocher l'installation de Yahoo toolbar discrètement proposé en plus de CCleaner.
Lancez le en double cliquant sur CCleaner.exe
-=Suppression des fichiers temporaires=-

*Dans la section "Options" situé dans la marge gauche,aller dans "Avancé" et décocher "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 24 heures".
image
Dans la section "Nettoyeur"
* Cocher toutes les cases dans la marge gauche pour Internet Explorer et Windows Explorer
Faites de même pour Système sauf les 2 dernières
Dans Avancé, ne cochez que les 3 dernières.
* Cliquer sur Analyse
* Le scan, qui peut prendre un peu de temps si c'est la première fois.
* Une fois le scan terminé, cliquer sur Lancer le Nettoyage
Evitez d'utiliser le nettoyage du Régistre qui pour vous faire gagner quelques microsecondes risque de déstabiliser votre systême



Modifié par pear le 14/05/2010 19:14
gav91190
 Posté le 14/05/2010 à 19:25 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Voilà qui est fait,

Fichier dbjxcwqu.exe reçu le 2010.05.14 17:20:16 (UTC)

Antivirus	Version	Dernière mise à jour	Résultat
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.14.01 2010.05.14 -
AntiVir 8.2.1.242 2010.05.14 TR/Dropper.Gen
Antiy-AVL 2.0.3.7 2010.05.14 -
Authentium 5.2.0.5 2010.05.14 -
Avast 4.8.1351.0 2010.05.14 -
Avast5 5.0.332.0 2010.05.14 -
AVG 9.0.0.787 2010.05.14 -
BitDefender 7.2 2010.05.14 -
CAT-QuickHeal 10.00 2010.05.14 -
ClamAV 0.96.0.3-git 2010.05.14 -
Comodo 4837 2010.05.14 -
DrWeb 5.0.2.03300 2010.05.14 -
eSafe 7.0.17.0 2010.05.13 -
eTrust-Vet 35.2.7488 2010.05.14 -
F-Prot 4.5.1.85 2010.05.14 -
F-Secure 9.0.15370.0 2010.05.14 -
Fortinet 4.1.133.0 2010.05.14 -
GData 21 2010.05.14 -
Ikarus T3.1.1.84.0 2010.05.14 -
Jiangmin 13.0.900 2010.05.14 -
Kaspersky 7.0.0.125 2010.05.14 -
McAfee 5.400.0.1158 2010.05.14 -
McAfee-GW-Edition 2010.1 2010.05.14 -
Microsoft 1.5703 2010.05.14 -
NOD32 5115 2010.05.14 -
Norman 6.04.12 2010.05.14 -
nProtect 2010-05-14.01 2010.05.14 -
Panda 10.0.2.7 2010.05.14 -
PCTools 7.0.3.5 2010.05.14 -
Prevx 3.0 2010.05.14 -
Rising 22.47.04.03 2010.05.14 -
Sophos 4.53.0 2010.05.14 -
Sunbelt 6302 2010.05.14 -
Symantec 20101.1.0.89 2010.05.14 -
TheHacker 6.5.2.0.280 2010.05.14 -
TrendMicro 9.120.0.1004 2010.05.14 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.14 -
VBA32 3.12.12.5 2010.05.14 -
ViRobot 2010.5.14.2316 2010.05.14 -
VirusBuster 5.0.27.0 2010.05.14 -

Information additionnelle
File size: 2066808 bytes
MD5...: 6904075c3dda23742ced3489fcb2344d
SHA1..: a702e21761e5a1a2152d6037ff6610e1bb5b6d4f
SHA256: 318683ff12a21dc7be536b018050b890f986f58d715f62070b08f0427c89ed16
ssdeep: 49152:444k4MT3F5Rd1quuu8CSvzNkA87+LubA+pi3mW+h5g66NTMh:444kZRd1p<br>uupSvh387+ifpin46pMh<br>
PEiD..: -
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x29a000<br>timedatestamp.....: 0x498cc52c (Fri Feb 06 23:18:04 2009)<br>machinetype.......: 0x14c (I386)<br><br>( 7 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.uhlnk 0x1000 0x229f50 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.bdpnr 0x22b000 0xe390 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.hlpo 0x23a000 0x60000 0x5b000 7.98 442ac5240d278bd1bbaccb9ae8beb9fc<br>.dwxyi 0x29a000 0x10000 0xd000 7.01 138d6f559698a3be6565d5d7531f381d<br>.htkj 0x2aa000 0x30000 0x12000 4.74 751390fb84253eb54b744886097fd9e4<br>.tywmez 0x2da000 0x170000 0x16f000 8.00 e8d9c8742bbfd2fc8932543818288550<br>.zhyvft 0x44a000 0xcd000 0x4000 3.87 2d5b88fb0352da2142b7ee7afea38d9d<br><br>( 3 imports ) <br>> KERNEL32.dll: CreateThread, GlobalUnlock, GlobalLock, GlobalAlloc, GetTickCount, WideCharToMultiByte, IsBadReadPtr, GlobalAddAtomA, GlobalAddAtomW, GetModuleHandleA, GlobalFree, GlobalGetAtomNameA, GlobalDeleteAtom, GlobalGetAtomNameW, FreeConsole, GetEnvironmentVariableA, VirtualProtect, VirtualAlloc, GetProcAddress, GetLastError, LoadLibraryA, SetLastError, SetThreadPriority, GetCurrentThread, CreateProcessA, GetCommandLineA, GetStartupInfoA, SetEnvironmentVariableA, ReleaseMutex, WaitForSingleObject, CreateMutexA, OpenMutexA, SetErrorMode, GetCurrentThreadId, FindClose, FindFirstFileA, FindFirstFileW, VirtualQueryEx, GetExitCodeProcess, ReadProcessMemory, VirtualProtectEx, UnmapViewOfFile, ContinueDebugEvent, SetThreadContext, GetThreadContext, WaitForDebugEvent, SuspendThread, DebugActiveProcess, ResumeThread, CreateProcessW, GetCommandLineW, GetStartupInfoW, MapViewOfFile, DuplicateHandle, GetCurrentProcess, CreateFileMappingA, WriteProcessMemory, SetEvent, CreateEventA, MultiByteToWideChar, CloseHandle, CreateFileA, GetSystemTimeAsFileTime, ExitProcess, LocalFree, CompareStringW, CompareStringA, FlushFileBuffers, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, FormatMessageA, GetConsoleMode, GetConsoleCP, SetFilePointer, GetLocaleInfoW, GetStringTypeW, GetStringTypeA, IsValidLocale, EnumSystemLocalesA, GetLocaleInfoA, GetUserDefaultLCID, QueryPerformanceCounter, GetFileType, SetHandleCount, GetEnvironmentStringsW, Sleep, EnterCriticalSection, LeaveCriticalSection, GetVersionExA, InitializeCriticalSection, GetCurrentProcessId, GetModuleFileNameW, GetShortPathNameW, GetModuleFileNameA, GetShortPathNameA, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, InterlockedIncrement, InterlockedDecrement, InterlockedExchange, DeleteCriticalSection, RtlUnwind, RaiseException, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapFree, HeapAlloc, GetProcessHeap, GetCPInfo, LCMapStringA, LCMapStringW, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, HeapSize, WriteFile, GetStdHandle, GetACP, GetOEMCP, IsValidCodePage, HeapDestroy, HeapCreate, VirtualFree, HeapReAlloc, GetTimeZoneInformation<br>> USER32.dll: LoadStringW, IsWindow, PostMessageA, GetDesktopWindow, MoveWindow, SetPropA, EnumThreadWindows, GetPropA, GetMessageA, EndPaint, KillTimer, GetAsyncKeyState, GetSystemMetrics, SetTimer, SetWindowTextA, GetDlgItem, CreateDialogIndirectParamA, ShowWindow, UpdateWindow, LoadStringA, BeginPaint, FindWindowA, WaitForInputIdle, DestroyWindow, MessageBoxA, InSendMessage, UnpackDDElParam, FreeDDElParam, DefWindowProcW, DefWindowProcA, LoadCursorA, RegisterClassW, CreateWindowExW, RegisterClassA, CreateWindowExA, GetWindowThreadProcessId, SendMessageW, SendMessageA, PeekMessageA, TranslateMessage, DispatchMessageA, EnumWindows, IsWindowUnicode, PackDDElParam, PostMessageW<br>> GDI32.dll: SelectObject, BitBlt, DeleteObject, CreatePalette, CreateDCA, SelectPalette, RealizePalette, CreateDIBitmap, DeleteDC, CreateCompatibleDC<br><br>( 0 exports ) <br>
RDS...: NSRL Reference Data Set<br>-
pdfid.: -
trid..: Generic Win/DOS Executable (49.9%)<br>DOS Executable Generic (49.8%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
Symantec Reputation Network: Suspicious.Insight http://www.symantec.com/security_response/writeup.jsp?docid=2010-021223-0550-99
sigcheck:<br>publisher....: Module<br>copyright....: n/a<br>product......: App Module<br>description..: Module Svr<br>original name: xx.exe<br>internal name: xx<br>file version.: 3.01.0048<br>comments.....: n/a<br>signers......: -<br>signing date.: -<br>verified.....: Unsigned<br>
packers (F-Prot): Armadillo

Page : [1] 
Page 1 sur 1

Vous devez être connecté pour participer à la discussion.
Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !
Recevoir PC Astuces par e-mail


La Lettre quotidienne +226 000 inscrits
Avec l'actu, des logiciels, des applis, des astuces, des bons plans, ...

Les bonnes affaires
Une fois par semaine, un récap des meilleurs offres.

Les fonds d'écran
De jolies photos pour personnaliser votre bureau. Une fois par semaine.

Les nouveaux Bons Plans
Des notifications pour ne pas rater les bons plans publiés sur le site.

Les bons plans du moment PC Astuces

Tous les Bons Plans
19,95 €McAfee Total Protection 2021 (5 appareils, 1 an) à 19,95 €
Valable jusqu'au 13 Mai

Amazon fait une promotion sur la suite antivirus McAfee Total Protection 2021 qui passe à 19,95 €. Cette protection intégrale alliant antivirus, protection de l'identité et protection de la confidentialité des données pour tous vos PC, Mac, smartphones et tablettes est valide pour 5 appareils pendant 1 an. La clé d'activation ainsi que le lien de téléchargement vous seront envoyés par email une fois la commande passée. Une bonne affaire.


> Voir l'offre
54,99 €Office 365 Famille (6 utilisateurs, 15 mois) + McAfee Total Protection 6 postes à 54,99 €
Valable jusqu'au 15 Mai

Amazon fait une promotion sur Office 365 Famille qui passe ainsi à 54,99 €, en téléchargement légal alors qu'on le trouve habituellement à 99 €. Vous pourrez télécharger et installer les dernières versions d'Outlook, Word, Excel, PowerPoint et OneNote sur 6 PC, Mac ou tablettes (iOS ou Android) pendant 15 mois. Vous bénéficierez également d'un espace de stockage en ligne sur OneDrive de 1 To pour chaque utilisateur (6x1 To). Un abonnement d'un an à l'antivirus McAfee Total Protection 2021 6 appareils est également offert.


> Voir l'offre
149,69 €Casque sans fil Logitech G Pro X Lightspeed à 149,69 € livré
Valable jusqu'au 14 Mai

Amazon Espagne fait une promotion sur le casque sans fil Logitech G Pro X Lightspeed qui passe à 143,92 €. Comptez 5,77 € pour la livraison en France soit un total de 149,69 € livré alors qu'on le trouve ailleurs à partir de 185 €.

Conçu en collaboration avec de nombreux joueurs professionnels sur divers genres de jeux, le Logitech G Pro X Wireless Lightspeed Gaming Headset va vous permettre d'entendre les sons de votre jeu avec précision. Avec des transducteurs Pro-G de 50 mm en similicuir isolants, un son surround DTS Headphone:X 2.0, un microphone de qualité professionnelle disposant de la technologie Blue Vo!ce et une construction légère, le Logitech G Pro X Gaming Headset est l'accessoire idéal pour les tournois intenses. Le G Pro X Wireless Lightspeed est également équipée de la technologie sans fil Lightspeed qui permet des performances sans fil de niveau professionnel et une fiabilité inégalée.


De plus, il dispose de plusieurs profils d'égaliseur réglés par les professionnels afin que vous puissiez vous mettre dans la peau des meilleurs.


> Voir l'offre

Sujets relatifs
Nettoyage de printemps
c'est peut être le temps d'un nettoyage de printemps
Nettoyage de printemps
Nettoyage de printemps (Vérification des virus)
Conseils pour un "nettoyage de printemps" du DD
Nettoyage de printemps
nettoyage de printemps PC ...
Petit nettoyage de printemps
nettoyage de printemps / rapport hijackthis
Conseil nettoyage pc portable
Plus de sujets relatifs à ralentissement PC, nettoyage de printemps
 > Tous les forums > Forum Sécurité